RHSA-2023:0965

Description

Red Hat Security Advisory: php security update

CVSS Metrics

• v3.1•HIGH•Score: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•php

  < 0:8.0.27-1.el9_1

• redhat•php-bcmath

  < 0:8.0.27-1.el9_1

• redhat•php-bcmath-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-cli

  < 0:8.0.27-1.el9_1

• redhat•php-cli-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-common

  < 0:8.0.27-1.el9_1

• redhat•php-common-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-dba

  < 0:8.0.27-1.el9_1

• redhat•php-dba-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-dbg

  < 0:8.0.27-1.el9_1

• redhat•php-dbg-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-debugsource

  < 0:8.0.27-1.el9_1

• redhat•php-devel

  < 0:8.0.27-1.el9_1

• redhat•php-embedded

  < 0:8.0.27-1.el9_1

• redhat•php-embedded-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-enchant

  < 0:8.0.27-1.el9_1

• redhat•php-enchant-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-ffi

  < 0:8.0.27-1.el9_1

• redhat•php-ffi-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-fpm

  < 0:8.0.27-1.el9_1

• redhat•php-fpm-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-gd

  < 0:8.0.27-1.el9_1

• redhat•php-gd-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-gmp

  < 0:8.0.27-1.el9_1

• redhat•php-gmp-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-intl

  < 0:8.0.27-1.el9_1

• redhat•php-intl-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-ldap

  < 0:8.0.27-1.el9_1

• redhat•php-ldap-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-mbstring

  < 0:8.0.27-1.el9_1

• redhat•php-mbstring-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-mysqlnd

  < 0:8.0.27-1.el9_1

• redhat•php-mysqlnd-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-odbc

  < 0:8.0.27-1.el9_1

• redhat•php-odbc-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-opcache

  < 0:8.0.27-1.el9_1

• redhat•php-opcache-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-pdo

  < 0:8.0.27-1.el9_1

• redhat•php-pdo-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-pgsql

  < 0:8.0.27-1.el9_1

• redhat•php-pgsql-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-process

  < 0:8.0.27-1.el9_1

• redhat•php-process-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-snmp

  < 0:8.0.27-1.el9_1

• redhat•php-snmp-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-soap

  < 0:8.0.27-1.el9_1

• redhat•php-soap-debuginfo

  < 0:8.0.27-1.el9_1

• redhat•php-xml

  < 0:8.0.27-1.el9_1

• redhat•php-xml-debuginfo

  < 0:8.0.27-1.el9_1

References (28)

• https://access.redhat.com/errata/RHSA-2023:0965
• https://access.redhat.com/security/updates/classification/#moderate
• https://bugzilla.redhat.com/show_bug.cgi?id=2133687
• https://bugzilla.redhat.com/show_bug.cgi?id=2133688
• https://bugzilla.redhat.com/show_bug.cgi?id=2139280
• https://bugzilla.redhat.com/show_bug.cgi?id=2140200
• https://bugzilla.redhat.com/show_bug.cgi?id=2158791
• https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0965.json
• https://access.redhat.com/security/cve/CVE-2022-31628
• https://www.cve.org/CVERecord?id=CVE-2022-31628
• https://nvd.nist.gov/vuln/detail/CVE-2022-31628
• https://bugs.php.net/bug.php?id=81726
• https://access.redhat.com/security/cve/CVE-2022-31629
• https://www.cve.org/CVERecord?id=CVE-2022-31629
• https://nvd.nist.gov/vuln/detail/CVE-2022-31629
• https://bugs.php.net/bug.php?id=81727
• https://access.redhat.com/security/cve/CVE-2022-31630
• https://www.cve.org/CVERecord?id=CVE-2022-31630
• https://nvd.nist.gov/vuln/detail/CVE-2022-31630
• https://bugs.php.net/bug.php?id=81739
• https://www.php.net/ChangeLog-8.php#8.0.25
• https://access.redhat.com/security/cve/CVE-2022-31631
• https://www.cve.org/CVERecord?id=CVE-2022-31631
• https://nvd.nist.gov/vuln/detail/CVE-2022-31631
• https://bugs.php.net/bug.php?id=81740
• https://access.redhat.com/security/cve/CVE-2022-37454
• https://www.cve.org/CVERecord?id=CVE-2022-37454
• https://nvd.nist.gov/vuln/detail/CVE-2022-37454