Download
| Alert*
oval:org.secpod.oval:def:108746
libzip is installed oval:org.secpod.oval:def:108595 mingw-libzip is installed oval:org.secpod.oval:def:1800535 libzip is installed oval:org.secpod.oval:def:507157 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocked * Archive_Tar: improper filename sanitization leads to file overwrites * Archive_Tar: directory trav ... oval:org.secpod.oval:def:113120 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:113681 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:1800534 CVE-2017-14107: Memory allocation failure in _zip_cdir_grow function; The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows attackers to cause a denial of service via a crafted ZIP archive. Fixed in: libzip 1.3.0 oval:org.secpod.oval:def:116127 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:116129 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:1506008 php-pear [1:1.10.13-1] - update PEAR to 1.10.13 - update Archive_Tar to 1.4.14 oval:org.secpod.oval:def:2500809 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:108745 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:108653 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:108594 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:108751 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:4501183 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:507745 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a "__Hos ... oval:org.secpod.oval:def:507536 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:1506435 php [8.0.27-1] - rebase to 8.0.27 oval:org.secpod.oval:def:2500941 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1506755 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support [1.5.2-1] - update to 1.5.2 - add all explicit cmake options to ensure openssl is used even in local build with other lilbraries available [1.5.1-1] - update to 1.5.1 - drop dependency on zlib-devel and bzip2-devel no more referenced in libzip ... oval:org.secpod.oval:def:2500206 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1505671 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support php-pear [1:1.10.12-1] - update PEAR to 1.10.12 - update Archive_Tar to 1.4.9 - update Console_Getopt to 1.4.3 - update XML_Util to 1.4.5 php-pecl-apcu [5.1.18-1] - update to 5.1.18 php-pecl-rrd php-pecl-xdebug [2.9.5-1] - update to 2.9.5 php- ... oval:org.secpod.oval:def:2500031 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1503030 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:507128 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: uninitialized array in pg_query_params leading to RCE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to th ... oval:org.secpod.oval:def:507308 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Use after free due to php_filter_float failing for ints * php: Uninitialized array in pg_query_params leading to R ... oval:org.secpod.oval:def:2500733 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1505215 libzip php [7.4.19-1] - rebase to 7.4.19 #1944110 oval:org.secpod.oval:def:1505314 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505838 php [7.4.19-3] - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 oval:org.secpod.oval:def:2500993 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1505810 php [8.0.13-3] - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 oval:org.secpod.oval:def:2500033 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:2500879 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:2500878 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1506193 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support php [7.4.30-1] - rebase to 7.4.30 #2099615 [7.4.19-3] - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 [7.4.19-2] - fix SSRF bypass in FILTER_VALIDATE_URL CVE-2021-21705 - fix Local privilege escalation ... oval:org.secpod.oval:def:507332 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php , php-pear . Security Fix: * php: Special character breaks path in xml parsing * php: Use after free due to php_filter_float failing for ... oval:org.secpod.oval:def:1506191 libzip [1.7.3-1] - update to 1.7.3 php-pecl-apcu [5.1.20-1] - update to 5.1.20 php-pecl-rrd [2.0.3-1] - update to 2.0.3 php-pecl-xdebug3 [3.1.2-1] - update to 3.1.2 rhbz#2030322 oval:org.secpod.oval:def:4501298 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV * php: FILTER_VALIDATE_URL accepts URLs with invalid ... oval:org.secpod.oval:def:2500164 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:1505984 php [7.4.19-4] - fix uninitialized array in pg_query_params leading to RCE CVE-2022-31625 oval:org.secpod.oval:def:4500931 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: * php: Local privilege escalation via PHP-FPM * php: SSRF bypass in FILTER_VALIDATE_URL For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:2500743 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:66572 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers * php: Buffer over-read in exif_read_data ... |