| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: php-xml | Distribution: Unknown |
| Version: 8.0.30 | Vendor: Remi's RPM repository <https://rpms.remirepo.net/> #StandWithUkraine |
| Release: 17.module_php.8.0.fc44.remi | Build date: Wed Jul 1 10:10:31 2026 |
| Group: Unspecified | Build host: builder2.remirepo.net |
| Size: 552414 | Source RPM: php-8.0.30-17.module_php.8.0.fc44.remi.src.rpm |
| Packager: Remi Collet | |
| Url: http://www.php.net/ | |
| Summary: A module for PHP applications which use XML | |
The php-xml package contains dynamic shared objects which add support to PHP for manipulating XML documents using the DOM tree, and performing XSL transformations on XML documents.
PHP
* Wed Jul 01 2026 Remi Collet <remi@remirepo.net> - 8.0.30-17
- Fix Memory corruption (zend_mm_heap corrupted) in openssl_encrypt with AES-WRAP-PAD
* Mon May 11 2026 Remi Collet <remi@remirepo.net> - 8.0.30-16
- Fix XSS within status endpoint
CVE-2026-6735
- Fix Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()
CVE-2026-7259
- Fix SQL injection via NUL bytes in quoted strings
CVE-2025-14179
- Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map
CVE-2026-6722
- Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION
CVE-2026-7261
- Fix Broken Apache map value NULL check
CVE-2026-7262
- Fix Signed integer overflow of char array offset
CVE-2026-7568
- Fix Consistently pass unsigned char to ctype.h functions
CVE-2026-7258
* Thu Dec 18 2025 Remi Collet <remi@remirepo.net> - 8.0.30-15
- Fix Null byte termination in dns_get_record()
GHSA-www2-q4fc-65wf
- Fix Heap buffer overflow in array_merge()
CVE-2025-14178
- Fix Information Leak of Memory in getimagesize
CVE-2025-14177
* Thu Jul 03 2025 Remi Collet <remi@remirepo.net> - 8.0.30-14
- Fix pgsql extension does not check for errors during escaping
CVE-2025-1735
- Fix NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
CVE-2025-6491
- Fix Null byte termination in hostnames
CVE-2025-1220
* Thu Mar 13 2025 Remi Collet <remi@remirepo.net> - 8.0.30-13
- Fix libxml streams use wrong `content-type` header when requesting a redirected resource
CVE-2025-1219
- Fix Stream HTTP wrapper header check might omit basic auth header
CVE-2025-1736
- Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
CVE-2025-1861
- Fix Streams HTTP wrapper does not fail for headers without colon
CVE-2025-1734
- Fix Header parser of `http` stream wrapper does not handle folded headers
CVE-2025-1217
- use oracle client library version 23.7 on x86_64 and aarch64
* Thu Feb 13 2025 Remi Collet <remi@remirepo.net> - 8.0.30-12
- backport fix for ICU 74+
- backport fix strict prototypes
* Wed Nov 27 2024 Remi Collet <remi@remirepo.net> - 8.0.30-11
- Fix Leak partial content of the heap through heap buffer over-read
CVE-2024-8929
* Fri Nov 22 2024 Remi Collet <remi@remirepo.net> - 8.0.30-10
- Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
GHSA-4w77-75f9-2c8w
- Fix OOB access in ldap_escape
CVE-2024-8932
- Fix Integer overflow in the dblib/firebird quoter causing OOB writes
CVE-2024-11236
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
CVE-2024-11233
* Thu Sep 26 2024 Remi Collet <remi@remirepo.net> - 8.0.30-9
- Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
CVE-2024-4577
- Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
CVE-2024-8926
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
CVE-2024-8927
- Fix Logs from childrens may be altered
CVE-2024-9026
- Fix Erroneous parsing of multipart form data
CVE-2024-8925
- use ICU 74.2
* Mon Aug 26 2024 Remi Collet <remi@remirepo.net> - 8.0.30-8
- add backport for https://bugs.php.net/79589
error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading
* Wed Jul 31 2024 Remi Collet <remi@remirepo.net> - 8.0.30-7
- use oracle client library version 23.5 on x86_64
/etc/php.d/20-dom.ini /etc/php.d/20-simplexml.ini /etc/php.d/20-xml.ini /etc/php.d/20-xmlwriter.ini /etc/php.d/20-xsl.ini /etc/php.d/30-xmlreader.ini /usr/lib/.build-id /usr/lib/.build-id/10 /usr/lib/.build-id/10/5c743aed80bfdddf3ea3b63e4d365e72898950 /usr/lib/.build-id/18 /usr/lib/.build-id/18/422a872f44fe8668c3bc4766a9f17d43802b14 /usr/lib/.build-id/52 /usr/lib/.build-id/52/6ffc01e434fc79e1c895bd4fe851ed700a26e5 /usr/lib/.build-id/c5/060f48f2505a2a450b861dd8906f19fa0f747d /usr/lib/.build-id/c8 /usr/lib/.build-id/c8/0338b3f756b3b5e249fce7b4c4a7f5f1c4c9f4 /usr/lib/.build-id/f0 /usr/lib/.build-id/f0/b1d6b987028a0b7fa1d128f5bf5fd0f954cc8b /usr/lib64/php/modules/dom.so /usr/lib64/php/modules/simplexml.so /usr/lib64/php/modules/xml.so /usr/lib64/php/modules/xmlreader.so /usr/lib64/php/modules/xmlwriter.so /usr/lib64/php/modules/xsl.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Jul 2 11:19:52 2026