[CLSA-2026:1779354688] alt-php80: Fix of 7 CVEs
Type:
security
Severity:
Critical
Release date:
2026-05-21 09:11:33 UTC
Description:
- CVE-2026-6722: soap extension use-after-free via apache:Map duplicate keys - CVE-2025-14179: pdo_firebird SQL injection via NUL bytes in quoted strings - CVE-2026-7262: soap extension NULL pointer deref via apache:Map missing value - CVE-2026-6735: php-fpm status endpoint XSS via unescaped request_uri - CVE-2026-7259: mbstring NULL pointer dereference in php_mb_check_encoding() via mb_ereg_search_init() with Oniguruma-only encodings (iso-8859-11, UJIS, KOI8-R, ...) - CVE-2026-7261: soap SoapServer use-after-free after header parsing failure when SOAP_PERSISTENCE_SESSION is set - CVE-2026-7568: metaphone() signed integer overflow when called with >INT_MAX byte input on 64-bit builds
Updated packages:
  • alt-php80-8.0.30-42.el8.x86_64.rpm
    sha:e336f31d4b7ba10aa9443c7e31b8e6ed33b6c3506b42feb70c45972956ceb205
  • alt-php80-bcmath-8.0.30-42.el8.x86_64.rpm
    sha:aaade1435f7a2a522e9900c2b9339ecfd98f54f2159367722d32a8406c8c4dcc
  • alt-php80-cli-8.0.30-42.el8.x86_64.rpm
    sha:ff53d58dbf6c870b51f4aca04c833feda194015fe76e760fdf0224d5db7262a2
  • alt-php80-common-8.0.30-42.el8.x86_64.rpm
    sha:1aef3f0def2a91d794b0ce37557ed914920ef79364a1bd618ee4e88979e3f4e8
  • alt-php80-dba-8.0.30-42.el8.x86_64.rpm
    sha:5ee2b962821fe9ea0f5ba5f98316b593b65ae9ff5abf0a46e858801e1ab92f0e
  • alt-php80-devel-8.0.30-42.el8.x86_64.rpm
    sha:9f1078dfa13f31d6073f70d1c571dae18f6920dd7fa9e0e75c21a8d3bb82a550
  • alt-php80-enchant-8.0.30-42.el8.x86_64.rpm
    sha:64613b073d39c76d463d7d8c6ee18e4f9c02221f8b2900a91b92d4a6ccac0e6c
  • alt-php80-firebird-8.0.30-42.el8.x86_64.rpm
    sha:63103ce99df00cc70658dc0afc7fa6a3d3684041aab5960d00f15e92ebf3b6d2
  • alt-php80-gd-8.0.30-42.el8.x86_64.rpm
    sha:99c1993810c082b299359bf69995fbddcf76117cef41aef81d33d09a828878ba
  • alt-php80-imap-8.0.30-42.el8.x86_64.rpm
    sha:67666c3c3729d983487cd16a0dbc8fc11631ca86aac881a1ae999a9d2950c050
  • alt-php80-intl-8.0.30-42.el8.x86_64.rpm
    sha:18a04dd29a0e9b155edcb33ec61e14fb553e7cb1b650ab9cc35332f7fdcf0a47
  • alt-php80-ldap-8.0.30-42.el8.x86_64.rpm
    sha:90c3afe316bd88a4bc65502bd3689d4f538b23c53cf3aba257004acf410c7800
  • alt-php80-mbstring-8.0.30-42.el8.x86_64.rpm
    sha:0ed61296fe927d82f2a56b95d203417c972b19c7c01554a0abea981240d0c517
  • alt-php80-mysqlnd-8.0.30-42.el8.x86_64.rpm
    sha:34e7c7c2f645e430edf469763cc93ec12bc412a826cdd9c2ff3d91f1c0b9cc6c
  • alt-php80-odbc-8.0.30-42.el8.x86_64.rpm
    sha:c62faa0692f50506fd8855334939b1aba3584158f3d54c18439213694ac13221
  • alt-php80-opcache-8.0.30-42.el8.x86_64.rpm
    sha:cc71c99a90e8a8d3fb28fac53339cebcf0d76cd7636873dafa9c8c97d0cde164
  • alt-php80-pdo-8.0.30-42.el8.x86_64.rpm
    sha:1ac6ef2ebe915689f588d254194ec431b7e2e68adab40835bd5df088c0796c8b
  • alt-php80-pgsql-8.0.30-42.el8.x86_64.rpm
    sha:2995dee7c28a04b017302abfd98e00497bf0b0cc834570673bef5c85a572aa0d
  • alt-php80-php-fpm-8.0.30-42.el8.x86_64.rpm
    sha:4c32d73f2e64a2e1be3b86940127c1a684815fa8f55377d685175317620d973d
  • alt-php80-process-8.0.30-42.el8.x86_64.rpm
    sha:5b6fd0fad330f03306ac17a3871f71504279523ce017fc08c9ff55b2080375ff
  • alt-php80-pspell-8.0.30-42.el8.x86_64.rpm
    sha:f0760b67487b131706e574a9b503bf2e31e8ec145f58761c254841b1eeb506f7
  • alt-php80-snmp-8.0.30-42.el8.x86_64.rpm
    sha:03e72a265436e2630ef23ff34806cc95b591518e0ba097969b5d9c8c20eb9f49
  • alt-php80-soap-8.0.30-42.el8.x86_64.rpm
    sha:14fd79ece9f752b4aceeda60f0850043aba1f3ef1cdcb04bb9c46e79f0fec52d
  • alt-php80-sodium-8.0.30-42.el8.x86_64.rpm
    sha:1b183279d68edbf62c63d3688c2686d78d20e328b8248a56b8079e7aa7e0fe10
  • alt-php80-tidy-8.0.30-42.el8.x86_64.rpm
    sha:1eba72ea9af5b6afbb4109cb027384fbfb05a945bd7fbb79b02bbdac0b79e1e5
  • alt-php80-xml-8.0.30-42.el8.x86_64.rpm
    sha:322195d81637aae0cb71ac9bbd3548a8d6ab713ba90ec6f708facbb3c230e1b9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.