OVAL Reference oval:org.opensuse.security:def:4978

Oval Definition:

oval:org.opensuse.security:def:4978

Revision Date:	2020-12-02	Version:	1
Title:	Security update for php7 (Important)
Description:	This update for php7 fixes the following issues: Security issue fixed: - CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999).
Family:	unix	Class:	patch
Status:		Reference(s):	1055014 1061843 1065600 1065729 1066382 1077428 1112178 1124493 1131277 1134760 1140868 1141322 1149296 1149297 1149298 1149299 1149303 1149304 1150939 1152375 1153163 1153164 1154999 1156015 1170415 1171558 1171928 1173432 1174748 1175686 1176354 1176485 1176560 1176713 1176723 1177086 1177101 1177271 1177281 1177410 1177411 1177470 1177687 1177719 1177740 1177749 1177750 1177753 1177754 1177755 1177766 1177855 1177856 1177861 1178003 1178027 1178166 1178185 1178187 1178188 1178202 1178234 1178330 CVE-2002-2443 CVE-2007-6746 CVE-2008-4316 CVE-2009-0844 CVE-2009-0845 CVE-2009-0846 CVE-2009-0847 CVE-2009-3295 CVE-2009-3627 CVE-2009-4212 CVE-2010-0283 CVE-2010-0628 CVE-2010-1320 CVE-2010-1321 CVE-2010-1322 CVE-2010-1323 CVE-2010-1324 CVE-2010-4020 CVE-2010-4021 CVE-2010-4022 CVE-2011-0281 CVE-2011-0282 CVE-2011-0284 CVE-2011-0285 CVE-2011-1527 CVE-2011-1528 CVE-2011-1529 CVE-2011-1530 CVE-2012-1012 CVE-2012-1013 CVE-2012-1016 CVE-2012-3524 CVE-2012-4504 CVE-2013-1415 CVE-2013-1417 CVE-2013-1418 CVE-2013-1987 CVE-2013-3571 CVE-2014-0019 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CVE-2014-5351 CVE-2019-11043 CVE-2019-11709 CVE-2019-11710 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11714 CVE-2019-11715 CVE-2019-11716 CVE-2019-11717 CVE-2019-11719 CVE-2019-11720 CVE-2019-11721 CVE-2019-11723 CVE-2019-11724 CVE-2019-11725 CVE-2019-11727 CVE-2019-11728 CVE-2019-11729 CVE-2019-11730 CVE-2019-11739 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11752 CVE-2019-11755 CVE-2019-17177 CVE-2019-17178 CVE-2019-3820 CVE-2019-5068 CVE-2020-0430 CVE-2020-14351 CVE-2020-15663 CVE-2020-15664 CVE-2020-15669 CVE-2020-16120 CVE-2020-25285 CVE-2020-25656 CVE-2020-27673 CVE-2020-27675 CVE-2020-8694 CVE-2020-9484 SUSE-SU-2019:1459-1 SUSE-SU-2019:2515-1 SUSE-SU-2019:2819-1 SUSE-SU-2019:3079-1 SUSE-SU-2020:0111-1 SUSE-SU-2020:1363-1 SUSE-SU-2020:2552-1 SUSE-SU-2020:3272-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for Rasperry Pi 12 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information gimp-2.6.2-3.34.45.1 is installed OR gimp-lang-2.6.2-3.34.45.1 is installed OR gimp-plugins-python-2.6.2-3.34.45.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information glib2-lang-2.38.2-5 is installed OR glib2-tools-2.38.2-5 is installed OR libgio-2_0-0-2.38.2-5 is installed OR libgio-2_0-0-32bit-2.38.2-5 is installed OR libgio-fam-2.38.2-5 is installed OR libglib-2_0-0-2.38.2-5 is installed OR libglib-2_0-0-32bit-2.38.2-5 is installed OR libgmodule-2_0-0-2.38.2-5 is installed OR libgmodule-2_0-0-32bit-2.38.2-5 is installed OR libgobject-2_0-0-2.38.2-5 is installed OR libgobject-2_0-0-32bit-2.38.2-5 is installed OR libgthread-2_0-0-2.38.2-5 is installed OR libgthread-2_0-0-32bit-2.38.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-32bit-1.7.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND ctags-5.8-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information NetworkManager-1.0.12-12 is installed OR NetworkManager-lang-1.0.12-12 is installed OR libnm-glib-vpn1-1.0.12-12 is installed OR libnm-glib4-1.0.12-12 is installed OR libnm-util2-1.0.12-12 is installed OR libnm0-1.0.12-12 is installed OR typelib-1_0-NM-1_0-1.0.12-12 is installed OR typelib-1_0-NMClient-1_0-1.0.12-12 is installed OR typelib-1_0-NetworkManager-1_0-1.0.12-12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information bzip2-1.0.6-29 is installed OR libbz2-1-1.0.6-29 is installed OR libbz2-1-32bit-1.0.6-29 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND Package Information conntrack-tools-1.4.2-5.2 is installed OR libnetfilter_cthelper-1.0.0-7.1 is installed OR libnetfilter_cthelper0-1.0.0-7.1 is installed OR libnetfilter_cttimeout-1.0.0-9.1 is installed OR libnetfilter_cttimeout1-1.0.0-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-26.2 is installed OR samba-4.2.4-26.2 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND haproxy-1.6.5-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND ctdb-4.6.5+git.27.6afd48b1083-2 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information cluster-md-kmp-default-4.12.14-120 is installed OR dlm-kmp-default-4.12.14-120 is installed OR gfs2-kmp-default-4.12.14-120 is installed OR ocfs2-kmp-default-4.12.14-120 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND autofs-5.1.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_38-44-default-1-2.2 is installed OR kgraft-patch-3_12_38-44-xen-1-2.2 is installed OR kgraft-patch-SLE12_Update_3-1-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_73-5-default-2-2.3.2 is installed OR kgraft-patch-SLE12-SP3_Update_0-2-2.3.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND python-pycrypto-2.6.1-10.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND python-setuptools-1.1.7-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.45-49.1 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.45-49.1 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.45-49.1 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.45-49.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-setuptools-1.1.7-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9.1 is installed OR gcc5-5.3.1+r233831-9.1 is installed OR gcc5-32bit-5.3.1+r233831-9.1 is installed OR gcc5-ada-5.3.1+r233831-9.1 is installed OR gcc5-ada-32bit-5.3.1+r233831-9.1 is installed OR gcc5-c++-5.3.1+r233831-9.1 is installed OR gcc5-c++-32bit-5.3.1+r233831-9.1 is installed OR gcc5-fortran-5.3.1+r233831-9.1 is installed OR gcc5-fortran-32bit-5.3.1+r233831-9.1 is installed OR gcc5-info-5.3.1+r233831-9.1 is installed OR gcc5-locale-5.3.1+r233831-9.1 is installed OR libada5-5.3.1+r233831-9.1 is installed OR libada5-32bit-5.3.1+r233831-9.1 is installed OR libffi-devel-gcc5-5.3.1+r233831-9.1 is installed OR libffi-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed OR libffi-gcc5-5.3.1+r233831-9.1 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9.1 is installed OR libstdc++6-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-36.1 is installed OR php5-5.5.14-36.1 is installed OR php5-bcmath-5.5.14-36.1 is installed OR php5-bz2-5.5.14-36.1 is installed OR php5-calendar-5.5.14-36.1 is installed OR php5-ctype-5.5.14-36.1 is installed OR php5-curl-5.5.14-36.1 is installed OR php5-dba-5.5.14-36.1 is installed OR php5-dom-5.5.14-36.1 is installed OR php5-enchant-5.5.14-36.1 is installed OR php5-exif-5.5.14-36.1 is installed OR php5-fastcgi-5.5.14-36.1 is installed OR php5-fileinfo-5.5.14-36.1 is installed OR php5-fpm-5.5.14-36.1 is installed OR php5-ftp-5.5.14-36.1 is installed OR php5-gd-5.5.14-36.1 is installed OR php5-gettext-5.5.14-36.1 is installed OR php5-gmp-5.5.14-36.1 is installed OR php5-iconv-5.5.14-36.1 is installed OR php5-intl-5.5.14-36.1 is installed OR php5-json-5.5.14-36.1 is installed OR php5-ldap-5.5.14-36.1 is installed OR php5-mbstring-5.5.14-36.1 is installed OR php5-mcrypt-5.5.14-36.1 is installed OR php5-mysql-5.5.14-36.1 is installed OR php5-odbc-5.5.14-36.1 is installed OR php5-opcache-5.5.14-36.1 is installed OR php5-openssl-5.5.14-36.1 is installed OR php5-pcntl-5.5.14-36.1 is installed OR php5-pdo-5.5.14-36.1 is installed OR php5-pear-5.5.14-36.1 is installed OR php5-pgsql-5.5.14-36.1 is installed OR php5-posix-5.5.14-36.1 is installed OR php5-pspell-5.5.14-36.1 is installed OR php5-shmop-5.5.14-36.1 is installed OR php5-snmp-5.5.14-36.1 is installed OR php5-soap-5.5.14-36.1 is installed OR php5-sockets-5.5.14-36.1 is installed OR php5-sqlite-5.5.14-36.1 is installed OR php5-suhosin-5.5.14-36.1 is installed OR php5-sysvmsg-5.5.14-36.1 is installed OR php5-sysvsem-5.5.14-36.1 is installed OR php5-sysvshm-5.5.14-36.1 is installed OR php5-tokenizer-5.5.14-36.1 is installed OR php5-wddx-5.5.14-36.1 is installed OR php5-xmlreader-5.5.14-36.1 is installed OR php5-xmlrpc-5.5.14-36.1 is installed OR php5-xmlwriter-5.5.14-36.1 is installed OR php5-xsl-5.5.14-36.1 is installed OR php5-zip-5.5.14-36.1 is installed OR php5-zlib-5.5.14-36.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information apache2-mod_php7-7.2.5-4.46 is installed OR php7-7.2.5-4.46 is installed OR php7-bcmath-7.2.5-4.46 is installed OR php7-bz2-7.2.5-4.46 is installed OR php7-calendar-7.2.5-4.46 is installed OR php7-ctype-7.2.5-4.46 is installed OR php7-curl-7.2.5-4.46 is installed OR php7-dba-7.2.5-4.46 is installed OR php7-devel-7.2.5-4.46 is installed OR php7-dom-7.2.5-4.46 is installed OR php7-enchant-7.2.5-4.46 is installed OR php7-exif-7.2.5-4.46 is installed OR php7-fastcgi-7.2.5-4.46 is installed OR php7-fileinfo-7.2.5-4.46 is installed OR php7-fpm-7.2.5-4.46 is installed OR php7-ftp-7.2.5-4.46 is installed OR php7-gd-7.2.5-4.46 is installed OR php7-gettext-7.2.5-4.46 is installed OR php7-gmp-7.2.5-4.46 is installed OR php7-iconv-7.2.5-4.46 is installed OR php7-intl-7.2.5-4.46 is installed OR php7-json-7.2.5-4.46 is installed OR php7-ldap-7.2.5-4.46 is installed OR php7-mbstring-7.2.5-4.46 is installed OR php7-mysql-7.2.5-4.46 is installed OR php7-odbc-7.2.5-4.46 is installed OR php7-opcache-7.2.5-4.46 is installed OR php7-openssl-7.2.5-4.46 is installed OR php7-pcntl-7.2.5-4.46 is installed OR php7-pdo-7.2.5-4.46 is installed OR php7-pear-7.2.5-4.46 is installed OR php7-pear-Archive_Tar-7.2.5-4.46 is installed OR php7-pgsql-7.2.5-4.46 is installed OR php7-phar-7.2.5-4.46 is installed OR php7-posix-7.2.5-4.46 is installed OR php7-shmop-7.2.5-4.46 is installed OR php7-snmp-7.2.5-4.46 is installed OR php7-soap-7.2.5-4.46 is installed OR php7-sockets-7.2.5-4.46 is installed OR php7-sodium-7.2.5-4.46 is installed OR php7-sqlite-7.2.5-4.46 is installed OR php7-sysvmsg-7.2.5-4.46 is installed OR php7-sysvsem-7.2.5-4.46 is installed OR php7-sysvshm-7.2.5-4.46 is installed OR php7-tokenizer-7.2.5-4.46 is installed OR php7-wddx-7.2.5-4.46 is installed OR php7-xmlreader-7.2.5-4.46 is installed OR php7-xmlrpc-7.2.5-4.46 is installed OR php7-xmlwriter-7.2.5-4.46 is installed OR php7-xsl-7.2.5-4.46 is installed OR php7-zip-7.2.5-4.46 is installed OR php7-zlib-7.2.5-4.46 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.35-4.30 is installed OR tomcat-admin-webapps-9.0.35-4.30 is installed OR tomcat-el-3_0-api-9.0.35-4.30 is installed OR tomcat-jsp-2_3-api-9.0.35-4.30 is installed OR tomcat-lib-9.0.35-4.30 is installed OR tomcat-servlet-4_0-api-9.0.35-4.30 is installed OR tomcat-webapps-9.0.35-4.30 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND perl-5.10.0-64.70.1 is installed OR perl-32bit-5.10.0-64.70.1 is installed OR perl-Module-Build-0.2808.01-0.70.1 is installed OR perl-Test-Simple-0.72-0.70.1 is installed OR perl-base-5.10.0-64.70.1 is installed OR perl-doc-5.10.0-64.70.1 is installed OR perl-x86-5.10.0-64.70.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND perl-5.10.0-64.70.1 is installed OR perl-32bit-5.10.0-64.70.1 is installed OR perl-Module-Build-0.2808.01-0.70.1 is installed OR perl-Test-Simple-0.72-0.70.1 is installed OR perl-base-5.10.0-64.70.1 is installed OR perl-doc-5.10.0-64.70.1 is installed OR perl-x86-5.10.0-64.70.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND coolkey-1.1.0-22.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND acpid-1.0.6-91.25.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information cpio-2.11-29.1 is installed OR cpio-lang-2.11-29.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information MozillaFirefox-38.5.0esr-54.1 is installed OR MozillaFirefox-translations-38.5.0esr-54.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information freeradius-server-3.0.3-10 is installed OR freeradius-server-doc-3.0.3-10 is installed OR freeradius-server-krb5-3.0.3-10 is installed OR freeradius-server-ldap-3.0.3-10 is installed OR freeradius-server-libs-3.0.3-10 is installed OR freeradius-server-mysql-3.0.3-10 is installed OR freeradius-server-perl-3.0.3-10 is installed OR freeradius-server-postgresql-3.0.3-10 is installed OR freeradius-server-python-3.0.3-10 is installed OR freeradius-server-sqlite-3.0.3-10 is installed OR freeradius-server-utils-3.0.3-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information MozillaFirefox-45.3.0esr-78.1 is installed OR MozillaFirefox-translations-45.3.0esr-78.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND clamav-0.99.2-32 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information giflib-4.1.6-13.1 is installed OR giflib-devel-4.1.6-13.1 is installed OR giflib-devel-32bit-4.1.6-13.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND libXrender-devel-0.9.8-3 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND aaa_base-malloccheck-13.2+git20140911.61c1681-28 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information libssh-0.6.3-4.1 is installed OR libssh4-0.6.3-4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information kernel-default-3.12.59-60.41.2 is installed OR kernel-default-extra-3.12.59-60.41.2 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information gnome-shell-3.26.2+20180130.0d9c74212-4.19 is installed OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-4.19 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information MozillaThunderbird-68.12.0-3.94 is installed OR MozillaThunderbird-translations-common-68.12.0-3.94 is installed OR MozillaThunderbird-translations-other-68.12.0-3.94 is installed

BACK