Oval Definition:oval:org.opensuse.security:def:125886
Revision Date:2019-05-23Version:1
Title:Security update for php5 (Moderate)
Description:

This update for php5 fixes the following issues:

Security issues fixed:

- CVE-2019-11034: Fixed a heap-buffer overflow in php_ifd_get32si() (bsc#1132838). - CVE-2019-11035: Fixed a heap-buffer overflow in exif_iif_add_value() (bsc#1132837). - CVE-2019-9637: Fixed a potential information disclosure in rename() (bsc#1128892). - CVE-2019-9675: Fixed a potential buffer overflow in phar_tar_writeheaders_int() (bsc#1128886). - CVE-2019-9638: Fixed an uninitialized read in exif_process_IFD_in_MAKERNOTE() related to value_len (bsc#1128889). - CVE-2019-9639: Fixed an uninitialized read in exif_process_IFD_in_MAKERNOTE() related to data_len (bsc#1128887). - CVE-2019-9640: Fixed an invalid Read in exif_process_SOFn() (bsc#1128883). - CVE-2019-11036: Fixed buffer over-read in exif_process_IFD_TAG function leading to information disclosure (bsc#1134322).
Family:unixClass:patch
Status:Reference(s):1128883
1128886
1128887
1128889
1128892
1132837
1132838
1134322
CVE-2019-11034
CVE-2019-11035
CVE-2019-11036
CVE-2019-9637
CVE-2019-9638
CVE-2019-9639
CVE-2019-9640
CVE-2019-9675
SUSE-SU-2019:1325-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP4
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND php5-devel-5.5.14-109.58.1 is installed
    • BACK