RHSA-2023:5926

Description

Red Hat Security Advisory: php security update

CVSS Metrics

• v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Systems

• redhat•php

  < 0:8.0.30-1.el9_2

• redhat•php-bcmath

  < 0:8.0.30-1.el9_2

• redhat•php-bcmath-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-cli

  < 0:8.0.30-1.el9_2

• redhat•php-cli-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-common

  < 0:8.0.30-1.el9_2

• redhat•php-common-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-dba

  < 0:8.0.30-1.el9_2

• redhat•php-dba-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-dbg

  < 0:8.0.30-1.el9_2

• redhat•php-dbg-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-debugsource

  < 0:8.0.30-1.el9_2

• redhat•php-devel

  < 0:8.0.30-1.el9_2

• redhat•php-embedded

  < 0:8.0.30-1.el9_2

• redhat•php-embedded-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-enchant

  < 0:8.0.30-1.el9_2

• redhat•php-enchant-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-ffi

  < 0:8.0.30-1.el9_2

• redhat•php-ffi-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-fpm

  < 0:8.0.30-1.el9_2

• redhat•php-fpm-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-gd

  < 0:8.0.30-1.el9_2

• redhat•php-gd-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-gmp

  < 0:8.0.30-1.el9_2

• redhat•php-gmp-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-intl

  < 0:8.0.30-1.el9_2

• redhat•php-intl-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-ldap

  < 0:8.0.30-1.el9_2

• redhat•php-ldap-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-mbstring

  < 0:8.0.30-1.el9_2

• redhat•php-mbstring-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-mysqlnd

  < 0:8.0.30-1.el9_2

• redhat•php-mysqlnd-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-odbc

  < 0:8.0.30-1.el9_2

• redhat•php-odbc-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-opcache

  < 0:8.0.30-1.el9_2

• redhat•php-opcache-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-pdo

  < 0:8.0.30-1.el9_2

• redhat•php-pdo-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-pgsql

  < 0:8.0.30-1.el9_2

• redhat•php-pgsql-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-process

  < 0:8.0.30-1.el9_2

• redhat•php-process-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-snmp

  < 0:8.0.30-1.el9_2

• redhat•php-snmp-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-soap

  < 0:8.0.30-1.el9_2

• redhat•php-soap-debuginfo

  < 0:8.0.30-1.el9_2

• redhat•php-xml

  < 0:8.0.30-1.el9_2

• redhat•php-xml-debuginfo

  < 0:8.0.30-1.el9_2

References (36)

• https://access.redhat.com/errata/RHSA-2023:5926
• https://access.redhat.com/security/updates/classification/#important
• https://bugzilla.redhat.com/show_bug.cgi?id=2170761
• https://bugzilla.redhat.com/show_bug.cgi?id=2170770
• https://bugzilla.redhat.com/show_bug.cgi?id=2170771
• https://bugzilla.redhat.com/show_bug.cgi?id=2219290
• https://bugzilla.redhat.com/show_bug.cgi?id=2229396
• https://bugzilla.redhat.com/show_bug.cgi?id=2230101
• https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5926.json
• https://access.redhat.com/security/cve/CVE-2023-0567
• https://www.cve.org/CVERecord?id=CVE-2023-0567
• https://nvd.nist.gov/vuln/detail/CVE-2023-0567
• https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4
• https://access.redhat.com/security/cve/CVE-2023-0568
• https://www.cve.org/CVERecord?id=CVE-2023-0568
• https://nvd.nist.gov/vuln/detail/CVE-2023-0568
• https://bugs.php.net/bug.php?id=81746
• https://access.redhat.com/security/cve/CVE-2023-0662
• https://www.cve.org/CVERecord?id=CVE-2023-0662
• https://nvd.nist.gov/vuln/detail/CVE-2023-0662
• https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv
• https://access.redhat.com/security/cve/CVE-2023-3247
• https://www.cve.org/CVERecord?id=CVE-2023-3247
• https://nvd.nist.gov/vuln/detail/CVE-2023-3247
• https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw
• https://access.redhat.com/security/cve/CVE-2023-3823
• https://www.cve.org/CVERecord?id=CVE-2023-3823
• https://nvd.nist.gov/vuln/detail/CVE-2023-3823
• https://github.com/php/php-src/commit/c283c3ab0ba45d21b2b8745c1f9c7cbfe771c975
• https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr
• https://www.php.net/ChangeLog-8.php#8.0.30
• https://access.redhat.com/security/cve/CVE-2023-3824
• https://www.cve.org/CVERecord?id=CVE-2023-3824
• https://nvd.nist.gov/vuln/detail/CVE-2023-3824
• https://github.com/php/php-src/commit/80316123f3e9dcce8ac419bd9dd43546e2ccb5ef
• https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv