RLSA-2022:1935
Moderate: php:7.4 security update
Topic
An update is available for php-pear, php-pecl-rrd, php, php-pecl-apcu, php-pecl-xdebug, libzip, php-pecl-zip.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Description
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
Security Fix(es):
* php: Local privilege escalation via PHP-FPM (CVE-2021-21703)
* php: SSRF bypass in FILTER_VALIDATE_URL (CVE-2021-21705)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.
Rocky Linux 8
SRPMs
- libzip-0:1.6.1-1.module+el8.6.0+789+2130c178.src.rpm
- libzip-0:1.6.1-1.module+el8.4.0+415+e936cba3.src.rpm
- php-0:7.4.19-2.module+el8.6.0+789+2130c178.src.rpm
- php-pear-1:1.10.12-1.module+el8.4.0+415+e936cba3.src.rpm
- php-pear-1:1.10.12-1.module+el8.6.0+789+2130c178.src.rpm
- php-pecl-apcu-0:5.1.18-1.module+el8.6.0+789+2130c178.src.rpm
- php-pecl-apcu-0:5.1.18-1.module+el8.4.0+415+e936cba3.src.rpm
- php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.src.rpm
- php-pecl-xdebug-0:2.9.5-1.module+el8.4.0+415+e936cba3.src.rpm
- php-pecl-zip-0:1.18.2-1.module+el8.6.0+789+2130c178.src.rpm
- php-pecl-zip-0:1.18.2-1.module+el8.4.0+415+e936cba3.src.rpm
RPMs
- apcu-panel-0:5.1.18-1.module+el8.6.0+789+2130c178.noarch.rpm
- apcu-panel-0:5.1.18-1.module+el8.4.0+415+e936cba3.noarch.rpm
- libzip-0:1.6.1-1.module+el8.6.0+789+2130c178.aarch64.rpm
- libzip-0:1.6.1-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- libzip-0:1.6.1-1.module+el8.6.0+789+2130c178.x86_64.rpm
- libzip-0:1.6.1-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- libzip-debuginfo-0:1.6.1-1.module+el8.6.0+789+2130c178.aarch64.rpm
- libzip-debuginfo-0:1.6.1-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- libzip-debuginfo-0:1.6.1-1.module+el8.6.0+789+2130c178.x86_64.rpm
- libzip-debuginfo-0:1.6.1-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- libzip-debugsource-0:1.6.1-1.module+el8.6.0+789+2130c178.aarch64.rpm
- libzip-debugsource-0:1.6.1-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- libzip-debugsource-0:1.6.1-1.module+el8.6.0+789+2130c178.x86_64.rpm
- libzip-debugsource-0:1.6.1-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- libzip-devel-0:1.6.1-1.module+el8.6.0+789+2130c178.aarch64.rpm
- libzip-devel-0:1.6.1-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- libzip-devel-0:1.6.1-1.module+el8.6.0+789+2130c178.x86_64.rpm
- libzip-devel-0:1.6.1-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- libzip-tools-0:1.6.1-1.module+el8.6.0+789+2130c178.aarch64.rpm
- libzip-tools-0:1.6.1-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- libzip-tools-0:1.6.1-1.module+el8.6.0+789+2130c178.x86_64.rpm
- libzip-tools-0:1.6.1-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- libzip-tools-debuginfo-0:1.6.1-1.module+el8.6.0+789+2130c178.aarch64.rpm
- libzip-tools-debuginfo-0:1.6.1-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- libzip-tools-debuginfo-0:1.6.1-1.module+el8.6.0+789+2130c178.x86_64.rpm
- libzip-tools-debuginfo-0:1.6.1-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-bcmath-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-bcmath-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-bcmath-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-bcmath-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-cli-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-cli-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-cli-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-cli-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-common-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-common-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-common-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-common-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-dba-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-dba-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-dba-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-dba-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-dbg-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-dbg-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-dbg-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-dbg-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-debugsource-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-debugsource-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-devel-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-devel-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-embedded-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-embedded-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-embedded-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-embedded-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-enchant-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-enchant-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-enchant-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-enchant-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-ffi-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-ffi-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-ffi-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-ffi-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-fpm-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-fpm-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-fpm-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-fpm-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-gd-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-gd-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-gd-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-gd-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-gmp-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-gmp-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-gmp-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-gmp-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-intl-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-intl-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-intl-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-intl-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-json-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-json-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-json-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-json-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-ldap-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-ldap-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-ldap-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-ldap-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-mbstring-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-mbstring-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-mbstring-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-mbstring-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-mysqlnd-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-mysqlnd-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-mysqlnd-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-mysqlnd-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-odbc-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-odbc-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-odbc-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-odbc-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-opcache-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-opcache-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-opcache-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-opcache-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pdo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pdo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pdo-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pdo-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pear-1:1.10.12-1.module+el8.4.0+415+e936cba3.noarch.rpm
- php-pear-1:1.10.12-1.module+el8.6.0+789+2130c178.noarch.rpm
- php-pecl-apcu-0:5.1.18-1.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pecl-apcu-0:5.1.18-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- php-pecl-apcu-0:5.1.18-1.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pecl-apcu-0:5.1.18-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pecl-apcu-debuginfo-0:5.1.18-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pecl-apcu-debugsource-0:5.1.18-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-pecl-apcu-devel-0:5.1.18-1.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pecl-apcu-devel-0:5.1.18-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- php-pecl-apcu-devel-0:5.1.18-1.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pecl-apcu-devel-0:5.1.18-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm
- php-pecl-rrd-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm
- php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm
- php-pecl-rrd-debuginfo-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm
- php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.aarch64.rpm
- php-pecl-rrd-debugsource-0:2.0.1-1.module+el8.4.0+414+2e7afcdd.x86_64.rpm
- php-pecl-xdebug-0:2.9.5-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- php-pecl-xdebug-0:2.9.5-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- php-pecl-xdebug-debuginfo-0:2.9.5-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- php-pecl-xdebug-debugsource-0:2.9.5-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-pecl-zip-0:1.18.2-1.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pecl-zip-0:1.18.2-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- php-pecl-zip-0:1.18.2-1.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pecl-zip-0:1.18.2-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pecl-zip-debuginfo-0:1.18.2-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-pecl-zip-debugsource-0:1.18.2-1.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pecl-zip-debugsource-0:1.18.2-1.module+el8.4.0+415+e936cba3.aarch64.rpm
- php-pecl-zip-debugsource-0:1.18.2-1.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pecl-zip-debugsource-0:1.18.2-1.module+el8.4.0+415+e936cba3.x86_64.rpm
- php-pgsql-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pgsql-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-pgsql-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-pgsql-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-process-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-process-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-process-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-process-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-snmp-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-snmp-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-snmp-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-snmp-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-soap-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-soap-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-soap-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-soap-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-xml-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-xml-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-xml-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-xml-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-xmlrpc-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-xmlrpc-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
- php-xmlrpc-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.aarch64.rpm
- php-xmlrpc-debuginfo-0:7.4.19-2.module+el8.6.0+789+2130c178.x86_64.rpm
Issued: 5/10/2022
Type: Security
Severity: Moderate
Affected Product
- Rocky Linux 8
References
- No references