Release Info

Advisory: CLSA-2023:1679944242

OS: Ubuntu 16.04 ELS

Public date: 2023-03-27 00:00:00

Project: php

Version: 7.0.33-0ubuntu0.16.04.17+tuxcare.els5

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2023-1679944242.html

Changelog

* SECURITY UPDATE: Denial of service - debian/patches/CVE-2022-31628.patch: Fix potential infinite recursion in phar wrapper when using quine gzip file - CVE-2022-31628 * SECURITY UPDATE: Cookie injection - debian/patches/CVE-2022-31629.patch: Add cookie integrity validation - CVE-2022-31629 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2022-31631.patch: Fix integer overflow that could cause PDO::quote() to return an improperly quoted string - CVE-2022-31631

Update

Update command: apt-get update apt-get --only-upgrade install php*

Packages list

libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_all.deb php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_all.deb php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els5_amd64.deb

CVEs

CVE-2022-31631
CVE-2022-31629
CVE-2022-31628