Stay Connected:

ELSA-2024-10952

ELSA-2024-10952 - php:7.4 security update

Type:SECURITY
Impact:MODERATE
Release Date:2024-12-12

Description


libzip
[1.6.1-1]
- update to 1.6.1
- enable lzma support

php
[7.4.33-2]
- fix low/moderate CVEs
RHEL-66589
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
CVE-2024-8927
- Fix Logs from childrens may be altered
CVE-2024-9026
- Fix Erroneous parsing of multipart form data
CVE-2024-8925
- Fix filter bypass in filter_var FILTER_VALIDATE_URL
CVE-2024-5458
- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
CVE-2024-2756
- Fix password_verify can erroneously return true opening ATO risk
CVE-2024-3096
- Fix Security issue with external entity loading in XML without enabling it
CVE-2023-3823
- Fix Buffer mismanagement in phar_dir_read()
CVE-2023-3824
- Fix Missing error check and insufficient random bytes in HTTP Digest
authentication for SOAP
CVE-2023-3247
- fix #81744: Password_verify() always return true with some hash
CVE-2023-0567
- fix #81746: 1-byte array overrun in common path resolve code
CVE-2023-0568
- fix DOS vulnerability when parsing multipart request body
CVE-2023-0662

php-pear
[1:1.10.13-1]
- update PEAR to 1.10.13
- update Archive_Tar to 1.4.14

php-pecl-apcu
[5.1.18-1]
- update to 5.1.18

php-pecl-rrd
[2.0.1-1]
- build for RHEL 8

php-pecl-xdebug
php-pecl-zip
[1.18.2-1]
- update to 1.18.2


Related CVEs


CVE-2024-2756
CVE-2024-5458
CVE-2024-8925
CVE-2023-3824
CVE-2023-3823
CVE-2024-9026
CVE-2024-8927
CVE-2023-0567
CVE-2023-3247
CVE-2023-0568
CVE-2024-3096

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) libzip-1.6.1-1.module+el8.10.0+90472+f810484b.src.rpm1cbf7943d372890db4ffb853c5de1e94f21e432ce38d0dc203c402d9b11a1a50-ol8_aarch64_appstream
php-7.4.33-2.module+el8.10.0+90472+f810484b.src.rpm66e526e6b197a3e72156458173eb741eb9bc0a8221b73326a06c5eeed8eb46b3-ol8_aarch64_appstream
php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.src.rpm30aaabb79e9028650a3f199e5def8003a2c12bcc6430a9d16973bc219ae9475f-ol8_aarch64_appstream
php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.src.rpm4d6b3ab3d266701017e7bf271119cf7e54ac05689a1198f7b160a8a6b885a3aa-ol8_aarch64_appstream
php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.src.rpm4a75bb277e7804f2e5608a9b8dc75b665acc5694db2f0b1cbad64c34a3a73a79-ol8_aarch64_appstream
php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.src.rpm369ff57cb8c7393b5f11d95a411b2fea455c33bee31b02c802130ecb66f57994-ol8_aarch64_appstream
php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.src.rpm223ab292151f043c94601d7678365fe884c33ff65281ed2f56138ad93cae7eac-ol8_aarch64_appstream
apcu-panel-5.1.18-1.module+el8.10.0+90472+f810484b.noarch.rpm24cfe254b24aeef0a9c7299feacd85348aafa66c8394394e218cfc0502e280b3-ol8_aarch64_appstream
libzip-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm49d10a584dd1fe90ab03ecb1c67536bde7081b086cba125be5a74b401e7eedbd-ol8_aarch64_appstream
libzip-devel-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm1b5e5632eb90a3b8c6a6192da469629bd9d636f07a33a067a1fd619bedcbc27b-ol8_aarch64_appstream
libzip-tools-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm069b1b2cf958fac306912aedea484e8d632658b6f99aa8898c70c5603ee87db8-ol8_aarch64_appstream
php-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm3d9d4ca0ffa6b49cb3828734f5dfef757a4848dc0e8a8aa100bda662583923a1-ol8_aarch64_appstream
php-bcmath-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpmdf893c9889f10a0a47bd36913b21d917afd09960b27882107fd0026ef5303886-ol8_aarch64_appstream
php-cli-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm918c0332454288356e1eadcec5447a2fe65d11d4b5177af28cacc4ad768430f7-ol8_aarch64_appstream
php-common-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm2a9571f42e41237d2e02dc7773813aa398263f2681c8589911a2f87f15330619-ol8_aarch64_appstream
php-dba-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpmf0eba699af51fce36f9e15bdb1a451d0e910b0cb4f6652a5a0c6f54f84d75739-ol8_aarch64_appstream
php-dbg-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm2a1940c89d7eb1f6361522dd4cb17f4cc8b3fc70bbd8805d5249475d88ee1c4c-ol8_aarch64_appstream
php-devel-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm782e493c14a0cafa45a5081e07504a372d812e523356b386d0f9707db697de04-ol8_aarch64_appstream
php-embedded-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpmba5cd2d84e1536bd9c3a300e47898a25d0300011610afbaea6d4fabd2b5a1008-ol8_aarch64_appstream
php-enchant-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpmcc98c00ec0ce13a4ad899b9430382b0a466efbde4c83aa1ef61574d17e162444-ol8_aarch64_appstream
php-ffi-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm39f491c69f72370a7509261a1fce01da34426217d7f5e6e0f81fcb85fa2d6346-ol8_aarch64_appstream
php-fpm-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm08a1057e14b68423bce6cfb5ce64c9a40ed799495250ac542ae495682c08495d-ol8_aarch64_appstream
php-gd-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm1449c63b894720e2d8befb52911182de259e9336ed8347a58dfa948dd1188672-ol8_aarch64_appstream
php-gmp-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm93f259a397bf13cbb820a33ba46587ceb6ce9772d0fb27bb9e94642e58497f63-ol8_aarch64_appstream
php-intl-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpmf39bfdd6801477f92de9f1c3f350b7052b93959d56f44806b31324d8a5fc1a41-ol8_aarch64_appstream
php-json-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpmf22e964e0d0e6afcb2ae083e06eefa0c290314f346f55f8e57f0634021af6a27-ol8_aarch64_appstream
php-ldap-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm459e906f3829a5dd3388565d6f3d5047ebedc8b16bf6d2c905233244e352b152-ol8_aarch64_appstream
php-mbstring-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm93c8f9f3fcbfc91553c5210281f2cfb6eacccd305bd698b2cd3ea97b069183f6-ol8_aarch64_appstream
php-mysqlnd-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpmc58d0ee1b8d0fa311bee5b0dc0ba05396ea53b3db56536231d2742675d221405-ol8_aarch64_appstream
php-odbc-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm16096417d196fd247e56bee33347c1ce82c29b03fadde1e2ad8dd665642b78f9-ol8_aarch64_appstream
php-opcache-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm966c5aa6da35801f43347d6b17d334dd2d7ee21a09585d1ac50421f5fb4f4788-ol8_aarch64_appstream
php-pdo-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpmea09dfa980be73b5882935b3010d097b2aa76fcaba4e64578a6e059ced1d395d-ol8_aarch64_appstream
php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.noarch.rpmc29ef837b826ee95be21b3ed3e3dc29a0e8d3845886f229a30cad736d45bba10-ol8_aarch64_appstream
php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.aarch64.rpm4607fd8c055608fa758666159ce172979a6a09bb1e9e031edb8e0e2f1b14569e-ol8_aarch64_appstream
php-pecl-apcu-devel-5.1.18-1.module+el8.10.0+90472+f810484b.aarch64.rpm954bfaab09d7f626be93980f1d90df9a429b038403401232e6cf9a464b4fba41-ol8_aarch64_appstream
php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.aarch64.rpmfd03d788a2904a2be40a7169e6d1fd81eace6536ff8420b6de3a711f0f78d95a-ol8_aarch64_appstream
php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.aarch64.rpm8761fbb58b9b479fbeff1f8c82141740d82bcd724144a24279bd25077ff09071-ol8_aarch64_appstream
php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.aarch64.rpmaebf82bd3cf79e81c61beccc883ebdf1f31e2ef209bcc1214383faafe466e232-ol8_aarch64_appstream
php-pgsql-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpmb5332b77b0799f7c42812a1f60835b0262c3865168980851b7566927d23f251e-ol8_aarch64_appstream
php-process-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm45a35d02feeb84eef35a43727b6d9f89ea2311754ce5e6ec2ce5b019c468a1c8-ol8_aarch64_appstream
php-snmp-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm047cd5f94c1fd40da62c7b68412d45c95fb759281de80246ac7b7ff1912c3f61-ol8_aarch64_appstream
php-soap-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm8e5d357fcf053be02ed2bdaa8287d2f16f7432d3633faf7a3c725a3e5b339ab7-ol8_aarch64_appstream
php-xml-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm29b01cfccca0f37b8235a6aa303be3dff2e8d45987746452c7da97c781adb2b1-ol8_aarch64_appstream
php-xmlrpc-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpmd102c13fee07267bcdd9a1805c096c917c94cda43aa99d11ba9d38de8330269f-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) libzip-1.6.1-1.module+el8.10.0+90472+f810484b.src.rpm1cbf7943d372890db4ffb853c5de1e94f21e432ce38d0dc203c402d9b11a1a50-ol8_x86_64_appstream
php-7.4.33-2.module+el8.10.0+90472+f810484b.src.rpm66e526e6b197a3e72156458173eb741eb9bc0a8221b73326a06c5eeed8eb46b3-ol8_x86_64_appstream
php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.src.rpm30aaabb79e9028650a3f199e5def8003a2c12bcc6430a9d16973bc219ae9475f-ol8_x86_64_appstream
php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.src.rpm4d6b3ab3d266701017e7bf271119cf7e54ac05689a1198f7b160a8a6b885a3aa-ol8_x86_64_appstream
php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.src.rpm4a75bb277e7804f2e5608a9b8dc75b665acc5694db2f0b1cbad64c34a3a73a79-ol8_x86_64_appstream
php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.src.rpm369ff57cb8c7393b5f11d95a411b2fea455c33bee31b02c802130ecb66f57994-ol8_x86_64_appstream
php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.src.rpm223ab292151f043c94601d7678365fe884c33ff65281ed2f56138ad93cae7eac-ol8_x86_64_appstream
apcu-panel-5.1.18-1.module+el8.10.0+90472+f810484b.noarch.rpm24cfe254b24aeef0a9c7299feacd85348aafa66c8394394e218cfc0502e280b3-ol8_x86_64_appstream
libzip-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm512f277dd9ff670d1ad2db2d4909270c787dcf6a9d6fa23b55e39990d79ddde3-ol8_x86_64_appstream
libzip-devel-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpme1f0205af0634f9aac53c761e2e0df7fd5523ce5412fa59bb26a22444b748f1f-ol8_x86_64_appstream
libzip-tools-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpmf77c20844a0013b19b087e83cf9b066e3050743046240192541f01342c362fb9-ol8_x86_64_appstream
php-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm11be8a2b34cb4505ed7050841fb2dfe2d9592fe4c0fa4eaf5775733a86fdc4f2-ol8_x86_64_appstream
php-bcmath-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm5a844590da08d77be7aa0050a9e63ac9b7a9732472d9420a9ebdc3ba44425dab-ol8_x86_64_appstream
php-cli-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm062d843898f0772346389122ca2c185b4b28fad205bf0e3020815747ecad0adc-ol8_x86_64_appstream
php-common-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm04163b57b4f2faa7c38d5a8a1532c3d06607ba809e4465f0b829e89d2f1b195b-ol8_x86_64_appstream
php-dba-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpme716f27384c55f64bdbf816df44324dc6a128377bce9c06b49b7c5e57ba316df-ol8_x86_64_appstream
php-dbg-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpmad4e72b676aeab5e5c6900a47e1ee590216fa26262f9c1a99685fede1c03ee46-ol8_x86_64_appstream
php-devel-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm20bf9ae74089ad24a8005f2a0b19467ea1d46826cb7127f3d533641b08059c16-ol8_x86_64_appstream
php-embedded-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpmed1a7e59af58985c5a16ede9b3f9e781ffdb864adf5f9d53630ce357e7b4556a-ol8_x86_64_appstream
php-enchant-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm87c1d47844f1384a73948f3fce3daba0a174631a1371d682243b4879beac3bb3-ol8_x86_64_appstream
php-ffi-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpmd8e80ef2852886a6d0ae70b0410ccecd620f5b4977886ca7933e9ae20620be28-ol8_x86_64_appstream
php-fpm-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpmdeb69b3e68b77db98afc2d0ae80858207f093fdfb9d70d8c069ebe25190c1f28-ol8_x86_64_appstream
php-gd-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm16bdf2cf155ae97a5564e22e827909c275d9e18a6f63627f54e33879efaad084-ol8_x86_64_appstream
php-gmp-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm428f595be913b3aae029d7f39de55ebb571aca1cc6cd9fdcf1e1b5d5fc55908b-ol8_x86_64_appstream
php-intl-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm2c25e6b0301b9ae9aced53cdc43bb17636d421f0b8400cba4daec96fa90159b7-ol8_x86_64_appstream
php-json-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpmac2bea1312543a68ee2a5244bf3132421e325ddf7e225a1fe0b610317300ddc4-ol8_x86_64_appstream
php-ldap-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm4aa5ed3be669253074dba3bf703182731980a9324774ef86e66950571fae474d-ol8_x86_64_appstream
php-mbstring-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm67b6786de75be16aa2d768b69b24e9eb20fa1e65d42a4512f0cd441323b92a66-ol8_x86_64_appstream
php-mysqlnd-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm3e99771a4467dd22d0eb182d307ce9769f3926a20a36d371ceab3acb54693f06-ol8_x86_64_appstream
php-odbc-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpmc581d91c89754bd24b0f0e1978fe925af5f3cf796f74345e294a089a8a0b0e58-ol8_x86_64_appstream
php-opcache-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpmc88534055386eced0bb527cc2d8c1ff0e9465f3aa2ba38971ff57b7866676c4a-ol8_x86_64_appstream
php-pdo-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm22608573c39982fc8f013168eb3dde7d8b59adb11469604b26bc57a0bbfee413-ol8_x86_64_appstream
php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.noarch.rpmc29ef837b826ee95be21b3ed3e3dc29a0e8d3845886f229a30cad736d45bba10-ol8_x86_64_appstream
php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.x86_64.rpmb5f6cb5fdf7b8dbd36beb7384aa181fdf1b827910fce9fe7a42911d9b15a4ac5-ol8_x86_64_appstream
php-pecl-apcu-devel-5.1.18-1.module+el8.10.0+90472+f810484b.x86_64.rpmffffc9e070d025b188a30d531ea83ba95c9f9ae5d411b15970b7e5833635c633-ol8_x86_64_appstream
php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm5bba3c685327322104ad7bc3700d3615e3dd308ed52fd36caaaa346df7766f21-ol8_x86_64_appstream
php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.x86_64.rpm2b7b94939e8cad90fe73fd2924cfbdc17ba7b7c8465b70c7a60e5a59acc3839b-ol8_x86_64_appstream
php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.x86_64.rpm2a767241d71b30859e14834d6c9cefc4667d5c9189ccb6e4dee5e653703585fd-ol8_x86_64_appstream
php-pgsql-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm595c6ab8252981712535d9b4a2c2caa5828afaa6c51a7bd94482e944e5a84fe8-ol8_x86_64_appstream
php-process-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm7a0fdd5529c18ec1494da4958a488e8189a0e944dbec3a2bd330ab3ccab3ddae-ol8_x86_64_appstream
php-snmp-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpmda9afffcf90b454d7091b4a3317efb8c01a169c87a7ac61ffddf7d14677ac37c-ol8_x86_64_appstream
php-soap-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpmac9e67ac8d04f4e7fc4079206fccbf40e68e7d9928e9b8f80db0b4036c02c361-ol8_x86_64_appstream
php-xml-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm4725b1b80637227854af026395d80392630363508248a8677be0593024803b30-ol8_x86_64_appstream
php-xmlrpc-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm8624ba833eca477c401675b8df2d6c4e7c20fcf93245c7f703fbdab8471bade5-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights