[CLSA-2026:1784109258] Fix CVE(s): CVE-2026-14355
Type:
security
Severity:
Important
Release date:
2026-07-15 09:54:31 UTC
Description:
* SECURITY UPDATE: heap buffer overflow in openssl_encrypt() with AES key-wrap-with-padding (aes-*-wrap-pad, RFC 5649) - debian/patches/php-7.1-CVE-2026-14355.patch: backport upstream commit cbc0489126 in ext/openssl/openssl.c — reserve an extra EVP_CIPHER_block_size for EVP_CIPH_WRAP_MODE ciphers so the output buffer fits the RFC 5649 roundup(len,8)+8 expansion. - CVE-2026-14355
CVEs fixed:
Updated packages:
  • alt-php71_7.1.33-100_amd64.deb
    sha:ad960bfa22e3ca2aa84e3f8b984602f469d8fbdd
  • alt-php71-bcmath_7.1.33-100_amd64.deb
    sha:9339d829a8514f81ab3373bf6ded39d431495ead
  • alt-php71-cli_7.1.33-100_amd64.deb
    sha:c68e39eec86cd1226095a92359d83770a3e0e6bc
  • alt-php71-common_7.1.33-100_amd64.deb
    sha:a79a049c2c7dd654a3d1ed49d0097bd48047f794
  • alt-php71-dba_7.1.33-100_amd64.deb
    sha:21cc4b4c717527e360b7c728cc24ed24a75c1d2a
  • alt-php71-dev_7.1.33-100_amd64.deb
    sha:739768bf730cb6b6a14498a37fd4d0918c0b792d
  • alt-php71-enchant_7.1.33-100_amd64.deb
    sha:4d69b3da28958d8749a60b43add8e9250f7bdeb3
  • alt-php71-firebird_7.1.33-100_amd64.deb
    sha:ab6e9df6b125701ec643a5cae2e698e01c8c5dc3
  • alt-php71-gd_7.1.33-100_amd64.deb
    sha:68365b679cada205c22d612d819d025b795aae4a
  • alt-php71-imap_7.1.33-100_amd64.deb
    sha:0ff123248c09db4b0926e0b9afea2fb9875689e7
  • alt-php71-intl_7.1.33-100_amd64.deb
    sha:d930c0fd0e06a35c49eb1ad1d761ff4bacf396de
  • alt-php71-ldap_7.1.33-100_amd64.deb
    sha:b5f1dcd445bd008ad79b6954effd358130bd3b9e
  • alt-php71-mbstring_7.1.33-100_amd64.deb
    sha:630b6a1fcb4dfe9ad2cb1fc870516fdf1fdda3fc
  • alt-php71-mcrypt_7.1.33-100_amd64.deb
    sha:e711bf312a4d45eae60e5fdc9204c1122c87a477
  • alt-php71-mysqlnd_7.1.33-100_amd64.deb
    sha:1f5f6a5cc1e1c8f8858be8467dea903e8a9d5ecc
  • alt-php71-odbc_7.1.33-100_amd64.deb
    sha:43f5c41a517fe01c30f2bfdc25260f9a88384584
  • alt-php71-opcache_7.1.33-100_amd64.deb
    sha:75b38293b23c0c351255a3ae3e6219775736f53b
  • alt-php71-pdo_7.1.33-100_amd64.deb
    sha:8eb93bec19022b166a67bb53444b4255775e8b56
  • alt-php71-pgsql_7.1.33-100_amd64.deb
    sha:d0c3ea9d748269191480f6f28da41ea7b4792c40
  • alt-php71-php-fpm_7.1.33-100_amd64.deb
    sha:02e45cbceba5be1ef122eab3e6f2c108427b6177
  • alt-php71-process_7.1.33-100_amd64.deb
    sha:4ff7de4ddf789f66c5140f8a9be912dcbf3d7e90
  • alt-php71-pspell_7.1.33-100_amd64.deb
    sha:f661fa8d21a85d9383353e4c4e22330820b1f3bf
  • alt-php71-recode_7.1.33-100_amd64.deb
    sha:204e590f2d4b3d3d7a15dd39cc78bad95f25df94
  • alt-php71-snmp_7.1.33-100_amd64.deb
    sha:5ec6505c768ce4d1797c28ee1af188122b2aade0
  • alt-php71-soap_7.1.33-100_amd64.deb
    sha:5ee57e8f71278f20e7866cd940b1a8b4decaa020
  • alt-php71-tidy_7.1.33-100_amd64.deb
    sha:f86010f567beb0da48bfd70ecdcbc566f8291f78
  • alt-php71-xml_7.1.33-100_amd64.deb
    sha:97b5f664dc96788d6d674e310cfa87e11dc1832f
  • alt-php71-xmlrpc_7.1.33-100_amd64.deb
    sha:6f0ff9e12559af6027861cec33b4366074f0d617
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.