[El-errata] ELSA-2025-7431 Moderate: Oracle Linux 9 php security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue May 27 17:34:12 UTC 2025 

Oracle Linux Security Advisory ELSA-2025-7431

http://linux.oracle.com/errata/ELSA-2025-7431.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
php-8.0.30-3.el9_6.x86_64.rpm
php-bcmath-8.0.30-3.el9_6.x86_64.rpm
php-cli-8.0.30-3.el9_6.x86_64.rpm
php-common-8.0.30-3.el9_6.x86_64.rpm
php-dba-8.0.30-3.el9_6.x86_64.rpm
php-dbg-8.0.30-3.el9_6.x86_64.rpm
php-devel-8.0.30-3.el9_6.x86_64.rpm
php-embedded-8.0.30-3.el9_6.x86_64.rpm
php-enchant-8.0.30-3.el9_6.x86_64.rpm
php-ffi-8.0.30-3.el9_6.x86_64.rpm
php-fpm-8.0.30-3.el9_6.x86_64.rpm
php-gd-8.0.30-3.el9_6.x86_64.rpm
php-gmp-8.0.30-3.el9_6.x86_64.rpm
php-intl-8.0.30-3.el9_6.x86_64.rpm
php-ldap-8.0.30-3.el9_6.x86_64.rpm
php-mbstring-8.0.30-3.el9_6.x86_64.rpm
php-mysqlnd-8.0.30-3.el9_6.x86_64.rpm
php-odbc-8.0.30-3.el9_6.x86_64.rpm
php-opcache-8.0.30-3.el9_6.x86_64.rpm
php-pdo-8.0.30-3.el9_6.x86_64.rpm
php-pgsql-8.0.30-3.el9_6.x86_64.rpm
php-process-8.0.30-3.el9_6.x86_64.rpm
php-snmp-8.0.30-3.el9_6.x86_64.rpm
php-soap-8.0.30-3.el9_6.x86_64.rpm
php-xml-8.0.30-3.el9_6.x86_64.rpm

aarch64:
php-8.0.30-3.el9_6.aarch64.rpm
php-bcmath-8.0.30-3.el9_6.aarch64.rpm
php-cli-8.0.30-3.el9_6.aarch64.rpm
php-common-8.0.30-3.el9_6.aarch64.rpm
php-dba-8.0.30-3.el9_6.aarch64.rpm
php-dbg-8.0.30-3.el9_6.aarch64.rpm
php-devel-8.0.30-3.el9_6.aarch64.rpm
php-embedded-8.0.30-3.el9_6.aarch64.rpm
php-enchant-8.0.30-3.el9_6.aarch64.rpm
php-ffi-8.0.30-3.el9_6.aarch64.rpm
php-fpm-8.0.30-3.el9_6.aarch64.rpm
php-gd-8.0.30-3.el9_6.aarch64.rpm
php-gmp-8.0.30-3.el9_6.aarch64.rpm
php-intl-8.0.30-3.el9_6.aarch64.rpm
php-ldap-8.0.30-3.el9_6.aarch64.rpm
php-mbstring-8.0.30-3.el9_6.aarch64.rpm
php-mysqlnd-8.0.30-3.el9_6.aarch64.rpm
php-odbc-8.0.30-3.el9_6.aarch64.rpm
php-opcache-8.0.30-3.el9_6.aarch64.rpm
php-pdo-8.0.30-3.el9_6.aarch64.rpm
php-pgsql-8.0.30-3.el9_6.aarch64.rpm
php-process-8.0.30-3.el9_6.aarch64.rpm
php-snmp-8.0.30-3.el9_6.aarch64.rpm
php-soap-8.0.30-3.el9_6.aarch64.rpm
php-xml-8.0.30-3.el9_6.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//php-8.0.30-3.el9_6.src.rpm

Related CVEs:

CVE-2025-1217
CVE-2025-1219
CVE-2025-1734
CVE-2025-1736
CVE-2025-1861




Description of changes:

[8.0.30-3]
- Fix libxml streams use wrong content-type header when requesting a redirected resource
  CVE-2025-1219
- Fix Stream HTTP wrapper header check might omit basic auth header
  CVE-2025-1736
- Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
  CVE-2025-1861
- Fix Streams HTTP wrapper does not fail for headers without colon
  CVE-2025-1734
- Fix Header parser of http stream wrapper does not handle folded headers
  CVE-2025-1217

More information about the El-errata mailing list