Remi's RPM repository - Packages

Blog | Support | Repository | Wizard

php - PHP scripting language for creating dynamic web sites

Website:
http://www.php.net/
Licence:
PHP and Zend and BSD and MIT and ASL 1.0 and NCSA
Vendor:
Remi's RPM repository <https://rpms.remirepo.net/> #StandWithUkraine
Description:
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

Packages

php-7.2.34-25.el8.remi.aarch64 [1.4 MiB] Changelog by Remi Collet (2024-11-26):
- Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
  GHSA-4w77-75f9-2c8w
- Fix OOB access in ldap_escape
  CVE-2024-8932
- Fix Integer overflow in the dblib/firebird quoter causing OOB writes
  CVE-2024-11236
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
  CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
  CVE-2024-11233
php-7.2.34-24.el8.remi.aarch64 [1.4 MiB] Changelog by Remi Collet (2024-09-26):
- Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
  CVE-2024-4577
- Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
  CVE-2024-8926
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
  CVE-2024-8927
- Fix Erroneous parsing of multipart form data
  CVE-2024-8925