[CLSA-2026:1779207545] Fix of 7 CVEs
Type:
security
Severity:
Critical
Release date:
2026-05-19 16:19:11 UTC
Description:
* SECURITY UPDATE: soap extension use-after-free via apache:Map duplicate keys - debian/patches/php-8.1-CVE-2026-6722.patch: backport upstream commit aee3b3ac9b in ext/soap/php_encoding.c — add Z_TRY_ADDREF_P on soap_add_xml_ref insertion and change SOAP_GLOBAL(ref_map) destructor to ZVAL_PTR_DTOR. - CVE-2026-6722 * SECURITY UPDATE: pdo_firebird SQL injection via NUL bytes in quoted strings - debian/patches/php-8.1-CVE-2025-14179.patch: backport upstream commit 3f40b65323 in ext/pdo_firebird/firebird_driver.c — replace strncat/strncpy/strcpy in preprocess() with memcpy plus explicit length tracking. - CVE-2025-14179 * SECURITY UPDATE: soap extension NULL pointer dereference via apache:Map item missing element - debian/patches/php-8.1-CVE-2026-7262.patch: backport upstream commit 79551ab8b1 in ext/soap/php_encoding.c — fix typo'd null check in to_zval_map() (was checking xmlKey, should check xmlValue). - CVE-2026-7262 * SECURITY UPDATE: php-fpm status endpoint XSS via unescaped request_uri - debian/patches/php-8.1-CVE-2026-6735.patch: backport upstream commit 99a5ad7441 in sapi/fpm/fpm/fpm_status.c — escape proc->request_uri with php_escape_html_entities_ex() / php_json_encode_string() and fix the broken "ENT_HTML_IGNORE_ERRORS & ENT_COMPAT" flag (bitwise- AND of two flag constants evaluates to 0). Applies with line offsets only against PHP 8.1.34. - CVE-2026-6735 * SECURITY UPDATE: mbstring NULL pointer dereference in php_mb_check_encoding() via mb_ereg_search_init() - debian/patches/php-8.1-CVE-2026-7259.patch: backport upstream commit 79a054eae0 in ext/mbstring/php_mbregex.c — resolve the mbfl encoding before storing it in MBREX(current_mbctype_mbfl_encoding) and return FAILURE if NULL (encodings supported by Oniguruma but not mbfl such as iso-8859-11, UJIS, KOI8-R). - CVE-2026-7259 * SECURITY UPDATE: soap SoapServer use-after-free after header parsing failure when SOAP_PERSISTENCE_SESSION is set - debian/patches/php-8.1-CVE-2026-7261.patch: backport upstream commit db2a7f9348 in ext/soap/soap.c — guard both zval_ptr_dtor(soap_obj) call sites in PHP_METHOD(SoapServer, handle) with "if (service->soap_class.persistence != SOAP_PERSISTENCE_SESSION)". Adapted to 8.1's fault path (extra zend_string_release(fn_name) before each dtor). - CVE-2026-7261 * SECURITY UPDATE: metaphone() signed integer overflow on >INT_MAX input - debian/patches/php-8.1-CVE-2026-7568.patch: backport upstream commit 47def8ce1d in ext/standard/metaphone.c — retype w_idx and Lookahead's how_far/idx from int to size_t to avoid signed overflow while walking strings larger than 2 GB on 64-bit builds. - CVE-2026-7568
Updated packages:
  • alt-php81_8.1.34-13_amd64.deb
    sha:9ba16aaedae441af6346cfcffc347898fbb2a09e
  • alt-php81-bcmath_8.1.34-13_amd64.deb
    sha:3f1677a6cda65e58534688d71e8a9b0dcda21ef2
  • alt-php81-cli_8.1.34-13_amd64.deb
    sha:a94b4b1b5292a747c89203d64f34d6c279618852
  • alt-php81-common_8.1.34-13_amd64.deb
    sha:9edc11613898541864a82b7bc483c5e24be0b7c0
  • alt-php81-dba_8.1.34-13_amd64.deb
    sha:d368c27b80ebe7023d0731006db8ffade03c65b5
  • alt-php81-dev_8.1.34-13_amd64.deb
    sha:f5801a8f99a1cc41abaebe735c0b13c2e0a7efb5
  • alt-php81-enchant_8.1.34-13_amd64.deb
    sha:fcb4f52253197af4a0aad5bb38ca9e890748c559
  • alt-php81-firebird_8.1.34-13_amd64.deb
    sha:115edf5b79abf0f9c26573055bbe7c2eaac63707
  • alt-php81-fpm_8.1.34-13_amd64.deb
    sha:f3793684d4c964c6f4d7c26356844e2586b4d300
  • alt-php81-gd_8.1.34-13_amd64.deb
    sha:6fb758c4cd00cf8cfc8b46849c80e4b9b03f2401
  • alt-php81-imap_8.1.34-13_amd64.deb
    sha:3e331eb85d4fd3b560825dd52f8cd6385c6527b6
  • alt-php81-intl_8.1.34-13_amd64.deb
    sha:b069343b61714bb4cb322ee394e6bd288793fe05
  • alt-php81-ldap_8.1.34-13_amd64.deb
    sha:cfc5f72ba54f0a8c63f8be46ac90a4ea209f958a
  • alt-php81-mbstring_8.1.34-13_amd64.deb
    sha:a8ee1aa4a408e2d1cf46e110bf140e4892749e50
  • alt-php81-mysqlnd_8.1.34-13_amd64.deb
    sha:2d8c2c5979ed8e6ff0bd70ddc9e56770575dfabb
  • alt-php81-odbc_8.1.34-13_amd64.deb
    sha:ecfa51192d1f7baf3f286dfebdd0a72bdab193bc
  • alt-php81-opcache_8.1.34-13_amd64.deb
    sha:ac2b3b357ba9a34ec98fc95e45c98ed2db555c01
  • alt-php81-pdo_8.1.34-13_amd64.deb
    sha:f647e40a087ec2a1ddef92ea942d63fa3754f0df
  • alt-php81-pgsql_8.1.34-13_amd64.deb
    sha:b5e6ad45e2c2c53f60caa45e821269ff79d6e37f
  • alt-php81-process_8.1.34-13_amd64.deb
    sha:2443685fa305dc200c690f24ce14288b663c548a
  • alt-php81-pspell_8.1.34-13_amd64.deb
    sha:1411df49447ad9522da41dd2be727e850deb8850
  • alt-php81-snmp_8.1.34-13_amd64.deb
    sha:ac929b19a30457637aa8c662cdd2824264abf6ba
  • alt-php81-soap_8.1.34-13_amd64.deb
    sha:a8f6ab941b02d9794c9b3c324fc3aa0afe565071
  • alt-php81-sodium_8.1.34-13_amd64.deb
    sha:edb66316ffb30cd453f2fb14d7ba2291316bff10
  • alt-php81-tidy_8.1.34-13_amd64.deb
    sha:a39fcc3b36cd9ced7ad72e4a24cdc772180b3646
  • alt-php81-xml_8.1.34-13_amd64.deb
    sha:832beea2d4f541d67fc27e1fb5e9427beed3a8ff
  • alt-php81_8.1.34-13_arm64.deb
    sha:143e503983790bcf36c68835dcdb397a1710e38c
  • alt-php81-bcmath_8.1.34-13_arm64.deb
    sha:2c493f141239160cb7c01a44be1979b4e77a09f9
  • alt-php81-cli_8.1.34-13_arm64.deb
    sha:2e38a4c21953921002819bcee2e0501ff68bc090
  • alt-php81-common_8.1.34-13_arm64.deb
    sha:fce91e1d010de2c1a61cd668f86b02e2e3d764ed
  • alt-php81-dba_8.1.34-13_arm64.deb
    sha:e7a4302956afc10b23fcc60431e5f529742085d6
  • alt-php81-dev_8.1.34-13_arm64.deb
    sha:b22d19718b201d1051665f17c5efc083f6ebc5f5
  • alt-php81-enchant_8.1.34-13_arm64.deb
    sha:6dc5b2e304ed1416d58392e71a8a3e866d09d807
  • alt-php81-firebird_8.1.34-13_arm64.deb
    sha:9ce415699fec71aec7565315da9c1f1fb9776033
  • alt-php81-fpm_8.1.34-13_arm64.deb
    sha:e899dee63bc4313fd954208cb5a558b90f3cfc87
  • alt-php81-gd_8.1.34-13_arm64.deb
    sha:74a4b52a47753290f9197ecf94d3b2ffcbe31d1a
  • alt-php81-imap_8.1.34-13_arm64.deb
    sha:c3919754fd0f6efc4cbebfe2d2e86fca4a2a1c36
  • alt-php81-intl_8.1.34-13_arm64.deb
    sha:6a65eadecfb09d0a7467dcb33ae019faa2aa1a28
  • alt-php81-ldap_8.1.34-13_arm64.deb
    sha:3193078136f5e7d69295826a445d86ed32cb14bc
  • alt-php81-mbstring_8.1.34-13_arm64.deb
    sha:bf75123ad2f752219415d8b4fc204ed2586949c1
  • alt-php81-mysqlnd_8.1.34-13_arm64.deb
    sha:9dfd7f3552033e5f7e5076f16ceac73e672462da
  • alt-php81-odbc_8.1.34-13_arm64.deb
    sha:3aaec5ce6ca1b217c245af088506d177ad1c331c
  • alt-php81-opcache_8.1.34-13_arm64.deb
    sha:416a0af272de981ac97dde76e6920f2f1d7f34e3
  • alt-php81-pdo_8.1.34-13_arm64.deb
    sha:650343ded9d3e45564e49bd4b8eed7c10818931f
  • alt-php81-pgsql_8.1.34-13_arm64.deb
    sha:053fa4cba79831eb67e92c44e7e5adb620691678
  • alt-php81-process_8.1.34-13_arm64.deb
    sha:e15d33a51321062b3b87d4df623bb50c884133d0
  • alt-php81-pspell_8.1.34-13_arm64.deb
    sha:27b479efa6f9558c2c81bf83fef849608fd44e75
  • alt-php81-snmp_8.1.34-13_arm64.deb
    sha:cdb54453bae167aeb40c52b19ac933e687fe1112
  • alt-php81-soap_8.1.34-13_arm64.deb
    sha:ebdb454b365f19d649a36fc286023cf159385da2
  • alt-php81-sodium_8.1.34-13_arm64.deb
    sha:1e428f73cdb634e79ebbcc695abe7fbfc5899eec
  • alt-php81-tidy_8.1.34-13_arm64.deb
    sha:3defa4685633fd8f547d66677e46b95a8d9f04aa
  • alt-php81-xml_8.1.34-13_arm64.deb
    sha:374a30963ac2bf19955407fc61ed6a0b8f4d72d4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.