[El-errata] ELSA-2026-33449 Important: Oracle Linux 9 php security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Mon Jul 6 23:21:48 UTC 2026
Oracle Linux Security Advisory ELSA-2026-33449
http://linux.oracle.com/errata/ELSA-2026-33449.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
php-8.0.30-6.el9_8.x86_64.rpm
php-bcmath-8.0.30-6.el9_8.x86_64.rpm
php-cli-8.0.30-6.el9_8.x86_64.rpm
php-common-8.0.30-6.el9_8.x86_64.rpm
php-dba-8.0.30-6.el9_8.x86_64.rpm
php-dbg-8.0.30-6.el9_8.x86_64.rpm
php-devel-8.0.30-6.el9_8.x86_64.rpm
php-embedded-8.0.30-6.el9_8.x86_64.rpm
php-enchant-8.0.30-6.el9_8.x86_64.rpm
php-ffi-8.0.30-6.el9_8.x86_64.rpm
php-fpm-8.0.30-6.el9_8.x86_64.rpm
php-gd-8.0.30-6.el9_8.x86_64.rpm
php-gmp-8.0.30-6.el9_8.x86_64.rpm
php-intl-8.0.30-6.el9_8.x86_64.rpm
php-ldap-8.0.30-6.el9_8.x86_64.rpm
php-mbstring-8.0.30-6.el9_8.x86_64.rpm
php-mysqlnd-8.0.30-6.el9_8.x86_64.rpm
php-odbc-8.0.30-6.el9_8.x86_64.rpm
php-opcache-8.0.30-6.el9_8.x86_64.rpm
php-pdo-8.0.30-6.el9_8.x86_64.rpm
php-pgsql-8.0.30-6.el9_8.x86_64.rpm
php-process-8.0.30-6.el9_8.x86_64.rpm
php-snmp-8.0.30-6.el9_8.x86_64.rpm
php-soap-8.0.30-6.el9_8.x86_64.rpm
php-xml-8.0.30-6.el9_8.x86_64.rpm
aarch64:
php-8.0.30-6.el9_8.aarch64.rpm
php-bcmath-8.0.30-6.el9_8.aarch64.rpm
php-cli-8.0.30-6.el9_8.aarch64.rpm
php-common-8.0.30-6.el9_8.aarch64.rpm
php-dba-8.0.30-6.el9_8.aarch64.rpm
php-dbg-8.0.30-6.el9_8.aarch64.rpm
php-devel-8.0.30-6.el9_8.aarch64.rpm
php-embedded-8.0.30-6.el9_8.aarch64.rpm
php-enchant-8.0.30-6.el9_8.aarch64.rpm
php-ffi-8.0.30-6.el9_8.aarch64.rpm
php-fpm-8.0.30-6.el9_8.aarch64.rpm
php-gd-8.0.30-6.el9_8.aarch64.rpm
php-gmp-8.0.30-6.el9_8.aarch64.rpm
php-intl-8.0.30-6.el9_8.aarch64.rpm
php-ldap-8.0.30-6.el9_8.aarch64.rpm
php-mbstring-8.0.30-6.el9_8.aarch64.rpm
php-mysqlnd-8.0.30-6.el9_8.aarch64.rpm
php-odbc-8.0.30-6.el9_8.aarch64.rpm
php-opcache-8.0.30-6.el9_8.aarch64.rpm
php-pdo-8.0.30-6.el9_8.aarch64.rpm
php-pgsql-8.0.30-6.el9_8.aarch64.rpm
php-process-8.0.30-6.el9_8.aarch64.rpm
php-snmp-8.0.30-6.el9_8.aarch64.rpm
php-soap-8.0.30-6.el9_8.aarch64.rpm
php-xml-8.0.30-6.el9_8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/php-8.0.30-6.el9_8.src.rpm
Related CVEs:
CVE-2026-6722
CVE-2026-6735
CVE-2026-7258
CVE-2026-7259
CVE-2026-7261
CVE-2026-7262
CVE-2026-7568
Description of changes:
[8.0.30-6]
- Fix XSS within status endpoint
CVE-2026-6735
- Fix Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()
CVE-2026-7259
- Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map
CVE-2026-6722
- Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION
CVE-2026-7261
- Fix Broken Apache map value NULL check
CVE-2026-7262
- Fix Signed integer overflow of char array offset
CVE-2026-7568
- Fix Consistently pass unsigned char to ctype.h functions
CVE-2026-7258
More information about the El-errata
mailing list