13 matches found
php:8.3 security update
An update is available for module.php-pecl-redis6, module.php, php-pecl-redis6, module.php-pecl-apcu, php-pecl-rrd, php-pecl-zip, php, module.php-pecl-zip, module.php-pecl-rrd, php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3. This update affects Rocky Linux 9. A Common Vulnerability...
ALSA-2025:23309 Moderate: php:8.3 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...
USN-7648-3 php7.0, php7.2, php7.4 regression
USN-7648-2 fixed vulnerabilities in PHP. The patch for CVE-2025-1735 caused a regression in php7.0, php7.2 and php7.4. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null...
USN-7648-2 php7.0, php7.2, php7.4 vulnerabilities
USN-7648-1 fixed several vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote attacker...
USN-7648-2: PHP vulnerabilities
USN-7648-1 fixed several vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote attacker...
OESA-2025-1888 php security update
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
SUSE-SU-2025:02473-1 Security update for php7
This update for php7 fixes the following issues: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 - CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML...
SUSE-SU-2025:02463-1 Security update for php8
This update for php8 fixes the following issues: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 - CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP Extension via Large XML...
SUSE-SU-2025:02462-1 Security update for php8
This update for php8 fixes the following issues: Version update to 8.3.23: - CVE-2025-1220: Fixed null byte termination in hostnames bsc1246167 - CVE-2025-1735: Fixed pgsql extension does not check for errors during escaping bsc1246146 - CVE-2025-6491: Fixed NULL Pointer Dereference in PHP SOAP...
DEBIAN-CVE-2025-1735
In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...
AZL-65121 CVE-2025-1735 affecting package php for versions less than 8.3.23-1
In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...
AZL-65124 CVE-2025-1735 affecting package php for versions less than 8.1.33-1
In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...
UBUNTU-CVE-2025-1735
In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...