[CLSA-2025:1761577285] Fix of 5 CVEs
Type:
security
Severity:
Important
Release date:
2025-10-27 15:01:32 UTC
Description:
* SECURITY UPDATE: out-of-bounds access - debian/patches/CVE-2017-9118.patch: fix out of bounds access in php_pcre_replace_impl - CVE-2017-9118 * SECURITY UPDATE: improper validation of HTTP_REDIRECT_STATUS variable in CGI binary - debian/patches/CVE-2024-8927.patch: fix Apache server name check; remove references to redirect.so and Netscape; check configuration override first - CVE-2024-8927 * SECURITY UPDATE: buffer overread vulnerability - debian/patches/CVE-2024-11233.patch: move bound check upwards to fix single byte overread with convert.quoted-printable-decode filter - CVE-2024-11233 * SECURITY UPDATE: URI is not properly sanitized - debian/patches/CVE-2024-11234.patch: when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user - CVE-2024-11234 * SECURITY UPDATE: incomplete check in escaping functions - debian/patches/CVE-2025-1735.patch: pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid. - CVE-2025-1735
Updated packages:
  • libapache2-mod-php7.3_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:14af307772a82ccbdf768b811122fdc03cbd8b35
  • libphp7.3-embed_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:66b09f9e0541beb8b54be0281b71b4757994a2a9
  • php7.3_7.3.31-1~deb10u7+tuxcare.els2_all.deb
    sha:5474a5bf1c7d13d02b4bb34c701cc33824118ced
  • php7.3-bcmath_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:c0395b7c7d5d8332e194d05e43a35beda0576664
  • php7.3-bz2_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:804323c55677cae40653d513ce48537d6917ec9e
  • php7.3-cgi_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:428ee37b6a5585e3d1e6fa8642a6f5c480aa6306
  • php7.3-cli_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:cdaf217f13881232c59efe8442d01659572251de
  • php7.3-common_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:005e70f76a41b8af6c56d802d4a39921e61aaa8c
  • php7.3-curl_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:44255e68e38ed0fd7ddc4691da086880ee05ad16
  • php7.3-dba_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:34e4f4097bd1bfb822a96c2097609208c9b55220
  • php7.3-dev_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:089300ada7f230e1907881fdf0d03ce5434b460b
  • php7.3-enchant_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:99c0f92d54e07ad6a7726b8fc23e04cfc77225dd
  • php7.3-fpm_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:d3f729d0f9cbac8c30b58508a6c76400e4461b98
  • php7.3-gd_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:36793ed98efe3766e4cd9b34b8243fb24b77db4d
  • php7.3-gmp_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:e0d6f713334fd8aecc423d5f16dc4865c8ec0543
  • php7.3-imap_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:3ebb93b5d79541c84be9b6b759eeedd02e5360ca
  • php7.3-interbase_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:4143f3ff430310df20cc2cef846c4646b1edcdf3
  • php7.3-intl_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:9b52ebac15c76e944db1c46a7854eec9fd4c9be4
  • php7.3-json_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:fe401b391a511f0dd3fa899d31aea1b4d2447d7f
  • php7.3-ldap_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:f3c42537a0614dbd8eda708594f2f47504f9b5c7
  • php7.3-mbstring_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:fb6d408012bb7f0488b7b7a8e89c304c9145a6e7
  • php7.3-mysql_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:8cb26b1e237dafc245bd7895be82990ebe90820f
  • php7.3-odbc_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:81ee827acb397f9de5452727ac3635a1fd8e44d2
  • php7.3-opcache_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:b651ede498c0c8befca2895cce888f9e5c7ea954
  • php7.3-pgsql_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:5502f8eb3e17930d6f8cad2273465bf429092a73
  • php7.3-phpdbg_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:3ffbb7f692ae8e817f5e8f3b0fd461ec9dd628f0
  • php7.3-pspell_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:1fd64c13cef814dee86466cd636acdc86ec631d6
  • php7.3-readline_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:8e75cff8205e89f7896a7767d30e6a688b440b92
  • php7.3-recode_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:bbea46766369f38af79093493b42c5dcb293e3c6
  • php7.3-snmp_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:519cf311ce183a8fc92d4b9ee598807b50ce94ea
  • php7.3-soap_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:311390e242d53c5bcc51f5ff63954ced42f602ea
  • php7.3-sqlite3_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:0619a1142ef2915973d3742a3872c20d04537b32
  • php7.3-sybase_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:c48a286e241ae38ffc81683e0befd7f894d1103b
  • php7.3-tidy_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:6efd294c9e6d48ee2d864e2066c4ef08858f0aa4
  • php7.3-xml_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:0b41c6c0afe376f44f046ebb20c0fa99f5c8bf82
  • php7.3-xmlrpc_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:75f0420d185015f46111db3c408b876a946eb25d
  • php7.3-xsl_7.3.31-1~deb10u7+tuxcare.els2_all.deb
    sha:c5d68f8bc5db631cd6c9023446e6b9a3fcbfbe3f
  • php7.3-zip_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb
    sha:56d97ff12b7dbee23927329ad2ad8b4bab4c69df
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.