php is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the phar uncompressor code which recursively uncompress quines
gzip files, resulting in an infinite loop and deplete the system resource.
bugs.php.net/bug.php?id=81726
lists.debian.org/debian-lts-announce/2022/12/msg00030.html
lists.fedoraproject.org/archives/list/[email protected]/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/
lists.fedoraproject.org/archives/list/[email protected]/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/
lists.fedoraproject.org/archives/list/[email protected]/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.15/community.yaml
security.gentoo.org/glsa/202211-03
security.netapp.com/advisory/ntap-20221209-0001/
www.debian.org/security/2022/dsa-5277