Описание
Important: php:8.2 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
Security Fix(es):
-
php: pgsql extension does not check for errors during escaping (CVE-2025-1735)
-
php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix (CVE-2025-6491)
-
php: PHP Hostname Null Character Vulnerability (CVE-2025-1220)
-
php: heap-based buffer overflow in array_merge() (CVE-2025-14178)
-
php: PHP: Information disclosure via getimagesize() function when reading multi-chunk images (CVE-2025-14177)
-
php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement (CVE-2025-14180)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Затронутые продукты
Rocky Linux 8
Ссылки на источники
Исправления
- Red Hat - 2378689
- Red Hat - 2378690
- Red Hat - 2379792
- Red Hat - 2425625
- Red Hat - 2425626
- Red Hat - 2425627
