| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: php-xml | Distribution: AlmaLinux |
| Version: 8.0.30 | Vendor: AlmaLinux |
| Release: 4.el9_7 | Build date: Thu Dec 18 14:16:50 2025 |
| Group: Unspecified | Build host: ppc64le-builder01.almalinux.org |
| Size: 549542 | Source RPM: php-8.0.30-4.el9_7.src.rpm |
| Packager: AlmaLinux Packaging Team <packager@almalinux.org> | |
| Url: http://www.php.net/ | |
| Summary: A module for PHP applications which use XML | |
The php-xml package contains dynamic shared objects which add support to PHP for manipulating XML documents using the DOM tree, and performing XSL transformations on XML documents.
PHP
* Fri Oct 03 2025 Remi Collet <rcollet@redhat.com> - 8.0.30-4
- Fix pgsql extension does not check for errors during escaping
CVE-2025-1735
- Fix NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
CVE-2025-6491
- Fix Null byte termination in hostnames
CVE-2025-1220
- Fix soap memory corruption
- Fix ldap_set_option() not applied on different ldap connections
* Thu Mar 13 2025 Remi Collet <rcollet@redhat.com> - 8.0.30-3
- Fix libxml streams use wrong `content-type` header when requesting a redirected resource
CVE-2025-1219
- Fix Stream HTTP wrapper header check might omit basic auth header
CVE-2025-1736
- Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
CVE-2025-1861
- Fix Streams HTTP wrapper does not fail for headers without colon
CVE-2025-1734
- Fix Header parser of `http` stream wrapper does not handle folded headers
CVE-2025-1217
* Tue Jan 21 2025 Remi Collet <rcollet@redhat.com> - 8.0.30-2
- Fix Leak partial content of the heap through heap buffer over-read
CVE-2024-8929
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
CVE-2024-11233
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
CVE-2024-8927
- Fix Logs from childrens may be altered
CVE-2024-9026
- Fix Erroneous parsing of multipart form data
CVE-2024-8925
- Fix filter bypass in filter_var FILTER_VALIDATE_URL
CVE-2024-5458
- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
CVE-2024-2756
- Fix password_verify can erroneously return true opening ATO risk
CVE-2024-3096
* Fri Oct 06 2023 Remi Collet <rcollet@redhat.com> - 8.0.30-1
- rebase to 8.0.30
- Resolves: RHEL-11946
/etc/php.d/20-dom.ini /etc/php.d/20-simplexml.ini /etc/php.d/20-xml.ini /etc/php.d/20-xmlwriter.ini /etc/php.d/20-xsl.ini /etc/php.d/30-xmlreader.ini /usr/lib/.build-id /usr/lib/.build-id/53 /usr/lib/.build-id/53/f414dca77f10c47c1129fdd164b2098c61ac9c /usr/lib/.build-id/6a /usr/lib/.build-id/6a/d436328177175b8c75dd5716dddc6267a0e31a /usr/lib/.build-id/77 /usr/lib/.build-id/77/0702499fbe36c738bd2e2fec49c5230affe529 /usr/lib/.build-id/af /usr/lib/.build-id/af/acccfdf8d363b76a230c11e661626a3a5e7767 /usr/lib/.build-id/cd /usr/lib/.build-id/cd/51cdfe21e634edd3127bbcf7ad4ea24f2cc678 /usr/lib/.build-id/f7 /usr/lib/.build-id/f7/5735b9be440f610909655b6173934e1cdab955 /usr/lib64/php/modules/dom.so /usr/lib64/php/modules/simplexml.so /usr/lib64/php/modules/xml.so /usr/lib64/php/modules/xmlreader.so /usr/lib64/php/modules/xmlwriter.so /usr/lib64/php/modules/xsl.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Dec 25 05:09:51 2025