[CLSA-2026:1779207141] Fix of 7 CVEs
Type:
security
Severity:
Critical
Release date:
2026-05-19 16:12:27 UTC
Description:
* SECURITY UPDATE: soap extension use-after-free via apache:Map duplicate keys - debian/patches/php-8.1-CVE-2026-6722.patch: backport upstream commit aee3b3ac9b in ext/soap/php_encoding.c — add Z_TRY_ADDREF_P on soap_add_xml_ref insertion and change SOAP_GLOBAL(ref_map) destructor to ZVAL_PTR_DTOR. - CVE-2026-6722 * SECURITY UPDATE: pdo_firebird SQL injection via NUL bytes in quoted strings - debian/patches/php-8.1-CVE-2025-14179.patch: backport upstream commit 3f40b65323 in ext/pdo_firebird/firebird_driver.c — replace strncat/strncpy/strcpy in preprocess() with memcpy plus explicit length tracking. - CVE-2025-14179 * SECURITY UPDATE: soap extension NULL pointer dereference via apache:Map item missing element - debian/patches/php-8.1-CVE-2026-7262.patch: backport upstream commit 79551ab8b1 in ext/soap/php_encoding.c — fix typo'd null check in to_zval_map() (was checking xmlKey, should check xmlValue). - CVE-2026-7262 * SECURITY UPDATE: php-fpm status endpoint XSS via unescaped request_uri - debian/patches/php-8.1-CVE-2026-6735.patch: backport upstream commit 99a5ad7441 in sapi/fpm/fpm/fpm_status.c — escape proc->request_uri with php_escape_html_entities_ex() / php_json_encode_string() and fix the broken "ENT_HTML_IGNORE_ERRORS & ENT_COMPAT" flag (bitwise- AND of two flag constants evaluates to 0). Applies with line offsets only against PHP 8.1.34. - CVE-2026-6735 * SECURITY UPDATE: mbstring NULL pointer dereference in php_mb_check_encoding() via mb_ereg_search_init() - debian/patches/php-8.1-CVE-2026-7259.patch: backport upstream commit 79a054eae0 in ext/mbstring/php_mbregex.c — resolve the mbfl encoding before storing it in MBREX(current_mbctype_mbfl_encoding) and return FAILURE if NULL (encodings supported by Oniguruma but not mbfl such as iso-8859-11, UJIS, KOI8-R). - CVE-2026-7259 * SECURITY UPDATE: soap SoapServer use-after-free after header parsing failure when SOAP_PERSISTENCE_SESSION is set - debian/patches/php-8.1-CVE-2026-7261.patch: backport upstream commit db2a7f9348 in ext/soap/soap.c — guard both zval_ptr_dtor(soap_obj) call sites in PHP_METHOD(SoapServer, handle) with "if (service->soap_class.persistence != SOAP_PERSISTENCE_SESSION)". Adapted to 8.1's fault path (extra zend_string_release(fn_name) before each dtor). - CVE-2026-7261 * SECURITY UPDATE: metaphone() signed integer overflow on >INT_MAX input - debian/patches/php-8.1-CVE-2026-7568.patch: backport upstream commit 47def8ce1d in ext/standard/metaphone.c — retype w_idx and Lookahead's how_far/idx from int to size_t to avoid signed overflow while walking strings larger than 2 GB on 64-bit builds. - CVE-2026-7568
Updated packages:
  • alt-php81_8.1.34-13_amd64.deb
    sha:64be5ae0bcec0e07202ab73df4f739450d9f6e23
  • alt-php81-bcmath_8.1.34-13_amd64.deb
    sha:3446bc01e7dcd2d52e69cde56e840ef71bace801
  • alt-php81-cli_8.1.34-13_amd64.deb
    sha:cb1c9f5cf074cafc16f7688c4fadda63ad001388
  • alt-php81-common_8.1.34-13_amd64.deb
    sha:f79bdb3ee2178742e0c5803465d033b6dd72d4eb
  • alt-php81-dba_8.1.34-13_amd64.deb
    sha:f412fa02d3b802d731f146b1865c65339fb5134b
  • alt-php81-dev_8.1.34-13_amd64.deb
    sha:d899cfef01d1fbccdf5ba5c53bab888227c4c9b7
  • alt-php81-enchant_8.1.34-13_amd64.deb
    sha:a0553e7338e6b6f236ed79cf5a6bfe3347a4b1da
  • alt-php81-firebird_8.1.34-13_amd64.deb
    sha:a522bb8891a6ad3fd4da5b4ff24997f23b4fa5da
  • alt-php81-fpm_8.1.34-13_amd64.deb
    sha:0c9d735df076ce478a6425fa54a0fb796d89b909
  • alt-php81-gd_8.1.34-13_amd64.deb
    sha:c8a1964abb6e7cd5085afc42820706c6fc889837
  • alt-php81-imap_8.1.34-13_amd64.deb
    sha:7b75188949709f6e5dab6f56341d385f72743e6f
  • alt-php81-intl_8.1.34-13_amd64.deb
    sha:e4795e7546be49c92ef9a2521376e748d6c2804e
  • alt-php81-ldap_8.1.34-13_amd64.deb
    sha:b60e3cde7f362f0807371f290efa907d5e27a3c9
  • alt-php81-mbstring_8.1.34-13_amd64.deb
    sha:1e73db9b84a910125a6c6de5a246c4b23e84ab44
  • alt-php81-mysqlnd_8.1.34-13_amd64.deb
    sha:4ae799116cba1dd16b4d034349806c8cd3ee09e6
  • alt-php81-odbc_8.1.34-13_amd64.deb
    sha:c8eb809c0ad45e8865593b5189eff501c61c954e
  • alt-php81-opcache_8.1.34-13_amd64.deb
    sha:6187acac5aadc16f76591243c7ea0b92dbe0836f
  • alt-php81-pdo_8.1.34-13_amd64.deb
    sha:a550b86c541b8855e58aa8f67ba0569c129c2d91
  • alt-php81-pgsql_8.1.34-13_amd64.deb
    sha:90332759e3c623e609c81cf67574326936776ce0
  • alt-php81-process_8.1.34-13_amd64.deb
    sha:4ea570ffe65b57ff581e77f9d9138b4852370f9c
  • alt-php81-pspell_8.1.34-13_amd64.deb
    sha:b6830e494d70c5c05002afad84cf7139d649adce
  • alt-php81-snmp_8.1.34-13_amd64.deb
    sha:2576b42b616b1499fb19db53ea97e92eb2d6880d
  • alt-php81-soap_8.1.34-13_amd64.deb
    sha:2d5cb7a14a7dcb5e86d4f0a9986d0763b6a707dc
  • alt-php81-sodium_8.1.34-13_amd64.deb
    sha:0375c3e730ab496a7dca79175995e64ff155e657
  • alt-php81-tidy_8.1.34-13_amd64.deb
    sha:736253a61ac66c10447655276eb311460cd573f6
  • alt-php81-xml_8.1.34-13_amd64.deb
    sha:88e7c84919e65638b32900a9e9e094d78e11e363
  • alt-php81_8.1.34-13_arm64.deb
    sha:3d891df15190f54483598837028f4eb3fc1b0844
  • alt-php81-bcmath_8.1.34-13_arm64.deb
    sha:a9f9ea0723aa713a362c04c07bb54cf692a24513
  • alt-php81-cli_8.1.34-13_arm64.deb
    sha:0ae51743e9401eec1a45b5c0404d539f4c0ab55b
  • alt-php81-common_8.1.34-13_arm64.deb
    sha:78c40058c5e51c2a492b374882e6dcea8f7c31d4
  • alt-php81-dba_8.1.34-13_arm64.deb
    sha:699cbab434c5e2ff90331a931e944f882ddecb85
  • alt-php81-dev_8.1.34-13_arm64.deb
    sha:a0e5c547b091070870ba75243906d5b8be32cd33
  • alt-php81-enchant_8.1.34-13_arm64.deb
    sha:912e7a54a7907ac23759ade97e95de80178227a0
  • alt-php81-firebird_8.1.34-13_arm64.deb
    sha:ead28c3639a548f5fae0af9565fbc282090a700d
  • alt-php81-fpm_8.1.34-13_arm64.deb
    sha:4ba6f72817decff251f30d5982cf4ace41555136
  • alt-php81-gd_8.1.34-13_arm64.deb
    sha:f2355b2cec266379a3817ed13e28c9eda31d7a32
  • alt-php81-imap_8.1.34-13_arm64.deb
    sha:b7a4b77b84dac3447d7b33ad12a61996b01eaa18
  • alt-php81-intl_8.1.34-13_arm64.deb
    sha:d28d13708ea613f07c515167a5d9160de8365688
  • alt-php81-ldap_8.1.34-13_arm64.deb
    sha:74a5c708a4f0e7b8d32d29c863fdda51a689006e
  • alt-php81-mbstring_8.1.34-13_arm64.deb
    sha:4d69d5cd201e114613f5cd6db11d9e63c04dcd80
  • alt-php81-mysqlnd_8.1.34-13_arm64.deb
    sha:cb244d45f222c5105f628a6533fa96fa74f7f5d8
  • alt-php81-odbc_8.1.34-13_arm64.deb
    sha:0957b9736a9f91d8bfcbba57411507d09e3eda69
  • alt-php81-opcache_8.1.34-13_arm64.deb
    sha:d647ae889b4679acbb66a954eaeb8929fe366386
  • alt-php81-pdo_8.1.34-13_arm64.deb
    sha:9504c24a276272e9bf8adb92cc08ec80badf659e
  • alt-php81-pgsql_8.1.34-13_arm64.deb
    sha:e1803d7a829a4d95ac761dcc14beef9d5ee57d86
  • alt-php81-process_8.1.34-13_arm64.deb
    sha:61ee4649680fd497f2a9ae49297823ee5fd2243a
  • alt-php81-pspell_8.1.34-13_arm64.deb
    sha:b4790eca1e3689f1966fbf68d20bde92f949cf23
  • alt-php81-snmp_8.1.34-13_arm64.deb
    sha:81189499dd8beb3090ae881c58306d125eaa4e3e
  • alt-php81-soap_8.1.34-13_arm64.deb
    sha:1baf13199a5063e47e5ab8c17973cc9d98d25774
  • alt-php81-sodium_8.1.34-13_arm64.deb
    sha:0802f3d9dd6c0c6d3d0fe21c6d45d5c409a36181
  • alt-php81-tidy_8.1.34-13_arm64.deb
    sha:a68041c4c0a0524efebf97e519b6cbd13955e664
  • alt-php81-xml_8.1.34-13_arm64.deb
    sha:681f9772ed3d2142b1a496da54dd5874ba48fd4f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.