Advisory: CLSA-2026:1769686676
OS: AlmaLinux 9.2 ESU
Public date: 2026-01-29 11:37:58.438634
Project: php
Version: 8.0.30-1.el9_2.tuxcare.els11
Errata link: https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2026-1769686676.html
- CVE-2025-1220: add null byte validation and fix hostname formatting to prevent null byte truncation that could bypass hostname access checks - CVE-2025-6491: fix NULL pointer dereference in PHP SOAP Extension via Large XML namespace prefix
Update command: dnf update php*
php-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-bcmath-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-cli-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-common-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-dba-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-dbg-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-devel-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-embedded-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-enchant-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-ffi-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-fpm-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-gd-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-gmp-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-intl-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-ldap-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-mbstring-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-mysqlnd-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-odbc-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-opcache-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-pdo-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-pgsql-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-process-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-snmp-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-soap-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm php-xml-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm