Oval Definition:	oval:org.opensuse.security:def:52236
Revision Date: 2020-12-01 Version: 1 Title: Security update for php7 (Important) Description: This update for php7 fixes the following issues: - CVE-2020-7069: Fixed an issue when AES-CCM mode was used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV was used (bsc#1177351). - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing prefixed cookie names (bsc#1177352). - Added tmpfiles.d for php-fpm to provide a base for a socket (bsc#1173786) Family: unix Class: patch Status: Reference(s): 1086263 1126826 1126829 1126831 1140126 1142649 1143609 1153768 1153770 1157755 1160254 1160590 1160968 1162224 1162367 1162825 1163333 1163744 1172798 1172846 1173786 1173972 1174538 1174753 1174817 1175168 1177351 1177352 1179036 CVE-2008-1420 CVE-2009-0946 CVE-2009-0946 CVE-2009-3379 CVE-2010-2494 CVE-2010-2497 CVE-2010-2497 CVE-2010-2805 CVE-2010-2805 CVE-2010-3053 CVE-2010-3053 CVE-2010-3054 CVE-2010-3054 CVE-2010-3311 CVE-2010-3311 CVE-2010-3814 CVE-2010-3814 CVE-2010-3855 CVE-2011-0226 CVE-2011-0226 CVE-2011-1006 CVE-2011-1022 CVE-2011-2895 CVE-2011-3256 CVE-2011-3439 CVE-2012-0444 CVE-2012-0804 CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 CVE-2012-5468 CVE-2012-5668 CVE-2012-5668 CVE-2012-5669 CVE-2012-5669 CVE-2012-5670 CVE-2012-5670 CVE-2014-0250 CVE-2014-0791 CVE-2014-2240 CVE-2014-2240 CVE-2014-2241 CVE-2014-3564 CVE-2014-9656 CVE-2014-9656 CVE-2014-9657 CVE-2014-9657 CVE-2014-9658 CVE-2014-9658 CVE-2014-9659 CVE-2014-9659 CVE-2014-9660 CVE-2014-9660 CVE-2014-9661 CVE-2014-9661 CVE-2014-9662 CVE-2014-9662 CVE-2014-9663 CVE-2014-9663 CVE-2014-9664 CVE-2014-9664 CVE-2014-9665 CVE-2014-9665 CVE-2014-9666 CVE-2014-9666 CVE-2014-9667 CVE-2014-9667 CVE-2014-9668 CVE-2014-9668 CVE-2014-9669 CVE-2014-9669 CVE-2014-9670 CVE-2014-9670 CVE-2014-9671 CVE-2014-9671 CVE-2014-9672 CVE-2014-9672 CVE-2014-9673 CVE-2014-9673 CVE-2014-9674 CVE-2014-9674 CVE-2014-9675 CVE-2014-9675 CVE-2016-6354 CVE-2017-12836 CVE-2017-2834 CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838 CVE-2017-2839 CVE-2018-1000135 CVE-2019-12972 CVE-2019-14250 CVE-2019-14444 CVE-2019-17450 CVE-2019-17451 CVE-2019-9074 CVE-2019-9075 CVE-2019-9077 CVE-2019-9674 CVE-2020-13844 CVE-2020-15652 CVE-2020-15659 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2655 CVE-2020-6463 CVE-2020-6514 CVE-2020-7069 CVE-2020-7070 CVE-2020-8492 SUSE-SU-2019:1369-1 SUSE-SU-2020:0213-1 SUSE-SU-2020:0510-1 SUSE-SU-2020:2179-1 SUSE-SU-2020:2947-1 SUSE-SU-2020:3552-1 Platform(s): openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gdk-pixbuf-lang-2.36.11-lp150.3 is installed OR gdk-pixbuf-query-loaders-2.36.11-lp150.3 is installed OR gdk-pixbuf-thumbnailer-2.36.11-lp150.3 is installed OR libgdk_pixbuf-2_0-0-2.36.11-lp150.3 is installed OR typelib-1_0-GdkPixbuf-2_0-2.36.11-lp150.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information compat-openssl097g-0.9.7g-146.22 is installed OR compat-openssl097g-32bit-0.9.7g-146.22 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-31.8.0esr-0.10 is installed OR MozillaFirefox-translations-31.8.0esr-0.10 is installed OR libfreebl3-3.19.2_CKBI_1.98-0.10 is installed OR libfreebl3-32bit-3.19.2_CKBI_1.98-0.10 is installed OR libsoftokn3-3.19.2_CKBI_1.98-0.10 is installed OR libsoftokn3-32bit-3.19.2_CKBI_1.98-0.10 is installed OR mozilla-nspr-4.10.8-0.5 is installed OR mozilla-nspr-32bit-4.10.8-0.5 is installed OR mozilla-nss-3.19.2_CKBI_1.98-0.10 is installed OR mozilla-nss-32bit-3.19.2_CKBI_1.98-0.10 is installed OR mozilla-nss-tools-3.19.2_CKBI_1.98-0.10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information gpgme-1.5.1-1 is installed OR libgpgme11-1.5.1-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libfreetype6-2.5.5-7.5 is installed OR libfreetype6-32bit-2.5.5-7.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND bogofilter-1.2.4-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libvorbis0-1.3.3-8 is installed OR libvorbis0-32bit-1.3.3-8 is installed OR libvorbisenc2-1.3.3-8 is installed OR libvorbisenc2-32bit-1.3.3-8 is installed OR libvorbisfile3-1.3.3-8 is installed OR libvorbisfile3-32bit-1.3.3-8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND cvs-1.12.12-182.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information php7-7.2.5-4.67 is installed OR php7-embed-7.2.5-4.67 is installed OR php7-readline-7.2.5-4.67 is installed OR php7-sodium-7.2.5-4.67 is installed OR php7-tidy-7.2.5-4.67 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libexif12-0.6.21-6 is installed OR libexif12-32bit-0.6.21-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information glibc-2.19-40.9 is installed OR glibc-32bit-2.19-40.9 is installed OR glibc-devel-2.19-40.9 is installed OR glibc-devel-32bit-2.19-40.9 is installed OR glibc-html-2.19-40.9 is installed OR glibc-i18ndata-2.19-40.9 is installed OR glibc-info-2.19-40.9 is installed OR glibc-locale-2.19-40.9 is installed OR glibc-locale-32bit-2.19-40.9 is installed OR glibc-profile-2.19-40.9 is installed OR glibc-profile-32bit-2.19-40.9 is installed OR nscd-2.19-40.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND libdmx1-1.1.3-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180807-13.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-36 is installed OR aaa_base-extras-13.2+git20140911.61c1681-36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-devel-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information g3utils-1.1.36-58.3 is installed OR mgetty-1.1.36-58.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information ibus-chewing-1.4.14-4 is installed OR ibus-pinyin-1.5.0-11 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information binutils-2.35.1-6.15 is installed OR binutils-devel-2.35.1-6.15 is installed OR binutils-devel-32bit-2.35.1-6.15 is installed OR libctf-nobfd0-2.35.1-6.15 is installed OR libctf0-2.35.1-6.15 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information java-11-openjdk-11.0.6.0-3.39 is installed OR java-11-openjdk-demo-11.0.6.0-3.39 is installed OR java-11-openjdk-devel-11.0.6.0-3.39 is installed OR java-11-openjdk-headless-11.0.6.0-3.39 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information NetworkManager-1.10.6-5.6 is installed OR NetworkManager-lang-1.10.6-5.6 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.11.0-3.91 is installed OR MozillaThunderbird-translations-common-68.11.0-3.91 is installed OR MozillaThunderbird-translations-other-68.11.0-3.91 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND Package Information containerd-1.2.6-16.23 is installed OR docker-19.03.1_ce-98.46 is installed OR docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25 is installed OR docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND git-2.12.3-27.14 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Django1-1.11.23-3.9 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
BACK