Release Info

Advisory: CLSA-2022:1669070874

OS: Ubuntu 16.04 PHP

Public date: 2022-11-21

Project: php

Version: 5.6.40-68

Errata link: https://errata.cloudlinux.com/php-els/ubuntu16_04/CLSA-2022-1669070874.html

Changelog

* Fix for harden PHP - CVE-2022-31628: Fix potential infinite recursion in phar wrapper when using quine gzip file - CVE-2022-31629: Add cookie integrity validation

Update

Update command: apt-get update apt-get --only-upgrade install alt-php*

Packages list

alt-php56_5.6.40-68_amd64.deb alt-php56-bcmath_5.6.40-68_amd64.deb alt-php56-cli_5.6.40-68_amd64.deb alt-php56-common_5.6.40-68_amd64.deb alt-php56-dba_5.6.40-68_amd64.deb alt-php56-dbx_5.6.40-68_amd64.deb alt-php56-dev_5.6.40-68_amd64.deb alt-php56-enchant_5.6.40-68_amd64.deb alt-php56-firebird_5.6.40-68_amd64.deb alt-php56-gd_5.6.40-68_amd64.deb alt-php56-imap_5.6.40-68_amd64.deb alt-php56-intl_5.6.40-68_amd64.deb alt-php56-ldap_5.6.40-68_amd64.deb alt-php56-mbstring_5.6.40-68_amd64.deb alt-php56-mcrypt_5.6.40-68_amd64.deb alt-php56-mysqlnd_5.6.40-68_amd64.deb alt-php56-odbc_5.6.40-68_amd64.deb alt-php56-opcache_5.6.40-68_amd64.deb alt-php56-pdo_5.6.40-68_amd64.deb alt-php56-pgsql_5.6.40-68_amd64.deb alt-php56-process_5.6.40-68_amd64.deb alt-php56-pspell_5.6.40-68_amd64.deb alt-php56-recode_5.6.40-68_amd64.deb alt-php56-snmp_5.6.40-68_amd64.deb alt-php56-soap_5.6.40-68_amd64.deb alt-php56-sybase_5.6.40-68_amd64.deb alt-php56-tidy_5.6.40-68_amd64.deb alt-php56-xml_5.6.40-68_amd64.deb alt-php56-xmlrpc_5.6.40-68_amd64.deb

CVEs

CVE-2022-31629
CVE-2022-31628