Release Info

Advisory: CLSA-2022:1669070140

OS: Ubuntu 20.04 PHP

Public date: 2022-11-21

Project: php

Version: 7.1.33-37

Errata link: https://errata.cloudlinux.com/php-els/ubuntu20_04/CLSA-2022-1669070140.html

Changelog

* Fix for harden PHP - CVE-2022-31628: Fix potential infinite recursion in phar wrapper when using quine gzip file - CVE-2022-31629: Add cookie integrity validation

Update

Update command: apt-get update apt-get --only-upgrade install alt-php*

Packages list

alt-php71_7.1.33-37_amd64.deb alt-php71-bcmath_7.1.33-37_amd64.deb alt-php71-cli_7.1.33-37_amd64.deb alt-php71-common_7.1.33-37_amd64.deb alt-php71-dba_7.1.33-37_amd64.deb alt-php71-dev_7.1.33-37_amd64.deb alt-php71-enchant_7.1.33-37_amd64.deb alt-php71-firebird_7.1.33-37_amd64.deb alt-php71-gd_7.1.33-37_amd64.deb alt-php71-imap_7.1.33-37_amd64.deb alt-php71-intl_7.1.33-37_amd64.deb alt-php71-ldap_7.1.33-37_amd64.deb alt-php71-mbstring_7.1.33-37_amd64.deb alt-php71-mcrypt_7.1.33-37_amd64.deb alt-php71-mysqlnd_7.1.33-37_amd64.deb alt-php71-odbc_7.1.33-37_amd64.deb alt-php71-opcache_7.1.33-37_amd64.deb alt-php71-pdo_7.1.33-37_amd64.deb alt-php71-pgsql_7.1.33-37_amd64.deb alt-php71-process_7.1.33-37_amd64.deb alt-php71-pspell_7.1.33-37_amd64.deb alt-php71-recode_7.1.33-37_amd64.deb alt-php71-snmp_7.1.33-37_amd64.deb alt-php71-soap_7.1.33-37_amd64.deb alt-php71-tidy_7.1.33-37_amd64.deb alt-php71-xml_7.1.33-37_amd64.deb alt-php71-xmlrpc_7.1.33-37_amd64.deb

CVEs

CVE-2022-31629
CVE-2022-31628