[El-errata] ELSA-2026-34354 Important: Oracle Linux 8 php:7.4 security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Jul 6 23:21:23 UTC 2026


Oracle Linux Security Advisory ELSA-2026-34354

http://linux.oracle.com/errata/ELSA-2026-34354.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
apcu-panel-5.1.18-1.module+el8.10.0+90472+f810484b.noarch.rpm
libzip-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm
libzip-devel-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm
libzip-tools-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm
php-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-bcmath-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-cli-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-common-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-dba-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-dbg-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-devel-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-embedded-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-enchant-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-ffi-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-fpm-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-gd-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-gmp-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-intl-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-json-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-ldap-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-mbstring-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-mysqlnd-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-odbc-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-opcache-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-pdo-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.noarch.rpm
php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.x86_64.rpm
php-pecl-apcu-devel-5.1.18-1.module+el8.10.0+90472+f810484b.x86_64.rpm
php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm
php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.x86_64.rpm
php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.x86_64.rpm
php-pgsql-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-process-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-snmp-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-soap-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-xml-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm
php-xmlrpc-7.4.33-4.module+el8.10.0+90942+d80f51f3.x86_64.rpm

aarch64:
apcu-panel-5.1.18-1.module+el8.10.0+90472+f810484b.noarch.rpm
libzip-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm
libzip-devel-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm
libzip-tools-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm
php-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-bcmath-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-cli-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-common-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-dba-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-dbg-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-devel-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-embedded-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-enchant-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-ffi-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-fpm-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-gd-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-gmp-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-intl-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-json-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-ldap-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-mbstring-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-mysqlnd-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-odbc-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-opcache-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-pdo-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.noarch.rpm
php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.aarch64.rpm
php-pecl-apcu-devel-5.1.18-1.module+el8.10.0+90472+f810484b.aarch64.rpm
php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm
php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.aarch64.rpm
php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.aarch64.rpm
php-pgsql-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-process-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-snmp-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-soap-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-xml-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm
php-xmlrpc-7.4.33-4.module+el8.10.0+90942+d80f51f3.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/libzip-1.6.1-1.module+el8.10.0+90472+f810484b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-7.4.33-4.module+el8.10.0+90942+d80f51f3.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.src.rpm

Related CVEs:

CVE-2026-6722
CVE-2026-6735
CVE-2026-7258
CVE-2026-7261
CVE-2026-7262
CVE-2026-7568




Description of changes:

libzip
[1.6.1-1]
- update to 1.6.1
- enable lzma support

php
[7.4.33-4]
- Fix XSS within status endpoint
  CVE-2026-6735
- Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map
  CVE-2026-6722
- Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION
  CVE-2026-7261
- Fix Broken Apache map value NULL check
  CVE-2026-7262
- Fix Signed integer overflow of char array offset
  CVE-2026-7568
- Fix Consistently pass unsigned char to ctype.h functions
  CVE-2026-7258

php-pear
[1:1.10.13-1]
- update PEAR to 1.10.13
- update Archive_Tar to 1.4.14

php-pecl-apcu
[5.1.18-1]
- update to 5.1.18

php-pecl-rrd
[2.0.1-1]
- build for RHEL 8

php-pecl-xdebug
[2.9.5-1]
- update to 2.9.5

php-pecl-zip
[1.18.2-1]
- update to 1.18.2" -s " php:7.4 security update"



More information about the El-errata mailing list