Release Info

Advisory: CLSA-2022:1668724139

OS: EL 7 PHP

Public date: 2022-11-17

Project: php

Version: 5.2.17-189.el7

Errata link: https://errata.cloudlinux.com/php-els/el7/CLSA-2022-1668724139.html

Changelog

- Fix for harden PHP - CVE-2022-31628: Fix potential infinite recursion in phar wrapper when using quine gzip file - CVE-2022-31629: Add cookie integrity validation

Update

Update command: yum update alt-php*

Packages list

alt-php52-5.2.17-189.el7.x86_64.rpm alt-php52-bcmath-5.2.17-189.el7.x86_64.rpm alt-php52-cli-5.2.17-189.el7.x86_64.rpm alt-php52-common-5.2.17-189.el7.x86_64.rpm alt-php52-dba-5.2.17-189.el7.x86_64.rpm alt-php52-dbx-5.2.17-189.el7.x86_64.rpm alt-php52-devel-5.2.17-189.el7.x86_64.rpm alt-php52-enchant-5.2.17-189.el7.x86_64.rpm alt-php52-firebird-5.2.17-189.el7.x86_64.rpm alt-php52-gd-5.2.17-189.el7.x86_64.rpm alt-php52-imap-5.2.17-189.el7.x86_64.rpm alt-php52-intl-5.2.17-189.el7.x86_64.rpm alt-php52-ldap-5.2.17-189.el7.x86_64.rpm alt-php52-mbstring-5.2.17-189.el7.x86_64.rpm alt-php52-mcrypt-5.2.17-189.el7.x86_64.rpm alt-php52-mssql-5.2.17-189.el7.x86_64.rpm alt-php52-ncurses-5.2.17-189.el7.x86_64.rpm alt-php52-odbc-5.2.17-189.el7.x86_64.rpm alt-php52-pdo-5.2.17-189.el7.x86_64.rpm alt-php52-pgsql-5.2.17-189.el7.x86_64.rpm alt-php52-process-5.2.17-189.el7.x86_64.rpm alt-php52-pspell-5.2.17-189.el7.x86_64.rpm alt-php52-recode-5.2.17-189.el7.x86_64.rpm alt-php52-snmp-5.2.17-189.el7.x86_64.rpm alt-php52-soap-5.2.17-189.el7.x86_64.rpm alt-php52-sqlite-5.2.17-189.el7.x86_64.rpm alt-php52-sybase-5.2.17-189.el7.x86_64.rpm alt-php52-tidy-5.2.17-189.el7.x86_64.rpm alt-php52-xml-5.2.17-189.el7.x86_64.rpm alt-php52-xmlrpc-5.2.17-189.el7.x86_64.rpm

CVEs

CVE-2022-31628
CVE-2022-31629