RHSA-2023:2903-01 -- Redhat libzip, php, apcu-panelID: oval:org.secpod.oval:def:507745 | Date: (C)2023-06-05 (M)2024-04-29 |
Class: PATCH | Family: unix |
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a "__Host-" or "__Secure-" cookie by PHP applications * php: OOB read due to insufficient input validation in imageloadfont * php: PDO::quote may return unquoted string due to an integer overflow * php: phar: infinite loop when decompressing quine gzip file For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 8 |
Product: |
libzip |
php |
apcu-panel |