Release Info

Advisory: CLSA-2023:1680291553

OS: EL 6 PHP

Public date: 2023-03-31 00:00:00

Project: php

Version: 7.0.33-73.el6

Errata link: https://errata.cloudlinux.com/php-els/el6/CLSA-2023-1680291553.html

Changelog

- Fix for hardened PHP - CVE-2023-0567: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed multipart body parts and printing upload limit exceed error message only once

Update

Update command: yum update alt-php*

Packages list

alt-php70-7.0.33-73.el6.x86_64.rpm alt-php70-bcmath-7.0.33-73.el6.x86_64.rpm alt-php70-cli-7.0.33-73.el6.x86_64.rpm alt-php70-common-7.0.33-73.el6.x86_64.rpm alt-php70-dba-7.0.33-73.el6.x86_64.rpm alt-php70-devel-7.0.33-73.el6.x86_64.rpm alt-php70-enchant-7.0.33-73.el6.x86_64.rpm alt-php70-firebird-7.0.33-73.el6.x86_64.rpm alt-php70-gd-7.0.33-73.el6.x86_64.rpm alt-php70-imap-7.0.33-73.el6.x86_64.rpm alt-php70-intl-7.0.33-73.el6.x86_64.rpm alt-php70-ldap-7.0.33-73.el6.x86_64.rpm alt-php70-mbstring-7.0.33-73.el6.x86_64.rpm alt-php70-mcrypt-7.0.33-73.el6.x86_64.rpm alt-php70-mysqlnd-7.0.33-73.el6.x86_64.rpm alt-php70-odbc-7.0.33-73.el6.x86_64.rpm alt-php70-opcache-7.0.33-73.el6.x86_64.rpm alt-php70-pdo-7.0.33-73.el6.x86_64.rpm alt-php70-pgsql-7.0.33-73.el6.x86_64.rpm alt-php70-process-7.0.33-73.el6.x86_64.rpm alt-php70-pspell-7.0.33-73.el6.x86_64.rpm alt-php70-recode-7.0.33-73.el6.x86_64.rpm alt-php70-snmp-7.0.33-73.el6.x86_64.rpm alt-php70-soap-7.0.33-73.el6.x86_64.rpm alt-php70-tidy-7.0.33-73.el6.x86_64.rpm alt-php70-xml-7.0.33-73.el6.x86_64.rpm alt-php70-xmlrpc-7.0.33-73.el6.x86_64.rpm

CVEs

CVE-2023-0568
CVE-2023-0567
CVE-2023-0662