ELSA-2025-7315

ELSA-2025-7315 - php security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-05-16

Description

[8.0.30-2]
- Fix Leak partial content of the heap through heap buffer over-read
CVE-2024-8929
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
CVE-2024-11233
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
CVE-2024-8927
- Fix Logs from childrens may be altered
CVE-2024-9026
- Fix Erroneous parsing of multipart form data
CVE-2024-8925
- Fix filter bypass in filter_var FILTER_VALIDATE_URL
CVE-2024-5458
- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
CVE-2024-2756
- Fix password_verify can erroneously return true opening ATO risk
CVE-2024-3096

[8.0.30-1]
- rebase to 8.0.30
- Resolves: RHEL-11946

Related CVEs

CVE-2024-5458

CVE-2024-11234

CVE-2024-2756

CVE-2024-8925

CVE-2024-9026

CVE-2024-8927

CVE-2024-11233

CVE-2024-3096

CVE-2024-8929

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	php-8.0.30-2.el9.src.rpm	39a189094a11ad286dc49bea6dbd42fd7d4e43767b8d37ba4cdee2eefe67744d	-	ol9_aarch64_appstream
	php-8.0.30-2.el9.aarch64.rpm	1092e35614b97da3bfb472643f0bd349b584be65820dd37e0f4570523f5fd5a9	-	ol9_aarch64_appstream
	php-bcmath-8.0.30-2.el9.aarch64.rpm	a6126940366367505ecba2c715f19fbd910f2750533fce4b6ba008d01533602d	-	ol9_aarch64_appstream
	php-cli-8.0.30-2.el9.aarch64.rpm	54126d1c35c1e917d9f82bad89b06e9396134c909ac897d0e59fefdccada56a2	-	ol9_aarch64_appstream
	php-common-8.0.30-2.el9.aarch64.rpm	74c64e48906c84ae123c03952a00a762f92bd860acc04e598347e0c1bc519e2d	-	ol9_aarch64_appstream
	php-dba-8.0.30-2.el9.aarch64.rpm	b2d2324e85b45e2cb4fbcb69a91395415b5b5cd79a178d58f1c8674a0467bb0c	-	ol9_aarch64_appstream
	php-dbg-8.0.30-2.el9.aarch64.rpm	aaed1315ee15d7f4876635a7fbda70d82bc2d00c9bcef54d431ac61f2993a27d	-	ol9_aarch64_appstream
	php-devel-8.0.30-2.el9.aarch64.rpm	6a30a9a7e89ed3c976c858ef0bf6ca93a418db59920ee51e8f3e0818f25c92c4	-	ol9_aarch64_appstream
	php-embedded-8.0.30-2.el9.aarch64.rpm	3902058f228a76ab0c8e93e183bda12d2da77da1e9f421d8ec8a08f69f704a2c	-	ol9_aarch64_appstream
	php-enchant-8.0.30-2.el9.aarch64.rpm	3c75b0e39cd912a8a8ec583ff9ef91105bc1ad963886d77c53abdbd21bfdd8a1	-	ol9_aarch64_appstream
	php-ffi-8.0.30-2.el9.aarch64.rpm	24dd34aad77cf13537e18fb8a0e4b742340658a7499a3ab8f51a1aa2738a2a05	-	ol9_aarch64_appstream
	php-fpm-8.0.30-2.el9.aarch64.rpm	f3346b389df1f61887d81594676d0a1b2bc2cf2a895dd795d3bd2a8266cb5ec8	-	ol9_aarch64_appstream
	php-gd-8.0.30-2.el9.aarch64.rpm	13432b2f105119eef4bc9fd93a90be32aab869e7e04bebed3406c876b48a067a	-	ol9_aarch64_appstream
	php-gmp-8.0.30-2.el9.aarch64.rpm	0b99cc7bff162ba2d9464b491363c3f6a8cc7cc0c350f73c35138f45d3f9d30d	-	ol9_aarch64_appstream
	php-intl-8.0.30-2.el9.aarch64.rpm	93bf0fc210a49532adf98a8463000e50c0a3977f75facf7701665f3b1b717395	-	ol9_aarch64_appstream
	php-ldap-8.0.30-2.el9.aarch64.rpm	2917628a19840f7972c123fa7ccfb3398381b9b072571a172f8674d5cff3af60	-	ol9_aarch64_appstream
	php-mbstring-8.0.30-2.el9.aarch64.rpm	e066806c5d7c04cc3cb8a42bae79e34d88b923500c3fd4df1bd78eb2d4b14154	-	ol9_aarch64_appstream
	php-mysqlnd-8.0.30-2.el9.aarch64.rpm	1cea67e4ef4279efa087844a441fa9427bbaaea1262612d95d7d2d8fb236c145	-	ol9_aarch64_appstream
	php-odbc-8.0.30-2.el9.aarch64.rpm	1a652eb88cf4de3332ef4cef6752d709549493d9dc5b9757d3dd67620970dfca	-	ol9_aarch64_appstream
	php-opcache-8.0.30-2.el9.aarch64.rpm	deaa5589d47f8c826891250471bb967e104d03e6fc8f9b5f3a2db592734950fc	-	ol9_aarch64_appstream
	php-pdo-8.0.30-2.el9.aarch64.rpm	e9ecee7fd5a136ec3238d6d8aea07c40f7e4e2834d6ac652ef9b232733cc4571	-	ol9_aarch64_appstream
	php-pgsql-8.0.30-2.el9.aarch64.rpm	a0ee23e0583581533b667494ef4f13726a302f83615fb2133ce7a79a91f8cd78	-	ol9_aarch64_appstream
	php-process-8.0.30-2.el9.aarch64.rpm	11b56526cbea9adecd52dfef2fde51c255623085b3b4cd0d105e187a8479f41d	-	ol9_aarch64_appstream
	php-snmp-8.0.30-2.el9.aarch64.rpm	12f3ab1421b823650031bf8c6a3e5f2485de57adf1f56aa466cb4a4dd601740d	-	ol9_aarch64_appstream
	php-soap-8.0.30-2.el9.aarch64.rpm	76dffeaa1ea01c0aee515a35f56646e4754638d4d31ea03cf9f95edee4999a77	-	ol9_aarch64_appstream
	php-xml-8.0.30-2.el9.aarch64.rpm	f57160d90f4026d025b7d01a7a7882d96520fc10856576aa9cca0a0a2a3738d9	-	ol9_aarch64_appstream
Oracle Linux 9 (x86_64)	php-8.0.30-2.el9.src.rpm	39a189094a11ad286dc49bea6dbd42fd7d4e43767b8d37ba4cdee2eefe67744d	-	ol9_x86_64_appstream
	php-8.0.30-2.el9.x86_64.rpm	15bf3c316f54e088fc9c65d3ca50a06fee2b28b0b6950b5866f4e1d356753b43	-	ol9_x86_64_appstream
	php-bcmath-8.0.30-2.el9.x86_64.rpm	8b9ab37e25e9e08f8a9c6a55d8698e30f7f1a214c62caac68f19746b1a6c1558	-	ol9_x86_64_appstream
	php-cli-8.0.30-2.el9.x86_64.rpm	8b6f10d51e1a1b34e6d5b1f1fedeacea4af43be66ffd92913933b6f3074ef0dc	-	ol9_x86_64_appstream
	php-common-8.0.30-2.el9.x86_64.rpm	2c742c035876f3ad44880dc4ece568e97c9db67e387639afea24b9195a18549c	-	ol9_x86_64_appstream
	php-dba-8.0.30-2.el9.x86_64.rpm	23048b629008827e40dfa924cfa02bd990fde404c5887da77618f1eccb7bb274	-	ol9_x86_64_appstream
	php-dbg-8.0.30-2.el9.x86_64.rpm	d3c7f2906b39e2cb3c15b7ea00629e5351420024f5779fe1edc11382379a2cce	-	ol9_x86_64_appstream
	php-devel-8.0.30-2.el9.x86_64.rpm	50db152d6f112e1addc258a7725a32eb49c1a5db74b8bfebfb161e83d8300737	-	ol9_x86_64_appstream
	php-embedded-8.0.30-2.el9.x86_64.rpm	2983d7dec48541ad6df30f5a5dc96c033f37e5e58b593ea0933faf847a8a90b2	-	ol9_x86_64_appstream
	php-enchant-8.0.30-2.el9.x86_64.rpm	437d426e95dd47c867cbbe5cf6520d0e87fc011d779a0e947a590d6d157907af	-	ol9_x86_64_appstream
	php-ffi-8.0.30-2.el9.x86_64.rpm	046880415ce2d6aed8bc32912e38fd829dd0adf84431a62f44055f1421fe942d	-	ol9_x86_64_appstream
	php-fpm-8.0.30-2.el9.x86_64.rpm	6281f34c2cdcd790ebd2d5090d41bce9645212fdc7d4e17443dcd490543ad689	-	ol9_x86_64_appstream
	php-gd-8.0.30-2.el9.x86_64.rpm	93ba407202db80b1573f5698c8b7c4fac9153cf858e94acd09781bd391845359	-	ol9_x86_64_appstream
	php-gmp-8.0.30-2.el9.x86_64.rpm	757baea0700f109428cf7ef93357d757f725e3265dea85e393c70f71037badf5	-	ol9_x86_64_appstream
	php-intl-8.0.30-2.el9.x86_64.rpm	f58e5a1c8628f34603d28013713d11fbff779c871f445d2883cc316825453193	-	ol9_x86_64_appstream
	php-ldap-8.0.30-2.el9.x86_64.rpm	456d033215cc2fc30b673b8de824eb2cefc0b8a0317f9e554c914c4e0f6b717e	-	ol9_x86_64_appstream
	php-mbstring-8.0.30-2.el9.x86_64.rpm	0f4d516bc5581d7bcbc6422789da1c9b80d5ce5c318566e83e441b254d091e22	-	ol9_x86_64_appstream
	php-mysqlnd-8.0.30-2.el9.x86_64.rpm	c2b22ff6ea8a6d7a65aaa0ef6aa9fbb8c18cf20d38a75a1ab9c3fb7aec216e49	-	ol9_x86_64_appstream
	php-odbc-8.0.30-2.el9.x86_64.rpm	5cdd7ba80d2dd23c50746d2f09f680435bc94f7f2f489c9eb3b6888cc9ddf452	-	ol9_x86_64_appstream
	php-opcache-8.0.30-2.el9.x86_64.rpm	fac3b8d5219cf461f0646137375f2af7181b9279dcd7ca448fb36cb1e2123333	-	ol9_x86_64_appstream
	php-pdo-8.0.30-2.el9.x86_64.rpm	1e61974feaef4ab0f50c6b81e18f86bc2d1217aa14505b8b2d84b2a6008e194f	-	ol9_x86_64_appstream
	php-pgsql-8.0.30-2.el9.x86_64.rpm	a1fa5b8406c8ea401a513fb67e1a2b9cce58c7d3f3ae45b25fbd65c55c616385	-	ol9_x86_64_appstream
	php-process-8.0.30-2.el9.x86_64.rpm	6c5c471918a9480db57160b80519bba523e5e015df2c7cc4f6c6e1d4e03cca31	-	ol9_x86_64_appstream
	php-snmp-8.0.30-2.el9.x86_64.rpm	426bfbc40b5c95ed051e8731eae915a0e48bbd3bb0076825fbca522ba4e3ce43	-	ol9_x86_64_appstream
	php-soap-8.0.30-2.el9.x86_64.rpm	d4cd9b6e89f2c5ae281ee76fb5440b2beaa8d1d1cbb54716f6e413be49963f41	-	ol9_x86_64_appstream
	php-xml-8.0.30-2.el9.x86_64.rpm	a2bb60b378c3f726036e5eebf48331055222dad1a7d0fdfea538f636fa57bdb8	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team