[CLSA-2026:1776972009] php: Fix of 3 CVEs
Type:
security
Severity:
Moderate
Release date:
2026-04-23 19:20:14 UTC
Description:
- CVE-2021-21707: fix NUL byte truncation in XML/DOM URI file loading - CVE-2022-31628: fix phar wrapper denial of service when loading compressed quine archives - CVE-2022-31629: discard HTTP variables that mangle into __Host- or __Secure- prefixes
Updated packages:
  • php-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:d5d65c46c4c7d70545c32c0d411a5c605e5d84bc6f4a83718bed7579dc0b8d5d
  • php-bcmath-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:88d8a8ab5e4ea59a362131257a853565cddec5ca6757f0708693f0b1c6a6a606
  • php-cli-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:7163fda4dc8ab12686a8561813423e48e0c477f2c2b7c78261b17004db417cbb
  • php-common-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:4aa2aa1c2ad50f8687789a36280fc2bfeb1439132d61dd5c5238bdfd78b86b3a
  • php-dba-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:b39ba8fd8279c941daf30f3a8e08e785399d333eaed4a238f828da98b142434a
  • php-devel-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:2dbbd8a2379fda28864bd7132e83644e41a06411aaf50100fe3401816ec33e0d
  • php-embedded-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:0842638b8a1dee022a0e8cfbd5be520d85c4c62c1e19528fe814f61d148ac21e
  • php-enchant-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:bbb47dc6c310207beb9e22bf1e9dd85418547cab6612fb9029dd8bc1c922379f
  • php-fpm-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:80a31d7549d9bbc52e70ea9f9142f6429814ca511cb2d40fc67df86ab9f34088
  • php-gd-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:3a24faf684446de01a2e521cba6a5444112f5fb0a0073fb8a3370918b04f40e5
  • php-intl-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:01faa56b2d0e64e3b7ad5f700dde7c152dd949d3595c4ba9dd070e0abeb61a17
  • php-ldap-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:8b11011d8e57babdd426c4c86435f1ed03712090ac6684e9037528f56a4f1f30
  • php-mbstring-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:7a9b92576de93acb34731fee41943b41c3b89599f15d8228f3fe224e7b66f93d
  • php-mysql-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:2d77a55f4695f48ee71c288ad1dfa56e5a997300d475a1e947d123dc14ea571d
  • php-mysqlnd-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:54b42aa5af65acb9fa38313c0a53fafee4907590beb0bbf72ab5b7194dd3ec60
  • php-odbc-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:2a2a848bab98e564644317756fb46244753d4dd99417166e02b4e74c93f9c3e5
  • php-pdo-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:74b3c4c05e14d7653196995a07951e0ecedd1193e7c8ca96130f7c7da529b1d2
  • php-pgsql-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:55ed64e141bd066e67ac8ac273be6d7e893d4787c58254aecc07fc0500c1bcd5
  • php-process-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:fc487c1a8c08b8089c06a2b2c61a302cc72c046cafd5d94775697ad7af376d7e
  • php-pspell-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:af9832fa4211a9f65d4b08c4548faba5733d743295383feab4f60d96bf89f672
  • php-recode-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:78dcc288307f1c92ee01b6eb3443be5a6e4ead3538149744198dd43cacade074
  • php-snmp-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:148b87138ebbdf20b435a2b3193aeb05c4ef06bc1001775f50b84f420bf2d9de
  • php-soap-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:556a368a0db11cc67210b768b7ac6b54573216a027f3f418ad3edf6d424a863c
  • php-xml-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:577da69bc00e67fbbb0408040456a5b02bba40484f315d87f29bfefe48f1f832
  • php-xmlrpc-5.4.16-48.el7.tuxcare.els16.x86_64.rpm
    sha:6a1f4ba019d68236d77625fb9764645bef9cd5982ded792ebbd9b6faccf587cb
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.