Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.4161 Critical: php:7.2 and php:7.3 security update 7 November 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: php Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 8 Red Hat Enterprise Linux WS/Desktop 8 Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2019-11043 Reference: ESB-2019.4077 ESB-2019.4051 ESB-2019.4042 ESB-2019.4021 ESB-2019.4014 Original Bulletin: https://access.redhat.com/errata/RHSA-2019:3735 https://access.redhat.com/errata/RHSA-2019:3736 Comment: This bulletin contains two (2) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Critical: php:7.2 security update Advisory ID: RHSA-2019:3735-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3735 Issue date: 2019-11-06 CVE Names: CVE-2019-11043 ===================================================================== 1. Summary: An update for the php:7.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1766378 - CVE-2019-11043 php: underflow in env_path_info in fpm_main.c 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: libzip-1.5.1-2.module+el8.1.0+3202+af5476b9.src.rpm php-7.2.11-4.module+el8.1.0+4555+f5cb8e18.src.rpm php-pear-1.10.5-9.module+el8.1.0+3202+af5476b9.src.rpm php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9.src.rpm php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f.src.rpm aarch64: libzip-1.5.1-2.module+el8.1.0+3202+af5476b9.aarch64.rpm libzip-debuginfo-1.5.1-2.module+el8.1.0+3202+af5476b9.aarch64.rpm libzip-debugsource-1.5.1-2.module+el8.1.0+3202+af5476b9.aarch64.rpm libzip-devel-1.5.1-2.module+el8.1.0+3202+af5476b9.aarch64.rpm libzip-tools-1.5.1-2.module+el8.1.0+3202+af5476b9.aarch64.rpm libzip-tools-debuginfo-1.5.1-2.module+el8.1.0+3202+af5476b9.aarch64.rpm php-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-bcmath-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-bcmath-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-cli-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-cli-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-common-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-common-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-dba-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-dba-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-dbg-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-dbg-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-debugsource-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-devel-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-embedded-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-embedded-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-enchant-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-enchant-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-fpm-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-fpm-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-gd-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-gd-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-gmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-gmp-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-intl-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-intl-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-json-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-json-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-ldap-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-ldap-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-mbstring-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-mbstring-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-mysqlnd-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-mysqlnd-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-odbc-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-odbc-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-opcache-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-opcache-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-pdo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-pdo-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9.aarch64.rpm php-pecl-apcu-debuginfo-5.1.12-2.module+el8.1.0+3202+af5476b9.aarch64.rpm php-pecl-apcu-debugsource-5.1.12-2.module+el8.1.0+3202+af5476b9.aarch64.rpm php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9.aarch64.rpm php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f.aarch64.rpm php-pecl-zip-debuginfo-1.15.3-1.module+el8.1.0+3186+20164e6f.aarch64.rpm php-pecl-zip-debugsource-1.15.3-1.module+el8.1.0+3186+20164e6f.aarch64.rpm php-pgsql-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-pgsql-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-process-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-process-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-recode-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-recode-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-snmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-snmp-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-soap-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-soap-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-xml-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-xml-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-xmlrpc-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm php-xmlrpc-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.aarch64.rpm noarch: apcu-panel-5.1.12-2.module+el8.1.0+3202+af5476b9.noarch.rpm php-pear-1.10.5-9.module+el8.1.0+3202+af5476b9.noarch.rpm ppc64le: libzip-1.5.1-2.module+el8.1.0+3202+af5476b9.ppc64le.rpm libzip-debuginfo-1.5.1-2.module+el8.1.0+3202+af5476b9.ppc64le.rpm libzip-debugsource-1.5.1-2.module+el8.1.0+3202+af5476b9.ppc64le.rpm libzip-devel-1.5.1-2.module+el8.1.0+3202+af5476b9.ppc64le.rpm libzip-tools-1.5.1-2.module+el8.1.0+3202+af5476b9.ppc64le.rpm libzip-tools-debuginfo-1.5.1-2.module+el8.1.0+3202+af5476b9.ppc64le.rpm php-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-bcmath-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-bcmath-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-cli-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-cli-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-common-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-common-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-dba-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-dba-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-dbg-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-dbg-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-debugsource-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-devel-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-embedded-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-embedded-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-enchant-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-enchant-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-fpm-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-fpm-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-gd-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-gd-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-gmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-gmp-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-intl-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-intl-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-json-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-json-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-ldap-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-ldap-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-mbstring-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-mbstring-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-mysqlnd-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-mysqlnd-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-odbc-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-odbc-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-opcache-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-opcache-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-pdo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-pdo-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9.ppc64le.rpm php-pecl-apcu-debuginfo-5.1.12-2.module+el8.1.0+3202+af5476b9.ppc64le.rpm php-pecl-apcu-debugsource-5.1.12-2.module+el8.1.0+3202+af5476b9.ppc64le.rpm php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9.ppc64le.rpm php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f.ppc64le.rpm php-pecl-zip-debuginfo-1.15.3-1.module+el8.1.0+3186+20164e6f.ppc64le.rpm php-pecl-zip-debugsource-1.15.3-1.module+el8.1.0+3186+20164e6f.ppc64le.rpm php-pgsql-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-pgsql-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-process-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-process-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-recode-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-recode-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-snmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-snmp-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-soap-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-soap-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-xml-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-xml-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-xmlrpc-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm php-xmlrpc-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.ppc64le.rpm s390x: libzip-1.5.1-2.module+el8.1.0+3202+af5476b9.s390x.rpm libzip-debuginfo-1.5.1-2.module+el8.1.0+3202+af5476b9.s390x.rpm libzip-debugsource-1.5.1-2.module+el8.1.0+3202+af5476b9.s390x.rpm libzip-devel-1.5.1-2.module+el8.1.0+3202+af5476b9.s390x.rpm libzip-tools-1.5.1-2.module+el8.1.0+3202+af5476b9.s390x.rpm libzip-tools-debuginfo-1.5.1-2.module+el8.1.0+3202+af5476b9.s390x.rpm php-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-bcmath-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-bcmath-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-cli-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-cli-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-common-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-common-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-dba-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-dba-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-dbg-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-dbg-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-debugsource-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-devel-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-embedded-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-embedded-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-enchant-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-enchant-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-fpm-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-fpm-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-gd-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-gd-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-gmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-gmp-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-intl-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-intl-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-json-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-json-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-ldap-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-ldap-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-mbstring-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-mbstring-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-mysqlnd-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-mysqlnd-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-odbc-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-odbc-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-opcache-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-opcache-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-pdo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-pdo-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9.s390x.rpm php-pecl-apcu-debuginfo-5.1.12-2.module+el8.1.0+3202+af5476b9.s390x.rpm php-pecl-apcu-debugsource-5.1.12-2.module+el8.1.0+3202+af5476b9.s390x.rpm php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9.s390x.rpm php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f.s390x.rpm php-pecl-zip-debuginfo-1.15.3-1.module+el8.1.0+3186+20164e6f.s390x.rpm php-pecl-zip-debugsource-1.15.3-1.module+el8.1.0+3186+20164e6f.s390x.rpm php-pgsql-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-pgsql-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-process-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-process-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-recode-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-recode-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-snmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-snmp-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-soap-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-soap-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-xml-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-xml-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-xmlrpc-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm php-xmlrpc-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.s390x.rpm x86_64: libzip-1.5.1-2.module+el8.1.0+3202+af5476b9.x86_64.rpm libzip-debuginfo-1.5.1-2.module+el8.1.0+3202+af5476b9.x86_64.rpm libzip-debugsource-1.5.1-2.module+el8.1.0+3202+af5476b9.x86_64.rpm libzip-devel-1.5.1-2.module+el8.1.0+3202+af5476b9.x86_64.rpm libzip-tools-1.5.1-2.module+el8.1.0+3202+af5476b9.x86_64.rpm libzip-tools-debuginfo-1.5.1-2.module+el8.1.0+3202+af5476b9.x86_64.rpm php-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-bcmath-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-bcmath-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-cli-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-cli-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-common-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-common-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-dba-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-dba-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-dbg-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-dbg-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-debugsource-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-devel-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-embedded-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-embedded-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-enchant-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-enchant-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-fpm-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-fpm-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-gd-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-gd-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-gmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-gmp-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-intl-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-intl-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-json-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-json-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-ldap-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-ldap-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-mbstring-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-mbstring-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-mysqlnd-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-mysqlnd-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-odbc-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-odbc-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-opcache-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-opcache-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-pdo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-pdo-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9.x86_64.rpm php-pecl-apcu-debuginfo-5.1.12-2.module+el8.1.0+3202+af5476b9.x86_64.rpm php-pecl-apcu-debugsource-5.1.12-2.module+el8.1.0+3202+af5476b9.x86_64.rpm php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9.x86_64.rpm php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f.x86_64.rpm php-pecl-zip-debuginfo-1.15.3-1.module+el8.1.0+3186+20164e6f.x86_64.rpm php-pecl-zip-debugsource-1.15.3-1.module+el8.1.0+3186+20164e6f.x86_64.rpm php-pgsql-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-pgsql-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-process-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-process-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-recode-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-recode-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-snmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-snmp-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-soap-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-soap-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-xml-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-xml-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-xmlrpc-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm php-xmlrpc-debuginfo-7.2.11-4.module+el8.1.0+4555+f5cb8e18.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-11043 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXcLPVNzjgjWX9erEAQglVg//egOZloQij6ry/q3iKjhzOJ9Qx8fgBUmb R7xak0SQ2hGJewHNv7UyndSsIWEwan2L2KNF9euf+qrxnK29eJFy1L7IWUMjkmgy SGXlQmi7pdrdJFndgPnlTGw6Mum26jmSrzHtuUmdxzjQyGXrwvDV95SuCllqjeHQ MWuhSRBphw7FlVSz+TgoASrgg7GH58QUAftOFW/+ug765y/LNVLE1AdTQkTBCY9/ m+Zts5r4p6XkUq7jwnFW41RimtwxS5RBDup0aFqTu9gxk63lVCp5Gmo6C9dTv5Q1 rONHGhrIF4b19bcxIN3aglUCt/p+K56D9fHHrMsHZr64kEWFpdfT1Jvd/Em1iYL3 HNlgmP8KZI/tsGiz2d8DCYh5sGwPOvRHEkiTaYysbz2CR6hGooZNTfTwqdX7EotL yW9SrSr7YZx2mEYp8iqc6IJoBHFDbCt+3JFeaC5uUZQSM0ANhtdjKH/LSmEiq1k4 YYDzaiSI9Ag6eS6h2mllVR8beJIX+bANaBFp22LmOBxCaB5o7RUqyAn/R7YDJy5r QOvsgUE08gFKm9eRDif+rvrVpwdDLSURauCIVdgrF3WoTPzGQKTP9Ltm1k+Di8XE EXREiicCpjMheHPJLlADk7pNfA7+T4xuxqpM27+Gr0tEX9E0eOO4Msc2dsLKJA9r OJCFMNbw5hU= =nrum - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Critical: php:7.3 security update Advisory ID: RHSA-2019:3736-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3736 Issue date: 2019-11-06 CVE Names: CVE-2019-11043 ===================================================================== 1. Summary: An update for the php:7.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1766378 - CVE-2019-11043 php: underflow in env_path_info in fpm_main.c 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: libzip-1.5.2-1.module+el8.1.0+3189+a1bff096.src.rpm php-7.3.5-5.module+el8.1.0+4560+e0eee7d6.src.rpm php-pear-1.10.9-1.module+el8.1.0+3189+a1bff096.src.rpm php-pecl-apcu-5.1.17-1.module+el8.1.0+3189+a1bff096.src.rpm php-pecl-zip-1.15.4-1.module+el8.1.0+3189+a1bff096.src.rpm aarch64: libzip-1.5.2-1.module+el8.1.0+3189+a1bff096.aarch64.rpm libzip-debuginfo-1.5.2-1.module+el8.1.0+3189+a1bff096.aarch64.rpm libzip-debugsource-1.5.2-1.module+el8.1.0+3189+a1bff096.aarch64.rpm libzip-devel-1.5.2-1.module+el8.1.0+3189+a1bff096.aarch64.rpm libzip-tools-1.5.2-1.module+el8.1.0+3189+a1bff096.aarch64.rpm libzip-tools-debuginfo-1.5.2-1.module+el8.1.0+3189+a1bff096.aarch64.rpm php-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-bcmath-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-bcmath-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-cli-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-cli-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-common-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-common-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-dba-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-dba-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-dbg-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-dbg-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-debugsource-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-devel-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-embedded-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-embedded-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-enchant-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-enchant-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-fpm-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-fpm-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-gd-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-gd-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-gmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-gmp-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-intl-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-intl-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-json-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-json-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-ldap-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-ldap-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-mbstring-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-mbstring-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-mysqlnd-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-mysqlnd-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-odbc-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-odbc-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-opcache-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-opcache-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-pdo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-pdo-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-pecl-apcu-5.1.17-1.module+el8.1.0+3189+a1bff096.aarch64.rpm php-pecl-apcu-debuginfo-5.1.17-1.module+el8.1.0+3189+a1bff096.aarch64.rpm php-pecl-apcu-debugsource-5.1.17-1.module+el8.1.0+3189+a1bff096.aarch64.rpm php-pecl-apcu-devel-5.1.17-1.module+el8.1.0+3189+a1bff096.aarch64.rpm php-pecl-zip-1.15.4-1.module+el8.1.0+3189+a1bff096.aarch64.rpm php-pecl-zip-debuginfo-1.15.4-1.module+el8.1.0+3189+a1bff096.aarch64.rpm php-pecl-zip-debugsource-1.15.4-1.module+el8.1.0+3189+a1bff096.aarch64.rpm php-pgsql-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-pgsql-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-process-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-process-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-recode-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-recode-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-snmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-snmp-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-soap-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-soap-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-xml-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-xml-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-xmlrpc-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm php-xmlrpc-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.aarch64.rpm noarch: apcu-panel-5.1.17-1.module+el8.1.0+3189+a1bff096.noarch.rpm php-pear-1.10.9-1.module+el8.1.0+3189+a1bff096.noarch.rpm ppc64le: libzip-1.5.2-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm libzip-debuginfo-1.5.2-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm libzip-debugsource-1.5.2-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm libzip-devel-1.5.2-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm libzip-tools-1.5.2-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm libzip-tools-debuginfo-1.5.2-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm php-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-bcmath-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-bcmath-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-cli-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-cli-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-common-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-common-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-dba-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-dba-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-dbg-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-dbg-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-debugsource-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-devel-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-embedded-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-embedded-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-enchant-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-enchant-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-fpm-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-fpm-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-gd-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-gd-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-gmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-gmp-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-intl-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-intl-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-json-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-json-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-ldap-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-ldap-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-mbstring-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-mbstring-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-mysqlnd-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-mysqlnd-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-odbc-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-odbc-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-opcache-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-opcache-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-pdo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-pdo-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-pecl-apcu-5.1.17-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm php-pecl-apcu-debuginfo-5.1.17-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm php-pecl-apcu-debugsource-5.1.17-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm php-pecl-apcu-devel-5.1.17-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm php-pecl-zip-1.15.4-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm php-pecl-zip-debuginfo-1.15.4-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm php-pecl-zip-debugsource-1.15.4-1.module+el8.1.0+3189+a1bff096.ppc64le.rpm php-pgsql-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-pgsql-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-process-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-process-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-recode-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-recode-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-snmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-snmp-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-soap-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-soap-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-xml-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-xml-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-xmlrpc-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm php-xmlrpc-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.ppc64le.rpm s390x: libzip-1.5.2-1.module+el8.1.0+3189+a1bff096.s390x.rpm libzip-debuginfo-1.5.2-1.module+el8.1.0+3189+a1bff096.s390x.rpm libzip-debugsource-1.5.2-1.module+el8.1.0+3189+a1bff096.s390x.rpm libzip-devel-1.5.2-1.module+el8.1.0+3189+a1bff096.s390x.rpm libzip-tools-1.5.2-1.module+el8.1.0+3189+a1bff096.s390x.rpm libzip-tools-debuginfo-1.5.2-1.module+el8.1.0+3189+a1bff096.s390x.rpm php-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-bcmath-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-bcmath-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-cli-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-cli-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-common-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-common-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-dba-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-dba-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-dbg-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-dbg-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-debugsource-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-devel-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-embedded-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-embedded-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-enchant-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-enchant-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-fpm-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-fpm-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-gd-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-gd-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-gmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-gmp-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-intl-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-intl-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-json-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-json-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-ldap-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-ldap-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-mbstring-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-mbstring-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-mysqlnd-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-mysqlnd-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-odbc-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-odbc-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-opcache-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-opcache-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-pdo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-pdo-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-pecl-apcu-5.1.17-1.module+el8.1.0+3189+a1bff096.s390x.rpm php-pecl-apcu-debuginfo-5.1.17-1.module+el8.1.0+3189+a1bff096.s390x.rpm php-pecl-apcu-debugsource-5.1.17-1.module+el8.1.0+3189+a1bff096.s390x.rpm php-pecl-apcu-devel-5.1.17-1.module+el8.1.0+3189+a1bff096.s390x.rpm php-pecl-zip-1.15.4-1.module+el8.1.0+3189+a1bff096.s390x.rpm php-pecl-zip-debuginfo-1.15.4-1.module+el8.1.0+3189+a1bff096.s390x.rpm php-pecl-zip-debugsource-1.15.4-1.module+el8.1.0+3189+a1bff096.s390x.rpm php-pgsql-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-pgsql-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-process-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-process-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-recode-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-recode-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-snmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-snmp-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-soap-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-soap-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-xml-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-xml-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-xmlrpc-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm php-xmlrpc-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.s390x.rpm x86_64: libzip-1.5.2-1.module+el8.1.0+3189+a1bff096.x86_64.rpm libzip-debuginfo-1.5.2-1.module+el8.1.0+3189+a1bff096.x86_64.rpm libzip-debugsource-1.5.2-1.module+el8.1.0+3189+a1bff096.x86_64.rpm libzip-devel-1.5.2-1.module+el8.1.0+3189+a1bff096.x86_64.rpm libzip-tools-1.5.2-1.module+el8.1.0+3189+a1bff096.x86_64.rpm libzip-tools-debuginfo-1.5.2-1.module+el8.1.0+3189+a1bff096.x86_64.rpm php-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-bcmath-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-bcmath-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-cli-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-cli-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-common-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-common-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-dba-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-dba-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-dbg-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-dbg-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-debugsource-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-devel-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-embedded-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-embedded-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-enchant-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-enchant-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-fpm-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-fpm-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-gd-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-gd-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-gmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-gmp-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-intl-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-intl-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-json-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-json-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-ldap-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-ldap-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-mbstring-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-mbstring-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-mysqlnd-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-mysqlnd-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-odbc-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-odbc-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-opcache-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-opcache-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-pdo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-pdo-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-pecl-apcu-5.1.17-1.module+el8.1.0+3189+a1bff096.x86_64.rpm php-pecl-apcu-debuginfo-5.1.17-1.module+el8.1.0+3189+a1bff096.x86_64.rpm php-pecl-apcu-debugsource-5.1.17-1.module+el8.1.0+3189+a1bff096.x86_64.rpm php-pecl-apcu-devel-5.1.17-1.module+el8.1.0+3189+a1bff096.x86_64.rpm php-pecl-zip-1.15.4-1.module+el8.1.0+3189+a1bff096.x86_64.rpm php-pecl-zip-debuginfo-1.15.4-1.module+el8.1.0+3189+a1bff096.x86_64.rpm php-pecl-zip-debugsource-1.15.4-1.module+el8.1.0+3189+a1bff096.x86_64.rpm php-pgsql-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-pgsql-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-process-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-process-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-recode-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-recode-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-snmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-snmp-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-soap-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-soap-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-xml-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-xml-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-xmlrpc-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm php-xmlrpc-debuginfo-7.3.5-5.module+el8.1.0+4560+e0eee7d6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-11043 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXcLPX9zjgjWX9erEAQhpLA//Xn976W8kgD2prLFyAISU/joYKPjYC5lO ehPJxPLstrs1VtgK/rWZsExfnMo2aw7QTTqOmGBhrmA3nyoLvxDqjOk3mCnpSRY0 Jbg4I8w6Y6c5HaogENaHJx+MybugoFwuFaFVUhxQkPrLJUshLL1iZE3q+jqekPoA nLjg5uCR5dcqEwDFRyXto9i9ZggyckZPdvos7POYN5o6CpY6F+kYnN70y0rEGt+g OyAoJvZT07SUZBdP0W74KaCZWOElwpW7cWsxmlIybjqS4wm8e42xW7i+18FUQrL9 kGXbbNtqnktySGMeUKU18c3QUZGYrJ+062ETzMzRG6lnixX/H0rfmd6A2jQPTTiV FVS4y6P2tfMAAvaCSB+d0dGsKwsLBAL66t8QWHYUT4TnnVEaWfQOOpTy9quSXBeQ P51RYhDJ3CAvuEr6wG8AyQjoOavBAAeh2afHMIiw9hCIDPbfa7vW76YF3GZPkQJP eT0vV5MsFakn1dLkrVNq9cuMbGxzQXBe70NAsqR2TVUdScYEUjJHVpLeM3nq01D0 6xUGHuJpa3KSi/miTGwyhtenN5I1EHgvzt8E59LfAfUof/PJQcd+uyYPjRPeWQ/m fu+dk+ecg1iEsGp9NmNBnhti1O7UoCdekzYLQBLOE0I/eyqOyyPiJn4GQvMt2n8V 9Lf/8rO9kCM= =ojzQ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXcNcwmaOgq3Tt24GAQjP8BAAp7uIgHK/BqeM39oq/VqsrV1kt+vIKIl5 g7MNkyyLJjjAozqisMC1RTADdKAnaRJ2mZSTwOF2r39+Ju3o+1TiN3Qo7nrlsJyJ CJhpfFxt23GlV4pQfzBzJDnV28twCA2TJgW9PEF/6UPjzbEY3VdkjN5g1GT/wAys ZTRhEVtjE72JQVJ7PAUtAYoQr82tY9RrL22lHkWLKmNck17OYPv34Rg5eNb+E8Tg FPmSxanED3w+OPd5RwcwmvbQ6qAanAlxSgiahm0tvAuiJDCStDtJbZSPs+ZoYUcr f2LEJupig8s6vPSpilQJ4/BT6OMjLpTU6f5hlnlpWDcrATkEDtwsTFHziMCvr6pc gmkxWIBrLvVzrFZUdKrPhFWkwb6M2KO5k4uN/RXD8U3iek8DGDNmGbAl1fWvWi8a vTVMAQ7QNl2bFMzjInTukg7y4zNv2m8IwLSikv+FkpYe3uf2Qz67tNCPIxUnHunB 7WAVrVin8nrREHmOGSd3JM/KWo/om3jiFlfEkQah9lRTUBqFri6sCrxbPBA8XyjU VmW8nnR9W8YZdAYSTuZ/xm+HNMA+ywUOCGXbou+HU8y37Ph+k3ydaot+Ta7b0V4D 6fNAM/YF50WBBqSszgNdL3wdQYdi2a8X+AaxveL+F0vkekCI8QveBl5boCxMMhCM CsNUep9EqC0= =hO1+ -----END PGP SIGNATURE-----