Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

php-xml-8.0.30-3.el9_6 RPM for x86_64

From AlmaLinux 9.6 AppStream for x86_64

Name: php-xml Distribution: AlmaLinux
Version: 8.0.30 Vendor: AlmaLinux
Release: 3.el9_6 Build date: Tue May 13 21:33:02 2025
Group: Unspecified Build host: x64-builder01.almalinux.org
Size: 424998 Source RPM: php-8.0.30-3.el9_6.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: http://www.php.net/
Summary: A module for PHP applications which use XML
 
The php-xml package contains dynamic shared objects which add support
to PHP for manipulating XML documents using the DOM tree,
and performing XSL transformations on XML documents.

Provides

Requires

License

PHP

Changelog

* Thu Mar 13 2025 Remi Collet <rcollet@redhat.com> - 8.0.30-3
  - Fix libxml streams use wrong `content-type` header when requesting a redirected resource
    CVE-2025-1219
  - Fix Stream HTTP wrapper header check might omit basic auth header
    CVE-2025-1736
  - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
    CVE-2025-1861
  - Fix Streams HTTP wrapper does not fail for headers without colon
    CVE-2025-1734
  - Fix Header parser of `http` stream wrapper does not handle folded headers
    CVE-2025-1217
* Tue Jan 21 2025 Remi Collet <rcollet@redhat.com> - 8.0.30-2
  - Fix Leak partial content of the heap through heap buffer over-read
    CVE-2024-8929
  - Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
    CVE-2024-11234
  - Fix Single byte overread with convert.quoted-printable-decode filter
    CVE-2024-11233
  - Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
    CVE-2024-8927
  - Fix Logs from childrens may be altered
    CVE-2024-9026
  - Fix Erroneous parsing of multipart form data
    CVE-2024-8925
  - Fix filter bypass in filter_var FILTER_VALIDATE_URL
    CVE-2024-5458
  - Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
    CVE-2024-2756
  - Fix password_verify can erroneously return true opening ATO risk
    CVE-2024-3096
* Fri Oct 06 2023 Remi Collet <rcollet@redhat.com> - 8.0.30-1
  - rebase to 8.0.30
  - Resolves: RHEL-11946

Files

/etc/php.d/20-dom.ini
/etc/php.d/20-simplexml.ini
/etc/php.d/20-xml.ini
/etc/php.d/20-xmlwriter.ini
/etc/php.d/20-xsl.ini
/etc/php.d/30-xmlreader.ini
/usr/lib/.build-id
/usr/lib/.build-id/18
/usr/lib/.build-id/18/e637f56dc79b97f6b1e0a040b3f0e5326aef14
/usr/lib/.build-id/63
/usr/lib/.build-id/63/be2a36791d6be663644d2abe3c92d74e07d63f
/usr/lib/.build-id/79
/usr/lib/.build-id/79/9a64d23bed75cbe985c46ea39f4ee58c220973
/usr/lib/.build-id/82
/usr/lib/.build-id/82/971fabfa69f3a6091b14a1c6d49adccab3a83a
/usr/lib/.build-id/aa
/usr/lib/.build-id/aa/81eb485b915c8fb66ee88e924b3ec241520baf
/usr/lib/.build-id/d7
/usr/lib/.build-id/d7/0777bbfb47cae3b08d5eae64ecd241c39797b2
/usr/lib64/php/modules/dom.so
/usr/lib64/php/modules/simplexml.so
/usr/lib64/php/modules/xml.so
/usr/lib64/php/modules/xmlreader.so
/usr/lib64/php/modules/xmlwriter.so
/usr/lib64/php/modules/xsl.so

Generated by rpm2html 1.8.1

Fabrice Bellet, Sun May 18 03:02:58 2025