Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

php-fpm-7.4.33-23.el10.remi RPM for x86_64

From Remi's RPM Modular for RedHat EL 10 for x86_64

Name: php-fpm Distribution: Unknown
Version: 7.4.33 Vendor: Remi's RPM repository <https://rpms.remirepo.net/> #StandWithUkraine
Release: 23.el10.remi Build date: Tue Mar 18 07:46:44 2025
Group: Development/Languages Build host: builder.remirepo.net
Size: 4264665 Source RPM: php-7.4.33-23.el10.remi.src.rpm
Packager: Remi Collet
Url: http://www.php.net/
Summary: PHP FastCGI Process Manager
 
PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI
implementation with some additional features useful for sites of
any size, especially busier sites.

Provides

Requires

License

PHP and Zend and BSD and MIT and ASL 1.0 and NCSA

Changelog

* Mon Mar 17 2025 Remi Collet <remi@remirepo.net> - 7.4.33-23
  - Fix libxml streams use wrong `content-type` header when requesting a redirected resource
    CVE-2025-1219
  - Fix Stream HTTP wrapper header check might omit basic auth header
    CVE-2025-1736
  - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
    CVE-2025-1861
  - Fix Streams HTTP wrapper does not fail for headers without colon
    CVE-2025-1734
  - Fix Header parser of `http` stream wrapper does not handle folded headers
    CVE-2025-1217
  - use oracle client library version 23.7 on x86_64 and aarch64
* Thu Feb 13 2025 Remi Collet <remi@remirepo.net> - 7.4.33-22
  - backport fix for ICU 74+
  - backport fix strict prototypes
* Wed Nov 27 2024 Remi Collet <remi@remirepo.net> - 7.4.33-21
  - Fix Leak partial content of the heap through heap buffer over-read
    CVE-2024-8929
* Fri Nov 22 2024 Remi Collet <remi@remirepo.net> - 7.4.33-20
  - Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
    GHSA-4w77-75f9-2c8w
  - Fix OOB access in ldap_escape
    CVE-2024-8932
  - Fix Integer overflow in the dblib/firebird quoter causing OOB writes
    CVE-2024-11236
  - Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
    CVE-2024-11234
  - Fix Single byte overread with convert.quoted-printable-decode filter
    CVE-2024-11233
* Fri Nov 15 2024 Remi Collet <remi@remirepo.net> - 7.4.33-19
  - disable firebird on EL-10
* Thu Sep 26 2024 Remi Collet <remi@remirepo.net> - 7.4.33-18
  - Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
    CVE-2024-4577
  - Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
    CVE-2024-8926
  - Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
    CVE-2024-8927
  - Fix Logs from childrens may be altered
    CVE-2024-9026
  - Fix Erroneous parsing of multipart form data
    CVE-2024-8925
  - use ICU 74.2
* Mon Aug 26 2024 Remi Collet <remi@remirepo.net> - 7.4.33-17
  - add backport for https://bugs.php.net/79589
    error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading
* Wed Jul 31 2024 Remi Collet <remi@remirepo.net> - 7.4.33-16
  - use oracle client library version 23.5 on x86_64
* Tue Jun 04 2024 Remi Collet <remi@remirepo.net> - 7.4.33-15
  - Fix filter bypass in filter_var FILTER_VALIDATE_URL
    CVE-2024-5458
* Wed Apr 10 2024 Remi Collet <remi@remirepo.net> - 7.4.33-14
  - Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
    CVE-2024-2756
  - Fix password_verify can erroneously return true opening ATO risk
    CVE-2024-3096
* Wed Mar 06 2024 Remi Collet <remi@remirepo.net> - 7.4.33-13
  - patch test suite for zlib-ng
* Mon Feb 19 2024 Remi Collet <remi@remirepo.net> - 7.4.33-12
  - more build patch for GCC 14
* Wed Feb 14 2024 Remi Collet <remi@remirepo.net> - 7.4.33-11
  - add build patch for GCC 14
  - use oracle client library version 21.13 on x86_64
* Tue Dec 12 2023 Remi Collet <remi@remirepo.net> - 7.4.33-10
  - use ICU 73.2
  - use oracle client library version 21.12 on x86_64, 19.19 on aarch64
  - add fixes for libxml 2.11 and 2.12 from 8.1
* Thu Sep 21 2023 Remi Collet <remi@remirepo.net> - 7.4.33-9
  - use oracle client library version 21.11 on x86_64, 19.19 on aarch64
  - use official Oracle Instant Client RPM
* Tue Aug 01 2023 Remi Collet <remi@remirepo.net> - 7.4.33-8
  - Fix Security issue with external entity loading in XML without enabling it
    GHSA-3qrf-m4j2-pcrr CVE-2023-3823
  - Fix Buffer mismanagement in phar_dir_read()
    GHSA-jqcx-ccgc-xwhv CVE-2023-3824
  - move httpd/nginx wants directive to config files in /etc
* Tue Jun 06 2023 Remi Collet <remi@remirepo.net> - 7.4.33-7
  - Fix Missing error check and insufficient random bytes in HTTP Digest
    authentication for SOAP
    GHSA-76gg-c692-v2mw CVE-2023-3247
* Fri Apr 14 2023 Remi Collet <remi@remirepo.net> - 7.4.33-6
  - use ICU 72.1
  - use oracle client library version 21.10
  - fix possible buffer overflow in date
  - define %__phpize and %__phpconfig

Files

/etc/httpd/conf.d/php.conf
/etc/logrotate.d/php-fpm
/etc/nginx/conf.d/php-fpm.conf
/etc/nginx/default.d/php.conf
/etc/php-fpm.conf
/etc/php-fpm.d
/etc/php-fpm.d/www.conf
/etc/systemd/system/httpd.service.d/php-fpm.conf
/etc/systemd/system/nginx.service.d/php-fpm.conf
/etc/systemd/system/php-fpm.service.d
/run/php-fpm
/usr/lib/.build-id
/usr/lib/.build-id/36
/usr/lib/.build-id/36/19e18530e15cad077df611e905b8eaa955e710
/usr/lib/systemd/system/php-fpm.service
/usr/sbin/php-fpm
/usr/share/doc/php-fpm
/usr/share/doc/php-fpm/php-fpm.conf.default
/usr/share/doc/php-fpm/www.conf.default
/usr/share/fpm
/usr/share/fpm/status.html
/usr/share/licenses/php-fpm
/usr/share/licenses/php-fpm/fpm_LICENSE
/usr/share/man/man8/php-fpm.8.gz
/var/lib/php/opcache
/var/lib/php/session
/var/lib/php/wsdlcache
/var/log/php-fpm

Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Mar 20 05:28:54 2025