RHSA-2024:0387: Moderate: php:8.1 security update
First published: Wed Jan 24 2024(Updated: )
Moderate: php:8.1 security update
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/php | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-pecl-apcu | <5.1.21-1.module+el9.1.0 | 5.1.21-1.module+el9.1.0 |
| redhat/php-pecl-rrd | <2.0.3-4.module+el9.1.0 | 2.0.3-4.module+el9.1.0 |
| redhat/php-pecl-xdebug3 | <3.1.4-1.module+el9.1.0 | 3.1.4-1.module+el9.1.0 |
| redhat/php-pecl-zip | <1.20.1-1.module+el9.1.0 | 1.20.1-1.module+el9.1.0 |
| redhat/apcu-panel | <5.1.21-1.module+el9.1.0 | 5.1.21-1.module+el9.1.0 |
| redhat/php-bcmath | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-bcmath-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-cli | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-cli-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-common | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-common-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-dba | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-dba-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-dbg | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-dbg-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-debugsource | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-devel | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-embedded | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-embedded-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-enchant | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-enchant-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-ffi | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-ffi-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-fpm | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-fpm-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-gd | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-gd-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-gmp | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-gmp-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-intl | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-intl-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-ldap | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-ldap-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-mbstring | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-mbstring-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-mysqlnd | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-mysqlnd-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-odbc | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-odbc-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-opcache | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-opcache-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-pdo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-pdo-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-pecl-apcu-debuginfo | <5.1.21-1.module+el9.1.0 | 5.1.21-1.module+el9.1.0 |
| redhat/php-pecl-apcu-debugsource | <5.1.21-1.module+el9.1.0 | 5.1.21-1.module+el9.1.0 |
| redhat/php-pecl-apcu-devel | <5.1.21-1.module+el9.1.0 | 5.1.21-1.module+el9.1.0 |
| redhat/php-pecl-rrd-debuginfo | <2.0.3-4.module+el9.1.0 | 2.0.3-4.module+el9.1.0 |
| redhat/php-pecl-rrd-debugsource | <2.0.3-4.module+el9.1.0 | 2.0.3-4.module+el9.1.0 |
| redhat/php-pecl-xdebug3-debuginfo | <3.1.4-1.module+el9.1.0 | 3.1.4-1.module+el9.1.0 |
| redhat/php-pecl-xdebug3-debugsource | <3.1.4-1.module+el9.1.0 | 3.1.4-1.module+el9.1.0 |
| redhat/php-pecl-zip-debuginfo | <1.20.1-1.module+el9.1.0 | 1.20.1-1.module+el9.1.0 |
| redhat/php-pecl-zip-debugsource | <1.20.1-1.module+el9.1.0 | 1.20.1-1.module+el9.1.0 |
| redhat/php-pgsql | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-pgsql-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-process | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-process-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-snmp | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-snmp-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-soap | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-soap-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-xml | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| redhat/php-xml-debuginfo | <8.1.27-1.module+el9.3.0 | 8.1.27-1.module+el9.3.0 |
| Red Hat Enterprise Linux 8 | ||
| Red Hat Enterprise Linux for IBM z Systems | ||
| Red Hat Enterprise Linux 8 | ||
| Red Hat Red Hat Enterprise Linux for Power, little endian |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2024:0387 (Advisory)
- https://bugzilla.redhat.com/show_bug.cgi?id=2170761
- https://bugzilla.redhat.com/show_bug.cgi?id=2170770
- https://bugzilla.redhat.com/show_bug.cgi?id=2170771
- https://bugzilla.redhat.com/show_bug.cgi?id=2219290
- https://bugzilla.redhat.com/show_bug.cgi?id=2229396
- https://bugzilla.redhat.com/show_bug.cgi?id=2230101
- https://access.redhat.com/security/updates/classification/#moderate
Frequently Asked Questions
What are the security fixes in RHSA-2024:0387?
The security fixes in RHSA-2024:0387 include a 1-byte array overrun in common path resolve code (CVE-2023-0568) and a DoS vulnerability when parsing multipart requests.
How do I remediate RHSA-2024:0387?
You can remediate RHSA-2024:0387 by updating to the relevant packages as specified in the advisory, such as php version 8.1.27-1.module+el9.3.0.
What is the severity of RHSA-2024:0387?
The severity of RHSA-2024:0387 is rated as moderate.
Which versions of PHP are affected by RHSA-2024:0387?
RHSA-2024:0387 affects multiple versions of PHP, specifically those prior to version 8.1.27-1.module+el9.3.0.
What is the impact of the vulnerabilities fixed in RHSA-2024:0387?
The vulnerabilities addressed in RHSA-2024:0387 can lead to potential denial of service and exploitation through crafted inputs.
- agent/severity
- agent/type
- agent/title
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/description
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2024:0387
- agent/software-canonical-lookup
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- collector/redhat-errata-latest
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/red hat
- canonical/red hat enterprise linux 8
- canonical/red hat enterprise linux for ibm z systems
- canonical/red hat red hat enterprise linux for power, little endian