RLSA-2023:5926

Опубликовано: 24 окт. 2023

Источник: rocky

Оценка: Important

Описание

Important: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

Security Fix(es):

php: XML loading external entity without being enabled (CVE-2023-3823)
php: phar Buffer mismanagement (CVE-2023-3824)
php: 1-byte array overrun in common path resolve code (CVE-2023-0568)
php: DoS vulnerability when parsing multipart request body (CVE-2023-0662)
php: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP (CVE-2023-3247)
php: Password_verify() always return true with some hash (CVE-2023-0567)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 9

Наименование	Архитектура	Релиз	RPM
php	aarch64	1.el9_2	php-8.0.30-1.el9_2.aarch64.rpm
php-bcmath	aarch64	1.el9_2	php-bcmath-8.0.30-1.el9_2.aarch64.rpm
php-cli	aarch64	1.el9_2	php-cli-8.0.30-1.el9_2.aarch64.rpm
php-common	aarch64	1.el9_2	php-common-8.0.30-1.el9_2.aarch64.rpm
php-dba	aarch64	1.el9_2	php-dba-8.0.30-1.el9_2.aarch64.rpm
php-dbg	aarch64	1.el9_2	php-dbg-8.0.30-1.el9_2.aarch64.rpm
php-devel	aarch64	1.el9_2	php-devel-8.0.30-1.el9_2.aarch64.rpm
php-embedded	aarch64	1.el9_2	php-embedded-8.0.30-1.el9_2.aarch64.rpm
php-enchant	aarch64	1.el9_2	php-enchant-8.0.30-1.el9_2.aarch64.rpm
php-ffi	aarch64	1.el9_2	php-ffi-8.0.30-1.el9_2.aarch64.rpm