[CLSA-2026:1784108175] Fix CVE(s): CVE-2026-14355
Type:
security
Severity:
Important
Release date:
2026-07-15 09:36:29 UTC
Description:
* SECURITY UPDATE: heap buffer overflow in openssl_encrypt() with AES key-wrap-with-padding (aes-*-wrap-pad, RFC 5649) - debian/patches/php-7.1-CVE-2026-14355.patch: backport upstream commit cbc0489126 in ext/openssl/openssl.c — reserve an extra EVP_CIPHER_block_size for EVP_CIPH_WRAP_MODE ciphers so the output buffer fits the RFC 5649 roundup(len,8)+8 expansion. - CVE-2026-14355
CVEs fixed:
Updated packages:
  • alt-php71_7.1.33-100_amd64.deb
    sha:efc0373d222abc0e37525e817eaf5dfc23c8164c
  • alt-php71-bcmath_7.1.33-100_amd64.deb
    sha:d6e1ef6c9b310fd24bb7f64115bae398878617a0
  • alt-php71-cli_7.1.33-100_amd64.deb
    sha:ef276861daa62da4af82fa0f478d642620d3618f
  • alt-php71-common_7.1.33-100_amd64.deb
    sha:a87bd6f330ccda2500504a53d38ed3721e757c0c
  • alt-php71-dba_7.1.33-100_amd64.deb
    sha:0cd1af2243b09fe8f3e8c54093c967aa97ba4f00
  • alt-php71-dev_7.1.33-100_amd64.deb
    sha:842fab3e571ade9ed9794f2b7d272f34cd30a872
  • alt-php71-enchant_7.1.33-100_amd64.deb
    sha:788594ac54db4d9cae137f8906ccc7c0debc220c
  • alt-php71-firebird_7.1.33-100_amd64.deb
    sha:52694349cc7bf46d5a4328f67cf1fa88d62438aa
  • alt-php71-gd_7.1.33-100_amd64.deb
    sha:602cbdef0d3a028eee0ccbccfaa941cb452bb361
  • alt-php71-imap_7.1.33-100_amd64.deb
    sha:e074ba062b3e43f842788e735f08d92d7e85e297
  • alt-php71-intl_7.1.33-100_amd64.deb
    sha:e99a5e8fd71389e4b80b343e5ff332bc7a38d5dc
  • alt-php71-ldap_7.1.33-100_amd64.deb
    sha:526bc529feeb6c2248f103606f7d0ec72e82ce84
  • alt-php71-mbstring_7.1.33-100_amd64.deb
    sha:84d675fceb8f6996c41e6d966ee29f491d5f03ec
  • alt-php71-mcrypt_7.1.33-100_amd64.deb
    sha:df62eff6075514d8a7db6d713a10919ee89505a3
  • alt-php71-mysqlnd_7.1.33-100_amd64.deb
    sha:18cac43f9c1b4955e156071dec36907ad9b47f6f
  • alt-php71-odbc_7.1.33-100_amd64.deb
    sha:2335b08d25748ef45a39c85f9378b69e4b7b6e21
  • alt-php71-opcache_7.1.33-100_amd64.deb
    sha:2b893719a5be604ac660c6c4680d92567e1e5f92
  • alt-php71-pdo_7.1.33-100_amd64.deb
    sha:258164bf6c046b6c7a7acc17eb4a259209e56760
  • alt-php71-pgsql_7.1.33-100_amd64.deb
    sha:f0f0b667ac0bfa56066ae0354a6f4ba09d64109a
  • alt-php71-php-fpm_7.1.33-100_amd64.deb
    sha:e4193f678d7cae838244de4edb70bf9bd144fca1
  • alt-php71-process_7.1.33-100_amd64.deb
    sha:b56fb3e46bb5412841ae6a5b625e2ca4424bc111
  • alt-php71-pspell_7.1.33-100_amd64.deb
    sha:7033b50ea038f68ae9483eb1b8ca5cb5c9b846e7
  • alt-php71-recode_7.1.33-100_amd64.deb
    sha:01916a8fdcc294fd562006ab9a70bc6cc26aef9c
  • alt-php71-snmp_7.1.33-100_amd64.deb
    sha:c8bd2a568ca43bbd3b5d46313155c4608d6f9791
  • alt-php71-soap_7.1.33-100_amd64.deb
    sha:a55f1a6c7ecda660c2f275bbf9500ed17c54349f
  • alt-php71-tidy_7.1.33-100_amd64.deb
    sha:92a0f0f295885efaa8b1ad99453a80ef35d887c8
  • alt-php71-xml_7.1.33-100_amd64.deb
    sha:42a8f855dc4d231741cc661ca8ac3e0b0afbfe47
  • alt-php71-xmlrpc_7.1.33-100_amd64.deb
    sha:3a2621f125e8f4a122f6a5ee92df7fed577b6f92
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.