Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

php-xml-8.0.30-3.el9 RPM for aarch64

From CentOS Stream 9 AppStream for aarch64

Name: php-xml Distribution: CentOS
Version: 8.0.30 Vendor: CentOS
Release: 3.el9 Build date: Mon Apr 28 11:28:08 2025
Group: Unspecified Build host: aarch64-04.stream.rdu2.redhat.com
Size: 549358 Source RPM: php-8.0.30-3.el9.src.rpm
Packager: builder@centos.org
Url: http://www.php.net/
Summary: A module for PHP applications which use XML
 
The php-xml package contains dynamic shared objects which add support
to PHP for manipulating XML documents using the DOM tree,
and performing XSL transformations on XML documents.

Provides

Requires

License

PHP

Changelog

* Thu Mar 13 2025 Remi Collet <rcollet@redhat.com> - 8.0.30-3
  - Fix libxml streams use wrong `content-type` header when requesting a redirected resource
    CVE-2025-1219
  - Fix Stream HTTP wrapper header check might omit basic auth header
    CVE-2025-1736
  - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
    CVE-2025-1861
  - Fix Streams HTTP wrapper does not fail for headers without colon
    CVE-2025-1734
  - Fix Header parser of `http` stream wrapper does not handle folded headers
    CVE-2025-1217
* Tue Jan 21 2025 Remi Collet <rcollet@redhat.com> - 8.0.30-2
  - Fix Leak partial content of the heap through heap buffer over-read
    CVE-2024-8929
  - Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
    CVE-2024-11234
  - Fix Single byte overread with convert.quoted-printable-decode filter
    CVE-2024-11233
  - Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
    CVE-2024-8927
  - Fix Logs from childrens may be altered
    CVE-2024-9026
  - Fix Erroneous parsing of multipart form data
    CVE-2024-8925
  - Fix filter bypass in filter_var FILTER_VALIDATE_URL
    CVE-2024-5458
  - Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
    CVE-2024-2756
  - Fix password_verify can erroneously return true opening ATO risk
    CVE-2024-3096
* Fri Oct 06 2023 Remi Collet <rcollet@redhat.com> - 8.0.30-1
  - rebase to 8.0.30
  - Resolves: RHEL-11946

Files

/etc/php.d/20-dom.ini
/etc/php.d/20-simplexml.ini
/etc/php.d/20-xml.ini
/etc/php.d/20-xmlwriter.ini
/etc/php.d/20-xsl.ini
/etc/php.d/30-xmlreader.ini
/usr/lib/.build-id
/usr/lib/.build-id/0a
/usr/lib/.build-id/0a/42601dae9557dea51e8679c0465c1bcaf99c68
/usr/lib/.build-id/1d
/usr/lib/.build-id/1d/e29a7e0402137f09e47f5d9b07d2f25ee4cfa9
/usr/lib/.build-id/4a
/usr/lib/.build-id/4a/3e399ad32992d21966dcda0f8eb00f7e67295d
/usr/lib/.build-id/50
/usr/lib/.build-id/50/4e2adfab01dc3a9bc23d10a64cc2bdd634d36f
/usr/lib/.build-id/a3
/usr/lib/.build-id/a3/1cd8c93a009c9f81e667bcd546adbbad377602
/usr/lib/.build-id/d9
/usr/lib/.build-id/d9/5a7307a9f443e16ed903802eaf17c03f1f2e34
/usr/lib64/php/modules/dom.so
/usr/lib64/php/modules/simplexml.so
/usr/lib64/php/modules/xml.so
/usr/lib64/php/modules/xmlreader.so
/usr/lib64/php/modules/xmlwriter.so
/usr/lib64/php/modules/xsl.so

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed May 21 03:05:34 2025