Release Info

Advisory: CLSA-2022:1643747494

OS: CentOS 8.4 ELS

Public date: 2022-02-01 00:00:00

Project: php

Version: 7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1

Errata link: https://errata.cloudlinux.com/centos8.4-els/CLSA-2022-1643747494.html

Changelog

- CVE-2020-7068: php: Use of freed hash key in the phar_parse_zipfile function - CVE-2020-7069: php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV - CVE-2020-7070: php: URL decoding of cookie names can lead to different interpretation of cookies between browser and server - CVE-2020-7071: php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo - CVE-2021-21702: php: NULL pointer dereference in SoapClient

Update

Update command: dnf update php*

Packages list

php-bcmath-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-enchant-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-opcache-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-mysqlnd-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-common-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-gd-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-ldap-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-soap-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-pecl-apcu-5.1.18-1.module_el8.4.0+2001+2eb69d76.x86_64.rpm php-snmp-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-pdo-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-intl-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-pecl-xdebug-2.9.5-1.module_el8.4.0+2001+2eb69d76.x86_64.rpm php-pecl-apcu-devel-5.1.18-1.module_el8.4.0+2001+2eb69d76.x86_64.rpm php-process-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-pecl-rrd-2.0.1-1.module_el8.4.0+2001+2eb69d76.x86_64.rpm php-fpm-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-pear-1.10.12-1.module_el8.4.0+2001+2eb69d76.noarch.rpm php-cli-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-xmlrpc-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-dbg-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-dba-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-xml-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm libzip-tools-1.6.1-1.module_el8.4.0+2001+2eb69d76.x86_64.rpm php-ffi-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-embedded-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-gmp-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-pgsql-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-mbstring-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-pecl-zip-1.18.2-1.module_el8.4.0+2001+2eb69d76.x86_64.rpm apcu-panel-5.1.18-1.module_el8.4.0+2001+2eb69d76.noarch.rpm php-devel-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm libzip-devel-1.6.1-1.module_el8.4.0+2001+2eb69d76.x86_64.rpm php-odbc-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm php-json-7.4.6-4.module_el8.4.0+2001+2eb69d76.tuxcare.els1.x86_64.rpm libzip-1.6.1-1.module_el8.4.0+2001+2eb69d76.x86_64.rpm

CVEs

CVE-2020-7070
CVE-2020-7071
CVE-2021-21702
CVE-2020-7068
CVE-2020-7069