[CLSA-2025:1736284875] php: Fix of 3 CVEs
Type:
security
Severity:
Moderate
Release date:
2025-01-07 21:21:22 UTC
Description:
- CVE-2024-2756: Fix issue introduced by incomplete fix of CVE-2022-31629 to prevent network and same-site attackers from setting insecure cookies in victim's browser - CVE-2024-3096: Fix issue where password_verify() incorrectly returns true when testing a blank string with password starting with a null byte
Updated packages:
  • php-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:7c540a13b79d057d25604bdbb138866a983963ab43ce2adb84c5332e9449f70b
  • php-bcmath-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:d0f934300e6ee3bdf63ddee43eb824ff3c6e9d978965a6cf8d5e23f8b989d0ec
  • php-cli-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:2864576117f3a197d651dcee9eb182d91b9cc5a85b2c1f9d57d242b574c6d620
  • php-common-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:c9ca537cf8e03c3a287279efd5db2b4ec640a084e58fa6f35211cefd00c92da4
  • php-dba-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:fab3d5916bada9b00934ca03a5aff3d9f798f2081d8f480f3a0bad0add18c9ac
  • php-dbg-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:ecfc5b6314ffb34491ed2b2df25aa461ff66c872e784561e8abaa4822ee0ec41
  • php-devel-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:c93959b95df17222be58a0e69117765f99e825db00b5cd3397bd152a9f014cbf
  • php-embedded-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:8620ad05ba05c56771507fae066b295f7f42982d13b74662bf38c8709678d1af
  • php-enchant-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:c250911b0752acf9226e05b6ef67a450338d0a7e554618fd7d8d9887d55bf4cb
  • php-ffi-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:dd94f7aeccc0a8b5ae66a82d95d81eb6c9d320c111a6df6941e3ada69ad4ca36
  • php-fpm-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:c8c9e874e70f30077d4e0acec5cd8cf5723763fc763bc88644d4b8cc07bccd08
  • php-gd-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:98a8b17fd0801edb4ab37221c5b46b7f4fe98a571c7680c4a0b44eb279b7f7b9
  • php-gmp-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:4f4111f891e8266dac783f1527426a0afa7fcb5b0ba8cc6a8a0cc14a290aa8b1
  • php-intl-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:bb815abd3cda48cf64d918a01495514fae7774ecabef3382c6950e4939a779bd
  • php-json-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:732715e5bf2462384db3d6b5ab88ce4585f4f986bc508164a9fa5e1c05fbb648
  • php-ldap-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:e14cc7c32ed48e388a3fc0fcd6beddab2d67f7110283f8bcf82b738dd8277e22
  • php-mbstring-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:59ec8a1703a881395d40157a312ce2bed19f623de748420253553a71c905fc78
  • php-mysqlnd-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:8485c5f2537c06cf948ee3035cff37a6be595e70ecb0dcb43464c7085d918a28
  • php-odbc-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:b752a2213737c59f076e63abebc2ab74784414ca35a29074537d9d452367bc02
  • php-opcache-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:3ed31dc77d048e9c62e1cdcaa41664f9594922eabf815b5eb39831c0cf35719c
  • php-pdo-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:d9960dab5d95ba37bc6f25d64f0da0af714b728f7f7ef67e6cdc3a5137cade21
  • php-pgsql-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:396268bb2ccb6112cae05447441f7a0289ae5d722bd2684f78d2ce18347fed44
  • php-process-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:12185e2aec743be585fd25a7cdb749ab73564d6261173916fc2c9ec381826e6a
  • php-snmp-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:d559d90821efc591876f47f9ae317b4ae1b730b90d45a91977d9b91850d684cd
  • php-soap-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:b1cf4b5ee57ddc6823ed91dccc7eefbf82ea3038a1d5d3817db16277d7e73c05
  • php-xml-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:82698bc8dd03c7e654c2a85e109700bceb6fcbbb7a6b3c37689746641a323fb6
  • php-xmlrpc-7.4.6-4.module_el8.4.0+2254+8411a622.tuxcare.els17.x86_64.rpm
    sha:306b9d9922ae6e710ed1f65559e18426eb81c618cf1b534be5fc4ba7283628b5
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.