ALSA-2025:7431

See a problem?
Please try reporting it to the source first.

Source

https://errata.almalinux.org/9/ALSA-2025-7431.html

Import Source

https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:7431.json

JSON Data

https://api.osv.dev/v1/vulns/ALSA-2025:7431

Related

Published

2025-05-13T00:00:00Z

Modified

2025-05-21T06:35:12Z

Summary

Moderate: php security update

Details

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

Security Fix(es):

php: Header parser of http stream wrapper does not handle folded headers (CVE-2025-1217)
php: Stream HTTP wrapper header check might omit basic auth header (CVE-2025-1736)
php: Streams HTTP wrapper does not fail for headers with invalid name and no colon (CVE-2025-1734)
php: libxml streams use wrong content-type header when requesting a redirected resource (CVE-2025-1219)
php: Stream HTTP wrapper truncates redirect location to 1024 bytes (CVE-2025-1861)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:9 / php

Package

Name: php
Purl: pkg:rpm/almalinux/php

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-bcmath

Package

Name: php-bcmath
Purl: pkg:rpm/almalinux/php-bcmath

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-cli

Package

Name: php-cli
Purl: pkg:rpm/almalinux/php-cli

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-common

Package

Name: php-common
Purl: pkg:rpm/almalinux/php-common

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-dba

Package

Name: php-dba
Purl: pkg:rpm/almalinux/php-dba

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-dbg

Package

Name: php-dbg
Purl: pkg:rpm/almalinux/php-dbg

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-devel

Package

Name: php-devel
Purl: pkg:rpm/almalinux/php-devel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-embedded

Package

Name: php-embedded
Purl: pkg:rpm/almalinux/php-embedded

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-enchant

Package

Name: php-enchant
Purl: pkg:rpm/almalinux/php-enchant

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-ffi

Package

Name: php-ffi
Purl: pkg:rpm/almalinux/php-ffi

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-fpm

Package

Name: php-fpm
Purl: pkg:rpm/almalinux/php-fpm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-gd

Package

Name: php-gd
Purl: pkg:rpm/almalinux/php-gd

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-gmp

Package

Name: php-gmp
Purl: pkg:rpm/almalinux/php-gmp

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-intl

Package

Name: php-intl
Purl: pkg:rpm/almalinux/php-intl

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-ldap

Package

Name: php-ldap
Purl: pkg:rpm/almalinux/php-ldap

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-mbstring

Package

Name: php-mbstring
Purl: pkg:rpm/almalinux/php-mbstring

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-mysqlnd

Package

Name: php-mysqlnd
Purl: pkg:rpm/almalinux/php-mysqlnd

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-odbc

Package

Name: php-odbc
Purl: pkg:rpm/almalinux/php-odbc

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-opcache

Package

Name: php-opcache
Purl: pkg:rpm/almalinux/php-opcache

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-pdo

Package

Name: php-pdo
Purl: pkg:rpm/almalinux/php-pdo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-pgsql

Package

Name: php-pgsql
Purl: pkg:rpm/almalinux/php-pgsql

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-process

Package

Name: php-process
Purl: pkg:rpm/almalinux/php-process

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-snmp

Package

Name: php-snmp
Purl: pkg:rpm/almalinux/php-snmp

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-soap

Package

Name: php-soap
Purl: pkg:rpm/almalinux/php-soap

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6

AlmaLinux:9 / php-xml

Package

Name: php-xml
Purl: pkg:rpm/almalinux/php-xml

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.0.30-3.el9_6