Mageia 2024-0328: php Security Advisory Updates
Summary
HTTP_REDIRECT_STATUS might be controlled via user request
FPM log output might be modified by an attacker
HTTP POST can be modified by an attacker
For other bug fixes consult references
References
- https://bugs.mageia.org/show_bug.cgi?id=33623
- https://www.php.net/ChangeLog-8.php#8.2.24
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8927
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9026
Resolution
MGASA-2024-0328 - Updated php packages fix security vulnerabilities
SRPMS
- 9/core/php-8.2.24-1.mga9