Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2025-7315

Опубликовано: 16 мая 2025
Источник: oracle-oval
Платформа: Oracle Linux 9

Описание

ELSA-2025-7315: php security update (MODERATE)

[8.0.30-2]

  • Fix Leak partial content of the heap through heap buffer over-read CVE-2024-8929
  • Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234
  • Fix Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233
  • Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927
  • Fix Logs from childrens may be altered CVE-2024-9026
  • Fix Erroneous parsing of multipart form data CVE-2024-8925
  • Fix filter bypass in filter_var FILTER_VALIDATE_URL CVE-2024-5458
  • Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756
  • Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096

[8.0.30-1]

  • rebase to 8.0.30
  • Resolves: RHEL-11946

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

php

8.0.30-2.el9

php-bcmath

8.0.30-2.el9

php-cli

8.0.30-2.el9

php-common

8.0.30-2.el9

php-embedded

8.0.30-2.el9

php-ffi

8.0.30-2.el9

php-gd

8.0.30-2.el9

php-intl

8.0.30-2.el9

php-ldap

8.0.30-2.el9

php-odbc

8.0.30-2.el9

php-snmp

8.0.30-2.el9

php-soap

8.0.30-2.el9

php-xml

8.0.30-2.el9

php-dba

8.0.30-2.el9

php-dbg

8.0.30-2.el9

php-devel

8.0.30-2.el9

php-enchant

8.0.30-2.el9

php-fpm

8.0.30-2.el9

php-gmp

8.0.30-2.el9

php-mbstring

8.0.30-2.el9

php-mysqlnd

8.0.30-2.el9

php-opcache

8.0.30-2.el9

php-pdo

8.0.30-2.el9

php-pgsql

8.0.30-2.el9

php-process

8.0.30-2.el9

Oracle Linux x86_64

php

8.0.30-2.el9

php-bcmath

8.0.30-2.el9

php-cli

8.0.30-2.el9

php-common

8.0.30-2.el9

php-dba

8.0.30-2.el9

php-dbg

8.0.30-2.el9

php-devel

8.0.30-2.el9

php-embedded

8.0.30-2.el9

php-enchant

8.0.30-2.el9

php-ffi

8.0.30-2.el9

php-fpm

8.0.30-2.el9

php-gd

8.0.30-2.el9

php-gmp

8.0.30-2.el9

php-intl

8.0.30-2.el9

php-ldap

8.0.30-2.el9

php-mbstring

8.0.30-2.el9

php-mysqlnd

8.0.30-2.el9

php-odbc

8.0.30-2.el9

php-opcache

8.0.30-2.el9

php-pdo

8.0.30-2.el9

php-pgsql

8.0.30-2.el9

php-process

8.0.30-2.el9

php-snmp

8.0.30-2.el9

php-soap

8.0.30-2.el9

php-xml

8.0.30-2.el9

Связанные CVE

CVE-2024-5458
CVE-2024-11234
CVE-2024-2756
CVE-2024-8925
CVE-2024-9026
CVE-2024-8927
CVE-2024-11233
CVE-2024-3096
CVE-2024-8929

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2024-10951

oracle-oval
8 месяцев назад

ELSA-2024-10951: php:8.2 security update (MODERATE)

oracle-oval логотип

ELSA-2024-10950

oracle-oval
8 месяцев назад

ELSA-2024-10950: php:8.1 security update (MODERATE)

oracle-oval логотип

ELSA-2024-10949

oracle-oval
8 месяцев назад

ELSA-2024-10949: php:8.2 security update (MODERATE)

oracle-oval логотип

ELSA-2024-10952

oracle-oval
8 месяцев назад

ELSA-2024-10952: php:7.4 security update (MODERATE)

suse-cvrf логотип

SUSE-SU-2024:2037-1

suse-cvrf
около 1 года назад

Security update for php7