{"id":"MGASA-2023-0248","summary":"Updated php packages fix security vulnerability","details":"Libxml - GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading\nin XML without enabling it). (CVE-2023-3823)\nPhar - GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read())\n(CVE-2023-3824)\n","modified":"2026-02-04T04:19:45.567791Z","published":"2023-08-23T19:56:41Z","related":["CVE-2023-3823","CVE-2023-3824"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0248.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=32158"},{"type":"REPORT","url":"https://www.php.net/ChangeLog-8.php#8.0.30"}],"affected":[{"package":{"name":"php","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/php?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.30-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0248.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}