{"id":"CLSA-2026-1776958404","summary":"php: Fix of 5 CVEs","details":"- CVE-2019-9023: mbstring oniguruma: fix heap overflow in utf32be_mbc_to_code and related mbc_to_code encoders (bug #77418); completes CVE-2019-9023 coverage alongside existing php-5.3.29-bug77370_77371_77381_77382_77385_77394.patch\n- CVE-2019-11034: exif: fix heap-buffer-overflow in php_ifd_get32s (bug #77753)\n- CVE-2019-11035: exif: fix heap-buffer-overflow in exif_iif_add_value (bug #77831)\n- CVE-2019-11036: exif: fix heap-buffer-overflow via exif_process_IFD_TAG (bug #77950)\n- CVE-2019-9641: exif: fix uninitialized read in exif_process_IFD_in_TIFF via 32-bit integer overflow (bug #77509)","modified":"2026-06-01T00:33:17.063428395Z","published":"2026-04-25T08:46:43Z","upstream":["CVE-2019-9023","CVE-2019-11034","CVE-2019-11035","CVE-2019-11036","CVE-2019-9641"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/centos6els/CLSA-2026-1776958404.html"}],"affected":[{"package":{"name":"php","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-bcmath","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-bcmath?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-cli","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-cli?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-common","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-common?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-dba","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-dba?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-devel","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-devel?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-embedded","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-embedded?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-enchant","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-enchant?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-fpm","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-fpm?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-gd","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-gd?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-imap","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-imap?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-intl","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-intl?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-ldap","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-ldap?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-mbstring","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-mbstring?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-mysql","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-mysql?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-odbc","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-odbc?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-pdo","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-pdo?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-pgsql","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-pgsql?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-process","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-process?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-pspell","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-pspell?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-recode","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-recode?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-snmp","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-snmp?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-soap","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-soap?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-tidy","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-tidy?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-xml","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-xml?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-xmlrpc","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-xmlrpc?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}},{"package":{"name":"php-zts","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/php-zts?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.3-55.el6.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776958404.json"}}],"schema_version":"1.7.5"}