[Apollo] Advisories Statistics light light Login

RLSA-2023:5926

Security Mirrored from RHSA-2023:5926
Issued at: 2023-10-24
Updated at: 2023-10-24

Synopsis

Important: php security update



Description

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

Security Fix(es):

* php: XML loading external entity without being enabled (CVE-2023-3823)

* php: phar Buffer mismanagement (CVE-2023-3824)

* php: 1-byte array overrun in common path resolve code (CVE-2023-0568)

* php: DoS vulnerability when parsing multipart request body (CVE-2023-0662)

* php: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP (CVE-2023-3247)

* php: Password_verify() always return true with some hash (CVE-2023-0567)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x

Fixes

2170761 2170770 2170771 2219290 2229396 2230101

CVEs

CVE-2023-0567 CVE-2023-0568 CVE-2023-0662 CVE-2023-3247 CVE-2023-3823 CVE-2023-3824

Affected packages

Rocky Linux 9 aarch64 - AppStream

php-0:8.0.30-1.el9_2.aarch64.rpm php-0:8.0.30-1.el9_2.src.rpm php-bcmath-0:8.0.30-1.el9_2.aarch64.rpm php-bcmath-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-cli-0:8.0.30-1.el9_2.aarch64.rpm php-cli-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-common-0:8.0.30-1.el9_2.aarch64.rpm php-common-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-dba-0:8.0.30-1.el9_2.aarch64.rpm php-dba-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-dbg-0:8.0.30-1.el9_2.aarch64.rpm php-dbg-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-debugsource-0:8.0.30-1.el9_2.aarch64.rpm php-devel-0:8.0.30-1.el9_2.aarch64.rpm php-embedded-0:8.0.30-1.el9_2.aarch64.rpm php-embedded-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-enchant-0:8.0.30-1.el9_2.aarch64.rpm php-enchant-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-ffi-0:8.0.30-1.el9_2.aarch64.rpm php-ffi-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-fpm-0:8.0.30-1.el9_2.aarch64.rpm php-fpm-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-gd-0:8.0.30-1.el9_2.aarch64.rpm php-gd-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-gmp-0:8.0.30-1.el9_2.aarch64.rpm php-gmp-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-intl-0:8.0.30-1.el9_2.aarch64.rpm php-intl-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-ldap-0:8.0.30-1.el9_2.aarch64.rpm php-ldap-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-mbstring-0:8.0.30-1.el9_2.aarch64.rpm php-mbstring-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-mysqlnd-0:8.0.30-1.el9_2.aarch64.rpm php-mysqlnd-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-odbc-0:8.0.30-1.el9_2.aarch64.rpm php-odbc-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-opcache-0:8.0.30-1.el9_2.aarch64.rpm php-opcache-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-pdo-0:8.0.30-1.el9_2.aarch64.rpm php-pdo-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-pgsql-0:8.0.30-1.el9_2.aarch64.rpm php-pgsql-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-process-0:8.0.30-1.el9_2.aarch64.rpm php-process-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-snmp-0:8.0.30-1.el9_2.aarch64.rpm php-snmp-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-soap-0:8.0.30-1.el9_2.aarch64.rpm php-soap-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm php-xml-0:8.0.30-1.el9_2.aarch64.rpm php-xml-debuginfo-0:8.0.30-1.el9_2.aarch64.rpm

Rocky Linux 9 ppc64le - AppStream

php-0:8.0.30-1.el9_2.ppc64le.rpm php-0:8.0.30-1.el9_2.src.rpm php-bcmath-0:8.0.30-1.el9_2.ppc64le.rpm php-bcmath-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-cli-0:8.0.30-1.el9_2.ppc64le.rpm php-cli-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-common-0:8.0.30-1.el9_2.ppc64le.rpm php-common-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-dba-0:8.0.30-1.el9_2.ppc64le.rpm php-dba-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-dbg-0:8.0.30-1.el9_2.ppc64le.rpm php-dbg-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-debugsource-0:8.0.30-1.el9_2.ppc64le.rpm php-devel-0:8.0.30-1.el9_2.ppc64le.rpm php-embedded-0:8.0.30-1.el9_2.ppc64le.rpm php-embedded-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-enchant-0:8.0.30-1.el9_2.ppc64le.rpm php-enchant-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-ffi-0:8.0.30-1.el9_2.ppc64le.rpm php-ffi-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-fpm-0:8.0.30-1.el9_2.ppc64le.rpm php-fpm-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-gd-0:8.0.30-1.el9_2.ppc64le.rpm php-gd-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-gmp-0:8.0.30-1.el9_2.ppc64le.rpm php-gmp-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-intl-0:8.0.30-1.el9_2.ppc64le.rpm php-intl-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-ldap-0:8.0.30-1.el9_2.ppc64le.rpm php-ldap-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-mbstring-0:8.0.30-1.el9_2.ppc64le.rpm php-mbstring-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-mysqlnd-0:8.0.30-1.el9_2.ppc64le.rpm php-mysqlnd-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-odbc-0:8.0.30-1.el9_2.ppc64le.rpm php-odbc-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-opcache-0:8.0.30-1.el9_2.ppc64le.rpm php-opcache-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-pdo-0:8.0.30-1.el9_2.ppc64le.rpm php-pdo-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-pgsql-0:8.0.30-1.el9_2.ppc64le.rpm php-pgsql-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-process-0:8.0.30-1.el9_2.ppc64le.rpm php-process-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-snmp-0:8.0.30-1.el9_2.ppc64le.rpm php-snmp-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-soap-0:8.0.30-1.el9_2.ppc64le.rpm php-soap-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm php-xml-0:8.0.30-1.el9_2.ppc64le.rpm php-xml-debuginfo-0:8.0.30-1.el9_2.ppc64le.rpm

Rocky Linux 9 s390x - AppStream

php-0:8.0.30-1.el9_2.s390x.rpm php-0:8.0.30-1.el9_2.src.rpm php-bcmath-0:8.0.30-1.el9_2.s390x.rpm php-bcmath-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-cli-0:8.0.30-1.el9_2.s390x.rpm php-cli-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-common-0:8.0.30-1.el9_2.s390x.rpm php-common-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-dba-0:8.0.30-1.el9_2.s390x.rpm php-dba-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-dbg-0:8.0.30-1.el9_2.s390x.rpm php-dbg-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-debugsource-0:8.0.30-1.el9_2.s390x.rpm php-devel-0:8.0.30-1.el9_2.s390x.rpm php-embedded-0:8.0.30-1.el9_2.s390x.rpm php-embedded-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-enchant-0:8.0.30-1.el9_2.s390x.rpm php-enchant-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-ffi-0:8.0.30-1.el9_2.s390x.rpm php-ffi-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-fpm-0:8.0.30-1.el9_2.s390x.rpm php-fpm-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-gd-0:8.0.30-1.el9_2.s390x.rpm php-gd-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-gmp-0:8.0.30-1.el9_2.s390x.rpm php-gmp-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-intl-0:8.0.30-1.el9_2.s390x.rpm php-intl-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-ldap-0:8.0.30-1.el9_2.s390x.rpm php-ldap-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-mbstring-0:8.0.30-1.el9_2.s390x.rpm php-mbstring-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-mysqlnd-0:8.0.30-1.el9_2.s390x.rpm php-mysqlnd-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-odbc-0:8.0.30-1.el9_2.s390x.rpm php-odbc-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-opcache-0:8.0.30-1.el9_2.s390x.rpm php-opcache-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-pdo-0:8.0.30-1.el9_2.s390x.rpm php-pdo-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-pgsql-0:8.0.30-1.el9_2.s390x.rpm php-pgsql-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-process-0:8.0.30-1.el9_2.s390x.rpm php-process-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-snmp-0:8.0.30-1.el9_2.s390x.rpm php-snmp-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-soap-0:8.0.30-1.el9_2.s390x.rpm php-soap-debuginfo-0:8.0.30-1.el9_2.s390x.rpm php-xml-0:8.0.30-1.el9_2.s390x.rpm php-xml-debuginfo-0:8.0.30-1.el9_2.s390x.rpm