View Issue Details

IDProjectCategoryView StatusLast Update
0000177Rocky-Linux-8phppublic2022-08-09 09:41
ReporterBenedict Rosner Assigned To 
Status newResolutionopen 
Summary0000177: php-7.4 - yum updateinfo shows RLSA-2022:5467 even tho patch is merged
Descriptionyum updateinfo --list gives me the following list:
Last metadata expiration check: 3:09:04 ago on Tue 09 Aug 2022 07:04:44 AM CEST.
RLSA-2022:5467 Important/Sec. php-8.0.13-3.module+el8.6.0+989+3fbff15c.x86_64
RLSA-2022:5467 Important/Sec. php-cli-8.0.13-3.module+el8.6.0+989+3fbff15c.x86_64
RLSA-2022:5467 Important/Sec. php-common-8.0.13-3.module+el8.6.0+989+3fbff15c.x86_64
RLSA-2022:5467 Important/Sec. php-fpm-8.0.13-3.module+el8.6.0+989+3fbff15c.x86_64
RLSA-2022:5467 Important/Sec. php-gd-8.0.13-3.module+el8.6.0+989+3fbff15c.x86_64
RLSA-2022:5467 Important/Sec. php-ldap-8.0.13-3.module+el8.6.0+989+3fbff15c.x86_64
RLSA-2022:5467 Important/Sec. php-mbstring-8.0.13-3.module+el8.6.0+989+3fbff15c.x86_64
RLSA-2022:5467 Important/Sec. php-opcache-8.0.13-3.module+el8.6.0+989+3fbff15c.x86_64
RLSA-2022:5467 Important/Sec. php-pdo-8.0.13-3.module+el8.6.0+989+3fbff15c.x86_64
RLSA-2022:5467 Important/Sec. php-xml-8.0.13-3.module+el8.6.0+989+3fbff15c.x86_64

You can see that the patch was included in the changelog:

yum changelog php
Last metadata expiration check: 0:00:05 ago on Tue 09 Aug 2022 11:24:55 AM CEST.
Listing all changelogs
Changelogs for php-7.4.19-3.module+el8.6.0+990+389ef54a.x86_64
* Wed Jun 22 12:00:00 AM 2022 Remi Collet <> - 7.4.19-3
- fix password of excessive length triggers buffer overflow leading to RCE
... shows the installed version to be affected:

Steps To Reproduceinstall php-7.4 module
run yum update
check with yum updateinfo --list
this will show a couple of critical patches
TagsNo tags attached.


There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2022-08-09 09:41 Benedict Rosner New Issue