ALSA-2022:1935

See a problem?
Please try reporting it to the source first.
Source
https://errata.almalinux.org/8/ALSA-2022-1935.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2022:1935.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2022:1935
Related
Published
2022-05-10T00:00:00Z
Modified
2022-07-01T13:57:17Z
Summary
Moderate: php:7.4 security update
Details

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: Local privilege escalation via PHP-FPM (CVE-2021-21703) * php: SSRF bypass in FILTERVALIDATEURL (CVE-2021-21705) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References

Affected packages

AlmaLinux:8 / apcu-panel

Package

Name
apcu-panel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.1.18-1.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / libzip

Package

Name
libzip

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.1-1.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / libzip-devel

Package

Name
libzip-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.1-1.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / libzip-tools

Package

Name
libzip-tools

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.1-1.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php

Package

Name
php

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-bcmath

Package

Name
php-bcmath

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-cli

Package

Name
php-cli

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-common

Package

Name
php-common

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-dba

Package

Name
php-dba

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-dbg

Package

Name
php-dbg

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-devel

Package

Name
php-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-embedded

Package

Name
php-embedded

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-enchant

Package

Name
php-enchant

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-ffi

Package

Name
php-ffi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-fpm

Package

Name
php-fpm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-gd

Package

Name
php-gd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-gmp

Package

Name
php-gmp

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-intl

Package

Name
php-intl

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-json

Package

Name
php-json

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-ldap

Package

Name
php-ldap

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-mbstring

Package

Name
php-mbstring

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-mysqlnd

Package

Name
php-mysqlnd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-odbc

Package

Name
php-odbc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-opcache

Package

Name
php-opcache

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-pdo

Package

Name
php-pdo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-pear

Package

Name
php-pear

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.10.12-1.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-pecl-apcu

Package

Name
php-pecl-apcu

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.1.18-1.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-pecl-apcu-devel

Package

Name
php-pecl-apcu-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.1.18-1.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-pecl-rrd

Package

Name
php-pecl-rrd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.1-1.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-pecl-xdebug

Package

Name
php-pecl-xdebug

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.9.5-1.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-pecl-zip

Package

Name
php-pecl-zip

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.18.2-1.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-pgsql

Package

Name
php-pgsql

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-process

Package

Name
php-process

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-snmp

Package

Name
php-snmp

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-soap

Package

Name
php-soap

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-xml

Package

Name
php-xml

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb

AlmaLinux:8 / php-xmlrpc

Package

Name
php-xmlrpc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4.19-2.module_el8.6.0+2750+78feabcb