ALSA-2023:0965

[ALSA-2023:0965] Moderate: php security update

Type:

security

Severity:

moderate

Release date:

2023-02-28

Description:

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

The following packages have been upgraded to a later upstream version: php (8.0.27). (BZ#2161667)

Security Fix(es):

* XKCP: buffer overflow in the SHA-3 reference implementation (CVE-2022-37454)
* php: standard insecure cookie could be treated as a `__Host-` or `__Secure-` cookie by PHP applications (CVE-2022-31629)
* php: OOB read due to insufficient input validation in imageloadfont() (CVE-2022-31630)
* php: Due to an integer overflow PDO::quote() may return unquoted string (CVE-2022-31631)
* php: phar wrapper can occur dos when using quine gzip file (CVE-2022-31628)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	php-embedded-8.0.27-1.el9_1.aarch64.rpm	08bbde9d0c37e2289165cb00fc0d8b1fe41d5a1fca89b3dcd75ecac13af2d650
aarch64	php-pdo-8.0.27-1.el9_1.aarch64.rpm	12211fc7773887ee20f0d1770a224e7ec452ea7e64cb08e2172ebb1914012ce5
aarch64	php-mysqlnd-8.0.27-1.el9_1.aarch64.rpm	133e90c7172ccb490668fe8317888a26af2f2a879e5760fb37ba9aafaa7caade
aarch64	php-gd-8.0.27-1.el9_1.aarch64.rpm	2071f2565f2dd68cf29b49cefc840fb3f47527b85758e4be742c013c3b780f22
aarch64	php-opcache-8.0.27-1.el9_1.aarch64.rpm	36bcf4893f8f440fccb927730a0f83956726d4cb115bce7e5a35240288330156
aarch64	php-soap-8.0.27-1.el9_1.aarch64.rpm	3b551950992d8c7a60f08f6996ac3b47582237206a66bb5d034c290e134942c1
aarch64	php-pgsql-8.0.27-1.el9_1.aarch64.rpm	42e730d41d60c794f2c042066ab1622cb34dc5adefea496e4bee07c558d026e9
aarch64	php-common-8.0.27-1.el9_1.aarch64.rpm	633f9b72c77519131033b0ee3df89582fb09a381ce91bc783eaef943327139f8
aarch64	php-bcmath-8.0.27-1.el9_1.aarch64.rpm	6652097df10c4b9ab94cfc13ee17326da6e0546d5ab4a535d68d28e9292a9dea
aarch64	php-mbstring-8.0.27-1.el9_1.aarch64.rpm	7310ca04edf332a64b6a0375f2739cf0fdeb058e85f9152bfee69c24317c0a29
aarch64	php-ldap-8.0.27-1.el9_1.aarch64.rpm	75e8a27bde755afdcff3466cba5ef847137ad528c53eb73aad3fdf646879343f
aarch64	php-8.0.27-1.el9_1.aarch64.rpm	783aaa71ce7e2a82db72bbfdfb7e967825c3ec8ad2e5b30ae57aef15c7ae75f6
aarch64	php-fpm-8.0.27-1.el9_1.aarch64.rpm	7d5b183050ee697ebe0ea0af8f3681cf7f4424d13d83ef4d60df0d98c82eb54c
aarch64	php-enchant-8.0.27-1.el9_1.aarch64.rpm	8efdf897c7b0556e624133c68433a3b0cd6ff356ce0d68f0c2db0db5687e5027
aarch64	php-process-8.0.27-1.el9_1.aarch64.rpm	91cbd3aa1ca3fe2d68dde229a54c2b7fc03a51458baf87ea3814bf9f60aa7a17
aarch64	php-xml-8.0.27-1.el9_1.aarch64.rpm	a71b178de0f10458b2d9168aa2bc315bed9dae4b82c2e0b612d63297b452566c
aarch64	php-ffi-8.0.27-1.el9_1.aarch64.rpm	b85c9dc28d004eaef2ae60eb71ac11f22a7cce3198ac509348926bee07745104
aarch64	php-cli-8.0.27-1.el9_1.aarch64.rpm	b97e4b8114e8d35f44836f5bb36dd54272d1490d2b080c87f4157005b9e1fe70
aarch64	php-intl-8.0.27-1.el9_1.aarch64.rpm	caf0f6e0924e21cfc527602dce4433e3200919eeb459eed57bcd75ec1e1e72eb
aarch64	php-odbc-8.0.27-1.el9_1.aarch64.rpm	d7559f276633567d5fc18211d44db90235915f0b0a8db3b5da5c1c5d85f3a09e
aarch64	php-snmp-8.0.27-1.el9_1.aarch64.rpm	d7e8ee0c8a99219dab039e9fb929e00fe1aa001a7c51cab1e0bdbe56f3572b78
aarch64	php-dbg-8.0.27-1.el9_1.aarch64.rpm	dfa53ca951b1186f1ed36c1e59c454868033d79e59adb618cf1f7b56bcda0d57
aarch64	php-dba-8.0.27-1.el9_1.aarch64.rpm	eb4d4e2e2633abcfb15eb92ab47f49dd28dc4dcc4a451d7b8430c581b8739eb3
aarch64	php-devel-8.0.27-1.el9_1.aarch64.rpm	f0f63d32969e44da05f57e27c3890c2fa691d4c228d2f7e14c81047a5287a050
aarch64	php-gmp-8.0.27-1.el9_1.aarch64.rpm	f930ed58fce3633acdd41aa4569663282d1b1a5b770bc7c32a9e088a02bcd2ed
ppc64le	php-gd-8.0.27-1.el9_1.ppc64le.rpm	0b2a27c76f4b73112f04d2ad2a093d8a8a0a016fb93de541858001ba91d16d44
ppc64le	php-mbstring-8.0.27-1.el9_1.ppc64le.rpm	12d62c8f66c8629352c1693e51fd38584e17f11828be4b824ae68b073cad2ff6
ppc64le	php-odbc-8.0.27-1.el9_1.ppc64le.rpm	157df996227623d44267bad9abe3165cc84c8b03028767f88b8856cfc48736a1
ppc64le	php-pgsql-8.0.27-1.el9_1.ppc64le.rpm	183e8ae038b33acb5ea878f045d9fa30e02047dda112c965f7552a7fad7f4999
ppc64le	php-devel-8.0.27-1.el9_1.ppc64le.rpm	1ab8a93c9e2584f5aba40dc7a92566ab74a0c1044b431212a6e8140094ad8290
ppc64le	php-fpm-8.0.27-1.el9_1.ppc64le.rpm	27d389b1d6624cb0e172c3049aefe05982ef93b058d63e34c5607bf757641892
ppc64le	php-xml-8.0.27-1.el9_1.ppc64le.rpm	37744ff2b4bc6cb598509d14db00ddafc0cd7d172620c87fdd48f7715ffe16bc
ppc64le	php-cli-8.0.27-1.el9_1.ppc64le.rpm	3c6e461cefae415ba672cba167395984fe5d228189a03d97d67c6f10584877b4
ppc64le	php-common-8.0.27-1.el9_1.ppc64le.rpm	45767bb9db032b18f6128fd9f1af71287314a46112930336ad3d1fb035534781
ppc64le	php-pdo-8.0.27-1.el9_1.ppc64le.rpm	4ac1fc3a076aebc0c4520e146488ff6aa2f2762d00ff8232d5071314b50166cf
ppc64le	php-mysqlnd-8.0.27-1.el9_1.ppc64le.rpm	4f4c59d90fbe58d03ca11054a620e52d47664586058b94c9d3c0825db13f196e
ppc64le	php-soap-8.0.27-1.el9_1.ppc64le.rpm	60209c3ddbb33097859bba7412628acf3e00a0b99932a9b865e17a59b55d3a1e
ppc64le	php-ffi-8.0.27-1.el9_1.ppc64le.rpm	66dfe1634836045cb29641515dd6f74977e5bc48d7a3cf3e70dfbcb18f99e05f
ppc64le	php-ldap-8.0.27-1.el9_1.ppc64le.rpm	7d4618e75b3fe10c2525c1b64e90cef29b731a52d9842bf743cba53a400a45ed
ppc64le	php-bcmath-8.0.27-1.el9_1.ppc64le.rpm	86800ac8a348c5acb3b020c3d8a0ab3831a99cf98ad3a00c518563564a87da36
ppc64le	php-snmp-8.0.27-1.el9_1.ppc64le.rpm	8cf7878d23fa5fb8c8e8caa9e1cf2f0a5fb802b66eb9f4714efcfd75f5d837e7
ppc64le	php-process-8.0.27-1.el9_1.ppc64le.rpm	8e0d5d5f7bab184c381e167e0956dffca1a740b28c02c3c07cea0fc3c0e16b2a
ppc64le	php-intl-8.0.27-1.el9_1.ppc64le.rpm	94f552580efd1331734cc3c036d56e8f7ebf88f827fa386d2408b63ab7e18a27
ppc64le	php-embedded-8.0.27-1.el9_1.ppc64le.rpm	9731b82f882cea3e82d96df17cfcefd32ccc805391bf0a7c07fdc5bb9609eb5e
ppc64le	php-dba-8.0.27-1.el9_1.ppc64le.rpm	bb9f98c7cd0059d2bdadf84eaab86cf39fc3af0d1e147347c56ef4dbe4409ed0
ppc64le	php-dbg-8.0.27-1.el9_1.ppc64le.rpm	c3e8e3db7804e841e1fef58a4eadd0b3c3964a0b98b6032b3c30431a76a7861d
ppc64le	php-8.0.27-1.el9_1.ppc64le.rpm	c482ff9cfa6f55c2ff6848d08c04ea6984ddfa8ac31d1db5046d48d8d454951b
ppc64le	php-enchant-8.0.27-1.el9_1.ppc64le.rpm	d55bf4cff78ffd840d8d9faf11ecffcf9a4a41e580be9dfc7a039cd9bb6dc795
ppc64le	php-opcache-8.0.27-1.el9_1.ppc64le.rpm	e53965f7479a8e1df5bf9cb3fdbecf2c9fe0fde45729c46d947d1debd85157cb
ppc64le	php-gmp-8.0.27-1.el9_1.ppc64le.rpm	ef64c452e4212ecdae8bdab0fb1469818593f4f5c6d847089e41c9842bef4a2f
s390x	php-xml-8.0.27-1.el9_1.s390x.rpm	0191c42872f59374d94841fc54ded08cd294469e5fd7af45231370aa3632e797
s390x	php-pdo-8.0.27-1.el9_1.s390x.rpm	04c1847fd85054b8ff106e5812cf3c77240489f9f50c114149b3edfc4d11655f
s390x	php-gd-8.0.27-1.el9_1.s390x.rpm	062db49d581a01e990636c834a4b262c2c0b1fe41469bb4203c1b89c46ea4b70
s390x	php-gmp-8.0.27-1.el9_1.s390x.rpm	07dbdb39886777b23a8f450598d5e4e964bd07e5b970110c4e758d330a6b37cb
s390x	php-opcache-8.0.27-1.el9_1.s390x.rpm	1c900a2ef0eba924407066f0217cbcfda3328582789a7f0c962ee34be4e6336b
s390x	php-ffi-8.0.27-1.el9_1.s390x.rpm	25e691d62e441a13e64b0d43cfe4eed258fba93d6e53d43b02c5256051b644c3
s390x	php-common-8.0.27-1.el9_1.s390x.rpm	282c169a8864df0c54aa1ab027678e35475fd48c4378b48ab0a3965873376fb9
s390x	php-ldap-8.0.27-1.el9_1.s390x.rpm	2e2f81c2aa2303c79e3f698465306563a84d8b5450cb83308a8e7fd53b20ae33
s390x	php-odbc-8.0.27-1.el9_1.s390x.rpm	3bc95347a7abb9f6e2ed7b3a25f2693789571ab06325d9845c5ac4b0ad8d9c41
s390x	php-dbg-8.0.27-1.el9_1.s390x.rpm	4c8a63682099b88988e81d34fbc2e5967275a24ca2d0639cb2cdb88bbcf55327
s390x	php-snmp-8.0.27-1.el9_1.s390x.rpm	6b3e59a8ada9aa361d09ea5292b24f10fcc7d043bc5fe48861e676fa4c893f72
s390x	php-soap-8.0.27-1.el9_1.s390x.rpm	6d2ec05e6171f9ce67b14ade23524792e2a9983d85831864eeed0f262406ae60
s390x	php-cli-8.0.27-1.el9_1.s390x.rpm	6d77c6f316f381bb1f26ae18993fce5b59e70e9b5a31bae6fa01822daf268fd4
s390x	php-mysqlnd-8.0.27-1.el9_1.s390x.rpm	7fd8628e406582b7c5733408dcc8b2201d423eeeb63d1938ad449097ff6fa19c
s390x	php-enchant-8.0.27-1.el9_1.s390x.rpm	8ccd4427efbf8512830515fa85aca20b358508f78e0a2ce6f874a3f5e3557921
s390x	php-intl-8.0.27-1.el9_1.s390x.rpm	8e0898d586a6448e7ebbc290ef50a49df99259792b9905629030bcbdf9e2e35f
s390x	php-bcmath-8.0.27-1.el9_1.s390x.rpm	8f80213221ba9df6d78698342cd6b26ba37a1bd17d72c9aae2988f01c75e7ad4
s390x	php-pgsql-8.0.27-1.el9_1.s390x.rpm	9cb88c106cdb2d168b7bb741a918f0473e6df4cd23b9228864ca53ce02b6c243
s390x	php-process-8.0.27-1.el9_1.s390x.rpm	a1559a0f3908815ff31b58d309dba43f67139946e2b474124d6638588c9e6846
s390x	php-embedded-8.0.27-1.el9_1.s390x.rpm	a2a2e39143a7d7343a6b5b9671ed9d8d233454524745161c225115b319f9cb35
s390x	php-8.0.27-1.el9_1.s390x.rpm	a7892041eab777e02a163d684104da4bd8304baf0c0fd90bc6ee506693d4d59d
s390x	php-mbstring-8.0.27-1.el9_1.s390x.rpm	ad30c189b3d2d562f4c5fd619a042548dd38af777a9fac45af1b6d6c48a8e93f
s390x	php-fpm-8.0.27-1.el9_1.s390x.rpm	b7c92f50db2d5a4f0d0e95c415e2b09b4becb016c42529fa1d11de2792961248
s390x	php-devel-8.0.27-1.el9_1.s390x.rpm	f01c6ed1d320817a2d6d4680b66448b8b90240b55d4ccfa1c68ca60c42a22a01
s390x	php-dba-8.0.27-1.el9_1.s390x.rpm	f030916e464c664524c31d39eed780ab466a76b94f2ff21249ca5c4d012baedf
x86_64	php-gd-8.0.27-1.el9_1.x86_64.rpm	13a84bd28374abf57ec214ec4450d2bad49685aa23abea571f76c5c0307f4b22
x86_64	php-xml-8.0.27-1.el9_1.x86_64.rpm	1d5f236c80aa3b9fe216ee25e52be689d7e427411b3c515498cedfd221473269
x86_64	php-devel-8.0.27-1.el9_1.x86_64.rpm	245e048f0108449b951cb821b7ad6d5fa3ae9d6bb9a8fba5cac50161e4de3056
x86_64	php-gmp-8.0.27-1.el9_1.x86_64.rpm	269d92617c3c0ec5e278e02428fbe8547916123481bc5ac8f01b5cf3a446937b
x86_64	php-mbstring-8.0.27-1.el9_1.x86_64.rpm	30d3c1793de0f132a1e37569c9dbe01b4bf0fb02952bbb53a827bd6316d63bcc
x86_64	php-cli-8.0.27-1.el9_1.x86_64.rpm	39670b853ecae877e2ea8ef9b7415784bd453dd9ec8d68e40c42f73e234fee13
x86_64	php-process-8.0.27-1.el9_1.x86_64.rpm	4162c9e7f529e6ed3825a6f1852849b9127152b5648b943107f4c40b869dacae
x86_64	php-ldap-8.0.27-1.el9_1.x86_64.rpm	41700c5bbbc840152c4208a4c7cf53f72054fbc7fc74187c6c17b8013ba63d26
x86_64	php-enchant-8.0.27-1.el9_1.x86_64.rpm	559b85f908bdf5fdd9a9b88f1a3b567633f2433facb00ae12cb72fe58e4028b6
x86_64	php-pdo-8.0.27-1.el9_1.x86_64.rpm	71330e04cd76d6bfef40abb5618de28598b6958f986477821ab57ae42e3e60ad
x86_64	php-opcache-8.0.27-1.el9_1.x86_64.rpm	765fd4911bfe822aa93ccbff45af7e895b0ddd67bae4e0e1a4fec199db3fbf0f
x86_64	php-intl-8.0.27-1.el9_1.x86_64.rpm	864601861f6ff3bb13595ff3c16ca29ae6b762f4c663714b91d6a78f1e0485c4
x86_64	php-common-8.0.27-1.el9_1.x86_64.rpm	8fd316fc0e4ccdb9abf4634459aac3e038bb01be084b3d08eb4fd7b9005b75b8
x86_64	php-odbc-8.0.27-1.el9_1.x86_64.rpm	909421bce228d3a7449b9689023f4b3c8b4a2011e86e163f43a945163e63ff02
x86_64	php-embedded-8.0.27-1.el9_1.x86_64.rpm	9e74f12d29dafece15a07b5b86edc374a37859473860273d0fae399c0d3cfb29
x86_64	php-bcmath-8.0.27-1.el9_1.x86_64.rpm	a252df851afd1fdb1b47b518545556683a2bbf8f403ea6ecad8203499b287d83
x86_64	php-soap-8.0.27-1.el9_1.x86_64.rpm	ae48cdbf548496389530f0f252cd6a99259aeb7c91b07b3ce5a3a50b41f1667e
x86_64	php-mysqlnd-8.0.27-1.el9_1.x86_64.rpm	bc580fc8438ec80e9aa1530424c86ecfaa873918aaba538606b02c0806f0bc5b
x86_64	php-snmp-8.0.27-1.el9_1.x86_64.rpm	d4bf8f649ba51182977eef676fa758fb09ca1ea12180887814a087afb8e3b8cd
x86_64	php-dba-8.0.27-1.el9_1.x86_64.rpm	dd1607eace7481a2727f4d33609a75cd71c517ae33ade022f7eafd5ebaca3e3f
x86_64	php-fpm-8.0.27-1.el9_1.x86_64.rpm	e0694bafc7035cc89577abf5cc24cc80bd072353883e1589cdc3c8dab90e3717
x86_64	php-8.0.27-1.el9_1.x86_64.rpm	e176ade1140b6cdee8e4e186bc3df7ecac891762274200f3f1a4c11431443262
x86_64	php-ffi-8.0.27-1.el9_1.x86_64.rpm	ebd55a83a511c6e640b26f83f9c2980b7dba1c201f75d8af52f791e1ec214f71
x86_64	php-pgsql-8.0.27-1.el9_1.x86_64.rpm	f01667a17ee59e017ba76e9a3c87fad2c246dd0ec7f9cd145b91aab15ba097c6
x86_64	php-dbg-8.0.27-1.el9_1.x86_64.rpm	fb93a5e62ac091ba63a019a78ff16ad403c8fcf5103b15578eaf90a81f6e7935

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.