php:8.2 security update
エラータID: AXSA:2026-118:01
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
Security Fix(es):
* php: pgsql extension does not check for errors during escaping (CVE-2025-1735)
* php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix (CVE-2025-6491)
* php: PHP Hostname Null Character Vulnerability (CVE-2025-1220)
* php: heap-based buffer overflow in array_merge() (CVE-2025-14178)
* php: PHP: Information disclosure via getimagesize() function when reading multi-chunk images (CVE-2025-14177)
* php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement (CVE-2025-14180)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-1220
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.
CVE-2025-14177
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.
CVE-2025-14178
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation of element counts using zend_hash_num_elements(). This may lead to memory corruption or crashes and affect the integrity and availability of the target server.
CVE-2025-14180
In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server.
CVE-2025-1735
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.
CVE-2025-6491
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server.
Modularity name: "php"
Stream name: "8.2"
Update packages.
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation of element counts using zend_hash_num_elements(). This may lead to memory corruption or crashes and affect the integrity and availability of the target server.
In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server.
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid.
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server.
N/A
SRPMS
- php-pecl-apcu-5.1.23-1.module+el9+1126+0eff5f17.src.rpm
MD5: dd5b99eddf5bb3038886055f3f539629
SHA-256: 6b0a006106bc096acd6a9946dac7c2a94e62cefa024c862c438bfde5fb80f453
Size: 101.79 kB - php-pecl-rrd-2.0.3-4.module+el9+1126+0eff5f17.src.rpm
MD5: c9c4e55db001ad531014e9de86720298
SHA-256: ba403222d46d07602e504032b28f48ff8b5f322ec361a1cbe3377627d83ca255
Size: 29.67 kB - php-pecl-xdebug3-3.2.2-2.module+el9+1126+0eff5f17.src.rpm
MD5: 2b0790a5af160a4e9f2f845431a26d08
SHA-256: cb67fd2a9425695e6d868270535894d7af49b038c7d26ef8e1e77f168583f0a0
Size: 453.33 kB - php-pecl-zip-1.22.3-1.module+el9+1126+0eff5f17.src.rpm
MD5: 85c4f01222791f4e1d31d8c0a7e650c5
SHA-256: 8e5d454f652a7ee9f5ef4057fcd1b38911c509c2f267db4fa2d24321585546d0
Size: 365.30 kB - php-8.2.30-1.module+el9+1126+0eff5f17.src.rpm
MD5: 291d5fb4b3613b116597378859393836
SHA-256: 33f4677bb29ea2cd9c7e6cad3660c2a50d5c76ea7198bafe22d3ba3bfdcdd39d
Size: 11.72 MB
Asianux Server 9 for x86_64
- apcu-panel-5.1.23-1.module+el9+1126+0eff5f17.noarch.rpm
MD5: 36fd8921fffcc2d7f30420cfd6125080
SHA-256: 5a5be98281b3054738c93efd532cb94699ebc6b6de7235eee4180f5948b63ed1
Size: 18.22 kB - php-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 7f891ad12967044282e60d508165618f
SHA-256: 46a28ebb285eaddd4dd17e1c7477b14f2ff74b127fa68ccc6c427aef08677979
Size: 7.18 kB - php-bcmath-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 7e970323935eabe42b4e795835160bee
SHA-256: 4772c8aac4697fab90ff555b212b53d85efdae388362d55047c80625733a21bb
Size: 32.29 kB - php-cli-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: c855ff691801d8d990fc32ee4b4c606e
SHA-256: 5ecf0ae4b1102acc9bb4142100c4ea0d162762f338d9aed8f8e821d7a45e33c1
Size: 3.58 MB - php-common-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: af1f82e3c8257205a0a0860f8198d964
SHA-256: 1d44a10bf3e99ab6bd39702ae834ab4277479da5d115110cf9727fa2b9c4e453
Size: 719.75 kB - php-dba-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 00b8cb2ef31e54a1b96d5ccc18b58bd9
SHA-256: be6c824fa6cbb8adb7dd1c6cc16708e16ace9696adf138e6365d145bc49e07f4
Size: 31.54 kB - php-dbg-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: b856030a2684db63cdccefd5c2e169c7
SHA-256: 7586758eb7d67dbbfcf81eb14f1e633d7c3157447fa255693a6309cd818e2d06
Size: 1.86 MB - php-debugsource-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 7f315e6d5f545ac11100ada97aee6972
SHA-256: 7cdcf246fab2b61b7f22c849be90713c6d2242ab53e93f0738c84bd2b754b13a
Size: 4.28 MB - php-devel-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: f3a8d55ce63696bdc17ac915550327b2
SHA-256: c905a65fc4d3ee7234348bb1e7a934b906fff75eab5b382a84405fda3dc39304
Size: 773.97 kB - php-embedded-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: b1f89a287fc6215d22d5dc79507453e8
SHA-256: 9dd03775b6995fda204cca5aa9be4ef6a8c22bd529d064f65921bc1813797712
Size: 1.76 MB - php-enchant-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 7ca44fa1784d59fce86e694a36d0f0ee
SHA-256: 34192844005acc2bea06a95cfb28825349e155b16d9a5350a4ebec7de1cbe9bb
Size: 16.73 kB - php-ffi-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 0ce8e718afa115ef6095fc4101fd9eb3
SHA-256: 7d47807d8a67503a517095f20a654d34841ef9b8bb94b6baad3f76dfa82a0885
Size: 76.64 kB - php-fpm-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 3656084cb952b3894f33e6139a4a37d5
SHA-256: d63141db7d8ddd572f5a28fab434e6f410ba0b4c36ba03a2c0b94f8f5386ed10
Size: 1.85 MB - php-gd-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 5900e54c2469c2bd9aca22044db62d71
SHA-256: 2342e331bfa6d03f9d930ba32037193c8beaff15b9cbc398a90cae13ee1ceb1b
Size: 39.47 kB - php-gmp-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 88aaa5a24242f281bc8ae22af5dc3767
SHA-256: dd665f57cb4d48e68661fab4e557c096956d62f77f588942b4995301616fccd9
Size: 29.81 kB - php-intl-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 94b9ee99ed55ae41195cbffab6f9abd5
SHA-256: 23f31036bcfae96d25545ea0b5ebef3331e0ea6241f5862e6001767fd80f6033
Size: 165.54 kB - php-ldap-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 65f5fefb19b874908d38f8a6a9f56ee0
SHA-256: 4d79f412c54aecd919e24beb826679eb56f2df2e3126ea74cac9a57ad485f1db
Size: 40.65 kB - php-mbstring-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: d1b14cae709d35bc27ea639b9b906392
SHA-256: f403de60bdd62e76959f33d32e259821b7497fc2dbcb89801d7cb96f4a34592e
Size: 518.49 kB - php-mysqlnd-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 03cbb1ce04a6ebdfdbff7af5a840ab2d
SHA-256: 28e134b4a6332b253891a13c1109e3c88dcd7ca8af8f096c767d2f71a0811746
Size: 143.45 kB - php-odbc-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 05118b695ce2be5d356fd689bf69dc7c
SHA-256: 374112a56936bf1640713cdd16f7947c59428d7b0724f03393d53657fe66a1cb
Size: 44.65 kB - php-opcache-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 3d2144280b0abd8aadb3f1c91a6eaab4
SHA-256: 6a889897a5db03e89c91cbe66863edf002f43ec697681ef4ed73d5468f22957f
Size: 374.97 kB - php-pdo-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: c00f7ba1541e118da31cade98cad2287
SHA-256: ba48b6dcdf982d8dd2016f5b466a75b198821b025c181793b8e30cca58565119
Size: 83.82 kB - php-pecl-apcu-5.1.23-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 3cc8b1a47ca15158736aa0e3d6449928
SHA-256: 6d1b249e8c8856ae2ce651095c6c47779b87565470d91c2a7a761b98e15e8bb7
Size: 59.41 kB - php-pecl-apcu-debugsource-5.1.23-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 3af847b5e00700265ffdfb00710f327c
SHA-256: 478a24051d954636193aafcffa3d4bbdd521f3d668440e22be67a99763c36edd
Size: 52.55 kB - php-pecl-apcu-devel-5.1.23-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: c9f46771b770541013250fa68d5ba500
SHA-256: bf93f60a4a86fbc63eb0f01c8965f4e54dcbe331faeb288cd84c89bf75f8996c
Size: 61.63 kB - php-pecl-rrd-2.0.3-4.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 8e06e4aefb7d2ae0528a70c96462c677
SHA-256: 2b3f840b47c684d79d3d9f47bdf7e55a8f0234b1c988f7ea63e2670451629653
Size: 26.43 kB - php-pecl-rrd-debugsource-2.0.3-4.module+el9+1126+0eff5f17.x86_64.rpm
MD5: d480d5180cae99f8ccf2f134835a3006
SHA-256: df4cb36e8955f44bc823f85b43e4e1295fe682f5f2c55e7fb53f61d933d673d3
Size: 17.68 kB - php-pecl-xdebug3-3.2.2-2.module+el9+1126+0eff5f17.x86_64.rpm
MD5: ab687ec55663bd1e0a57df6b13655e2b
SHA-256: c17ca88eae026a79e00887ede7aa0ac429e48d5d90605c178639b09199be3470
Size: 200.34 kB - php-pecl-xdebug3-debugsource-3.2.2-2.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 8bd49c923df09cb8288d961734abc866
SHA-256: 3bf8676d4580c9f8a266ab06461428d46cc1eb7548f49d71095ce8a44d28e1db
Size: 156.86 kB - php-pecl-zip-1.22.3-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 2cd28a3e76bf4d47a85e0055c101a1c4
SHA-256: bf7587a508fc3d83bdfb59db652fed46b4e9870c1ca0c47b29ed9d3b3b6ceb08
Size: 63.16 kB - php-pecl-zip-debugsource-1.22.3-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: e60efe92373efb8a18057f953aae587b
SHA-256: e1d761fdd250068bba74a186fe42c82d4bfe6da2218d6084e6a2a723683f0bc6
Size: 30.84 kB - php-pgsql-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: e5eb96c868da29c868f0aca823768183
SHA-256: 4d805ba4f1cdcae9b32eae16728aae6b737cca7697224174ea4a35f089083db5
Size: 72.89 kB - php-process-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: fafc76fb3ae67987cb1b323ca0dc1d94
SHA-256: 0a492749a8f71d89602e001197c574d7ee68f73c728e7fe55cbe8f938595f115
Size: 39.23 kB - php-snmp-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 66bd49fe0d1ffad891eb3d654a1233a0
SHA-256: 3cf4ee5de1b85c671852cfc6dec1f572228e0f398bc80dc93439b43e4629c4a2
Size: 30.88 kB - php-soap-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 2aeb9eb463948604379a217231e712aa
SHA-256: 7cc2e82313b430b88bdc443dfd82287e9f7695e424cf75333cd0fe195a1b54d5
Size: 139.71 kB - php-xml-8.2.30-1.module+el9+1126+0eff5f17.x86_64.rpm
MD5: 4accd13c79396d0a328f91f26998253b
SHA-256: 22d0d79d4c22da770d017a5034af0055a8eb87151f73977078e008c8bfc1d0e4
Size: 143.25 kB