RHSA-2023:2903

Description

Red Hat Security Advisory: php:7.4 security update

CVSS Metrics

• v3.1•HIGH•Score: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•apcu-panel

  < 0:5.1.18-1.module+el8.3.0+6678+b09f589e

• redhat•libzip

  < 0:1.6.1-1.module+el8.3.0+6678+b09f589e

• redhat•libzip-debuginfo

  < 0:1.6.1-1.module+el8.3.0+6678+b09f589e

• redhat•libzip-debugsource

  < 0:1.6.1-1.module+el8.3.0+6678+b09f589e

• redhat•libzip-devel

  < 0:1.6.1-1.module+el8.3.0+6678+b09f589e

• redhat•libzip-tools

  < 0:1.6.1-1.module+el8.3.0+6678+b09f589e

• redhat•libzip-tools-debuginfo

  < 0:1.6.1-1.module+el8.3.0+6678+b09f589e

• redhat•php

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-bcmath

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-bcmath-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-cli

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-cli-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-common

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-common-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-dba

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-dba-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-dbg

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-dbg-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-debugsource

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-devel

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-embedded

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-embedded-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-enchant

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-enchant-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-ffi

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-ffi-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-fpm

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-fpm-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-gd

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-gd-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-gmp

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-gmp-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-intl

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-intl-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-json

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-json-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-ldap

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-ldap-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-mbstring

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-mbstring-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-mysqlnd

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-mysqlnd-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-odbc

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-odbc-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-opcache

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-opcache-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-pdo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-pdo-debuginfo

  < 0:7.4.33-1.module+el8.8.0+17865+ef7eddfa

• redhat•php-pear

  < 1:1.10.13-1.module+el8.7.0+15127+a450a8db

Showing first 50 affected entries in server-rendered view.

References (33)

• https://access.redhat.com/errata/RHSA-2023:2903
• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index
• https://bugzilla.redhat.com/show_bug.cgi?id=2133687
• https://bugzilla.redhat.com/show_bug.cgi?id=2133688
• https://bugzilla.redhat.com/show_bug.cgi?id=2139280
• https://bugzilla.redhat.com/show_bug.cgi?id=2140200
• https://bugzilla.redhat.com/show_bug.cgi?id=2158791
• https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2903.json
• https://access.redhat.com/security/cve/CVE-2017-8923
• https://bugzilla.redhat.com/show_bug.cgi?id=1451700
• https://www.cve.org/CVERecord?id=CVE-2017-8923
• https://nvd.nist.gov/vuln/detail/CVE-2017-8923
• https://access.redhat.com/security/cve/CVE-2022-31628
• https://www.cve.org/CVERecord?id=CVE-2022-31628
• https://nvd.nist.gov/vuln/detail/CVE-2022-31628
• https://bugs.php.net/bug.php?id=81726
• https://access.redhat.com/security/cve/CVE-2022-31629
• https://www.cve.org/CVERecord?id=CVE-2022-31629
• https://nvd.nist.gov/vuln/detail/CVE-2022-31629
• https://bugs.php.net/bug.php?id=81727
• https://access.redhat.com/security/cve/CVE-2022-31630
• https://www.cve.org/CVERecord?id=CVE-2022-31630
• https://nvd.nist.gov/vuln/detail/CVE-2022-31630
• https://bugs.php.net/bug.php?id=81739
• https://www.php.net/ChangeLog-8.php#8.0.25
• https://access.redhat.com/security/cve/CVE-2022-31631
• https://www.cve.org/CVERecord?id=CVE-2022-31631
• https://nvd.nist.gov/vuln/detail/CVE-2022-31631
• https://bugs.php.net/bug.php?id=81740
• https://access.redhat.com/security/cve/CVE-2022-37454
• https://www.cve.org/CVERecord?id=CVE-2022-37454
• https://nvd.nist.gov/vuln/detail/CVE-2022-37454