Release Info

Advisory: CLSA-2022:1668725481

OS: EL 6 PHP

Public date: 2022-11-17

Project: php

Version: 5.6.40-68.el6

Errata link: https://errata.cloudlinux.com/php-els/el6/CLSA-2022-1668725481.html

Changelog

- Fix for harden PHP - CVE-2022-31628: Fix potential infinite recursion in phar wrapper when using quine gzip file - CVE-2022-31629: Add cookie integrity validation

Update

Update command: yum update alt-php*

Packages list

alt-php56-5.6.40-68.el6.x86_64.rpm alt-php56-bcmath-5.6.40-68.el6.x86_64.rpm alt-php56-cli-5.6.40-68.el6.x86_64.rpm alt-php56-common-5.6.40-68.el6.x86_64.rpm alt-php56-dba-5.6.40-68.el6.x86_64.rpm alt-php56-dbx-5.6.40-68.el6.x86_64.rpm alt-php56-devel-5.6.40-68.el6.x86_64.rpm alt-php56-enchant-5.6.40-68.el6.x86_64.rpm alt-php56-firebird-5.6.40-68.el6.x86_64.rpm alt-php56-gd-5.6.40-68.el6.x86_64.rpm alt-php56-imap-5.6.40-68.el6.x86_64.rpm alt-php56-intl-5.6.40-68.el6.x86_64.rpm alt-php56-ldap-5.6.40-68.el6.x86_64.rpm alt-php56-mbstring-5.6.40-68.el6.x86_64.rpm alt-php56-mcrypt-5.6.40-68.el6.x86_64.rpm alt-php56-mssql-5.6.40-68.el6.x86_64.rpm alt-php56-mysqlnd-5.6.40-68.el6.x86_64.rpm alt-php56-odbc-5.6.40-68.el6.x86_64.rpm alt-php56-pdo-5.6.40-68.el6.x86_64.rpm alt-php56-pgsql-5.6.40-68.el6.x86_64.rpm alt-php56-process-5.6.40-68.el6.x86_64.rpm alt-php56-pspell-5.6.40-68.el6.x86_64.rpm alt-php56-recode-5.6.40-68.el6.x86_64.rpm alt-php56-snmp-5.6.40-68.el6.x86_64.rpm alt-php56-soap-5.6.40-68.el6.x86_64.rpm alt-php56-sybase-5.6.40-68.el6.x86_64.rpm alt-php56-tidy-5.6.40-68.el6.x86_64.rpm alt-php56-xml-5.6.40-68.el6.x86_64.rpm alt-php56-xmlrpc-5.6.40-68.el6.x86_64.rpm

CVEs

CVE-2022-31628
CVE-2022-31629