MGASA-2024-0328

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2024-0328.html

Import Source

https://advisories.mageia.org/MGASA-2024-0328.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2024-0328

Related

CVE-2024-8927
CVE-2024-9026

Published

2024-10-11T00:59:30Z

Modified

2024-10-11T00:33:55Z

Summary

Updated php packages fix security vulnerabilities

Details

HTTPREDIRECTSTATUS might be controlled via user request FPM log output might be modified by an attacker HTTP POST can be modified by an attacker For other bug fixes consult references

References

https://advisories.mageia.org/MGASA-2024-0328.html
https://bugs.mageia.org/show_bug.cgi?id=33623
https://www.php.net/ChangeLog-8.php#8.2.24

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / php

Package

Name: php
Purl: pkg:rpm/mageia/php?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.2.24-1.mga9

Ecosystem specific

{
    "section": "core"
}