Release Info

* SECURITY UPDATE: out-of-bounds access - debian/patches/CVE-2017-9118.patch: fix out of bounds access in php_pcre_replace_impl - CVE-2017-9118 * SECURITY UPDATE: improper validation of HTTP_REDIRECT_STATUS variable in CGI binary - debian/patches/CVE-2024-8927.patch: fix Apache server name check; remove references to redirect.so and Netscape; check configuration override first - CVE-2024-8927 * SECURITY UPDATE: buffer overread vulnerability - debian/patches/CVE-2024-11233.patch: move bound check upwards to fix single byte overread with convert.quoted-printable-decode filter - CVE-2024-11233 * SECURITY UPDATE: URI is not properly sanitized - debian/patches/CVE-2024-11234.patch: when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user - CVE-2024-11234 * SECURITY UPDATE: incomplete check in escaping functions - debian/patches/CVE-2025-1735.patch: pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid. - CVE-2025-1735

Update command: apt-get update apt-get --only-upgrade install php*

libapache2-mod-php7.3_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb libphp7.3-embed_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3_7.3.31-1~deb10u7+tuxcare.els2_all.deb php7.3-bcmath_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-bz2_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-cgi_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-cli_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-common_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-curl_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-dba_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-dev_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-enchant_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-fpm_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-gd_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-gmp_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-imap_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-interbase_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-intl_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-json_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-ldap_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-mbstring_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-mysql_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-odbc_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-opcache_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-pgsql_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-phpdbg_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-pspell_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-readline_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-recode_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-snmp_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-soap_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-sqlite3_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-sybase_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-tidy_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-xml_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-xmlrpc_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb php7.3-xsl_7.3.31-1~deb10u7+tuxcare.els2_all.deb php7.3-zip_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb