{"id":"MGASA-2021-0330","summary":"Updated php packages fix security vulnerabilities","details":"Updated php packages provides upstream 8.0.8 and fixes the following\nsecurity vulnerabilities:\n\n- PDO_Firebird:\n  * Fix Stack buffer overflow in firebird_info_cb (CVE-2021-21704).\n  * Fix SIGSEGV in firebird_handle_doer (CVE-2021-21704).\n  * Fix SIGSEGV in firebird_stmt_execute (CVE-2021-21704).\n  * Fix Crash while parsing blob data in firebird_fetch_blob\n    (CVE-2021-21704)\n- Fix SSRF bypass in FILTER_VALIDATE_URL (CVE-2021-21705).\n\nFor other fixes in this update, see the referenced Changelog.\n","modified":"2026-04-16T00:12:30.745462065Z","published":"2021-07-10T12:56:54Z","upstream":["CVE-2021-21704","CVE-2021-21705"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0330.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29094"},{"type":"WEB","url":"https://www.php.net/ChangeLog-8.php#8.0.8"}],"affected":[{"package":{"name":"php","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/php?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.8-1.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0330.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}