Release Info

Advisory: CLSA-2022:1668724848

OS: EL 7 PHP

Public date: 2022-11-17

Project: php

Version: 5.4.45-136.el7

Errata link: https://errata.cloudlinux.com/php-els/el7/CLSA-2022-1668724848.html

Changelog

- Fix for harden PHP - CVE-2022-31628: Fix potential infinite recursion in phar wrapper when using quine gzip file - CVE-2022-31629: Add cookie integrity validation

Update

Update command: yum update alt-php*

Packages list

alt-php54-5.4.45-136.el7.x86_64.rpm alt-php54-bcmath-5.4.45-136.el7.x86_64.rpm alt-php54-cli-5.4.45-136.el7.x86_64.rpm alt-php54-common-5.4.45-136.el7.x86_64.rpm alt-php54-dba-5.4.45-136.el7.x86_64.rpm alt-php54-dbx-5.4.45-136.el7.x86_64.rpm alt-php54-devel-5.4.45-136.el7.x86_64.rpm alt-php54-enchant-5.4.45-136.el7.x86_64.rpm alt-php54-firebird-5.4.45-136.el7.x86_64.rpm alt-php54-gd-5.4.45-136.el7.x86_64.rpm alt-php54-imap-5.4.45-136.el7.x86_64.rpm alt-php54-intl-5.4.45-136.el7.x86_64.rpm alt-php54-ldap-5.4.45-136.el7.x86_64.rpm alt-php54-mbstring-5.4.45-136.el7.x86_64.rpm alt-php54-mcrypt-5.4.45-136.el7.x86_64.rpm alt-php54-mssql-5.4.45-136.el7.x86_64.rpm alt-php54-mysqlnd-5.4.45-136.el7.x86_64.rpm alt-php54-odbc-5.4.45-136.el7.x86_64.rpm alt-php54-pdo-5.4.45-136.el7.x86_64.rpm alt-php54-pgsql-5.4.45-136.el7.x86_64.rpm alt-php54-process-5.4.45-136.el7.x86_64.rpm alt-php54-pspell-5.4.45-136.el7.x86_64.rpm alt-php54-recode-5.4.45-136.el7.x86_64.rpm alt-php54-snmp-5.4.45-136.el7.x86_64.rpm alt-php54-soap-5.4.45-136.el7.x86_64.rpm alt-php54-sybase-5.4.45-136.el7.x86_64.rpm alt-php54-tidy-5.4.45-136.el7.x86_64.rpm alt-php54-xml-5.4.45-136.el7.x86_64.rpm alt-php54-xmlrpc-5.4.45-136.el7.x86_64.rpm

CVEs

CVE-2022-31628
CVE-2022-31629