Описание
Security update for php8
This update for php8 fixes the following issues:
- CVE-2024-5458: Fixed an issue that allows to bypass filters in filter_var FILTER_VALIDATE_URL. (bsc#1226073)
Список пакетов
Container bci/php-apache:latest
apache2-mod_php8-8.0.30-150400.4.43.1
php8-8.0.30-150400.4.43.1
php8-cli-8.0.30-150400.4.43.1
php8-curl-8.0.30-150400.4.43.1
php8-mbstring-8.0.30-150400.4.43.1
php8-openssl-8.0.30-150400.4.43.1
php8-phar-8.0.30-150400.4.43.1
php8-zip-8.0.30-150400.4.43.1
php8-zlib-8.0.30-150400.4.43.1
Container bci/php-fpm:latest
php8-8.0.30-150400.4.43.1
php8-cli-8.0.30-150400.4.43.1
php8-curl-8.0.30-150400.4.43.1
php8-fpm-8.0.30-150400.4.43.1
php8-mbstring-8.0.30-150400.4.43.1
php8-openssl-8.0.30-150400.4.43.1
php8-phar-8.0.30-150400.4.43.1
php8-zip-8.0.30-150400.4.43.1
php8-zlib-8.0.30-150400.4.43.1
Container bci/php:latest
php8-8.0.30-150400.4.43.1
php8-cli-8.0.30-150400.4.43.1
php8-curl-8.0.30-150400.4.43.1
php8-mbstring-8.0.30-150400.4.43.1
php8-openssl-8.0.30-150400.4.43.1
php8-phar-8.0.30-150400.4.43.1
php8-readline-8.0.30-150400.4.43.1
php8-zip-8.0.30-150400.4.43.1
php8-zlib-8.0.30-150400.4.43.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
apache2-mod_php8-8.0.30-150400.4.43.1
php8-8.0.30-150400.4.43.1
php8-bcmath-8.0.30-150400.4.43.1
php8-bz2-8.0.30-150400.4.43.1
php8-calendar-8.0.30-150400.4.43.1
php8-cli-8.0.30-150400.4.43.1
php8-ctype-8.0.30-150400.4.43.1
php8-curl-8.0.30-150400.4.43.1
php8-dba-8.0.30-150400.4.43.1
php8-devel-8.0.30-150400.4.43.1
php8-dom-8.0.30-150400.4.43.1
php8-embed-8.0.30-150400.4.43.1
php8-enchant-8.0.30-150400.4.43.1
php8-exif-8.0.30-150400.4.43.1
php8-fastcgi-8.0.30-150400.4.43.1
php8-fileinfo-8.0.30-150400.4.43.1
php8-fpm-8.0.30-150400.4.43.1
php8-ftp-8.0.30-150400.4.43.1
php8-gd-8.0.30-150400.4.43.1
php8-gettext-8.0.30-150400.4.43.1
php8-gmp-8.0.30-150400.4.43.1
php8-iconv-8.0.30-150400.4.43.1
php8-intl-8.0.30-150400.4.43.1
php8-ldap-8.0.30-150400.4.43.1
php8-mbstring-8.0.30-150400.4.43.1
php8-mysql-8.0.30-150400.4.43.1
php8-odbc-8.0.30-150400.4.43.1
php8-opcache-8.0.30-150400.4.43.1
php8-openssl-8.0.30-150400.4.43.1
php8-pcntl-8.0.30-150400.4.43.1
php8-pdo-8.0.30-150400.4.43.1
php8-pgsql-8.0.30-150400.4.43.1
php8-phar-8.0.30-150400.4.43.1
php8-posix-8.0.30-150400.4.43.1
php8-readline-8.0.30-150400.4.43.1
php8-shmop-8.0.30-150400.4.43.1
php8-snmp-8.0.30-150400.4.43.1
php8-soap-8.0.30-150400.4.43.1
php8-sockets-8.0.30-150400.4.43.1
php8-sodium-8.0.30-150400.4.43.1
php8-sqlite-8.0.30-150400.4.43.1
php8-sysvmsg-8.0.30-150400.4.43.1
php8-sysvsem-8.0.30-150400.4.43.1
php8-sysvshm-8.0.30-150400.4.43.1
php8-test-8.0.30-150400.4.43.1
php8-tidy-8.0.30-150400.4.43.1
php8-tokenizer-8.0.30-150400.4.43.1
php8-xmlreader-8.0.30-150400.4.43.1
php8-xmlwriter-8.0.30-150400.4.43.1
php8-xsl-8.0.30-150400.4.43.1
php8-zip-8.0.30-150400.4.43.1
php8-zlib-8.0.30-150400.4.43.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
apache2-mod_php8-8.0.30-150400.4.43.1
php8-8.0.30-150400.4.43.1
php8-bcmath-8.0.30-150400.4.43.1
php8-bz2-8.0.30-150400.4.43.1
php8-calendar-8.0.30-150400.4.43.1
php8-cli-8.0.30-150400.4.43.1
php8-ctype-8.0.30-150400.4.43.1
php8-curl-8.0.30-150400.4.43.1
php8-dba-8.0.30-150400.4.43.1
php8-devel-8.0.30-150400.4.43.1
php8-dom-8.0.30-150400.4.43.1
php8-embed-8.0.30-150400.4.43.1
php8-enchant-8.0.30-150400.4.43.1
php8-exif-8.0.30-150400.4.43.1
php8-fastcgi-8.0.30-150400.4.43.1
php8-fileinfo-8.0.30-150400.4.43.1
php8-fpm-8.0.30-150400.4.43.1
php8-ftp-8.0.30-150400.4.43.1
php8-gd-8.0.30-150400.4.43.1
php8-gettext-8.0.30-150400.4.43.1
php8-gmp-8.0.30-150400.4.43.1
php8-iconv-8.0.30-150400.4.43.1
php8-intl-8.0.30-150400.4.43.1
php8-ldap-8.0.30-150400.4.43.1
php8-mbstring-8.0.30-150400.4.43.1
php8-mysql-8.0.30-150400.4.43.1
php8-odbc-8.0.30-150400.4.43.1
php8-opcache-8.0.30-150400.4.43.1
php8-openssl-8.0.30-150400.4.43.1
php8-pcntl-8.0.30-150400.4.43.1
php8-pdo-8.0.30-150400.4.43.1
php8-pgsql-8.0.30-150400.4.43.1
php8-phar-8.0.30-150400.4.43.1
php8-posix-8.0.30-150400.4.43.1
php8-readline-8.0.30-150400.4.43.1
php8-shmop-8.0.30-150400.4.43.1
php8-snmp-8.0.30-150400.4.43.1
php8-soap-8.0.30-150400.4.43.1
php8-sockets-8.0.30-150400.4.43.1
php8-sodium-8.0.30-150400.4.43.1
php8-sqlite-8.0.30-150400.4.43.1
php8-sysvmsg-8.0.30-150400.4.43.1
php8-sysvsem-8.0.30-150400.4.43.1
php8-sysvshm-8.0.30-150400.4.43.1
php8-test-8.0.30-150400.4.43.1
php8-tidy-8.0.30-150400.4.43.1
php8-tokenizer-8.0.30-150400.4.43.1
php8-xmlreader-8.0.30-150400.4.43.1
php8-xmlwriter-8.0.30-150400.4.43.1
php8-xsl-8.0.30-150400.4.43.1
php8-zip-8.0.30-150400.4.43.1
php8-zlib-8.0.30-150400.4.43.1
SUSE Linux Enterprise Module for Web and Scripting 15 SP5
apache2-mod_php8-8.0.30-150400.4.43.1
php8-8.0.30-150400.4.43.1
php8-bcmath-8.0.30-150400.4.43.1
php8-bz2-8.0.30-150400.4.43.1
php8-calendar-8.0.30-150400.4.43.1
php8-cli-8.0.30-150400.4.43.1
php8-ctype-8.0.30-150400.4.43.1
php8-curl-8.0.30-150400.4.43.1
php8-dba-8.0.30-150400.4.43.1
php8-devel-8.0.30-150400.4.43.1
php8-dom-8.0.30-150400.4.43.1
php8-embed-8.0.30-150400.4.43.1
php8-enchant-8.0.30-150400.4.43.1
php8-exif-8.0.30-150400.4.43.1
php8-fastcgi-8.0.30-150400.4.43.1
php8-fileinfo-8.0.30-150400.4.43.1
php8-fpm-8.0.30-150400.4.43.1
php8-ftp-8.0.30-150400.4.43.1
php8-gd-8.0.30-150400.4.43.1
php8-gettext-8.0.30-150400.4.43.1
php8-gmp-8.0.30-150400.4.43.1
php8-iconv-8.0.30-150400.4.43.1
php8-intl-8.0.30-150400.4.43.1
php8-ldap-8.0.30-150400.4.43.1
php8-mbstring-8.0.30-150400.4.43.1
php8-mysql-8.0.30-150400.4.43.1
php8-odbc-8.0.30-150400.4.43.1
php8-opcache-8.0.30-150400.4.43.1
php8-openssl-8.0.30-150400.4.43.1
php8-pcntl-8.0.30-150400.4.43.1
php8-pdo-8.0.30-150400.4.43.1
php8-pgsql-8.0.30-150400.4.43.1
php8-phar-8.0.30-150400.4.43.1
php8-posix-8.0.30-150400.4.43.1
php8-readline-8.0.30-150400.4.43.1
php8-shmop-8.0.30-150400.4.43.1
php8-snmp-8.0.30-150400.4.43.1
php8-soap-8.0.30-150400.4.43.1
php8-sockets-8.0.30-150400.4.43.1
php8-sodium-8.0.30-150400.4.43.1
php8-sqlite-8.0.30-150400.4.43.1
php8-sysvmsg-8.0.30-150400.4.43.1
php8-sysvsem-8.0.30-150400.4.43.1
php8-sysvshm-8.0.30-150400.4.43.1
php8-test-8.0.30-150400.4.43.1
php8-tidy-8.0.30-150400.4.43.1
php8-tokenizer-8.0.30-150400.4.43.1
php8-xmlreader-8.0.30-150400.4.43.1
php8-xmlwriter-8.0.30-150400.4.43.1
php8-xsl-8.0.30-150400.4.43.1
php8-zip-8.0.30-150400.4.43.1
php8-zlib-8.0.30-150400.4.43.1
SUSE Linux Enterprise Server 15 SP4-LTSS
apache2-mod_php8-8.0.30-150400.4.43.1
php8-8.0.30-150400.4.43.1
php8-bcmath-8.0.30-150400.4.43.1
php8-bz2-8.0.30-150400.4.43.1
php8-calendar-8.0.30-150400.4.43.1
php8-cli-8.0.30-150400.4.43.1
php8-ctype-8.0.30-150400.4.43.1
php8-curl-8.0.30-150400.4.43.1
php8-dba-8.0.30-150400.4.43.1
php8-devel-8.0.30-150400.4.43.1
php8-dom-8.0.30-150400.4.43.1
php8-embed-8.0.30-150400.4.43.1
php8-enchant-8.0.30-150400.4.43.1
php8-exif-8.0.30-150400.4.43.1
php8-fastcgi-8.0.30-150400.4.43.1
php8-fileinfo-8.0.30-150400.4.43.1
php8-fpm-8.0.30-150400.4.43.1
php8-ftp-8.0.30-150400.4.43.1
php8-gd-8.0.30-150400.4.43.1
php8-gettext-8.0.30-150400.4.43.1
php8-gmp-8.0.30-150400.4.43.1
php8-iconv-8.0.30-150400.4.43.1
php8-intl-8.0.30-150400.4.43.1
php8-ldap-8.0.30-150400.4.43.1
php8-mbstring-8.0.30-150400.4.43.1
php8-mysql-8.0.30-150400.4.43.1
php8-odbc-8.0.30-150400.4.43.1
php8-opcache-8.0.30-150400.4.43.1
php8-openssl-8.0.30-150400.4.43.1
php8-pcntl-8.0.30-150400.4.43.1
php8-pdo-8.0.30-150400.4.43.1
php8-pgsql-8.0.30-150400.4.43.1
php8-phar-8.0.30-150400.4.43.1
php8-posix-8.0.30-150400.4.43.1
php8-readline-8.0.30-150400.4.43.1
php8-shmop-8.0.30-150400.4.43.1
php8-snmp-8.0.30-150400.4.43.1
php8-soap-8.0.30-150400.4.43.1
php8-sockets-8.0.30-150400.4.43.1
php8-sodium-8.0.30-150400.4.43.1
php8-sqlite-8.0.30-150400.4.43.1
php8-sysvmsg-8.0.30-150400.4.43.1
php8-sysvsem-8.0.30-150400.4.43.1
php8-sysvshm-8.0.30-150400.4.43.1
php8-test-8.0.30-150400.4.43.1
php8-tidy-8.0.30-150400.4.43.1
php8-tokenizer-8.0.30-150400.4.43.1
php8-xmlreader-8.0.30-150400.4.43.1
php8-xmlwriter-8.0.30-150400.4.43.1
php8-xsl-8.0.30-150400.4.43.1
php8-zip-8.0.30-150400.4.43.1
php8-zlib-8.0.30-150400.4.43.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
apache2-mod_php8-8.0.30-150400.4.43.1
php8-8.0.30-150400.4.43.1
php8-bcmath-8.0.30-150400.4.43.1
php8-bz2-8.0.30-150400.4.43.1
php8-calendar-8.0.30-150400.4.43.1
php8-cli-8.0.30-150400.4.43.1
php8-ctype-8.0.30-150400.4.43.1
php8-curl-8.0.30-150400.4.43.1
php8-dba-8.0.30-150400.4.43.1
php8-devel-8.0.30-150400.4.43.1
php8-dom-8.0.30-150400.4.43.1
php8-embed-8.0.30-150400.4.43.1
php8-enchant-8.0.30-150400.4.43.1
php8-exif-8.0.30-150400.4.43.1
php8-fastcgi-8.0.30-150400.4.43.1
php8-fileinfo-8.0.30-150400.4.43.1
php8-fpm-8.0.30-150400.4.43.1
php8-ftp-8.0.30-150400.4.43.1
php8-gd-8.0.30-150400.4.43.1
php8-gettext-8.0.30-150400.4.43.1
php8-gmp-8.0.30-150400.4.43.1
php8-iconv-8.0.30-150400.4.43.1
php8-intl-8.0.30-150400.4.43.1
php8-ldap-8.0.30-150400.4.43.1
php8-mbstring-8.0.30-150400.4.43.1
php8-mysql-8.0.30-150400.4.43.1
php8-odbc-8.0.30-150400.4.43.1
php8-opcache-8.0.30-150400.4.43.1
php8-openssl-8.0.30-150400.4.43.1
php8-pcntl-8.0.30-150400.4.43.1
php8-pdo-8.0.30-150400.4.43.1
php8-pgsql-8.0.30-150400.4.43.1
php8-phar-8.0.30-150400.4.43.1
php8-posix-8.0.30-150400.4.43.1
php8-readline-8.0.30-150400.4.43.1
php8-shmop-8.0.30-150400.4.43.1
php8-snmp-8.0.30-150400.4.43.1
php8-soap-8.0.30-150400.4.43.1
php8-sockets-8.0.30-150400.4.43.1
php8-sodium-8.0.30-150400.4.43.1
php8-sqlite-8.0.30-150400.4.43.1
php8-sysvmsg-8.0.30-150400.4.43.1
php8-sysvsem-8.0.30-150400.4.43.1
php8-sysvshm-8.0.30-150400.4.43.1
php8-test-8.0.30-150400.4.43.1
php8-tidy-8.0.30-150400.4.43.1
php8-tokenizer-8.0.30-150400.4.43.1
php8-xmlreader-8.0.30-150400.4.43.1
php8-xmlwriter-8.0.30-150400.4.43.1
php8-xsl-8.0.30-150400.4.43.1
php8-zip-8.0.30-150400.4.43.1
php8-zlib-8.0.30-150400.4.43.1
SUSE Manager Server 4.3
apache2-mod_php8-8.0.30-150400.4.43.1
php8-8.0.30-150400.4.43.1
php8-bcmath-8.0.30-150400.4.43.1
php8-bz2-8.0.30-150400.4.43.1
php8-calendar-8.0.30-150400.4.43.1
php8-cli-8.0.30-150400.4.43.1
php8-ctype-8.0.30-150400.4.43.1
php8-curl-8.0.30-150400.4.43.1
php8-dba-8.0.30-150400.4.43.1
php8-devel-8.0.30-150400.4.43.1
php8-dom-8.0.30-150400.4.43.1
php8-embed-8.0.30-150400.4.43.1
php8-enchant-8.0.30-150400.4.43.1
php8-exif-8.0.30-150400.4.43.1
php8-fastcgi-8.0.30-150400.4.43.1
php8-fileinfo-8.0.30-150400.4.43.1
php8-fpm-8.0.30-150400.4.43.1
php8-ftp-8.0.30-150400.4.43.1
php8-gd-8.0.30-150400.4.43.1
php8-gettext-8.0.30-150400.4.43.1
php8-gmp-8.0.30-150400.4.43.1
php8-iconv-8.0.30-150400.4.43.1
php8-intl-8.0.30-150400.4.43.1
php8-ldap-8.0.30-150400.4.43.1
php8-mbstring-8.0.30-150400.4.43.1
php8-mysql-8.0.30-150400.4.43.1
php8-odbc-8.0.30-150400.4.43.1
php8-opcache-8.0.30-150400.4.43.1
php8-openssl-8.0.30-150400.4.43.1
php8-pcntl-8.0.30-150400.4.43.1
php8-pdo-8.0.30-150400.4.43.1
php8-pgsql-8.0.30-150400.4.43.1
php8-phar-8.0.30-150400.4.43.1
php8-posix-8.0.30-150400.4.43.1
php8-readline-8.0.30-150400.4.43.1
php8-shmop-8.0.30-150400.4.43.1
php8-snmp-8.0.30-150400.4.43.1
php8-soap-8.0.30-150400.4.43.1
php8-sockets-8.0.30-150400.4.43.1
php8-sodium-8.0.30-150400.4.43.1
php8-sqlite-8.0.30-150400.4.43.1
php8-sysvmsg-8.0.30-150400.4.43.1
php8-sysvsem-8.0.30-150400.4.43.1
php8-sysvshm-8.0.30-150400.4.43.1
php8-test-8.0.30-150400.4.43.1
php8-tidy-8.0.30-150400.4.43.1
php8-tokenizer-8.0.30-150400.4.43.1
php8-xmlreader-8.0.30-150400.4.43.1
php8-xmlwriter-8.0.30-150400.4.43.1
php8-xsl-8.0.30-150400.4.43.1
php8-zip-8.0.30-150400.4.43.1
php8-zlib-8.0.30-150400.4.43.1
openSUSE Leap 15.5
apache2-mod_php8-8.0.30-150400.4.43.1
php8-8.0.30-150400.4.43.1
php8-bcmath-8.0.30-150400.4.43.1
php8-bz2-8.0.30-150400.4.43.1
php8-calendar-8.0.30-150400.4.43.1
php8-cli-8.0.30-150400.4.43.1
php8-ctype-8.0.30-150400.4.43.1
php8-curl-8.0.30-150400.4.43.1
php8-dba-8.0.30-150400.4.43.1
php8-devel-8.0.30-150400.4.43.1
php8-dom-8.0.30-150400.4.43.1
php8-embed-8.0.30-150400.4.43.1
php8-enchant-8.0.30-150400.4.43.1
php8-exif-8.0.30-150400.4.43.1
php8-fastcgi-8.0.30-150400.4.43.1
php8-fileinfo-8.0.30-150400.4.43.1
php8-fpm-8.0.30-150400.4.43.1
php8-ftp-8.0.30-150400.4.43.1
php8-gd-8.0.30-150400.4.43.1
php8-gettext-8.0.30-150400.4.43.1
php8-gmp-8.0.30-150400.4.43.1
php8-iconv-8.0.30-150400.4.43.1
php8-intl-8.0.30-150400.4.43.1
php8-ldap-8.0.30-150400.4.43.1
php8-mbstring-8.0.30-150400.4.43.1
php8-mysql-8.0.30-150400.4.43.1
php8-odbc-8.0.30-150400.4.43.1
php8-opcache-8.0.30-150400.4.43.1
php8-openssl-8.0.30-150400.4.43.1
php8-pcntl-8.0.30-150400.4.43.1
php8-pdo-8.0.30-150400.4.43.1
php8-pgsql-8.0.30-150400.4.43.1
php8-phar-8.0.30-150400.4.43.1
php8-posix-8.0.30-150400.4.43.1
php8-readline-8.0.30-150400.4.43.1
php8-shmop-8.0.30-150400.4.43.1
php8-snmp-8.0.30-150400.4.43.1
php8-soap-8.0.30-150400.4.43.1
php8-sockets-8.0.30-150400.4.43.1
php8-sodium-8.0.30-150400.4.43.1
php8-sqlite-8.0.30-150400.4.43.1
php8-sysvmsg-8.0.30-150400.4.43.1
php8-sysvsem-8.0.30-150400.4.43.1
php8-sysvshm-8.0.30-150400.4.43.1
php8-test-8.0.30-150400.4.43.1
php8-tidy-8.0.30-150400.4.43.1
php8-tokenizer-8.0.30-150400.4.43.1
php8-xmlreader-8.0.30-150400.4.43.1
php8-xmlwriter-8.0.30-150400.4.43.1
php8-xsl-8.0.30-150400.4.43.1
php8-zip-8.0.30-150400.4.43.1
php8-zlib-8.0.30-150400.4.43.1
Ссылки
- Link for SUSE-SU-2024:2039-1
- E-Mail link for SUSE-SU-2024:2039-1
- SUSE Security Ratings
- SUSE Bug 1226073
- SUSE CVE CVE-2024-5458 page
Описание
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly.
Затронутые продукты
Container bci/php-apache:latest:apache2-mod_php8-8.0.30-150400.4.43.1
Container bci/php-apache:latest:php8-8.0.30-150400.4.43.1
Container bci/php-apache:latest:php8-cli-8.0.30-150400.4.43.1
Container bci/php-apache:latest:php8-curl-8.0.30-150400.4.43.1
Ссылки
- CVE-2024-5458
- SUSE Bug 1226072
- SUSE Bug 1226073
- SUSE Bug 1226074