rh-php73-php-7.3.33-1.el7

エラータID: AXSA:2022-3369:01

リリース日: 
2022/07/04 Monday - 09:23
題名: 
rh-php73-php-7.3.33-1.el7
影響のあるチャネル: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

Security Fix(es):

* php: password of excessive length triggers buffer overflow leading to RCE (CVE-2022-31626)
* php: Local privilege escalation via PHP-FPM (CVE-2021-21703)
* php: special character breaks path in xml parsing (CVE-2021-21707)
* php: uninitialized array in pg_query_params() leading to RCE (CVE-2022-31625)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* rh-php73: rebase to 7.3.33

CVE-2021-21703
In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.
CVE-2021-21707
In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.
CVE-2022-31625
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.
CVE-2022-31626
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.

解決策: 

Update packages.

CVE: 
CVE-2021-21703
In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.
CVE-2021-21707
In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.
CVE-2022-31625
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.
CVE-2022-31626
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. rh-php73-php-7.3.33-1.el7.src.rpm
    MD5: dd79a0a6d4d55ce61fdc95b6dcb2c6b7
    SHA-256: b02f7b8e814fee2da322a9f29a91d25b9b5dc0c1e7c3eea2ec65d5c56fb83ceb
    Size: 11.69 MB

Asianux Server 7 for x86_64
  1. rh-php73-php-7.3.33-1.el7.x86_64.rpm
    MD5: c8cf611dbc7cbd746a287a91bb969632
    SHA-256: 4070a1943f6674eabbe02d3652acc8e6328f28045a4f3171ed83a85ab253276e
    Size: 1.41 MB
  2. rh-php73-php-bcmath-7.3.33-1.el7.x86_64.rpm
    MD5: 462efa6eab1e6d63ee04eb3824067dfd
    SHA-256: 619a7138b402f53625f0bf13fefad4c3a3c47e69bd435a677b4864c7fe55a34a
    Size: 60.18 kB
  3. rh-php73-php-cli-7.3.33-1.el7.x86_64.rpm
    MD5: 58ffbda85fc7ac7f63838fe17f144f60
    SHA-256: f3bebb92e5722c6f5b08ba06dc0f31a4804bea080c04782c6647c61ad5052174
    Size: 2.86 MB
  4. rh-php73-php-common-7.3.33-1.el7.x86_64.rpm
    MD5: 5e7b729906d85564aec228fa838f628e
    SHA-256: d33516da78fd6c7798cbfa70fe733af605063ed6e3d99abe58347fc85acfb087
    Size: 688.88 kB
  5. rh-php73-php-dba-7.3.33-1.el7.x86_64.rpm
    MD5: 9d1681d489dd353a9751d4cce9b1b4ef
    SHA-256: e31ea6e1531043f799f559534bd5e88fd933ec711778668bc83e4d68200ac327
    Size: 58.43 kB
  6. rh-php73-php-dbg-7.3.33-1.el7.x86_64.rpm
    MD5: 5cbf66216cf4e19fdd75502a4363990e
    SHA-256: d7bf518b0a9891667737d3b6dd0f0b2f53fa6d2dda78bf7e20dc448dd05cb54f
    Size: 1.51 MB
  7. rh-php73-php-devel-7.3.33-1.el7.x86_64.rpm
    MD5: f01d514bb42e357f3e3857861cc73cb1
    SHA-256: 849c3476281f96d6e023e98e72be06be140fd2a0775c852456a8b70082152b46
    Size: 731.67 kB
  8. rh-php73-php-embedded-7.3.33-1.el7.x86_64.rpm
    MD5: aee03b8967c2debab484dbe1851c2a43
    SHA-256: 5f780d582460dc6fc265a42c932a38a0c1246645b68fdb42b9f20c2f6d265c5f
    Size: 1.40 MB
  9. rh-php73-php-enchant-7.3.33-1.el7.x86_64.rpm
    MD5: 06cd396e2fe21d751d4aef02533b2dba
    SHA-256: 41ea4ab440766387cc45a3069b12bb317320648190481b930cb99d91ee6b1dfd
    Size: 44.73 kB
  10. rh-php73-php-fpm-7.3.33-1.el7.x86_64.rpm
    MD5: 2b5076e6380cabcf5e832b3e303c66d5
    SHA-256: a207184e965b72703150ad70eae51a8ba00bcc2fcbc9ac5475853c5ffc77265b
    Size: 1.49 MB
  11. rh-php73-php-gd-7.3.33-1.el7.x86_64.rpm
    MD5: 17d900263effa01717b3810b5a213b70
    SHA-256: 6ff4c9c0133dd8849b3f6cea34575d9a7431d2b68e696d264108f6e291911fdd
    Size: 150.38 kB
  12. rh-php73-php-gmp-7.3.33-1.el7.x86_64.rpm
    MD5: 47c6bd11e71b32a61bed86de89cacaed
    SHA-256: d30469b23fc63df4cf38fd6293ad2ad27cc80b75f05b6997a764f688e8f1bdeb
    Size: 56.91 kB
  13. rh-php73-php-intl-7.3.33-1.el7.x86_64.rpm
    MD5: 0cace636ecf60778f1ab7266471d4bc4
    SHA-256: 0a5db17893e8b154553f3c7839addcbe0e4c17c89ccbcae6955e7c2afe708279
    Size: 163.68 kB
  14. rh-php73-php-json-7.3.33-1.el7.x86_64.rpm
    MD5: be25e1975f99c41d4631e7621e513b95
    SHA-256: e285144c6fd0e45f60082b85326d719ac82d41c6f446ab6ebce391e684dfb71a
    Size: 54.07 kB
  15. rh-php73-php-ldap-7.3.33-1.el7.x86_64.rpm
    MD5: fab6082012a5c79187e293a5596fdc5c
    SHA-256: c87dc838e806a3cf2aaa4b17ca5d84c74f90d7b3d2f24f047a00c029be325ece
    Size: 65.17 kB
  16. rh-php73-php-mbstring-7.3.33-1.el7.x86_64.rpm
    MD5: f8ba783c5932cb7b46d852cce41f591e
    SHA-256: 807cd295688ce1c12605cd310c878d4027d9dd97d08e47e554aa492af88b3532
    Size: 592.30 kB
  17. rh-php73-php-mysqlnd-7.3.33-1.el7.x86_64.rpm
    MD5: f09e39953e9ab96077d96e562a105321
    SHA-256: 90dde7de76ced97b0ccb4cc06408eeca33f96ab41b277db5211162dda709ac40
    Size: 165.07 kB
  18. rh-php73-php-odbc-7.3.33-1.el7.x86_64.rpm
    MD5: 8d46c8ecf73f159460e0a9540164237b
    SHA-256: 01681087f1983dd3372760d375117be20d01cf4d05bc58eeedd36576eac31d90
    Size: 68.51 kB
  19. rh-php73-php-opcache-7.3.33-1.el7.x86_64.rpm
    MD5: f9db59c83f5830faec2fb120a835de4c
    SHA-256: 384f8d754f508179a1f698a45ed01178202730445a08f0bd9ddc1a6768033c9e
    Size: 225.23 kB
  20. rh-php73-php-pdo-7.3.33-1.el7.x86_64.rpm
    MD5: df82ef867dd070d86d46f9279ae97779
    SHA-256: cf9b6b321dd1ab226d27fb6e74c1e5f5448599dca228d4ae4aa527a832667758
    Size: 100.59 kB
  21. rh-php73-php-pgsql-7.3.33-1.el7.x86_64.rpm
    MD5: b8b7c6bab948b03496344a89d5d424fa
    SHA-256: f75e9228b989a4c37767060c81e045d59328450b8600776e2575eb0f7f4ed043
    Size: 95.49 kB
  22. rh-php73-php-process-7.3.33-1.el7.x86_64.rpm
    MD5: e74e6c11f318edc67e3997020ec23906
    SHA-256: 855af19b36868b8060a99a974fa716090d37ee8223b4021943d7edf0bf2e5c72
    Size: 62.45 kB
  23. rh-php73-php-pspell-7.3.33-1.el7.x86_64.rpm
    MD5: eb67912740371dd88a413ca83ce9dd11
    SHA-256: bc487bd1fd954c14615dc95772db6c857bf032421a8725c8b52a46ead77bf14e
    Size: 44.06 kB
  24. rh-php73-php-recode-7.3.33-1.el7.x86_64.rpm
    MD5: c83db69c716f9e197ff4bf1cd49cba17
    SHA-256: a86ab1f14c3f440eaad5b5b793a7a364f528ea0f4af5343ecd30735fa62515ab
    Size: 40.87 kB
  25. rh-php73-php-snmp-7.3.33-1.el7.x86_64.rpm
    MD5: 2657a40d7a01d9fda511605427aca382
    SHA-256: 57ee0a850a42256a27776e574c0866e0e8abc09504629107c97d3acbf87ca580
    Size: 54.22 kB
  26. rh-php73-php-soap-7.3.33-1.el7.x86_64.rpm
    MD5: 5540a643215beca714c7d50c0fed40b3
    SHA-256: 630a787cf4481b09365fdcf02eebaf4e2aec36f3f904a220d894f5590e17a476
    Size: 153.27 kB
  27. rh-php73-php-xml-7.3.33-1.el7.x86_64.rpm
    MD5: f359e1d68dd246bfce0198b01ef75003
    SHA-256: 3ae4be3ce0d8def31fc37432c5f20db5b459e93653a3bcb30c3a1b075ec198ad
    Size: 158.54 kB
  28. rh-php73-php-xmlrpc-7.3.33-1.el7.x86_64.rpm
    MD5: 3ca7f4c6ae870d3b38426d5c0c6f02af
    SHA-256: f00c7bf674e99460aa6b35933199a57be995b47ffa492b626a1830256e094cb2
    Size: 69.50 kB
  29. rh-php73-php-zip-7.3.33-1.el7.x86_64.rpm
    MD5: 88dea2b809abeff3d887445bac8709b0
    SHA-256: 04c3fe6af5746679e90c71eaac01afc1b1b3e0ccaab4e6253f113ea4255b808f
    Size: 90.08 kB