php-process-8.0.30-5.el9 RPM for x86_64

From CentOS Stream 9 AppStream for x86_64

The php-process package contains dynamic shared objects which add
support to PHP using system interfaces for inter-process
communication.

Provides

• php-process
• config(php-process)
• php-posix
• php-posix(x86-64)
• php-process(x86-64)
• php-shmop
• php-shmop(x86-64)
• php-sysvmsg
• php-sysvmsg(x86-64)
• php-sysvsem
• php-sysvsem(x86-64)
• php-sysvshm
• php-sysvshm(x86-64)

Requires

• config(php-process) = 8.0.30-5.el9
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• php-common(x86-64) = 8.0.30-5.el9
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)

License

PHP

Changelog

* Fri Jan 16 2026 Remi Collet <rcollet@redhat.com> - 8.0.30-5
  - Fix Null byte termination in dns_get_record()
    GHSA-www2-q4fc-65wf
  - Fix Heap buffer overflow in array_merge()
    CVE-2025-14178
  - Fix Information Leak of Memory in getimagesize
    CVE-2025-14177
* Fri Oct 03 2025 Remi Collet <rcollet@redhat.com> - 8.0.30-4
  - Fix pgsql extension does not check for errors during escaping
    CVE-2025-1735
  - Fix NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
    CVE-2025-6491
  - Fix Null byte termination in hostnames
    CVE-2025-1220
  - Fix soap memory corruption
  - Fix ldap_set_option() not applied on different ldap connections
* Thu Mar 13 2025 Remi Collet <rcollet@redhat.com> - 8.0.30-3
  - Fix libxml streams use wrong `content-type` header when requesting a redirected resource
    CVE-2025-1219
  - Fix Stream HTTP wrapper header check might omit basic auth header
    CVE-2025-1736
  - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
    CVE-2025-1861
  - Fix Streams HTTP wrapper does not fail for headers without colon
    CVE-2025-1734
  - Fix Header parser of `http` stream wrapper does not handle folded headers
    CVE-2025-1217
* Tue Jan 21 2025 Remi Collet <rcollet@redhat.com> - 8.0.30-2
  - Fix Leak partial content of the heap through heap buffer over-read
    CVE-2024-8929
  - Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
    CVE-2024-11234
  - Fix Single byte overread with convert.quoted-printable-decode filter
    CVE-2024-11233
  - Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
    CVE-2024-8927
  - Fix Logs from childrens may be altered
    CVE-2024-9026
  - Fix Erroneous parsing of multipart form data
    CVE-2024-8925
  - Fix filter bypass in filter_var FILTER_VALIDATE_URL
    CVE-2024-5458
  - Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
    CVE-2024-2756
  - Fix password_verify can erroneously return true opening ATO risk
    CVE-2024-3096

Files

/etc/php.d/20-posix.ini
/etc/php.d/20-shmop.ini
/etc/php.d/20-sysvmsg.ini
/etc/php.d/20-sysvsem.ini
/etc/php.d/20-sysvshm.ini
/usr/lib/.build-id
/usr/lib/.build-id/00
/usr/lib/.build-id/00/ef3fb14eaf01bd304e2604a33f24179fbcafa1
/usr/lib/.build-id/38
/usr/lib/.build-id/38/7c81e975484e42157c7bc6ca0c16164c1e3b4a
/usr/lib/.build-id/39
/usr/lib/.build-id/39/aeb9a28b03d040490b2a23df7a7eee2f1cb03a
/usr/lib/.build-id/a5
/usr/lib/.build-id/a5/2cc4b6dfd803efee4f3542c663f99736569185
/usr/lib/.build-id/ab
/usr/lib/.build-id/ab/1165cd1b7cd4d7261a0e4e0470897b13f8b8b1
/usr/lib64/php/modules/posix.so
/usr/lib64/php/modules/shmop.so
/usr/lib64/php/modules/sysvmsg.so
/usr/lib64/php/modules/sysvsem.so
/usr/lib64/php/modules/sysvshm.so

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Feb 11 04:54:06 2026