Remi's RPM repository - Packages

Blog | Support | Repository | Wizard

php-litespeed - LiteSpeed Web Server PHP support

Website:
http://www.php.net/
Licence:
PHP and Zend and BSD and MIT and ASL 1.0 and NCSA
Vendor:
Remi's RPM repository <https://rpms.remirepo.net/> #StandWithUkraine
Description:
The php-litespeed package provides the /usr/bin/lsphp command
used by the LiteSpeed Web Server (LSAPI enabled PHP).

Packages

php-litespeed-7.4.33-20.fc40.remi.x86_64 [1.5 MiB] Changelog by Remi Collet (2024-11-22):
- Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
  GHSA-4w77-75f9-2c8w
- Fix OOB access in ldap_escape
  CVE-2024-8932
- Fix Integer overflow in the dblib/firebird quoter causing OOB writes
  CVE-2024-11236
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
  CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
  CVE-2024-11233
php-litespeed-7.4.33-18.fc40.remi.x86_64 [1.5 MiB] Changelog by Remi Collet (2024-09-26):
- Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
  CVE-2024-4577
- Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
  CVE-2024-8926
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
  CVE-2024-8927
- Fix Logs from childrens may be altered
  CVE-2024-9026
- Fix Erroneous parsing of multipart form data
  CVE-2024-8925
- use ICU 74.2

Provided by: Nexcess.net