Updated php packages fix security vulnerabilities
Publication date: 10 Jul 2021Modification date: 10 Jul 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-21704 , CVE-2021-21705
Description
Updated php packages provides upstream 8.0.8 and fixes the following security vulnerabilities: - PDO_Firebird: * Fix Stack buffer overflow in firebird_info_cb (CVE-2021-21704). * Fix SIGSEGV in firebird_handle_doer (CVE-2021-21704). * Fix SIGSEGV in firebird_stmt_execute (CVE-2021-21704). * Fix Crash while parsing blob data in firebird_fetch_blob (CVE-2021-21704) - Fix SSRF bypass in FILTER_VALIDATE_URL (CVE-2021-21705). For other fixes in this update, see the referenced Changelog.
References
SRPMS
8/core
- php-8.0.8-1.1.mga8