CLSA-2026:1779459209

[CLSA-2026:1779459209] alt-php72: Fix of 5 CVEs

Type:

security

Severity:

Critical

Release date:

2026-05-22 14:13:42 UTC

Description:

- CVE-2026-6722: soap extension use-after-free via apache:Map duplicate keys
- CVE-2026-7262: soap extension NULL pointer deref via apache:Map missing value
- CVE-2026-6735: php-fpm status endpoint XSS via unescaped request_uri
- CVE-2026-7261: soap SoapServer use-after-free after header parsing failure
  when SOAP_PERSISTENCE_SESSION is set
- CVE-2026-7568: metaphone() signed integer overflow when called with >INT_MAX
  byte input on 64-bit builds

Updated packages:

alt-php72-7.2.34-72.el9.x86_64.rpm
sha:86a07da1dab8c204f9c419b38f8f57afe426d4018db879d8f4b49cbf938f9ce7
alt-php72-bcmath-7.2.34-72.el9.x86_64.rpm
sha:d081dfe9483f4042c61c8f3a5f684b10d309fcae9d030bd18a1208aa0cb533e8
alt-php72-cli-7.2.34-72.el9.x86_64.rpm
sha:5ad31cce80fd6b24c48c42db6e680d2c8ad95fabc8dd6dad35bc7a1e30c94b54
alt-php72-common-7.2.34-72.el9.x86_64.rpm
sha:eea15c2a2f6c89cf275448aea8632646b46853b9b829c7c7debd5a84a8c74187
alt-php72-dba-7.2.34-72.el9.x86_64.rpm
sha:3013d83a995196cc6cb91407e93f5efb990855b309b46f1f3fa180097ad76148
alt-php72-devel-7.2.34-72.el9.x86_64.rpm
sha:b1160aa13a47faf20a850a44e24c379ff417516fac823ade25e58f48e6f9a3d8
alt-php72-enchant-7.2.34-72.el9.x86_64.rpm
sha:6ecf7a479735fd41d3393828f1f6b0e774021d3818e832a5b541ac3bfd0242fa
alt-php72-firebird-7.2.34-72.el9.x86_64.rpm
sha:64749f1b2a9adb221316d7465dac28a860e9264dd8bf471a762d73ef8357996c
alt-php72-gd-7.2.34-72.el9.x86_64.rpm
sha:a9ecb928dc6c8c9ae01d0efc9563be43e23882e6c08e3c81c8afdf11528145e7
alt-php72-imap-7.2.34-72.el9.x86_64.rpm
sha:620893afce10349e8800e9ac7e7f2cca3f24b73af2e5a251a71792c0cee23ef8
alt-php72-intl-7.2.34-72.el9.x86_64.rpm
sha:ec3b0de78fe7f03a1a011208ecd965997bfcaa296c5fd42afbc71f2b7249a201
alt-php72-ldap-7.2.34-72.el9.x86_64.rpm
sha:206bd80a6adb6e9d652884282c3cb40f8a44391a2372439ad5c18d3672eac5f7
alt-php72-mbstring-7.2.34-72.el9.x86_64.rpm
sha:2708ee419f6a263181b7aba76a37a3c79d941fb78b193625a65f10eacf85b685
alt-php72-mysqlnd-7.2.34-72.el9.x86_64.rpm
sha:46421eb0d3891c4f2f13a5577465d2a6b77acf32e5cafffe8ba22ee57132f389
alt-php72-odbc-7.2.34-72.el9.x86_64.rpm
sha:a1283bf177dec6ced3de3344163b31f705a094fb0bc01540e12c7671d12dcab5
alt-php72-opcache-7.2.34-72.el9.x86_64.rpm
sha:e30872d95c7d0a8e40134f09ee3d5fbbfbe6748d86bd2ee278f94fd8b4dba216
alt-php72-pdo-7.2.34-72.el9.x86_64.rpm
sha:7f2b4e079f28d4558bc7d82ab71309c55bf228d7eaf54db6f045f1e1434cfe47
alt-php72-pgsql-7.2.34-72.el9.x86_64.rpm
sha:1219dd0f717ee907603a15305bcb2aa01cbd851653b351325a0f47796340bb42
alt-php72-php-fpm-7.2.34-72.el9.x86_64.rpm
sha:afa2799cd8d295663744131b366ba5ba237a896ae3018cc1dfc718434a82afa4
alt-php72-process-7.2.34-72.el9.x86_64.rpm
sha:b0fa5b35c6e09aef60bdf6830d74b17c435badfc6d4eb73d5bd88f24ac83864d
alt-php72-pspell-7.2.34-72.el9.x86_64.rpm
sha:6b1ad5060eba47e547f29ad9db117980df0db70bdb36dd4b4fb1a474c5df2ddc
alt-php72-recode-7.2.34-72.el9.x86_64.rpm
sha:700cde73aefbeb0f56d1237a3763b52a17575e9a69e1215c17f62783d68e4fab
alt-php72-snmp-7.2.34-72.el9.x86_64.rpm
sha:dce82839a8b7f1fae37525baaa22dd7bd6a5bc1843e92bbfeb8bf866c137a83c
alt-php72-soap-7.2.34-72.el9.x86_64.rpm
sha:ecfcd241ce3d7d0e8d7bb93c711fceae1315d68d9765d237937ee494655ec590
alt-php72-sodium-7.2.34-72.el9.x86_64.rpm
sha:986cffb3ace7a32da259026c2974384d2f4442358998369a69cbd319530de126
alt-php72-tidy-7.2.34-72.el9.x86_64.rpm
sha:a0afa01586ee07d6b5450972322f1a8280c1eb8384a7cab65475ca538e85d8a3
alt-php72-xml-7.2.34-72.el9.x86_64.rpm
sha:d1d5a0de3ae79b6b026e365cd626fec4ffcc84c3ce9499dc7bf6dc64c9b2f858
alt-php72-xmlrpc-7.2.34-72.el9.x86_64.rpm
sha:321b5b2ecf4c32f37cf50e3a09ccf93226e8dbadff9bb43610eb8d6b803fbd47
alt-php72-zts-7.2.34-72.el9.x86_64.rpm
sha:9dc66aba98d5f0357d8e80cfdeeb5c1c3bc69f9d6ef83b74ef6678be47b7a1ac
alt-php72-zts-devel-7.2.34-72.el9.x86_64.rpm
sha:3fc2e046be96170cc1439cf66a3d0b38008b0684462a06f8c790ce36c957882b

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.