php:8.0 security update
エラータID: AXSA:2022-3754:01
リリース日:
2022/08/30 Tuesday - 04:05
題名:
php:8.0 security update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- php の mysqlnd ドライバーの pdo_mysql 拡張機能には、
第三者にホストへの接続用パスワードの設定を許可している
場合、長過ぎるパスワードによってバッファオーバーフローが
発生する問題があるため、リモートの攻撃者により長過ぎる
パスワードを介して任意のコード実行を可能とする脆弱性が
存在します。(CVE-2022-31626)
Modularity name: php
Stream name: 8.0
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-31626
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.
追加情報:
N/A
ダウンロード:
SRPMS
- libzip-1.7.3-1.module+el8+1502+82b55823.src.rpm
MD5: 9baf39617d24ee8fb9e73080c82c25db
SHA-256: d59a4fb203c4c7d6bcb57d0c3c9ab81996cb49525ae089330a41548e29a06c4a
Size: 746.88 kB - php-pear-1.10.13-1.module+el8+1502+82b55823.src.rpm
MD5: 1f62dd2a64e150eb39534654acff29c4
SHA-256: e62e42f1ee3e8fadc4dc5eef23581af1c292bdfcd891d9f148d73de3c5db3a88
Size: 380.40 kB - php-pecl-apcu-5.1.20-1.module+el8+1502+82b55823.src.rpm
MD5: 27fe7193a2b4f80086f3e62ba45f3dfe
SHA-256: 9aab5b1d8d24b497d12d1d1ae9fdc6f6b400a2468d5d4230e1cd635ee72047e0
Size: 109.60 kB - php-pecl-rrd-2.0.3-1.module+el8+1502+82b55823.src.rpm
MD5: f61a14419bfe46714779320e78e1d436
SHA-256: ed3fda3462d19d97dc429dacfb2c588482ce49a5f5cd2ace5f264d8614618cec
Size: 33.67 kB - php-pecl-xdebug3-3.1.2-1.module+el8+1502+82b55823.src.rpm
MD5: 81fec75004a294a241585f5979124ad2
SHA-256: 03fa30a97109440e35ab6f93b17599b963db39cb3173386fb2ef4e0809a25c67
Size: 481.11 kB - php-pecl-zip-1.19.2-1.module+el8+1502+82b55823.src.rpm
MD5: a566b3c265e5f5d75e829f9dd162d6a6
SHA-256: c9b2557ef5fca4963ad887df23ad5f27fabccef25a3347cef6eddb823190a6ae
Size: 331.43 kB - php-8.0.13-3.module+el8+1502+82b55823.src.rpm
MD5: 4b07430abe2f377df70191d248a9f6c8
SHA-256: 24fe20ebc5845743fc227cd995abedc98bc953ad75c13824cceb379f36c53422
Size: 10.51 MB
Asianux Server 8 for x86_64
- libzip-1.7.3-1.module+el8+1502+82b55823.x86_64.rpm
MD5: 6b9edbaeddb149b9f80ff76bfa49afa8
SHA-256: 7dad9fc91ed3a8f06929d31581fb23f49e15c78c18805b2b0f1b7eab42940e82
Size: 66.01 kB - libzip-debugsource-1.7.3-1.module+el8+1502+82b55823.x86_64.rpm
MD5: 9ef9c93047d60e4c3c53ca527ff77f05
SHA-256: 4f93031294a5e924913b0ecb3e59cdd28b23d3f00fe1631da9acf0b5ed2cbd2f
Size: 104.79 kB - libzip-devel-1.7.3-1.module+el8+1502+82b55823.x86_64.rpm
MD5: 35e83432ab153530b0870debb9ae6ef7
SHA-256: e0051c6533cbafd40838b31d4b09cf0495a10118091e91ca94d4cd03190659f3
Size: 188.54 kB - libzip-tools-1.7.3-1.module+el8+1502+82b55823.x86_64.rpm
MD5: c65beec23431192ad00e6a9d92d53ef2
SHA-256: 24512fda25ee647dd0364097d8f6f81ee5daebc05ddb8c935915be0170b2fdc6
Size: 43.14 kB - php-pear-1.10.13-1.module+el8+1502+82b55823.noarch.rpm
MD5: 95c166843fede6109207cff4f6eb0660
SHA-256: 59b7c7fc912786b05eb3e10378ca59eff1bff9b4f7bfd8088847dab56c893ab9
Size: 360.49 kB - apcu-panel-5.1.20-1.module+el8+1502+82b55823.noarch.rpm
MD5: ac790415e28b895fddc81295414f5912
SHA-256: 052a2e96fd1603a97613858898a871044d100d86479ee22be86be2663728c641
Size: 22.34 kB - php-pecl-apcu-5.1.20-1.module+el8+1502+82b55823.x86_64.rpm
MD5: e21d441e6e948b8fb6fc999700d17a4d
SHA-256: 15feb6d0ea0d22d3ccc7660daa86bf3cf0dd2aa4f399a9c59356e4e252f9f3b9
Size: 64.08 kB - php-pecl-apcu-debugsource-5.1.20-1.module+el8+1502+82b55823.x86_64.rpm
MD5: 34adf983fd8cc463fd35e640801fccbe
SHA-256: 9eb80074eb9f11231e6c02a95646471abc5d849d12cd7e70b9c4fb6ae8da0362
Size: 50.23 kB - php-pecl-apcu-devel-5.1.20-1.module+el8+1502+82b55823.x86_64.rpm
MD5: 7742a3827c8b32f04fcb6c7fca7181b3
SHA-256: a35c41c1aaaeec2c4fbb05b0d854a49096e45af74f5767aafe1f2f5367e2e5a1
Size: 47.51 kB - php-pecl-rrd-2.0.3-1.module+el8+1502+82b55823.x86_64.rpm
MD5: cc1cc4755c587909170d97b369fdd569
SHA-256: 8b4f33ce6526c186a72d41c415d06565d8ae664ac91c8dfc684833b15a213299
Size: 30.65 kB - php-pecl-rrd-debugsource-2.0.3-1.module+el8+1502+82b55823.x86_64.rpm
MD5: 0cdc96805c3d98ea33f1d69d161cf2e6
SHA-256: b4211340a00bdde08b66fb32f69350968283c325f2b89e8db6fb2be422b148d9
Size: 22.49 kB - php-pecl-xdebug3-3.1.2-1.module+el8+1502+82b55823.x86_64.rpm
MD5: 2ea6f70b9b785d73833529d689797e8c
SHA-256: cf2a1c5c85a95d9d8e12b701547f71e526e504c293bac142e6a11f57760b33d8
Size: 202.67 kB - php-pecl-xdebug3-debugsource-3.1.2-1.module+el8+1502+82b55823.x86_64.rpm
MD5: 458128cfc0f827b89843d747f6600b67
SHA-256: b74b83ec21cb5de775c0025fcb328b9dd846af429bc7fba33044f16b1288c9f5
Size: 155.90 kB - php-pecl-zip-1.19.2-1.module+el8+1502+82b55823.x86_64.rpm
MD5: 8049318d9992d7034f5516e3243fb383
SHA-256: 20a2c3bf16ba9afb1d52a370b48c6dd6d1629c8d72cfbb37df68825b8398cf50
Size: 55.29 kB - php-pecl-zip-debugsource-1.19.2-1.module+el8+1502+82b55823.x86_64.rpm
MD5: 06d36753dc36e8a1dcb2aa7a81fa44a3
SHA-256: 8477ec9df7270c2e3009e8b43e8c11ba4db0ecead222e94f6bff6105f0b0682c
Size: 31.52 kB - php-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 217ac4df79d90fafdff478b73754794f
SHA-256: 9a964b67029c40563488a37af6d02f6e4a243d054dac6f6e494147036a7186fd
Size: 1.55 MB - php-bcmath-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: e3badb636dbc2aa1a3e83a693b02732c
SHA-256: dc39059a57d6c2fdfed8beb1d754c7a5f742f6df9041350cc5ecb5e351d11d73
Size: 79.31 kB - php-cli-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 4926dfb13aa176373b675d07e8200228
SHA-256: 7486e754525c21d6f666e62760df740663a9de488257371aa9bc62e99f7905fb
Size: 3.13 MB - php-common-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 04128a7ce99354958523ea11b05b975c
SHA-256: eccff9689313413f33b2e7e3af943a58f079db77e4696f3d10e07730d384a9ed
Size: 718.95 kB - php-dba-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 95a4d52635b50a80ac3c588924515c2e
SHA-256: 366ffb054fff6496f8734060bf582c2839467e8ddc74955489f08feba9cce749
Size: 77.86 kB - php-dbg-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 81e7c9df77f88b7a8f63f43937acbf93
SHA-256: 2ab3a6e004cd991407564b8b2c0a200d34719f9be6f6ee81978c3606c09c89b2
Size: 1.65 MB - php-debugsource-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 680649423f0989fd987e0cc5b6d8f5fc
SHA-256: 9bf8605d400aea085368188c074eeeef3ae9a1597589345996ae01663ae3bc65
Size: 4.28 MB - php-devel-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: ea32e2bc7c1de3aa8422cc129de68fc2
SHA-256: 0a9bf19a9087ec9c6eadf95cad628a31252405df4d336df47323aceb24e4a54b
Size: 771.28 kB - php-embedded-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: c282e8fdac0fcd836d55f8bf53abca35
SHA-256: 5d69bbe8a32d41c8cf3e64590b86adeb990ab8a683df0a0458b239bb61a9fd22
Size: 1.54 MB - php-enchant-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 68a3036a316bbc62418402261dfef3bf
SHA-256: 48b5ffdb7edc260aa7a51e1e9c7fff93ba7a26c6fbac5d855998573071c8accb
Size: 63.92 kB - php-ffi-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 941234127e9494c8eabffff56fb71476
SHA-256: 25f10120c3abbcc4c32638d06e5764b9b1f768cb2a4d59ed49985ee25c28b4dc
Size: 115.82 kB - php-fpm-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 0ffbdd5cc29c53a157a47c4786e4ebe0
SHA-256: 96dfb6d9aee9e7e80eac20fa9bdd0666055540b9de9c8b0e64ccb9a38f6da771
Size: 1.63 MB - php-gd-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: cf7ec9a5fc2fa0b882c22eaeb78ab3fe
SHA-256: 216984a8af3ca852b7ab196a7658b8e7e2bea313a769d916d0f7e5f8fd3f9689
Size: 84.15 kB - php-gmp-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 7dabdb80af4814ee006ba4f81d807684
SHA-256: a646bad08476b9899c7fbede8f25a61ea62620dc4d4565673f3e733888296caa
Size: 76.83 kB - php-intl-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: a8c258f624d75cc1f9dfed8c4abb5f0e
SHA-256: 807a353c47941a629a10d7acbd93f9d659f2cbc38c79cb63d631f53fd58df99d
Size: 190.34 kB - php-ldap-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 39256454a33c4576fb85dac698defb09
SHA-256: 6915556f496f54af98bee42f1866e8189236678054f8d5d3313dc82b2fc252c8
Size: 84.11 kB - php-mbstring-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 3c4dab97144e20934c4e0637b9efc418
SHA-256: e9093767131da8d0477b58209d009d4158e93cdb0a848464e38c4c3fe4f02308
Size: 480.82 kB - php-mysqlnd-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 948bf7639b708c854476062eed283f6e
SHA-256: e8876fc82c26d690c72bfc0da008ee082560e385e87ba8087ddc537eef794c26
Size: 191.56 kB - php-odbc-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: ee88e29e2b6ff74c5bba68a9ab76991d
SHA-256: 2b99cf2cf92fa77921f3685d7439090ed298a4c89d71e2e8d57ccd5d3088db04
Size: 88.57 kB - php-opcache-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 03d72f7ffa88d9c3e48e6ebfc0af96af
SHA-256: 48cecceb0d4e839731bb502ce36b984c5e63f6b489d49f4943fd8e464248babc
Size: 542.75 kB - php-pdo-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 8116a9a582a1ca31be0447ceee492ee8
SHA-256: 54e967f1ab91f9fa0a5f6d7b891d841770f5e96bdc61b2dc0074dda78ebac97a
Size: 125.59 kB - php-pgsql-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 0ec7083b55fcf6a495cc99d868fe3640
SHA-256: 91d7a740af0076f56ddc9bdd4d7772f566cdff807cd8892575cccf1fdd754976
Size: 117.38 kB - php-process-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 1807078941cc6b1186f195029e1436be
SHA-256: 88c21f08e0aad3dd5dcdeb2cf839492825e3de18e246ca3a56579f5dcb9ae566
Size: 85.68 kB - php-snmp-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: acf2e9a09f28ece00ce00690174c71fd
SHA-256: f14c1a630fb189ac359eaedc68e75f14ac6814232d60369ec3dddcb32c0b0ba3
Size: 75.28 kB - php-soap-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: d5ec0142cebc4c2c0384e8a327c0b78d
SHA-256: aa8d1e8768379a37ba6da46f09b0c760790396d00e0a357d65c800499d00418e
Size: 175.86 kB - php-xml-8.0.13-3.module+el8+1502+82b55823.x86_64.rpm
MD5: 1dd55980a662189c7fade4d8cb37113d
SHA-256: dc76b9659a22a415ca06c35cdd719768f5eb2e5b4ab6b82d035cea7ab8d7a51b
Size: 174.40 kB
English