Oval Definition:	oval:org.opensuse.security:def:5018
Revision Date: 2021-01-14 Version: 1 Title: Security update for php74 (Moderate) Description: This update for php74 fixes the following issue: - CVE-2020-7071: Fixed an insufficient filter in parse_url() that accepted URLs with invalid userinfo (bsc#1180706). Family: unix Class: patch Status: Reference(s): 1000019 1004465 1044231 1051510 1051858 1056686 1060463 1065729 1068059 1087303 1087931 1101499 1102230 1103990 1103992 1104353 1104745 1109837 1111666 1111974 1112178 1112374 1113956 1114279 1114685 1116319 1116320 1116322 1116324 1119680 1127611 1133021 1134090 1136157 1141895 1144333 1146539 1156510 1157424 1158187 1159285 1160659 1161561 1161951 1162117 1162928 1162929 1162931 1164078 1164507 1165111 1165404 1165488 1165527 1165741 1165813 1165873 1165929 1165950 1165980 1165984 1165985 1166003 1166101 1166102 1166103 1166104 1166632 1166658 1166730 1166731 1166732 1166733 1166734 1166735 1166844 1166916 1172442 1172443 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1176410 1177143 1178611 1180706 CVE-2006-7250 CVE-2008-3825 CVE-2008-5077 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1384 CVE-2009-1386 CVE-2009-1387 CVE-2010-0740 CVE-2010-0742 CVE-2010-1633 CVE-2010-2939 CVE-2010-3864 CVE-2010-4341 CVE-2010-5298 CVE-2011-0014 CVE-2011-1758 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0050 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2686 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-0219 CVE-2013-0220 CVE-2013-0221 CVE-2013-0221 CVE-2013-0222 CVE-2013-0222 CVE-2013-0223 CVE-2013-0223 CVE-2013-0287 CVE-2013-2001 CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 CVE-2014-0076 CVE-2014-0107 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139 CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 CVE-2014-8738 CVE-2015-4041 CVE-2015-4042 CVE-2016-5181 CVE-2016-5182 CVE-2016-5183 CVE-2016-5184 CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 CVE-2016-5188 CVE-2016-5189 CVE-2016-5190 CVE-2016-5191 CVE-2016-5192 CVE-2016-5193 CVE-2017-18922 CVE-2018-14629 CVE-2018-16841 CVE-2018-16851 CVE-2018-16853 CVE-2018-21247 CVE-2019-19768 CVE-2019-20839 CVE-2019-20840 CVE-2020-10531 CVE-2020-11080 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-25219 CVE-2020-26154 CVE-2020-26950 CVE-2020-7071 CVE-2020-7598 CVE-2020-8174 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-9383 SUSE-SU-2016:2597-1 SUSE-SU-2018:4066-1 SUSE-SU-2020:0836-1 SUSE-SU-2020:1568-1 SUSE-SU-2020:1922-1 SUSE-SU-2020:2901-1 SUSE-SU-2020:3418-1 SUSE-SU-2021:0126-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for Rasperry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 5 SUSE Package Hub for SUSE Linux Enterprise 12 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.4esr-0.5.1 is installed OR MozillaFirefox-branding-SLED-7-0.6.9.5 is installed OR MozillaFirefox-translations-17.0.4esr-0.5.1 is installed OR beagle-0.3.8-56.51.1 is installed OR beagle-evolution-0.3.8-56.51.1 is installed OR beagle-firefox-0.3.8-56.51.1 is installed OR beagle-gui-0.3.8-56.51.1 is installed OR beagle-lang-0.3.8-56.51.1 is installed OR libfreebl3-3.14.2-0.4.3.2 is installed OR libfreebl3-32bit-3.14.2-0.4.3.2 is installed OR mhtml-firefox-0.5-1.47.51.5 is installed OR mozilla-nspr-4.9.5-0.3.2 is installed OR mozilla-nspr-32bit-4.9.5-0.3.2 is installed OR mozilla-nss-3.14.2-0.4.3.2 is installed OR mozilla-nss-32bit-3.14.2-0.4.3.2 is installed OR mozilla-nss-tools-3.14.2-0.4.3.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information kvm-1.4.2-0.21.4 is installed OR libvirt-1.0.5.9-0.19.3 is installed OR libvirt-client-1.0.5.9-0.19.3 is installed OR libvirt-client-32bit-1.0.5.9-0.19.3 is installed OR libvirt-doc-1.0.5.9-0.19.3 is installed OR libvirt-python-1.0.5.9-0.19.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information coreutils-8.22-5 is installed OR coreutils-lang-8.22-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND binutils-2.25.0-13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information bash-4.3-82 is installed OR bash-doc-4.3-82 is installed OR bash-lang-4.3-82 is installed OR libreadline6-6.3-82 is installed OR libreadline6-32bit-6.3-82 is installed OR readline-doc-6.3-82 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information fuse-2.9.3-6.3 is installed OR libfuse2-2.9.3-6.3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 is installed AND Package Information ctdb-4.2.4-18.30.1 is installed OR samba-4.2.4-18.30.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information libpcreposix0-8.39-5.1 is installed OR pcre-8.39-5.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information libpacemaker3-1.1.15-21.1 is installed OR pacemaker-1.1.15-21.1 is installed OR pacemaker-cli-1.1.15-21.1 is installed OR pacemaker-cts-1.1.15-21.1 is installed OR pacemaker-remote-1.1.15-21.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND lighttpd-1.4.35-3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND ctdb-4.6.16+git.124.aee309c5c18-3.32 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP5 is installed AND fence-agents-4.4.0+git.1558595666.5f79f9e9-3.8 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 is installed AND Package Information ctdb-4.7.11+git.140.6bd0e5b30d8-4.21 is installed OR samba-4.7.11+git.140.6bd0e5b30d8-4.21 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information ImageMagick-config-6-SUSE-6.8.8.1-71.126 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.126 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.126 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.126 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_32-33-default-2-3.1 is installed OR kgraft-patch-3_12_32-33-xen-2-3.1 is installed OR kgraft-patch-3_12_36-38-default-2-3.1 is installed OR kgraft-patch-3_12_36-38-xen-2-3.1 is installed OR kgraft-patch-SLE12_Update_1-2-3.1 is installed OR kgraft-patch-SLE12_Update_2-2-3.1 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_6-default-1-2.1 is installed OR kgraft-patch-SLE12-SP3_Update_2-1-2.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND docker-1.6.2-31 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information compat-openssl098-0.9.8j-78.1 is installed OR libopenssl0_9_8-0.9.8j-78.1 is installed OR libopenssl0_9_8-32bit-0.9.8j-78.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.38-44.1 is installed OR kernel-ec2-devel-3.12.38-44.1 is installed OR kernel-ec2-extra-3.12.38-44.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-22.1 is installed OR php5-5.5.14-22.1 is installed OR php5-bcmath-5.5.14-22.1 is installed OR php5-bz2-5.5.14-22.1 is installed OR php5-calendar-5.5.14-22.1 is installed OR php5-ctype-5.5.14-22.1 is installed OR php5-curl-5.5.14-22.1 is installed OR php5-dba-5.5.14-22.1 is installed OR php5-dom-5.5.14-22.1 is installed OR php5-enchant-5.5.14-22.1 is installed OR php5-exif-5.5.14-22.1 is installed OR php5-fastcgi-5.5.14-22.1 is installed OR php5-fileinfo-5.5.14-22.1 is installed OR php5-fpm-5.5.14-22.1 is installed OR php5-ftp-5.5.14-22.1 is installed OR php5-gd-5.5.14-22.1 is installed OR php5-gettext-5.5.14-22.1 is installed OR php5-gmp-5.5.14-22.1 is installed OR php5-iconv-5.5.14-22.1 is installed OR php5-intl-5.5.14-22.1 is installed OR php5-json-5.5.14-22.1 is installed OR php5-ldap-5.5.14-22.1 is installed OR php5-mbstring-5.5.14-22.1 is installed OR php5-mcrypt-5.5.14-22.1 is installed OR php5-mysql-5.5.14-22.1 is installed OR php5-odbc-5.5.14-22.1 is installed OR php5-openssl-5.5.14-22.1 is installed OR php5-pcntl-5.5.14-22.1 is installed OR php5-pdo-5.5.14-22.1 is installed OR php5-pear-5.5.14-22.1 is installed OR php5-pgsql-5.5.14-22.1 is installed OR php5-pspell-5.5.14-22.1 is installed OR php5-shmop-5.5.14-22.1 is installed OR php5-snmp-5.5.14-22.1 is installed OR php5-soap-5.5.14-22.1 is installed OR php5-sockets-5.5.14-22.1 is installed OR php5-sqlite-5.5.14-22.1 is installed OR php5-suhosin-5.5.14-22.1 is installed OR php5-sysvmsg-5.5.14-22.1 is installed OR php5-sysvsem-5.5.14-22.1 is installed OR php5-sysvshm-5.5.14-22.1 is installed OR php5-tokenizer-5.5.14-22.1 is installed OR php5-wddx-5.5.14-22.1 is installed OR php5-xmlreader-5.5.14-22.1 is installed OR php5-xmlrpc-5.5.14-22.1 is installed OR php5-xmlwriter-5.5.14-22.1 is installed OR php5-xsl-5.5.14-22.1 is installed OR php5-zip-5.5.14-22.1 is installed OR php5-zlib-5.5.14-22.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed AND Package Information nodejs10-10.21.0-1.21 is installed OR nodejs10-devel-10.21.0-1.21 is installed OR nodejs10-docs-10.21.0-1.21 is installed OR npm10-10.21.0-1.21 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND sudo-1.7.6p2-0.21.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND sudo-1.7.6p2-0.21.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND gzip-1.3.12-69.23.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.28.2 is installed OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information automake-1.13.4-4 is installed OR m4-1.4.16-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr3.20-18.1 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr3.20-18.1 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr3.20-18.1 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr3.20-18.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information krb5-appl-clients-1.0.3-1 is installed OR krb5-appl-servers-1.0.3-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND coolkey-1.1.0-148.3 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND php74-devel-7.4.6-1.16.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_55-52_45-default-2-2.3 is installed OR kgraft-patch-3_12_55-52_45-xen-2-2.3 is installed OR kgraft-patch-SLE12_Update_13-2-2.3 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information freeradius-server-3.0.3-17.9 is installed OR freeradius-server-doc-3.0.3-17.9 is installed OR freeradius-server-krb5-3.0.3-17.9 is installed OR freeradius-server-ldap-3.0.3-17.9 is installed OR freeradius-server-libs-3.0.3-17.9 is installed OR freeradius-server-mysql-3.0.3-17.9 is installed OR freeradius-server-perl-3.0.3-17.9 is installed OR freeradius-server-postgresql-3.0.3-17.9 is installed OR freeradius-server-python-3.0.3-17.9 is installed OR freeradius-server-sqlite-3.0.3-17.9 is installed OR freeradius-server-utils-3.0.3-17.9 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information libksba-1.0.4-1.20.1 is installed OR libksba-devel-1.0.4-1.20.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND liblcms-devel-1.19-17 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information FastCGI-2.4.0-167 is installed OR perl-FastCGI-2.4.0-167 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR ImageMagick-devel-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagick++-devel-6.8.8.1-70 is installed OR perl-PerlMagick-6.8.8.1-70 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information kernel-default-3.12.32-33.1 is installed OR kernel-default-extra-3.12.32-33.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information gd-2.1.0-12.1 is installed OR gd-32bit-2.1.0-12.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information LibVNCServer-0.9.10-4.22 is installed OR libvncclient0-0.9.10-4.22 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information chromedriver-54.0.2840.59-109 is installed OR chromium-54.0.2840.59-109 is installed OR chromium-ffmpegsumo-54.0.2840.59-109 is installed
BACK