| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: php-xml | Distribution: Unknown |
| Version: 7.4.33 | Vendor: Remi's RPM repository <https://rpms.remirepo.net/> #StandWithUkraine |
| Release: 20.fc39.remi | Build date: Fri Nov 22 11:30:01 2024 |
| Group: Development/Languages | Build host: builder.remirepo.net |
| Size: 871332 | Source RPM: php-7.4.33-20.fc39.remi.src.rpm |
| Packager: Remi Collet | |
| Url: http://www.php.net/ | |
| Summary: A module for PHP applications which use XML | |
The php-xml package contains dynamic shared objects which add support to PHP for manipulating XML documents using the DOM tree, and performing XSL transformations on XML documents.
PHP
* Fri Nov 22 2024 Remi Collet <remi@remirepo.net> - 7.4.33-20
- Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
GHSA-4w77-75f9-2c8w
- Fix OOB access in ldap_escape
CVE-2024-8932
- Fix Integer overflow in the dblib/firebird quoter causing OOB writes
CVE-2024-11236
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
CVE-2024-11233
* Fri Nov 15 2024 Remi Collet <remi@remirepo.net> - 7.4.33-19
- disable firebird on EL-10
* Thu Sep 26 2024 Remi Collet <remi@remirepo.net> - 7.4.33-18
- Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
CVE-2024-4577
- Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
CVE-2024-8926
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
CVE-2024-8927
- Fix Logs from childrens may be altered
CVE-2024-9026
- Fix Erroneous parsing of multipart form data
CVE-2024-8925
- use ICU 74.2
* Mon Aug 26 2024 Remi Collet <remi@remirepo.net> - 7.4.33-17
- add backport for https://bugs.php.net/79589
error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading
* Wed Jul 31 2024 Remi Collet <remi@remirepo.net> - 7.4.33-16
- use oracle client library version 23.5 on x86_64
* Tue Jun 04 2024 Remi Collet <remi@remirepo.net> - 7.4.33-15
- Fix filter bypass in filter_var FILTER_VALIDATE_URL
CVE-2024-5458
* Wed Apr 10 2024 Remi Collet <remi@remirepo.net> - 7.4.33-14
- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
CVE-2024-2756
- Fix password_verify can erroneously return true opening ATO risk
CVE-2024-3096
* Wed Mar 06 2024 Remi Collet <remi@remirepo.net> - 7.4.33-13
- patch test suite for zlib-ng
* Mon Feb 19 2024 Remi Collet <remi@remirepo.net> - 7.4.33-12
- more build patch for GCC 14
* Wed Feb 14 2024 Remi Collet <remi@remirepo.net> - 7.4.33-11
- add build patch for GCC 14
- use oracle client library version 21.13 on x86_64
* Tue Dec 12 2023 Remi Collet <remi@remirepo.net> - 7.4.33-10
- use ICU 73.2
- use oracle client library version 21.12 on x86_64, 19.19 on aarch64
- add fixes for libxml 2.11 and 2.12 from 8.1
* Thu Sep 21 2023 Remi Collet <remi@remirepo.net> - 7.4.33-9
- use oracle client library version 21.11 on x86_64, 19.19 on aarch64
- use official Oracle Instant Client RPM
* Tue Aug 01 2023 Remi Collet <remi@remirepo.net> - 7.4.33-8
- Fix Security issue with external entity loading in XML without enabling it
GHSA-3qrf-m4j2-pcrr CVE-2023-3823
- Fix Buffer mismanagement in phar_dir_read()
GHSA-jqcx-ccgc-xwhv CVE-2023-3824
- move httpd/nginx wants directive to config files in /etc
* Tue Jun 06 2023 Remi Collet <remi@remirepo.net> - 7.4.33-7
- Fix Missing error check and insufficient random bytes in HTTP Digest
authentication for SOAP
GHSA-76gg-c692-v2mw CVE-2023-3247
* Fri Apr 14 2023 Remi Collet <remi@remirepo.net> - 7.4.33-6
- use ICU 72.1
- use oracle client library version 21.10
- fix possible buffer overflow in date
- define %__phpize and %__phpconfig
* Tue Feb 21 2023 Remi Collet <remi@remirepo.net> - 7.4.33-5
- F38: enable imap extension
* Tue Feb 14 2023 Remi Collet <remi@remirepo.net> - 7.4.33-4
- fix #81744: Password_verify() always return true with some hash
CVE-2023-0567
- fix #81746: 1-byte array overrun in common path resolve code
CVE-2023-0568
- fix DOS vulnerability when parsing multipart request body
CVE-2023-0662
* Fri Feb 10 2023 Remi Collet <remi@remirepo.net> - 7.4.33-3
- F38: disable imap extension
- add dependency on pcre2 minimal version
* Mon Dec 19 2022 Remi Collet <remi@remirepo.net> - 7.4.33-2
- pdo: fix #81740: PDO::quote() may return unquoted string
CVE-2022-31631
- use oracle client library version 21.8
/etc/php-zts.d/20-dom.ini /etc/php-zts.d/20-simplexml.ini /etc/php-zts.d/20-xml.ini /etc/php-zts.d/20-xmlwriter.ini /etc/php-zts.d/20-xsl.ini /etc/php-zts.d/30-xmlreader.ini /etc/php.d/20-dom.ini /etc/php.d/20-simplexml.ini /etc/php.d/20-xml.ini /etc/php.d/20-xmlwriter.ini /etc/php.d/20-xsl.ini /etc/php.d/30-xmlreader.ini /usr/lib/.build-id /usr/lib/.build-id/05/ea0c0e73e8fa84aa739f48ccddc15fe79eda2a /usr/lib/.build-id/23 /usr/lib/.build-id/23/e9dfd08ba15572368754638f6bc8a5346cc07f /usr/lib/.build-id/49/c8d1c5dcfe6b32977f67dc764855f2fb3feb4d /usr/lib/.build-id/58 /usr/lib/.build-id/58/a7bbbb80d0c1db0f408b9f4ef3f0870fcaaefb /usr/lib/.build-id/63 /usr/lib/.build-id/63/f71d0b75bb9bba485d89ec2a193c0011980699 /usr/lib/.build-id/89/4b38b86903aeb3d31c31ec267c67f49ecea4d9 /usr/lib/.build-id/9a /usr/lib/.build-id/9a/3078a62e71baf3f05f6941b380257055744e4f /usr/lib/.build-id/a2 /usr/lib/.build-id/a2/7e7a3cd67d485f5de398f18f9d8acf47e1b0a9 /usr/lib/.build-id/a5/255b948e75f99008504ae1b534dcbee2798836 /usr/lib/.build-id/d9 /usr/lib/.build-id/d9/d66ebfd6110d021b55e2fce45ff19ef1d3814f /usr/lib/.build-id/e1 /usr/lib/.build-id/e1/1fb9905ae60d5911248fbb853bd4412370c7f3 /usr/lib/.build-id/f7 /usr/lib/.build-id/f7/f09b1f153e62b13fcd1554b0cd49cebd3ba654 /usr/lib64/php-zts/modules/dom.so /usr/lib64/php-zts/modules/simplexml.so /usr/lib64/php-zts/modules/xml.so /usr/lib64/php-zts/modules/xmlreader.so /usr/lib64/php-zts/modules/xmlwriter.so /usr/lib64/php-zts/modules/xsl.so /usr/lib64/php/modules/dom.so /usr/lib64/php/modules/simplexml.so /usr/lib64/php/modules/xml.so /usr/lib64/php/modules/xmlreader.so /usr/lib64/php/modules/xmlwriter.so /usr/lib64/php/modules/xsl.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon Mar 9 17:15:07 2026