[Apollo] Advisories Statistics light light Login

RLSA-2023:0848

Security Mirrored from RHSA-2023:0848
Issued at: 2023-02-22
Updated at: 2023-02-22

Synopsis

Moderate: php:8.0 security update



Description

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

The following packages have been upgraded to a later upstream version: php (8.0). (BZ#2161666)

Security Fix(es):

* XKCP: buffer overflow in the SHA-3 reference implementation (CVE-2022-37454)

* php: standard insecure cookie could be treated as a `__Host-` or `__Secure-` cookie by PHP applications (CVE-2022-31629)

* php: OOB read due to insufficient input validation in imageloadfont() (CVE-2022-31630)

* php: Due to an integer overflow PDO::quote() may return unquoted string (CVE-2022-31631)

* php: phar wrapper can occur dos when using quine gzip file (CVE-2022-31628)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2133687 2133688 2139280 2140200 2158791

CVEs

CVE-2022-31628 CVE-2022-31629 CVE-2022-31630 CVE-2022-31631 CVE-2022-37454

Affected packages

Rocky Linux 8 x86_64 - AppStream

apcu-panel-0:5.1.20-1.module+el8.6.0+790+fc63e43f.noarch.rpm libzip-0:1.7.3-1.module+el8.6.0+790+fc63e43f.src.rpm libzip-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm libzip-debuginfo-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm libzip-debugsource-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm libzip-devel-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm libzip-tools-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm libzip-tools-debuginfo-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.src.rpm php-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-bcmath-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-bcmath-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-cli-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-cli-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-common-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-common-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-dba-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-dba-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-dbg-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-dbg-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-debugsource-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-devel-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-embedded-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-embedded-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-enchant-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-enchant-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-ffi-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-ffi-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-fpm-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-fpm-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-gd-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-gd-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-gmp-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-gmp-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-intl-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-intl-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-ldap-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-ldap-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-mbstring-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-mbstring-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-mysqlnd-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-mysqlnd-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-odbc-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-odbc-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-opcache-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-opcache-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-pdo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-pdo-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-pear-1:1.10.13-1.module+el8.7.0+1067+0a7071cc.noarch.rpm php-pear-1:1.10.13-1.module+el8.7.0+1067+0a7071cc.src.rpm php-pecl-apcu-0:5.1.20-1.module+el8.6.0+790+fc63e43f.src.rpm php-pecl-apcu-0:5.1.20-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-apcu-debuginfo-0:5.1.20-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-apcu-debugsource-0:5.1.20-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-apcu-devel-0:5.1.20-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-rrd-0:2.0.3-1.module+el8.6.0+790+fc63e43f.src.rpm php-pecl-rrd-0:2.0.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-rrd-debuginfo-0:2.0.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-rrd-debugsource-0:2.0.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-xdebug3-0:3.1.2-1.module+el8.6.0+790+fc63e43f.src.rpm php-pecl-xdebug3-0:3.1.2-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-xdebug3-debuginfo-0:3.1.2-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-xdebug3-debugsource-0:3.1.2-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-zip-0:1.19.2-1.module+el8.6.0+790+fc63e43f.src.rpm php-pecl-zip-0:1.19.2-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-zip-debuginfo-0:1.19.2-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pecl-zip-debugsource-0:1.19.2-1.module+el8.6.0+790+fc63e43f.x86_64.rpm php-pgsql-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-pgsql-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-process-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-process-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-snmp-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-snmp-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-soap-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-soap-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-xml-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm php-xml-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.x86_64.rpm

Rocky Linux 8 aarch64 - AppStream

apcu-panel-0:5.1.20-1.module+el8.6.0+790+fc63e43f.noarch.rpm libzip-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm libzip-0:1.7.3-1.module+el8.6.0+790+fc63e43f.src.rpm libzip-debuginfo-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm libzip-debugsource-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm libzip-devel-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm libzip-tools-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm libzip-tools-debuginfo-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.src.rpm php-bcmath-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-bcmath-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-cli-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-cli-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-common-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-common-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-dba-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-dba-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-dbg-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-dbg-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-debugsource-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-devel-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-embedded-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-embedded-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-enchant-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-enchant-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-ffi-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-ffi-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-fpm-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-fpm-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-gd-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-gd-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-gmp-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-gmp-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-intl-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-intl-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-ldap-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-ldap-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-mbstring-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-mbstring-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-mysqlnd-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-mysqlnd-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-odbc-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-odbc-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-opcache-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-opcache-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-pdo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-pdo-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-pear-1:1.10.13-1.module+el8.7.0+1067+0a7071cc.noarch.rpm php-pear-1:1.10.13-1.module+el8.7.0+1067+0a7071cc.src.rpm php-pecl-apcu-0:5.1.20-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-apcu-0:5.1.20-1.module+el8.6.0+790+fc63e43f.src.rpm php-pecl-apcu-debuginfo-0:5.1.20-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-apcu-debugsource-0:5.1.20-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-apcu-devel-0:5.1.20-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-rrd-0:2.0.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-rrd-0:2.0.3-1.module+el8.6.0+790+fc63e43f.src.rpm php-pecl-rrd-debuginfo-0:2.0.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-rrd-debugsource-0:2.0.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-xdebug3-0:3.1.2-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-xdebug3-0:3.1.2-1.module+el8.6.0+790+fc63e43f.src.rpm php-pecl-xdebug3-debuginfo-0:3.1.2-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-xdebug3-debugsource-0:3.1.2-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-zip-0:1.19.2-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-zip-0:1.19.2-1.module+el8.6.0+790+fc63e43f.src.rpm php-pecl-zip-debuginfo-0:1.19.2-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pecl-zip-debugsource-0:1.19.2-1.module+el8.6.0+790+fc63e43f.aarch64.rpm php-pgsql-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-pgsql-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-process-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-process-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-snmp-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-snmp-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-soap-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-soap-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-xml-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm php-xml-debuginfo-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm