ALSA-2022:1935

[ALSA-2022:1935] Moderate: php:7.4 security update

Type:

security

Severity:

moderate

Release date:

2022-07-01

Description:

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
Security Fix(es):
* php: Local privilege escalation via PHP-FPM (CVE-2021-21703)
* php: SSRF bypass in FILTER_VALIDATE_URL (CVE-2021-21705)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	php-process-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	04df54fc81247914f1c0eb12d8e875a84ee99007354f0e58086ea83c51b89aa7
aarch64	php-devel-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	05faca0541c0ab8007ea914819d2e7f396d12ebb95c06a9610014ea21825acfe
aarch64	php-pecl-zip-1.18.2-1.module_el8.6.0+2750+78feabcb.aarch64.rpm	06be0c2d92001a187b8c91e35b817e5c0d798d204329b557aed4d0be3a37cf10
aarch64	php-bcmath-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	0822d94bb95b7ece28db078ed1ffb1153c702e136ee8562aad684ba0e55faae9
aarch64	php-opcache-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	120180e1f036ce2fbfe5634f0fe36cee05e3f330a63b4402f1f247bc2b0d8cae
aarch64	php-ldap-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	1e6bb7c2bc74844cd82187c730e28b9793c7e0cbe87a4827f092bd9ca2035296
aarch64	php-xmlrpc-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	240b6bb77be19c9450653b2f9daee781e2ef915f3a5c6b79019609885776e50b
aarch64	php-intl-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	2d081bb57e6df70d9314ffb24622df754d55b17d20b0fa3777fb2f78f35162e9
aarch64	php-pdo-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	31a71a9a9c9bb899d82bf46abb85aea2dd6dc4ecdb914edf34b09278bd351306
aarch64	php-odbc-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	3281528cf6aa99b9cbd291755acd0f038570d4e96c1264681ae33d829bef07b5
aarch64	php-pecl-apcu-devel-5.1.18-1.module_el8.6.0+2750+78feabcb.aarch64.rpm	44133bbff0dd9fed81eb95dd93a54b0bc7bf947357b94b8c4d542de61e90dfeb
aarch64	php-gmp-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	4784e784d33281ffca6e0dd679febffe94a86ebbd0bbdbfce0425279ad4a07cc
aarch64	php-embedded-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	517982d7073c9b623fc772652b719c9e20497a28dbbecaa8cda4663b59ba2cdc
aarch64	php-soap-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	5c29e49c3963c2681aa1c2ca4639fe583eb7d2f982c32c452733f6cc06fa3f63
aarch64	libzip-tools-1.6.1-1.module_el8.6.0+2750+78feabcb.aarch64.rpm	604d47d8e0e2d2153eebf705c7d7fa37fadbe9ee2acb4ac057ff92cbb509e290
aarch64	php-dbg-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	6de8bc6dd7acc8ad8f68ba5f1624529583ab64d93bcfdfa6564dc76f5fb28a83
aarch64	php-cli-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	7bbf3725e9ae5d68665c3189aaa05af0e6e52bbeb95f3926bf9a3cff716f0409
aarch64	php-ffi-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	7ee8ac48b27dbbb04a1a658f76bb48c636a245f4b3ec0acbbabc530c16b78f7d
aarch64	php-pecl-apcu-5.1.18-1.module_el8.6.0+2750+78feabcb.aarch64.rpm	841e6c4b791d229eecb325214f4b017c72bf0c27e30f3bb0f4de2949026f3a84
aarch64	php-common-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	86ba83ab6cda8cf1da99fd0c0410551835effcd9e4433202a77046f4c797aa65
aarch64	php-xml-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	9081e149b05f6fff5454759d90fad6e024a112fb82b674d319ff920d09dd4dbd
aarch64	php-enchant-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	923cccc4c7c36c6b590dd3673ea7d9abde753c7ce9f7b5d3def64c5b028e7a0f
aarch64	php-json-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	99b85eb49409f935b9a2b67664fb4e5fb842d25c09e4f0945d674e89cf25649c
aarch64	libzip-devel-1.6.1-1.module_el8.6.0+2750+78feabcb.aarch64.rpm	9e544e8ed433f0a0dfae2950214166a7f36a2dd4bf6697fa2fccda80cd807d6d
aarch64	php-pgsql-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	a0d6ab9cc011854633c8f426e05d1aa1deaf0fc320e8675fa2e0c97e4c9cd128
aarch64	php-dba-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	a13d5827697ffa3d039c10b4ab7b64316a8d2d4c3dd092b0b741b60340c34dd8
aarch64	php-pecl-rrd-2.0.1-1.module_el8.6.0+2750+78feabcb.aarch64.rpm	ab26fdec075c6dfeddba50bb0a878c3b8c1de0819a2d61dbc4797c908a767e7f
aarch64	php-pecl-xdebug-2.9.5-1.module_el8.6.0+2750+78feabcb.aarch64.rpm	abe84021691feb53f52fee7443d72ecd72bfe43db638613cc3dd00c3294918a8
aarch64	php-snmp-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	bf33b5abb3ccc30218ca9e0383fa7b7cb8a28d983c2a083338609dcd87547a19
aarch64	libzip-1.6.1-1.module_el8.6.0+2750+78feabcb.aarch64.rpm	c7bc3b5263c1404b4e421d19405013342e2315367e8d48e4fa9a8997ccbf28c7
aarch64	php-mbstring-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	d1ee5b9040692045bf398351b420ccf7275debf5dcb1dfc952cf796b37abf3e4
aarch64	php-mysqlnd-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	d421870151110c805e02330a27bec66840675308ceeb7b365e792aadd026ace0
aarch64	php-fpm-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	d5e983571ec567544ddfe9320985c64300afe90c58831ccfab3242070146ca09
aarch64	php-gd-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	e596fd70ebac3a6a31dd2bac0f2a10ca32e9cecb98a78757c2ef34b178c335c8
aarch64	php-7.4.19-2.module_el8.6.0+2750+78feabcb.aarch64.rpm	fffeeffb15f9ea1e4f74c2cdbb30a675ab5a445d2db98f0404ba4e0be6e209b0
noarch	php-pear-1.10.12-1.module_el8.6.0+2750+78feabcb.noarch.rpm	20ecce5f9f647b1644dfa77bc497a4d0978f66caf708a66dd6944df2ce660787
noarch	apcu-panel-5.1.18-1.module_el8.6.0+2750+78feabcb.noarch.rpm	5568a49ddf2e6f3cc96f57e04138466ed7edfd4d2ed114fe329cff5caa30bc56
ppc64le	php-pdo-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	01f8cdc15c22e96c9a4282323c8e184bd12f6ce8237e6d1227703c554747b0f1
ppc64le	php-xmlrpc-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	04a3122317ccc733e1c42f6988dcc74a170308855722fe28d4c50e7d8521d4ef
ppc64le	php-mysqlnd-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	0579bf740ff99a10e7f1bb18718c6565da0253332e854d221bb042301d2195ff
ppc64le	php-snmp-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	109e5629592b038cbf603291fb091e6de4a317308e54df0bca3b7bcec7143fd5
ppc64le	php-pgsql-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	1e8039a9023ff323413a7b996ed5798ec018d5662c3ce8ea89e8fbd92aa14b48
ppc64le	php-json-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	26539eb6a9f5c0131bdf16090d5099fa2295d15fc4797b47b5f582f30682f11d
ppc64le	php-embedded-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	26c6b02b6eca6bb428b3e20c9579999d907d263695503bc2fc0f1c3f263beee3
ppc64le	php-pecl-apcu-5.1.18-1.module_el8.6.0+2750+78feabcb.ppc64le.rpm	3d3a1782dd59aa6d85f792b0ac76b9d75b77a0aac879416550fee2769e733883
ppc64le	php-process-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	3f2a85a1dbc8d89e03593581925730e4cd1ab44f80d1f321c5b7a8b4d4e9bdd5
ppc64le	php-devel-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	4657ec42a768ed99229a472cf01675c41c42b2bd5002257ee3c2b1eb7fc31c94
ppc64le	php-enchant-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	5155a8fc9cebb17be6c3bed4ebc971a3009c92866650f56b7c1f63fed8538352
ppc64le	php-pecl-rrd-2.0.1-1.module_el8.6.0+2750+78feabcb.ppc64le.rpm	5726ecba5bfab6bd2067bbd3e5704d1e2687ec402480c30b5d8e72b57b419c16
ppc64le	php-xml-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	57a6b2706d3ed1ad2454cf3f413a46f246fc30722d0bb967efdb15b56e58519d
ppc64le	php-soap-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	5c2b93251b1dae03e24f77d49fd8fc883320c01caefc28b8dc199d0c7555e82f
ppc64le	php-dbg-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	5f7550bcc1ad9d8ec33bdb4eb355e0b5650f583862af1f5b963ad4d916488799
ppc64le	php-mbstring-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	7c5f81c79435f3200ec3879f612c593c6837e81530b44d77532a379a0357c001
ppc64le	libzip-devel-1.6.1-1.module_el8.6.0+2750+78feabcb.ppc64le.rpm	82354b0bd316fca2ddf147f97d68da49b0fa07bf6659b9449ce386b54e81f891
ppc64le	php-fpm-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	83965cef5910e04cd40fdc3602a1b936ccfaf0cc8edc72d60f5311aec965f8f8
ppc64le	libzip-1.6.1-1.module_el8.6.0+2750+78feabcb.ppc64le.rpm	83a67ce78dafd5bc600742c9688af1d4c55009039e97bd1c0925ef5256c94c09
ppc64le	php-bcmath-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	84e6e1f7159a6f5be35d5fc04fc3b16a3c78062d923a887d4b7d6fe2869f7610
ppc64le	php-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	8b39129ca6672de76e81ea4b762df7738df95f5b6fa13a1905607f4f447826d6
ppc64le	php-ldap-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	8bd0c1155483f4e4e8e8e2b16431949bc68b1be68c9db68041847e8e0e51e22b
ppc64le	libzip-tools-1.6.1-1.module_el8.6.0+2750+78feabcb.ppc64le.rpm	8ca8a22ac2e80adbda222a2db14bdc858f116a95b5311d36c6be6ba10c79efb1
ppc64le	php-pecl-xdebug-2.9.5-1.module_el8.6.0+2750+78feabcb.ppc64le.rpm	8d5fc1bbc285f89cb834467bf8375e24481088efb20c14a571d75764d9ef4cc8
ppc64le	php-ffi-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	8dc7e26c276c3f5f8237eafacebcd4b1f5268768be6d56cdc813e8c2813edaf6
ppc64le	php-dba-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	8de1ccc0e47482ea1f6ae733c9f74accb0870d3a268907789eb1c6e1b75dce7e
ppc64le	php-gd-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	ab619d75fe5a03448382165fcb4d3282ca28c6de8e195e6397de3119f0528bc7
ppc64le	php-opcache-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	adc66106ce683b9b9d0c6a8ebbfcd3d38e6cd07bc34a41f8e3ad136f1e16619f
ppc64le	php-pecl-zip-1.18.2-1.module_el8.6.0+2750+78feabcb.ppc64le.rpm	ae7804de99268256a45f739a0c00424bd22d7f34969a83ace6d4f6e8d9c70ccc
ppc64le	php-cli-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	af49e94a6c638aaff1bd6bf5ca30dec1b15204a2ed55e9272401202d606fa1c4
ppc64le	php-odbc-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	b9b4014a09a09dbde7b947be67d846c807f47c9a9f603195a646f4e2f59a9c76
ppc64le	php-gmp-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	c1dbe433a500613bbdfe4a8a826c1b7d49074bbf7b95e38cfca3543d81282b32
ppc64le	php-intl-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	c4b310a9e42a424470da2967237f5d5484f49640e0063eb0d31a3fe4960a6358
ppc64le	php-pecl-apcu-devel-5.1.18-1.module_el8.6.0+2750+78feabcb.ppc64le.rpm	d18f1fd980f6d9e259d978132d7573141a59f0de46c6536998b7312c9b7d1661
ppc64le	php-common-7.4.19-2.module_el8.6.0+2750+78feabcb.ppc64le.rpm	de59ea6289d3ca203c48c6995a0c3a2614b40a9bd294862b20d292bd3d801f51
x86_64	php-mysqlnd-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	02a7b574dd0bd777d7612e7a4096ab0b0757d90927f5228175c8cf7cf64072c6
x86_64	php-pgsql-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	1664af155a12e40989d9d5d8075335ca4ac1faf7c1e51a15c9f312c0f3f53d73
x86_64	php-gmp-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	26c6fe2748ab483a404e9b19bbd2810b40943c859cee188ae94c7c6b778b89bd
x86_64	php-pecl-apcu-5.1.18-1.module_el8.6.0+2750+78feabcb.x86_64.rpm	370d615e16a95b30b0b9d1aa21a0997e2615b63323933a662ef70d9373bebd76
x86_64	php-embedded-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	3ded053cc4b47b6fe742d462c58a076bc130ee0680099f406dea6730fb1a0d4a
x86_64	php-pecl-apcu-devel-5.1.18-1.module_el8.6.0+2750+78feabcb.x86_64.rpm	4a764d674f61eb7df11598ce0b1a7052184ddb8d62dcbd5952778897820fd4c4
x86_64	php-cli-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	5317435aaafee6ae474479017f50dc5e5fc92aac395f333425b883cc80d6377e
x86_64	php-fpm-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	594a2e7a869f8dc7af3ba38f3d8141870f5b124716072d6a816108651d0c34c4
x86_64	php-dba-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	5aa0e88720fbfe7a69f93ad181a6f1373ca1164038892d0aa3f9e2536cc8ba0d
x86_64	php-ffi-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	5b64009495980da5f63c309e2de844448320254c3b91293c9d2070802fda32a6
x86_64	libzip-1.6.1-1.module_el8.6.0+2750+78feabcb.x86_64.rpm	5c0337a010e670a836d34653dbc1d8cf3182b07e1bb9219125eb44069d9625cc
x86_64	php-xmlrpc-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	5fcc746788295ec1d23ba81d9951e166f4e477be71ad61117ca0fc040b985ecc
x86_64	php-enchant-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	6b3d79172435ee470be0cfed5bcdc5a1e8dbac7eaa4892b1dff70aae629b9916
x86_64	php-intl-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	6de3c0a0b58416f660e84f4a5f2a4efec5e8b19534fd7c311d8c968f5d746d5f
x86_64	php-devel-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	80bf1b6e1c97e183e98f51ae9aba96b870039ef8d5d63f5e3e0d6ae0221e0396
x86_64	php-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	8fddb8efdcc334d46ed068b9c41afc15628ac2abd2abac53083a2be1fb30b1ca
x86_64	php-opcache-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	90c6cdf567c694fa88b5d1ae8c3e60f001b990086dbeaa573aac4962ea8b0dd6
x86_64	php-soap-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	936ac7d9f43e28bc244c504b2d3cb569639790785e567d7031cd6071addde14f
x86_64	php-json-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	9b4d62e0154720eef44d663c3a0f79de5a250e9163f24605ea5855bbc2c9ffa0
x86_64	php-common-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	9f0337981b274d8c6758581843165aa344679c870ac54c53a7b83b90e868196a
x86_64	php-odbc-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	a2c5ba7391d7e9efa426c7c7014e3bacffbc90075c03e6af6ab7e3ceaae7fec7
x86_64	libzip-tools-1.6.1-1.module_el8.6.0+2750+78feabcb.x86_64.rpm	a30e10508c00a183f1dc76d9f7dece296f24cef58c2737c33b812fecd64e4f7a
x86_64	php-gd-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	a67485333763643f352320f6b9102ef2db9ece43554034be4c4c67c0e720073d
x86_64	php-mbstring-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	b872f3ea6edc2660bd6316c247e760db1d50f683c02f5a83134a7adeaed0aedf
x86_64	php-snmp-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	bd038b764c3a0a07093374af6bb4b2dc9300869d5afe17ec60c0ebc3b8dc96ab
x86_64	php-xml-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	c3253df4ea86140a7ae3f85ed644e845ab6814b7f0378fccf8852563f44def40
x86_64	php-dbg-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	c522890f7a0404d74c3bba97e0dfb8f1a7c1a91bbf484a3256fcd7d8e6c8920f
x86_64	php-pdo-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	c687b8c5a005eae4376fae02ef510e8c80d74c6de564dfbdb126581a9c37178c
x86_64	php-ldap-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	c68d4e4722218dc3903dbd10ec57292955a287be89c919219a3eaf2aae85ec78
x86_64	php-pecl-xdebug-2.9.5-1.module_el8.6.0+2750+78feabcb.x86_64.rpm	d48c43f6bf5e37ae4834ac149c5f4ce2e553dc52e73f114b012ab9940f26c714
x86_64	php-process-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	ef5fe0cefa61dd4ea49a5192dafb70eba269e728ae31b2c7c17fa698635ddaea
x86_64	php-bcmath-7.4.19-2.module_el8.6.0+2750+78feabcb.x86_64.rpm	f1f8b9e90027af25a1f7610d9dc2cb0471488861f33c3eae6f297a5ae9dfad36
x86_64	php-pecl-rrd-2.0.1-1.module_el8.6.0+2750+78feabcb.x86_64.rpm	f6547f37e9020ceba5cddb3e03fe23dee4d9f38f70fe33ce2d8ffe9a5bf83499
x86_64	php-pecl-zip-1.18.2-1.module_el8.6.0+2750+78feabcb.x86_64.rpm	fb34390a73b2f940d62bffacf1694b1aa8b742a05efada25fe79eafc810e78ea
x86_64	libzip-devel-1.6.1-1.module_el8.6.0+2750+78feabcb.x86_64.rpm	fb8646b700958a0ce1af00a40b074c19402ad05a00cf7f290a064f84376fa6c4

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.