OVAL Reference oval:org.opensuse.security:def:5016

Oval Definition:

oval:org.opensuse.security:def:5016

Revision Date:	2020-12-02	Version:	1
Title:	Security update for php7 (Important)
Description:	This update for php7 fixes the following issues: - CVE-2020-7062: Fixed a null pointer dereference when using file upload functionality under specific circumstances (bsc#1165280). - CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289). - CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may have led to denial of service (bsc#1162629). - CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar which may have led to memory corruption (bsc#1162632).
Family:	unix	Class:	patch
Status:		Reference(s):	1058115 1061210 1065600 1065729 1071995 1083548 1085030 1105173 1111666 1112178 1113956 1113969 1120163 1133021 1136666 1144333 1144522 1152148 1152684 1162629 1162632 1163524 1165280 1165289 1165629 1166965 1169790 1170232 1171558 1171688 1171988 1172073 1172108 1172247 1172418 1172428 1172871 1172872 1172873 1172963 1173060 1173477 1173485 1173798 1173954 1174003 1174026 1174070 1174205 1174387 1174484 1174547 1174549 1174550 1174625 1174658 1174685 1174689 1174699 1174734 1174757 1174771 1174840 1174841 1174843 1174844 1174845 1174852 1174873 1174904 1174926 1174968 1175062 1175063 1175064 1175065 1175066 1175067 1175112 1175127 1175128 1175149 1175199 1175213 1175228 1175232 1175284 1175393 1175394 1175396 1175397 1175398 1175399 1175400 1175401 1175402 1175403 1175404 1175405 1175406 1175407 1175408 1175409 1175410 1175411 1175412 1175413 1175414 1175415 1175416 1175417 1175418 1175419 1175420 1175421 1175422 1175423 1175440 1175493 1175515 1175518 1175526 1175550 1175654 1175666 1175667 1175668 1175669 1175670 1175691 1175767 1175768 1175769 1175770 1175771 1175772 1175786 1175873 1176069 1177895 995932 996032 99606 996648 CVE-2009-2473 CVE-2009-2474 CVE-2010-2252 CVE-2010-3430 CVE-2010-3431 CVE-2010-3853 CVE-2011-3148 CVE-2011-3149 CVE-2011-4349 CVE-2011-4349 CVE-2012-1174 CVE-2012-4929 CVE-2013-1990 CVE-2013-1999 CVE-2013-4288 CVE-2014-2524 CVE-2014-2583 CVE-2014-6271 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 CVE-2016-5147 CVE-2016-5148 CVE-2016-5149 CVE-2016-5150 CVE-2016-5151 CVE-2016-5152 CVE-2016-5153 CVE-2016-5154 CVE-2016-5155 CVE-2016-5156 CVE-2016-5157 CVE-2016-5158 CVE-2016-5159 CVE-2016-5160 CVE-2016-5161 CVE-2016-5162 CVE-2016-5163 CVE-2016-5164 CVE-2016-5165 CVE-2016-5166 CVE-2017-18922 CVE-2018-16468 CVE-2019-9853 CVE-2020-10135 CVE-2020-14314 CVE-2020-14331 CVE-2020-14356 CVE-2020-14386 CVE-2020-16166 CVE-2020-1749 CVE-2020-24394 CVE-2020-27153 CVE-2020-7059 CVE-2020-7060 CVE-2020-7062 CVE-2020-7063 SUSE-SU-2016:2250-1 SUSE-SU-2018:3928-1 SUSE-SU-2020:0622-1 SUSE-SU-2020:1873-1 SUSE-SU-2020:2575-1 SUSE-SU-2020:3165-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for Rasperry Pi 12 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 5 SUSE Package Hub for SUSE Linux Enterprise 12	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.11-0.3.1 is installed OR MozillaFirefox-translations-10.0.11-0.3.1 is installed OR libfreebl3-3.14-0.3.1 is installed OR libfreebl3-32bit-3.14-0.3.1 is installed OR mozilla-nss-3.14-0.3.1 is installed OR mozilla-nss-32bit-3.14-0.3.1 is installed OR mozilla-nss-tools-3.14-0.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND kvm-1.4.2-0.22.34.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information colord-1.1.7-2 is installed OR colord-gtk-lang-0.1.25-3 is installed OR colord-lang-1.1.7-2 is installed OR libcolord-gtk1-0.1.25-3 is installed OR libcolord2-1.1.7-2 is installed OR libcolord2-32bit-1.1.7-2 is installed OR libcolorhug2-1.1.7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information bash-4.2-75 is installed OR bash-doc-4.2-75 is installed OR bash-lang-4.2-75 is installed OR libreadline6-6.2-75 is installed OR libreadline6-32bit-6.2-75 is installed OR readline-doc-6.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-28 is installed OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND autofs-5.0.9-27 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information freerdp-2.0.0~git.1463131968.4e66df7-12.3 is installed OR libfreerdp2-2.0.0~git.1463131968.4e66df7-12.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND Package Information conntrack-tools-1.4.2-5.2 is installed OR libnetfilter_cthelper-1.0.0-7.1 is installed OR libnetfilter_cthelper0-1.0.0-7.1 is installed OR libnetfilter_cttimeout-1.0.0-9.1 is installed OR libnetfilter_cttimeout1-1.0.0-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-26.2 is installed OR samba-4.2.4-26.2 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information cluster-md-kmp-default-4.4.21-90.1 is installed OR cluster-network-kmp-default-4.4.21-90.1 is installed OR dlm-kmp-default-4.4.21-90.1 is installed OR gfs2-kmp-default-4.4.21-90.1 is installed OR kernel-default-4.4.21-90.1 is installed OR ocfs2-kmp-default-4.4.21-90.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information libpacemaker3-1.1.16-4 is installed OR pacemaker-1.1.16-4 is installed OR pacemaker-cli-1.1.16-4 is installed OR pacemaker-cts-1.1.16-4 is installed OR pacemaker-remote-1.1.16-4 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information ruby2.5-rubygem-loofah-2.2.2-4.3 is installed OR rubygem-loofah-2.2.2-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information ImageMagick-config-6-SUSE-6.8.8.1-71.126 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.126 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.126 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.126 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_38-44-default-1-2.2 is installed OR kgraft-patch-3_12_38-44-xen-1-2.2 is installed OR kgraft-patch-SLE12_Update_3-1-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_73-5-default-2-2.3.2 is installed OR kgraft-patch-SLE12-SP3_Update_0-2-2.3.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND facter-2.0.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND sles11sp4-docker-image-1.1.1-20160304104123 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information cups154-1.5.4-9.1 is installed OR cups154-client-1.5.4-9.1 is installed OR cups154-filters-1.5.4-9.1 is installed OR cups154-libs-1.5.4-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.39-47.1 is installed OR kernel-ec2-devel-3.12.39-47.1 is installed OR kernel-ec2-extra-3.12.39-47.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-7.1 is installed OR php5-5.5.14-7.1 is installed OR php5-bcmath-5.5.14-7.1 is installed OR php5-bz2-5.5.14-7.1 is installed OR php5-calendar-5.5.14-7.1 is installed OR php5-ctype-5.5.14-7.1 is installed OR php5-curl-5.5.14-7.1 is installed OR php5-dba-5.5.14-7.1 is installed OR php5-dom-5.5.14-7.1 is installed OR php5-enchant-5.5.14-7.1 is installed OR php5-exif-5.5.14-7.1 is installed OR php5-fastcgi-5.5.14-7.1 is installed OR php5-fileinfo-5.5.14-7.1 is installed OR php5-fpm-5.5.14-7.1 is installed OR php5-ftp-5.5.14-7.1 is installed OR php5-gd-5.5.14-7.1 is installed OR php5-gettext-5.5.14-7.1 is installed OR php5-gmp-5.5.14-7.1 is installed OR php5-iconv-5.5.14-7.1 is installed OR php5-intl-5.5.14-7.1 is installed OR php5-json-5.5.14-7.1 is installed OR php5-ldap-5.5.14-7.1 is installed OR php5-mbstring-5.5.14-7.1 is installed OR php5-mcrypt-5.5.14-7.1 is installed OR php5-mysql-5.5.14-7.1 is installed OR php5-odbc-5.5.14-7.1 is installed OR php5-openssl-5.5.14-7.1 is installed OR php5-pcntl-5.5.14-7.1 is installed OR php5-pdo-5.5.14-7.1 is installed OR php5-pear-5.5.14-7.1 is installed OR php5-pgsql-5.5.14-7.1 is installed OR php5-pspell-5.5.14-7.1 is installed OR php5-shmop-5.5.14-7.1 is installed OR php5-snmp-5.5.14-7.1 is installed OR php5-soap-5.5.14-7.1 is installed OR php5-sockets-5.5.14-7.1 is installed OR php5-sqlite-5.5.14-7.1 is installed OR php5-suhosin-5.5.14-7.1 is installed OR php5-sysvmsg-5.5.14-7.1 is installed OR php5-sysvsem-5.5.14-7.1 is installed OR php5-sysvshm-5.5.14-7.1 is installed OR php5-tokenizer-5.5.14-7.1 is installed OR php5-wddx-5.5.14-7.1 is installed OR php5-xmlreader-5.5.14-7.1 is installed OR php5-xmlrpc-5.5.14-7.1 is installed OR php5-xmlwriter-5.5.14-7.1 is installed OR php5-xsl-5.5.14-7.1 is installed OR php5-zip-5.5.14-7.1 is installed OR php5-zlib-5.5.14-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information apache2-mod_php7-7.2.5-4.52 is installed OR php7-7.2.5-4.52 is installed OR php7-bcmath-7.2.5-4.52 is installed OR php7-bz2-7.2.5-4.52 is installed OR php7-calendar-7.2.5-4.52 is installed OR php7-ctype-7.2.5-4.52 is installed OR php7-curl-7.2.5-4.52 is installed OR php7-dba-7.2.5-4.52 is installed OR php7-devel-7.2.5-4.52 is installed OR php7-dom-7.2.5-4.52 is installed OR php7-enchant-7.2.5-4.52 is installed OR php7-exif-7.2.5-4.52 is installed OR php7-fastcgi-7.2.5-4.52 is installed OR php7-fileinfo-7.2.5-4.52 is installed OR php7-fpm-7.2.5-4.52 is installed OR php7-ftp-7.2.5-4.52 is installed OR php7-gd-7.2.5-4.52 is installed OR php7-gettext-7.2.5-4.52 is installed OR php7-gmp-7.2.5-4.52 is installed OR php7-iconv-7.2.5-4.52 is installed OR php7-intl-7.2.5-4.52 is installed OR php7-json-7.2.5-4.52 is installed OR php7-ldap-7.2.5-4.52 is installed OR php7-mbstring-7.2.5-4.52 is installed OR php7-mysql-7.2.5-4.52 is installed OR php7-odbc-7.2.5-4.52 is installed OR php7-opcache-7.2.5-4.52 is installed OR php7-openssl-7.2.5-4.52 is installed OR php7-pcntl-7.2.5-4.52 is installed OR php7-pdo-7.2.5-4.52 is installed OR php7-pear-7.2.5-4.52 is installed OR php7-pear-Archive_Tar-7.2.5-4.52 is installed OR php7-pgsql-7.2.5-4.52 is installed OR php7-phar-7.2.5-4.52 is installed OR php7-posix-7.2.5-4.52 is installed OR php7-shmop-7.2.5-4.52 is installed OR php7-snmp-7.2.5-4.52 is installed OR php7-soap-7.2.5-4.52 is installed OR php7-sockets-7.2.5-4.52 is installed OR php7-sodium-7.2.5-4.52 is installed OR php7-sqlite-7.2.5-4.52 is installed OR php7-sysvmsg-7.2.5-4.52 is installed OR php7-sysvsem-7.2.5-4.52 is installed OR php7-sysvshm-7.2.5-4.52 is installed OR php7-tokenizer-7.2.5-4.52 is installed OR php7-wddx-7.2.5-4.52 is installed OR php7-xmlreader-7.2.5-4.52 is installed OR php7-xmlrpc-7.2.5-4.52 is installed OR php7-xmlwriter-7.2.5-4.52 is installed OR php7-xsl-7.2.5-4.52 is installed OR php7-zip-7.2.5-4.52 is installed OR php7-zlib-7.2.5-4.52 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND strongswan-4.4.0-6.25.1 is installed OR strongswan-doc-4.4.0-6.25.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND strongswan-4.4.0-6.25.1 is installed OR strongswan-doc-4.4.0-6.25.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information guestfs-data-1.20.4-0.14.9 is installed OR guestfs-tools-1.20.4-0.14.9 is installed OR guestfsd-1.20.4-0.14.9 is installed OR libguestfs0-1.20.4-0.14.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information Mesa-9.0.3-0.28.29.2 is installed OR Mesa-32bit-9.0.3-0.28.29.2 is installed OR Mesa-x86-9.0.3-0.28.29.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND apache2-mod_perl-2.0.8-8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information xscreensaver-5.22-7.1 is installed OR xscreensaver-data-5.22-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information kernel-default-4.4.21-69 is installed OR kernel-default-base-4.4.21-69 is installed OR kernel-default-devel-4.4.21-69 is installed OR kernel-default-man-4.4.21-69 is installed OR kernel-devel-4.4.21-69 is installed OR kernel-macros-4.4.21-69 is installed OR kernel-source-4.4.21-69 is installed OR kernel-syms-4.4.21-69 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND clamav-0.100.2-33.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-71.5 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.5 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.5 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information libidn-1.10-6.1 is installed OR libidn-devel-1.10-6.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND libjson-c-devel-0.11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND NetworkManager-devel-1.0.12-8 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information gd-2.1.0-5.1 is installed OR gd-32bit-2.1.0-5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information kernel-default-3.12.62-60.62.1 is installed OR kernel-default-extra-3.12.62-60.62.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information LibVNCServer-0.9.10-4.19 is installed OR libvncclient0-0.9.10-4.19 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information chromedriver-53.0.2785.89-96 is installed OR chromium-53.0.2785.89-96 is installed OR chromium-desktop-gnome-53.0.2785.89-96 is installed OR chromium-desktop-kde-53.0.2785.89-96 is installed OR chromium-ffmpegsumo-53.0.2785.89-96 is installed

BACK