CLSA-2026-1778240943 php: Fix of CVE-2025-1219

CVE-2025-1219: fix wrong content-type header on libxml streams redirect...

RockyLinux 9 : php:8.2 (RLSA-2025:7432)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:7432 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-deco...

php: libxml streams use wrong content-type header when requesting a redirected resource

A flaw was found in PHP's DOM and SimpleXML extensions. This vulnerability allows incorrect parsing of a redirected HTTP resource via improper content-type header handling...

php: libxml streams use wrong content-type header when requesting a redirected resource

A flaw was found in PHP's DOM and SimpleXML extensions. This vulnerability allows incorrect parsing of a redirected HTTP resource via improper content-type header handling...

php: libxml streams use wrong content-type header when requesting a redirected resource

A flaw was found in PHP's DOM and SimpleXML extensions. This vulnerability allows incorrect parsing of a redirected HTTP resource via improper content-type header handling...

libxml streams use wrong content-type header when requesting a redirected resource

...

Security update for php8

This update for php8 fixes the following issues: CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 CVE-2025-1219: Fixed libxml streams using wrong...

PHP 8.4.x < 8.4.5 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.32, 8.2.x prior to 8.2.28, 8.3.x prior to 8.3.19, or 8.4.x prior to 8.4.5. It is, therefore, affected by multiple vulnerabilities: - libxml streams use wrong content-type header wh...

PHP 8.2.x < 8.2.28 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.32, 8.2.x prior to 8.2.28, 8.3.x prior to 8.3.19, or 8.4.x prior to 8.4.5. It is, therefore, affected by multiple vulnerabilities: - libxml streams use wrong content-type header wh...