[CLSA-2026:1784107794] Fix CVE(s): CVE-2026-14355
Type:
security
Severity:
Important
Release date:
2026-07-15 09:30:07 UTC
Description:
* SECURITY UPDATE: heap buffer overflow in openssl_encrypt() with AES key-wrap-with-padding (aes-*-wrap-pad, RFC 5649) - debian/patches/php-7.1-CVE-2026-14355.patch: backport upstream commit cbc0489126 in ext/openssl/openssl.c — reserve an extra EVP_CIPHER_block_size for EVP_CIPH_WRAP_MODE ciphers so the output buffer fits the RFC 5649 roundup(len,8)+8 expansion. - CVE-2026-14355
CVEs fixed:
Updated packages:
  • alt-php71_7.1.33-100_amd64.deb
    sha:efc0373d222abc0e37525e817eaf5dfc23c8164c
  • alt-php71-bcmath_7.1.33-100_amd64.deb
    sha:650079c07564bc0f3ae63f1a42dcb9ec87ffc054
  • alt-php71-cli_7.1.33-100_amd64.deb
    sha:e24457d1f77c83dc128cc77bb210b5041aa0101d
  • alt-php71-common_7.1.33-100_amd64.deb
    sha:a63fe2a0b042b0d04482907bb03cc6bedde8f30d
  • alt-php71-dba_7.1.33-100_amd64.deb
    sha:79f01decf1af3ea8181ef529c28911e333d124f2
  • alt-php71-dev_7.1.33-100_amd64.deb
    sha:a38442770690dacc6dde20e4aa2a8cdf390a7186
  • alt-php71-enchant_7.1.33-100_amd64.deb
    sha:800c4873bcd364cf9fbfdbfe73c162b760923b2b
  • alt-php71-firebird_7.1.33-100_amd64.deb
    sha:0291ce217b5b1307906a07709c0688e10df185ca
  • alt-php71-gd_7.1.33-100_amd64.deb
    sha:c313e79e12254acc85fdb48f04522aa13940c439
  • alt-php71-imap_7.1.33-100_amd64.deb
    sha:a159cfe4c870eaa2a41ea42cfaae99e512defa90
  • alt-php71-intl_7.1.33-100_amd64.deb
    sha:d9139547ebcf9d57e0cb2ead06503a080621f2d0
  • alt-php71-ldap_7.1.33-100_amd64.deb
    sha:3ac0ed9d6b5772a4251cf94c8c0ee66b675f84a6
  • alt-php71-mbstring_7.1.33-100_amd64.deb
    sha:e9b1ddf68e865560b157f436866c18236fbb6802
  • alt-php71-mcrypt_7.1.33-100_amd64.deb
    sha:4db82b7ff69272f9e025bc07fa3ae590434fdbce
  • alt-php71-mysqlnd_7.1.33-100_amd64.deb
    sha:b43d8c30cf5f02f01fa25b4ffee2491aeae02e5a
  • alt-php71-odbc_7.1.33-100_amd64.deb
    sha:8530727f667249512a0d3c6cccc9d81e7db382f0
  • alt-php71-opcache_7.1.33-100_amd64.deb
    sha:1ebde7e63ea8e6eaa88b1a727769ec77e26da220
  • alt-php71-pdo_7.1.33-100_amd64.deb
    sha:ba8ad4f5dd1601981d4a5135950234a7000825cb
  • alt-php71-pgsql_7.1.33-100_amd64.deb
    sha:6cf250235efed359f70f5c81691c7da499ca5a66
  • alt-php71-php-fpm_7.1.33-100_amd64.deb
    sha:ef6608050961b4760322b639345975506829d716
  • alt-php71-process_7.1.33-100_amd64.deb
    sha:737b2468f6d46e1c34eb951ee266ce4f1722c7a9
  • alt-php71-pspell_7.1.33-100_amd64.deb
    sha:16dd7daec0e159f9162de3c8fce8c2b8db26093a
  • alt-php71-recode_7.1.33-100_amd64.deb
    sha:39ddb248f42d29eec0405399b67733cbef320f4f
  • alt-php71-snmp_7.1.33-100_amd64.deb
    sha:a9642b531931085902fbc951917c6fc2021ba445
  • alt-php71-soap_7.1.33-100_amd64.deb
    sha:fd9d9a1c0c5b42e9bb6bba48c6b44942cea641c5
  • alt-php71-tidy_7.1.33-100_amd64.deb
    sha:d15af07027e7bc57fda6edfb412dcb676dc56ac3
  • alt-php71-xml_7.1.33-100_amd64.deb
    sha:09957cf930fc7b2b6750b848419f73c1aeb50e08
  • alt-php71-xmlrpc_7.1.33-100_amd64.deb
    sha:cd1c0fe210a4cdc767ee3f3c7d5db10ef7732a22
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.