Updated php packages fix security vulnerabilities
Publication date: 05 Jul 2025Modification date: 05 Jul 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-1735 , CVE-2025-6491 , CVE-2025-1220
Description
PGSQL: Fixed GHSA-hrwm-9436-5mv3 (pgsql extension does not check for errors during escaping). (CVE-2025-1735) SOAP: Fixed GHSA-453j-q27h-5p8x (NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix). (CVE-2025-6491) Standard: Fixed GHSA-3cr5-j632-f35r (Null byte termination in hostnames). (CVE-2025-1220)
References
SRPMS
9/core
- php-8.2.29-1.mga9