ALSA-2023:5926

[ALSA-2023:5926] Important: php security update

Type:

security

Severity:

important

Release date:

2023-10-20

Description:

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

Security Fix(es):

* php: XML loading external entity without being enabled (CVE-2023-3823)
* php: phar Buffer mismanagement (CVE-2023-3824)
* php: 1-byte array overrun in common path resolve code (CVE-2023-0568)
* php: DoS vulnerability when parsing multipart request body (CVE-2023-0662)
* php: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP (CVE-2023-3247)
* php: Password_verify() always return true with some hash (CVE-2023-0567)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	php-snmp-8.0.30-1.el9_2.aarch64.rpm	0253139540410f7f0224df447fce5da4ec07d7329c92218c7c87d18b92d9e299
aarch64	php-pdo-8.0.30-1.el9_2.aarch64.rpm	1520dadb848a757c9c596d050ca37794a6aa87ba759de6391913b3392ea49298
aarch64	php-8.0.30-1.el9_2.aarch64.rpm	2178256f8c3fd67652d23edf749e6afac22a209da983994f72f0c56c92002de7
aarch64	php-devel-8.0.30-1.el9_2.aarch64.rpm	32de7e12ced98d81fb1a398b262ff4d4091b5cba1eaa889338ef63b8d7d8743a
aarch64	php-cli-8.0.30-1.el9_2.aarch64.rpm	33d6052ac50fb4328aab6b0e2b6c3303a32cd6674f433ce8452f07c8459cd31c
aarch64	php-gmp-8.0.30-1.el9_2.aarch64.rpm	3b33dacfcdde559ad85878faadec6324b64a5af015fc634cf1a91cd5b08db570
aarch64	php-dba-8.0.30-1.el9_2.aarch64.rpm	40d2beb311fc9de7d7a904291a0a8356d6007dfdfe34f666a54116f658722f93
aarch64	php-common-8.0.30-1.el9_2.aarch64.rpm	527c1ed867666a76add14d2c719b27f7929564433c9c214cb4f5fba1085f758b
aarch64	php-embedded-8.0.30-1.el9_2.aarch64.rpm	7d5f647370df63d66bd5cf64d088c328cf61a430581a4486ba5219f488182cac
aarch64	php-bcmath-8.0.30-1.el9_2.aarch64.rpm	81433237b38ed3960dafd041ff9c32d9c3f1e708a8aa3c9397120e7214e9cfee
aarch64	php-process-8.0.30-1.el9_2.aarch64.rpm	864deb1b79d6d75927ece4b5f9109c5d4c65535bb6a66c8fc11b84d36e922992
aarch64	php-fpm-8.0.30-1.el9_2.aarch64.rpm	8661ebcdf231db375b8120912b9c55bd8ec56299e0cd54ef1bff69a3255c391f
aarch64	php-gd-8.0.30-1.el9_2.aarch64.rpm	88fc2278d368d21b188cacbb42896389fd51cd205c130b3815a694d5a6f9808a
aarch64	php-mysqlnd-8.0.30-1.el9_2.aarch64.rpm	9d679276700f9fcaeba05704ee93561409ac88086c1e3827570aaddd89bc1496
aarch64	php-soap-8.0.30-1.el9_2.aarch64.rpm	a034056ec96fcf5c28269e2913bf227a5930ca8a06180325357aee807c9aecaa
aarch64	php-ldap-8.0.30-1.el9_2.aarch64.rpm	a138731098ce50999ba1be3f4b5630d3adad5073c570c4052e0a7845be7110da
aarch64	php-enchant-8.0.30-1.el9_2.aarch64.rpm	a2a5f98d522590033ea17eb2189982192c5e518d5d7d489888f97a249c6446c3
aarch64	php-ffi-8.0.30-1.el9_2.aarch64.rpm	ad83decb09b3e60ab7b5927748349fdd3b23df51144d6559dd6379e75ef8370e
aarch64	php-intl-8.0.30-1.el9_2.aarch64.rpm	b3a73b971fe19c325e9536ca0b95bbfdfbf621f8e89ea8253976f470679643b9
aarch64	php-dbg-8.0.30-1.el9_2.aarch64.rpm	b8791a57c31fc7c8bc5565ad4363e6952857c38239c712ab03e9e93d28828f38
aarch64	php-odbc-8.0.30-1.el9_2.aarch64.rpm	c98f5ff8e9fb778eaa096cd207e8b7610a985865c67a8c523d9dff6e1dc7aaa3
aarch64	php-opcache-8.0.30-1.el9_2.aarch64.rpm	d0a7a5379e2dc89fa4fa72fe9f10e82f42300afc9ec6882f0a805ba06209eaeb
aarch64	php-mbstring-8.0.30-1.el9_2.aarch64.rpm	e0c41f7284d21675b18d7089e8b4c60c4aeab3128b2600e57e64211627b8ec0c
aarch64	php-pgsql-8.0.30-1.el9_2.aarch64.rpm	e0cec43f59fe042d93def7c04ad0904e8cf2485b2a800665d538f919ce514279
aarch64	php-xml-8.0.30-1.el9_2.aarch64.rpm	ff3195642cdafeebe21225d37ee3f4d1d7d9ac91ee9d2a1318671bba7b6c0bd8
ppc64le	php-pdo-8.0.30-1.el9_2.ppc64le.rpm	09648333d9b4bf2b73b362a4673970b882308d33cb22c6f1e7447176a1280816
ppc64le	php-gmp-8.0.30-1.el9_2.ppc64le.rpm	0a7fa143bd63fb99d0d7c229a51dfc3d4a71068596d0ea67d18a480850fb9ea0
ppc64le	php-snmp-8.0.30-1.el9_2.ppc64le.rpm	15946bcab60c2f03636d5cfbcbeabe7d54c60257f4272457264c8d0556bd9ace
ppc64le	php-bcmath-8.0.30-1.el9_2.ppc64le.rpm	1d5fa63192826e7e4b1dc35cb6e2e003d3e860d5a6ec35eaaedbb641e10a7cbe
ppc64le	php-8.0.30-1.el9_2.ppc64le.rpm	209001672a84103c62f4b5849a98856ace4b8032160cf7637ee6a959b7a4a550
ppc64le	php-dba-8.0.30-1.el9_2.ppc64le.rpm	24f08ad2b7557587fe0436fc42827ebf15543d5cd99448dc1658531f95c39ba8
ppc64le	php-fpm-8.0.30-1.el9_2.ppc64le.rpm	27668c25bf375649ceea3ab847b64eea202f6dfeb07550dc22be7c0c1ad69b2a
ppc64le	php-embedded-8.0.30-1.el9_2.ppc64le.rpm	32b1cb0ca610fe54333ec64c6adcb9cebfecd17fcf14122425e90f18d81d58cc
ppc64le	php-xml-8.0.30-1.el9_2.ppc64le.rpm	35a4a2b40f51944aa15e71d71798b30b506a5ca2a9c676ceb6b25fe73955c2eb
ppc64le	php-mbstring-8.0.30-1.el9_2.ppc64le.rpm	37077c1bdd70131f86b10e01a1dc4078f11bd86bd20568de0f4f00843af87250
ppc64le	php-intl-8.0.30-1.el9_2.ppc64le.rpm	4dff7cc5b7b66218b4cee08ee299a7612cbe1f0fdf218affe679c62551cef75f
ppc64le	php-enchant-8.0.30-1.el9_2.ppc64le.rpm	4f46c1c6d6b73abb1d97175d525ec1caeaac20aa21f638a065889706cdf72657
ppc64le	php-soap-8.0.30-1.el9_2.ppc64le.rpm	52e3720527a9a5491410b1558757a222a4f961222f645a5fbd103c795d5f9573
ppc64le	php-ldap-8.0.30-1.el9_2.ppc64le.rpm	71cf1a045726a631f9c9cf2d5b221138f61a40640822fb5b6034c6b807fec900
ppc64le	php-pgsql-8.0.30-1.el9_2.ppc64le.rpm	8e24d02e5299c07ac494264688112b4604b0dc4872044ef937bb06a165a8dc24
ppc64le	php-common-8.0.30-1.el9_2.ppc64le.rpm	94e321782040359b03623ba7f97b301330d311ca9d6bf089d0f3cd6f67458206
ppc64le	php-opcache-8.0.30-1.el9_2.ppc64le.rpm	a05cbab8fee190995bb0b9cae3648cdaa22167e7e888ba7fe2faa574a36f55c6
ppc64le	php-process-8.0.30-1.el9_2.ppc64le.rpm	a6959706f32a24b530b557d4e0a648c7ded017f49f82ea9406c8029890975a55
ppc64le	php-dbg-8.0.30-1.el9_2.ppc64le.rpm	b5f3f79a8d17d5b230781343d90042396498173016bc715af7c1458232968b91
ppc64le	php-gd-8.0.30-1.el9_2.ppc64le.rpm	b63df964db21d5c1a1ea406d11077c43f7e8344c7b73c9c417a6f0a3b7f7feac
ppc64le	php-devel-8.0.30-1.el9_2.ppc64le.rpm	d22fdcbef375b0bc9f409c09ece12791fffbc5b327a21d552d7e544f2f88d7df
ppc64le	php-mysqlnd-8.0.30-1.el9_2.ppc64le.rpm	d2660286e8b4868c98e94c1a53b0f8be360a2ff5f7c57008f25e2aa9124294f8
ppc64le	php-cli-8.0.30-1.el9_2.ppc64le.rpm	e005809fe69c932be8288472df7582a94ea1619d1451afb875fa679f961ec7e3
ppc64le	php-ffi-8.0.30-1.el9_2.ppc64le.rpm	ee8cc5256e6cb13cc0929a17d1765ee38952bab1b95d36b60e41a313c3721fcb
ppc64le	php-odbc-8.0.30-1.el9_2.ppc64le.rpm	f60f9610a34d79137efbd2ce4332904fe34aa5b63a5df21defa244a4f7d05c2e
s390x	php-cli-8.0.30-1.el9_2.s390x.rpm	0214339d4015e459802199d8a7eac160c8b23190ef14eeaecbee721d6b621430
s390x	php-gd-8.0.30-1.el9_2.s390x.rpm	0305f8a5eb447490a6bab00f3422e7b3500e95d78a8b3e9432c371b02b745e23
s390x	php-devel-8.0.30-1.el9_2.s390x.rpm	097e9ca9d1e37655a435d7130b952205c91edde31a972cf7b98c59aae4f7153e
s390x	php-snmp-8.0.30-1.el9_2.s390x.rpm	13fbbc6a0ec5fb8febfe684d863829220cfcd60fa3dd920d79daf0e9e652e493
s390x	php-ffi-8.0.30-1.el9_2.s390x.rpm	1f517fc9ff5615864c396311b87ff8cb6e5cc92c54a08535eeba658156355536
s390x	php-pgsql-8.0.30-1.el9_2.s390x.rpm	3176d675a8917da000b1c983d4207476001b95cc08f11b6d0ff7834fccd79d54
s390x	php-ldap-8.0.30-1.el9_2.s390x.rpm	4c37e15473bd9c578ed0f044dd8b7e2452f9112fd9ac0c9cc513b861f12813bb
s390x	php-process-8.0.30-1.el9_2.s390x.rpm	4c654ca16895bda5b8988d9e1f618b185ff9d47d2bda628fa60fcd04551580e1
s390x	php-embedded-8.0.30-1.el9_2.s390x.rpm	4e92257e2287c918188ddcfd202f7fd099ce612206ea4314b6211b699df08326
s390x	php-opcache-8.0.30-1.el9_2.s390x.rpm	59c5930658d41f1da05d03021ddbd899060e5cbcbae5ff7f39d41ae6eb759c06
s390x	php-gmp-8.0.30-1.el9_2.s390x.rpm	5e413a74fc1952d5aaedd2763f9b89735aa9daafb46ad31c679cbd2358356478
s390x	php-xml-8.0.30-1.el9_2.s390x.rpm	7b846d3c0c07e9a2fe3e22928a2cd57533ce4839850b48c7dc98cfa2eaeefab1
s390x	php-mysqlnd-8.0.30-1.el9_2.s390x.rpm	8695c1d1f6706882787c1d7c72b6ab37f30b1f125c9f4b200d125dcfb836ebd6
s390x	php-intl-8.0.30-1.el9_2.s390x.rpm	a05b5bfcbf61c0b9e9126ea005aeac5491fb4d35ab952954794717399a1bb0ab
s390x	php-fpm-8.0.30-1.el9_2.s390x.rpm	a0f430520885669ba2f5d66e31624fc97ef2a852a08959b36e2c730191f4f623
s390x	php-enchant-8.0.30-1.el9_2.s390x.rpm	bdb7a69e65916861ffcd5f6de169bf346718e5a565ce626c76b3982e5021bc39
s390x	php-odbc-8.0.30-1.el9_2.s390x.rpm	c111a57c36cbdd9173103f52323f4801d8e3fc5564839df9acecfedec5478da7
s390x	php-common-8.0.30-1.el9_2.s390x.rpm	c683749f25dd7beb1f5a0cc6cb20d1fcbce9483139a8bdeba311a9b4a3f3d1fc
s390x	php-soap-8.0.30-1.el9_2.s390x.rpm	c6feccaaf3702d3bc899be0cc4c80773a49e080b7074d1b0381ada87e4369996
s390x	php-dbg-8.0.30-1.el9_2.s390x.rpm	c797fc3f9b1bf316bffb73b3f0910c580ca9c2de3462c935ea9e5a0ce6bb800e
s390x	php-dba-8.0.30-1.el9_2.s390x.rpm	cef8cc47da97a375516d0d6c7f8e9ea61f4a21eacf8ecb4c78fc177da5bacc81
s390x	php-bcmath-8.0.30-1.el9_2.s390x.rpm	d91185e26961b7cf7f6c191af3718c1964b43351ef8a7cdaa09f6c5e225aa37e
s390x	php-mbstring-8.0.30-1.el9_2.s390x.rpm	e763f5fb2052a733d92db32fd3b83aec9be814c1c21936f1282b1e2e22021546
s390x	php-8.0.30-1.el9_2.s390x.rpm	e9f6bee0c0d9bbfb395021c3a6b088e6583c5368c89b55c2fd32de7abfa2a79c
s390x	php-pdo-8.0.30-1.el9_2.s390x.rpm	fc70243fa02ef64324d1e3816569d04d17f47c54faea1fae1f7c1957e965c36f
x86_64	php-pgsql-8.0.30-1.el9_2.x86_64.rpm	057e2f92913181f7c7e14e8c0bb3a4bd662b177acc123a4006cad435acf24320
x86_64	php-enchant-8.0.30-1.el9_2.x86_64.rpm	08559ddd8660e06be105acb87d1285bd39c79661dc1927b2e62ea57879be5ea7
x86_64	php-embedded-8.0.30-1.el9_2.x86_64.rpm	2d1cf4919ea2cfc6c8dd78d6afff1988ddf98afb4be9dd32397b63f2458c6994
x86_64	php-ffi-8.0.30-1.el9_2.x86_64.rpm	3a09ae94a787452631f2a9de5b07080f85bb4bd6fa0ce75164039118fa786a55
x86_64	php-dba-8.0.30-1.el9_2.x86_64.rpm	4fd3a7c46fdaa1faf48a963c8ab917406e3427e7f3c7b4cd2b96f840b269c5bc
x86_64	php-fpm-8.0.30-1.el9_2.x86_64.rpm	64c6c1f6dbf44d74a4fb8db4d785fc7bdbf8407adfe122af77bb98334f95b150
x86_64	php-8.0.30-1.el9_2.x86_64.rpm	6bfa820b55a260d799a8cece4f0f14493500765a99adfde724e5048f92ba760e
x86_64	php-ldap-8.0.30-1.el9_2.x86_64.rpm	6f1664419ff3a96458ad64d5af45e645a8b2055d29e5e6a712bc04d0f0e53ad4
x86_64	php-soap-8.0.30-1.el9_2.x86_64.rpm	7f3d4cb50a2d73b2784e91cc2ab9f3b32c0f88cafb08bc02a3159788b243d164
x86_64	php-xml-8.0.30-1.el9_2.x86_64.rpm	8479d8a325a8aace661b948e97daf47834d800910d43b2e8162f9b38e99de245
x86_64	php-pdo-8.0.30-1.el9_2.x86_64.rpm	87995fde5dfdfe8ab63457cd50c9a8a31cd742787c5f591d08d9bb48ad737082
x86_64	php-cli-8.0.30-1.el9_2.x86_64.rpm	8fad17864033e76328b67f2249f6f7f602b4ae6751f612cb390ec01b60296518
x86_64	php-snmp-8.0.30-1.el9_2.x86_64.rpm	a3751f0d8ad8c74a856bab7944b5e636212fc7f8d07ef74198dcc04a1a152afd
x86_64	php-dbg-8.0.30-1.el9_2.x86_64.rpm	aa9348bafc720d8bfd27eef8c72f512f9a4a4e9f5bfa75cd83c609a401ace65a
x86_64	php-odbc-8.0.30-1.el9_2.x86_64.rpm	b0992c9dc113f3a588fec9419efb4941a2b1eadd538cac1ce467b1a85107c837
x86_64	php-bcmath-8.0.30-1.el9_2.x86_64.rpm	b7dca412c4f18216a2d33c60c6ecf9f5e2b24b60d4314ac98f88c5724075aa09
x86_64	php-opcache-8.0.30-1.el9_2.x86_64.rpm	be13c19f1c56ee579f7bef5374d258b780467097808ea44bfcaea8fdae1f907e
x86_64	php-process-8.0.30-1.el9_2.x86_64.rpm	c474acfd77e470bb322fc7df2b5628d939094aabe24946ca3e2d3e3e7ce1889e
x86_64	php-gmp-8.0.30-1.el9_2.x86_64.rpm	ca5034547fab5904a836629e9eb856402abc61cbae6bf216b47044b8f615d731
x86_64	php-common-8.0.30-1.el9_2.x86_64.rpm	d3b6ac2075fd6de74781e90c285b94a1117c71e647e420209fb58a387e738179
x86_64	php-mysqlnd-8.0.30-1.el9_2.x86_64.rpm	de6806178ac1accf381419389e5126a97e8a2eb8ee30adbf3f1b7b1fa27d1c21
x86_64	php-intl-8.0.30-1.el9_2.x86_64.rpm	e6ff1a3e7e2defd329f94243e4623aadea26d417fdc230b3bebdafd61b5d191f
x86_64	php-mbstring-8.0.30-1.el9_2.x86_64.rpm	e827cc7ded22ddb227f2bfe4868ae914745e2a3d5db86b2c42d4b4f1fb504870
x86_64	php-devel-8.0.30-1.el9_2.x86_64.rpm	ea3c66b193013a664de0f3ef88a386d776d8b6467e5ac9615a41e1c24a42b117
x86_64	php-gd-8.0.30-1.el9_2.x86_64.rpm	fd0f779941b21cd20bb7df22099fae75f55f5677ba0c1ffa5b2e67c1cca804eb

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.