| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: php-process | Distribution: Unknown |
| Version: 7.4.33 | Vendor: Remi's RPM repository <https://rpms.remirepo.net/> #StandWithUkraine |
| Release: 21.fc39.remi | Build date: Wed Nov 27 16:48:28 2024 |
| Group: Development/Languages | Build host: builder.remirepo.net |
| Size: 243524 | Source RPM: php-7.4.33-21.fc39.remi.src.rpm |
| Packager: Remi Collet | |
| Url: http://www.php.net/ | |
| Summary: Modules for PHP script using system process interfaces | |
The php-process package contains dynamic shared objects which add support to PHP using system interfaces for inter-process communication.
PHP
* Wed Nov 27 2024 Remi Collet <remi@remirepo.net> - 7.4.33-21
- Fix Leak partial content of the heap through heap buffer over-read
CVE-2024-8929
* Fri Nov 22 2024 Remi Collet <remi@remirepo.net> - 7.4.33-20
- Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
GHSA-4w77-75f9-2c8w
- Fix OOB access in ldap_escape
CVE-2024-8932
- Fix Integer overflow in the dblib/firebird quoter causing OOB writes
CVE-2024-11236
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
CVE-2024-11233
* Fri Nov 15 2024 Remi Collet <remi@remirepo.net> - 7.4.33-19
- disable firebird on EL-10
* Thu Sep 26 2024 Remi Collet <remi@remirepo.net> - 7.4.33-18
- Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
CVE-2024-4577
- Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
CVE-2024-8926
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
CVE-2024-8927
- Fix Logs from childrens may be altered
CVE-2024-9026
- Fix Erroneous parsing of multipart form data
CVE-2024-8925
- use ICU 74.2
* Mon Aug 26 2024 Remi Collet <remi@remirepo.net> - 7.4.33-17
- add backport for https://bugs.php.net/79589
error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading
* Wed Jul 31 2024 Remi Collet <remi@remirepo.net> - 7.4.33-16
- use oracle client library version 23.5 on x86_64
* Tue Jun 04 2024 Remi Collet <remi@remirepo.net> - 7.4.33-15
- Fix filter bypass in filter_var FILTER_VALIDATE_URL
CVE-2024-5458
* Wed Apr 10 2024 Remi Collet <remi@remirepo.net> - 7.4.33-14
- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
CVE-2024-2756
- Fix password_verify can erroneously return true opening ATO risk
CVE-2024-3096
* Wed Mar 06 2024 Remi Collet <remi@remirepo.net> - 7.4.33-13
- patch test suite for zlib-ng
* Mon Feb 19 2024 Remi Collet <remi@remirepo.net> - 7.4.33-12
- more build patch for GCC 14
* Wed Feb 14 2024 Remi Collet <remi@remirepo.net> - 7.4.33-11
- add build patch for GCC 14
- use oracle client library version 21.13 on x86_64
* Tue Dec 12 2023 Remi Collet <remi@remirepo.net> - 7.4.33-10
- use ICU 73.2
- use oracle client library version 21.12 on x86_64, 19.19 on aarch64
- add fixes for libxml 2.11 and 2.12 from 8.1
* Thu Sep 21 2023 Remi Collet <remi@remirepo.net> - 7.4.33-9
- use oracle client library version 21.11 on x86_64, 19.19 on aarch64
- use official Oracle Instant Client RPM
* Tue Aug 01 2023 Remi Collet <remi@remirepo.net> - 7.4.33-8
- Fix Security issue with external entity loading in XML without enabling it
GHSA-3qrf-m4j2-pcrr CVE-2023-3823
- Fix Buffer mismanagement in phar_dir_read()
GHSA-jqcx-ccgc-xwhv CVE-2023-3824
- move httpd/nginx wants directive to config files in /etc
* Tue Jun 06 2023 Remi Collet <remi@remirepo.net> - 7.4.33-7
- Fix Missing error check and insufficient random bytes in HTTP Digest
authentication for SOAP
GHSA-76gg-c692-v2mw CVE-2023-3247
* Fri Apr 14 2023 Remi Collet <remi@remirepo.net> - 7.4.33-6
- use ICU 72.1
- use oracle client library version 21.10
- fix possible buffer overflow in date
- define %__phpize and %__phpconfig
* Tue Feb 21 2023 Remi Collet <remi@remirepo.net> - 7.4.33-5
- F38: enable imap extension
* Tue Feb 14 2023 Remi Collet <remi@remirepo.net> - 7.4.33-4
- fix #81744: Password_verify() always return true with some hash
CVE-2023-0567
- fix #81746: 1-byte array overrun in common path resolve code
CVE-2023-0568
- fix DOS vulnerability when parsing multipart request body
CVE-2023-0662
* Fri Feb 10 2023 Remi Collet <remi@remirepo.net> - 7.4.33-3
- F38: disable imap extension
- add dependency on pcre2 minimal version
* Mon Dec 19 2022 Remi Collet <remi@remirepo.net> - 7.4.33-2
- pdo: fix #81740: PDO::quote() may return unquoted string
CVE-2022-31631
- use oracle client library version 21.8
/etc/php-zts.d/20-posix.ini /etc/php-zts.d/20-shmop.ini /etc/php-zts.d/20-sysvmsg.ini /etc/php-zts.d/20-sysvsem.ini /etc/php-zts.d/20-sysvshm.ini /etc/php.d/20-posix.ini /etc/php.d/20-shmop.ini /etc/php.d/20-sysvmsg.ini /etc/php.d/20-sysvsem.ini /etc/php.d/20-sysvshm.ini /usr/lib/.build-id /usr/lib/.build-id/18 /usr/lib/.build-id/18/bbd35400089cec5e3e6459818f55b6e22980ff /usr/lib/.build-id/61 /usr/lib/.build-id/61/f4cdb3bb6f45da82b77a38a7bbfb690b8870df /usr/lib/.build-id/80 /usr/lib/.build-id/80/8990dcd01d8c5a0e82eedd5795945e551f949f /usr/lib/.build-id/8a /usr/lib/.build-id/8a/7dfc4c43d10f46e2246b53c8718cfeccabce39 /usr/lib/.build-id/8e /usr/lib/.build-id/8e/c70e5158daf38011e839d2d1e1726e435430d8 /usr/lib/.build-id/b2 /usr/lib/.build-id/b2/de923cdfc570e9eea871fc8be37dc5a0d64eb5 /usr/lib/.build-id/be /usr/lib/.build-id/be/2661e65609446d1ba162b93edf5a27147ebb87 /usr/lib/.build-id/c6 /usr/lib/.build-id/c6/ead1d41de6253c4e6603dca505593602226fcd /usr/lib/.build-id/e9 /usr/lib/.build-id/e9/fb59d9eedd2f098aeba9c70f46a5efbf7b93bc /usr/lib/.build-id/f2 /usr/lib/.build-id/f2/85f2960a115237980bd852997a46948d4340c5 /usr/lib64/php-zts/modules/posix.so /usr/lib64/php-zts/modules/shmop.so /usr/lib64/php-zts/modules/sysvmsg.so /usr/lib64/php-zts/modules/sysvsem.so /usr/lib64/php-zts/modules/sysvshm.so /usr/lib64/php/modules/posix.so /usr/lib64/php/modules/shmop.so /usr/lib64/php/modules/sysvmsg.so /usr/lib64/php/modules/sysvsem.so /usr/lib64/php/modules/sysvshm.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Feb 13 13:30:29 2025