Release Info

Advisory: CLSA-2023:1680292142

OS: EL 6 PHP

Public date: 2023-03-31 00:00:00

Project: php

Version: 7.1.33-42.el6

Errata link: https://errata.cloudlinux.com/php-els/el6/CLSA-2023-1680292142.html

Changelog

- Fix for hardened PHP - CVE-2023-0567: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed multipart body parts and printing upload limit exceed error message only once

Update

Update command: yum update alt-php*

Packages list

alt-php71-7.1.33-42.el6.x86_64.rpm alt-php71-bcmath-7.1.33-42.el6.x86_64.rpm alt-php71-cli-7.1.33-42.el6.x86_64.rpm alt-php71-common-7.1.33-42.el6.x86_64.rpm alt-php71-dba-7.1.33-42.el6.x86_64.rpm alt-php71-devel-7.1.33-42.el6.x86_64.rpm alt-php71-enchant-7.1.33-42.el6.x86_64.rpm alt-php71-firebird-7.1.33-42.el6.x86_64.rpm alt-php71-gd-7.1.33-42.el6.x86_64.rpm alt-php71-imap-7.1.33-42.el6.x86_64.rpm alt-php71-intl-7.1.33-42.el6.x86_64.rpm alt-php71-ldap-7.1.33-42.el6.x86_64.rpm alt-php71-mbstring-7.1.33-42.el6.x86_64.rpm alt-php71-mcrypt-7.1.33-42.el6.x86_64.rpm alt-php71-mysqlnd-7.1.33-42.el6.x86_64.rpm alt-php71-odbc-7.1.33-42.el6.x86_64.rpm alt-php71-opcache-7.1.33-42.el6.x86_64.rpm alt-php71-pdo-7.1.33-42.el6.x86_64.rpm alt-php71-pgsql-7.1.33-42.el6.x86_64.rpm alt-php71-process-7.1.33-42.el6.x86_64.rpm alt-php71-pspell-7.1.33-42.el6.x86_64.rpm alt-php71-recode-7.1.33-42.el6.x86_64.rpm alt-php71-snmp-7.1.33-42.el6.x86_64.rpm alt-php71-soap-7.1.33-42.el6.x86_64.rpm alt-php71-tidy-7.1.33-42.el6.x86_64.rpm alt-php71-xml-7.1.33-42.el6.x86_64.rpm alt-php71-xmlrpc-7.1.33-42.el6.x86_64.rpm

CVEs

CVE-2023-0662
CVE-2023-0568
CVE-2023-0567