Release Info

Advisory: CLSA-2022:1664204708

OS: Ubuntu 18.04 PHP

Public date: 2022-09-26 00:00:00

Project: php

Version: 7.2.34-20

Errata link: https://errata.cloudlinux.com/php-els/ubuntu18_04/CLSA-2022-1664204708.html

Changelog

* ELS-189: Fix for Harden PHP - CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE - CVE-2022-31626: Fix buffer overflow in mysqlnd driver leading to RCE

Update

Update command: apt-get update apt-get --only-upgrade install alt-php*

Packages list

alt-php72_7.2.34-20_amd64.deb alt-php72-bcmath_7.2.34-20_amd64.deb alt-php72-cli_7.2.34-20_amd64.deb alt-php72-common_7.2.34-20_amd64.deb alt-php72-dba_7.2.34-20_amd64.deb alt-php72-dev_7.2.34-20_amd64.deb alt-php72-enchant_7.2.34-20_amd64.deb alt-php72-firebird_7.2.34-20_amd64.deb alt-php72-gd_7.2.34-20_amd64.deb alt-php72-imap_7.2.34-20_amd64.deb alt-php72-intl_7.2.34-20_amd64.deb alt-php72-ldap_7.2.34-20_amd64.deb alt-php72-mbstring_7.2.34-20_amd64.deb alt-php72-mysqlnd_7.2.34-20_amd64.deb alt-php72-odbc_7.2.34-20_amd64.deb alt-php72-opcache_7.2.34-20_amd64.deb alt-php72-pdo_7.2.34-20_amd64.deb alt-php72-pgsql_7.2.34-20_amd64.deb alt-php72-process_7.2.34-20_amd64.deb alt-php72-pspell_7.2.34-20_amd64.deb alt-php72-recode_7.2.34-20_amd64.deb alt-php72-snmp_7.2.34-20_amd64.deb alt-php72-soap_7.2.34-20_amd64.deb alt-php72-sodium_7.2.34-20_amd64.deb alt-php72-tidy_7.2.34-20_amd64.deb alt-php72-xml_7.2.34-20_amd64.deb alt-php72-xmlrpc_7.2.34-20_amd64.deb

CVEs

CVE-2022-31625
CVE-2022-31626