ALSA-2025:4263

See a problem?
Please try reporting it to the source first.

Source

https://errata.almalinux.org/9/ALSA-2025-4263.html

Import Source

https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:4263.json

JSON Data

https://api.test.osv.dev/v1/vulns/ALSA-2025:4263

Related

Published

2025-04-28T00:00:00Z

Modified

2025-04-29T07:32:58Z

Summary

Moderate: php:8.1 security update

Details

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

Security Fix(es):

php: Leak partial content of the heap through heap buffer over-read in mysqlnd (CVE-2024-8929)
php: Single byte overread with convert.quoted-printable-decode filter (CVE-2024-11233)
php: Configuring a proxy in a stream context might allow for CRLF injection in URIs (CVE-2024-11234)
php: Header parser of http stream wrapper does not handle folded headers (CVE-2025-1217)
php: Stream HTTP wrapper header check might omit basic auth header (CVE-2025-1736)
php: Streams HTTP wrapper does not fail for headers with invalid name and no colon (CVE-2025-1734)
php: libxml streams use wrong content-type header when requesting a redirected resource (CVE-2025-1219)
php: Stream HTTP wrapper truncates redirect location to 1024 bytes (CVE-2025-1861)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:9 / apcu-panel

Package

Name: apcu-panel
Purl: pkg:rpm/almalinux/apcu-panel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.1.21-1.module_el9.1.0+15+94ba28e4

AlmaLinux:9 / php

Package

Name: php
Purl: pkg:rpm/almalinux/php

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-bcmath

Package

Name: php-bcmath
Purl: pkg:rpm/almalinux/php-bcmath

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-cli

Package

Name: php-cli
Purl: pkg:rpm/almalinux/php-cli

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-common

Package

Name: php-common
Purl: pkg:rpm/almalinux/php-common

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-dba

Package

Name: php-dba
Purl: pkg:rpm/almalinux/php-dba

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-dbg

Package

Name: php-dbg
Purl: pkg:rpm/almalinux/php-dbg

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-devel

Package

Name: php-devel
Purl: pkg:rpm/almalinux/php-devel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-embedded

Package

Name: php-embedded
Purl: pkg:rpm/almalinux/php-embedded

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-enchant

Package

Name: php-enchant
Purl: pkg:rpm/almalinux/php-enchant

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-ffi

Package

Name: php-ffi
Purl: pkg:rpm/almalinux/php-ffi

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-fpm

Package

Name: php-fpm
Purl: pkg:rpm/almalinux/php-fpm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-gd

Package

Name: php-gd
Purl: pkg:rpm/almalinux/php-gd

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-gmp

Package

Name: php-gmp
Purl: pkg:rpm/almalinux/php-gmp

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-intl

Package

Name: php-intl
Purl: pkg:rpm/almalinux/php-intl

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-ldap

Package

Name: php-ldap
Purl: pkg:rpm/almalinux/php-ldap

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-mbstring

Package

Name: php-mbstring
Purl: pkg:rpm/almalinux/php-mbstring

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-mysqlnd

Package

Name: php-mysqlnd
Purl: pkg:rpm/almalinux/php-mysqlnd

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-odbc

Package

Name: php-odbc
Purl: pkg:rpm/almalinux/php-odbc

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-opcache

Package

Name: php-opcache
Purl: pkg:rpm/almalinux/php-opcache

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-pdo

Package

Name: php-pdo
Purl: pkg:rpm/almalinux/php-pdo

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-pecl-apcu

Package

Name: php-pecl-apcu
Purl: pkg:rpm/almalinux/php-pecl-apcu

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.1.21-1.module_el9.1.0+15+94ba28e4

AlmaLinux:9 / php-pecl-apcu-devel

Package

Name: php-pecl-apcu-devel
Purl: pkg:rpm/almalinux/php-pecl-apcu-devel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.1.21-1.module_el9.1.0+15+94ba28e4

AlmaLinux:9 / php-pecl-rrd

Package

Name: php-pecl-rrd
Purl: pkg:rpm/almalinux/php-pecl-rrd

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.3-4.module_el9.1.0+15+94ba28e4

AlmaLinux:9 / php-pecl-xdebug3

Package

Name: php-pecl-xdebug3
Purl: pkg:rpm/almalinux/php-pecl-xdebug3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.4-1.module_el9.1.0+15+94ba28e4

AlmaLinux:9 / php-pecl-zip

Package

Name: php-pecl-zip
Purl: pkg:rpm/almalinux/php-pecl-zip

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.20.1-1.module_el9.1.0+15+94ba28e4

AlmaLinux:9 / php-pgsql

Package

Name: php-pgsql
Purl: pkg:rpm/almalinux/php-pgsql

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-process

Package

Name: php-process
Purl: pkg:rpm/almalinux/php-process

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-snmp

Package

Name: php-snmp
Purl: pkg:rpm/almalinux/php-snmp

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-soap

Package

Name: php-soap
Purl: pkg:rpm/almalinux/php-soap

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd

AlmaLinux:9 / php-xml

Package

Name: php-xml
Purl: pkg:rpm/almalinux/php-xml

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.1.32-1.module_el9.5.0+156+9f1cd3fd