Oval Definition:oval:org.opensuse.security:def:52476
Revision Date:2020-12-01Version:1
Title:Security update for php7 (Important)
Description:

This update for php7 fixes the following issues:

- CVE-2020-7069: Fixed an issue when AES-CCM mode was used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV was used (bsc#1177351). - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing prefixed cookie names (bsc#1177352). - Added tmpfiles.d for php-fpm to provide a base for a socket (bsc#1173786)
Family:unixClass:patch
Status:Reference(s):1051510
1065600
1065729
1071995
1085030
1094555
1111666
1112374
1114279
1120163
1128432
1133021
1134730
1134738
1135153
1135296
1135642
1136156
1136157
1136271
1136333
1137103
1137194
1137366
1137884
1137985
1138263
1138336
1138374
1138375
1138589
1138681
1138719
1138732
1140709
1149032
1152472
1152489
1153095
1153259
1153274
1154353
1154488
1154492
1155518
1155784
1156395
1158696
1159058
1159692
1160634
1167773
1169790
1171634
1171688
1172108
1172197
1172247
1172418
1172871
1172963
1173468
1173485
1173786
1173798
1173813
1173954
1174002
1174003
1174026
1174205
1174247
1174362
1174387
1174484
1174625
1174645
1174689
1174699
1174737
1174757
1174762
1174770
1174771
1174777
1174805
1174824
1174825
1174852
1174865
1174880
1174897
1174906
1174969
1175009
1175010
1175011
1175012
1175013
1175014
1175015
1175016
1175017
1175018
1175019
1175020
1175021
1175052
1175112
1175116
1175128
1175149
1175175
1175176
1175180
1175181
1175182
1175183
1175184
1175185
1175186
1175187
1175188
1175189
1175190
1175191
1175192
1175195
1175199
1175213
1175232
1175263
1175284
1175296
1175344
1175345
1175346
1175347
1175367
1175377
1175440
1175493
1175546
1175550
1175654
1175691
1175768
1175769
1175770
1175771
1175772
1175774
1175775
1175834
1175873
1177351
1177352
CVE-2004-0801
CVE-2004-2771
CVE-2009-1210
CVE-2009-1267
CVE-2009-1268
CVE-2009-1269
CVE-2009-3241
CVE-2009-3242
CVE-2009-3243
CVE-2009-3627
CVE-2010-1455
CVE-2010-2993
CVE-2010-3445
CVE-2010-4267
CVE-2010-4300
CVE-2010-4301
CVE-2010-4538
CVE-2011-0024
CVE-2011-0538
CVE-2011-0713
CVE-2011-1138
CVE-2011-1139
CVE-2011-1140
CVE-2011-1143
CVE-2011-1590
CVE-2011-1591
CVE-2011-1592
CVE-2011-1957
CVE-2011-1958
CVE-2011-1959
CVE-2011-2174
CVE-2011-2175
CVE-2011-2597
CVE-2011-2697
CVE-2011-2698
CVE-2011-2722
CVE-2011-3266
CVE-2011-3360
CVE-2011-3483
CVE-2012-0804
CVE-2012-2392
CVE-2012-2393
CVE-2012-2394
CVE-2012-2451
CVE-2012-3548
CVE-2012-4048
CVE-2012-4049
CVE-2012-4285
CVE-2012-4286
CVE-2012-4287
CVE-2012-4288
CVE-2012-4289
CVE-2012-4290
CVE-2012-4291
CVE-2012-4292
CVE-2012-4293
CVE-2012-4294
CVE-2012-4295
CVE-2012-4296
CVE-2012-4297
CVE-2012-4298
CVE-2012-5237
CVE-2012-5238
CVE-2012-5239
CVE-2012-5240
CVE-2012-5592
CVE-2012-5593
CVE-2012-5594
CVE-2012-5595
CVE-2012-5596
CVE-2012-5597
CVE-2012-5598
CVE-2012-5599
CVE-2012-5600
CVE-2012-5601
CVE-2012-5602
CVE-2013-1572
CVE-2013-1573
CVE-2013-1574
CVE-2013-1575
CVE-2013-1576
CVE-2013-1577
CVE-2013-1578
CVE-2013-1579
CVE-2013-1580
CVE-2013-1581
CVE-2013-1582
CVE-2013-1583
CVE-2013-1584
CVE-2013-1585
CVE-2013-1586
CVE-2013-1587
CVE-2013-1588
CVE-2013-1589
CVE-2013-1590
CVE-2013-1989
CVE-2013-2066
CVE-2013-2475
CVE-2013-2476
CVE-2013-2477
CVE-2013-2478
CVE-2013-2479
CVE-2013-2480
CVE-2013-2481
CVE-2013-2482
CVE-2013-2483
CVE-2013-2484
CVE-2013-2485
CVE-2013-2486
CVE-2013-2487
CVE-2013-2488
CVE-2013-3555
CVE-2013-3556
CVE-2013-3557
CVE-2013-3558
CVE-2013-3559
CVE-2013-3560
CVE-2013-3561
CVE-2013-3562
CVE-2013-4083
CVE-2013-4314
CVE-2013-4325
CVE-2013-4920
CVE-2013-4921
CVE-2013-4922
CVE-2013-4923
CVE-2013-4924
CVE-2013-4925
CVE-2013-4926
CVE-2013-4927
CVE-2013-4928
CVE-2013-4929
CVE-2013-4930
CVE-2013-4931
CVE-2013-4932
CVE-2013-4933
CVE-2013-4934
CVE-2013-4935
CVE-2013-4936
CVE-2013-5717
CVE-2013-5718
CVE-2013-5719
CVE-2013-5720
CVE-2013-5721
CVE-2013-5722
CVE-2013-6336
CVE-2013-6337
CVE-2013-6338
CVE-2013-6339
CVE-2013-6340
CVE-2013-6402
CVE-2013-6427
CVE-2013-7112
CVE-2013-7113
CVE-2013-7114
CVE-2014-2281
CVE-2014-2282
CVE-2014-2283
CVE-2014-2299
CVE-2014-2497
CVE-2014-2907
CVE-2014-4020
CVE-2014-5161
CVE-2014-5162
CVE-2014-5163
CVE-2014-5164
CVE-2014-5165
CVE-2014-6272
CVE-2014-7844
CVE-2014-9709
CVE-2015-0559
CVE-2015-0560
CVE-2015-0561
CVE-2015-0562
CVE-2015-0563
CVE-2015-0564
CVE-2015-2188
CVE-2015-2189
CVE-2015-2191
CVE-2015-3811
CVE-2015-3812
CVE-2015-3813
CVE-2015-3814
CVE-2015-7236
CVE-2015-7830
CVE-2015-8711
CVE-2015-8712
CVE-2015-8713
CVE-2015-8714
CVE-2015-8715
CVE-2015-8716
CVE-2015-8717
CVE-2015-8718
CVE-2015-8719
CVE-2015-8720
CVE-2015-8721
CVE-2015-8722
CVE-2015-8723
CVE-2015-8724
CVE-2015-8725
CVE-2015-8726
CVE-2015-8727
CVE-2015-8728
CVE-2015-8729
CVE-2015-8730
CVE-2015-8731
CVE-2015-8732
CVE-2015-8733
CVE-2016-10166
CVE-2016-10167
CVE-2016-10168
CVE-2016-2523
CVE-2016-2530
CVE-2016-2531
CVE-2016-2532
CVE-2016-5116
CVE-2016-5350
CVE-2016-5351
CVE-2016-5352
CVE-2016-5353
CVE-2016-5354
CVE-2016-5355
CVE-2016-5356
CVE-2016-5357
CVE-2016-5358
CVE-2016-5359
CVE-2016-5407
CVE-2016-5759
CVE-2016-6128
CVE-2016-6132
CVE-2016-6161
CVE-2016-6207
CVE-2016-6214
CVE-2016-6354
CVE-2016-6504
CVE-2016-6505
CVE-2016-6506
CVE-2016-6507
CVE-2016-6508
CVE-2016-6509
CVE-2016-6510
CVE-2016-6511
CVE-2016-6905
CVE-2016-6906
CVE-2016-6911
CVE-2016-6912
CVE-2016-7175
CVE-2016-7176
CVE-2016-7177
CVE-2016-7178
CVE-2016-7179
CVE-2016-7180
CVE-2016-7568
CVE-2016-8670
CVE-2016-9317
CVE-2016-9373
CVE-2016-9374
CVE-2016-9375
CVE-2016-9376
CVE-2016-9933
CVE-2017-5596
CVE-2017-5597
CVE-2017-6014
CVE-2017-7700
CVE-2017-7701
CVE-2017-7702
CVE-2017-7703
CVE-2017-7704
CVE-2017-7705
CVE-2017-7745
CVE-2017-7746
CVE-2017-7747
CVE-2017-7748
CVE-2017-9343
CVE-2017-9344
CVE-2017-9345
CVE-2017-9346
CVE-2017-9347
CVE-2017-9348
CVE-2017-9349
CVE-2017-9350
CVE-2017-9351
CVE-2017-9352
CVE-2017-9353
CVE-2017-9354
CVE-2018-16871
CVE-2019-12614
CVE-2019-12817
CVE-2019-12838
CVE-2019-19727
CVE-2019-19728
CVE-2020-14314
CVE-2020-14331
CVE-2020-14356
CVE-2020-16166
CVE-2020-7069
CVE-2020-7070
SUSE-SU-2019:1744-1
SUSE-SU-2020:0110-1
SUSE-SU-2020:2486-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • colord-1.4.2-lp150.1 is installed
  • OR colord-color-profiles-1.4.2-lp150.1 is installed
  • OR colord-gtk-lang-0.1.26-lp150.1 is installed
  • OR colord-lang-1.4.2-lp150.1 is installed
  • OR libcolord-gtk1-0.1.26-lp150.1 is installed
  • OR libcolord2-1.4.2-lp150.1 is installed
  • OR libcolorhug2-1.4.2-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • nginx-1.14.2-lp151.4.3 is installed
  • OR nginx-source-1.14.2-lp151.4.3 is installed
  • OR vim-plugin-nginx-1.14.2-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND openvpn-2.0.9-143.33.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.95-0.17 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.95-0.17 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.95-0.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND cvs-1.12.12-181 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • hplip-3.14.6-3 is installed
  • OR hplip-hpijs-3.14.6-3 is installed
  • OR hplip-sane-3.14.6-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND kdump-0.8.15-28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gd-2.1.0-23 is installed
  • OR gd-32bit-2.1.0-23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libXv1-1.0.10-7 is installed
  • OR libXv1-32bit-1.0.10-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed
  • AND Package Information
  • libpmi0-18.08.9-3.10 is installed
  • OR libslurm33-18.08.9-3.10 is installed
  • OR perl-slurm-18.08.9-3.10 is installed
  • OR slurm-18.08.9-3.10 is installed
  • OR slurm-auth-none-18.08.9-3.10 is installed
  • OR slurm-config-18.08.9-3.10 is installed
  • OR slurm-config-man-18.08.9-3.10 is installed
  • OR slurm-devel-18.08.9-3.10 is installed
  • OR slurm-doc-18.08.9-3.10 is installed
  • OR slurm-lua-18.08.9-3.10 is installed
  • OR slurm-munge-18.08.9-3.10 is installed
  • OR slurm-node-18.08.9-3.10 is installed
  • OR slurm-pam_slurm-18.08.9-3.10 is installed
  • OR slurm-plugins-18.08.9-3.10 is installed
  • OR slurm-slurmdbd-18.08.9-3.10 is installed
  • OR slurm-sql-18.08.9-3.10 is installed
  • OR slurm-sview-18.08.9-3.10 is installed
  • OR slurm-torque-18.08.9-3.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • php7-7.2.5-4.67 is installed
  • OR php7-pear-Archive_Tar-7.2.5-4.67 is installed
  • OR php7-wddx-7.2.5-4.67 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libgnomesu-1.0.0-352 is installed
  • OR libgnomesu-lang-1.0.0-352 is installed
  • OR libgnomesu0-1.0.0-352 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • libspice-server1-0.12.5-10 is installed
  • OR spice-0.12.5-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • rrdtool-1.4.7-20 is installed
  • OR rrdtool-cached-1.4.7-20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.101 is installed
  • OR kernel-default-base-4.4.121-92.101 is installed
  • OR kernel-default-devel-4.4.121-92.101 is installed
  • OR kernel-devel-4.4.121-92.101 is installed
  • OR kernel-macros-4.4.121-92.101 is installed
  • OR kernel-source-4.4.121-92.101 is installed
  • OR kernel-syms-4.4.121-92.101 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libvirt-2.0.0-27.42 is installed
  • OR libvirt-client-2.0.0-27.42 is installed
  • OR libvirt-daemon-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.42 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-xen-2.0.0-27.42 is installed
  • OR libvirt-doc-2.0.0-27.42 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.42 is installed
  • OR libvirt-nss-2.0.0-27.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_120-92_70-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_20-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • file-5.19-9 is installed
  • OR file-magic-5.19-9 is installed
  • OR libmagic1-5.19-9 is installed
  • OR libmagic1-32bit-5.19-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-109.95 is installed
  • OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • bzip2-1.0.6-30.8 is installed
  • OR bzip2-doc-1.0.6-30.8 is installed
  • OR libbz2-1-1.0.6-30.8 is installed
  • OR libbz2-1-32bit-1.0.6-30.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND yast2-smt-3.0.14-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • cracklib-2.9.0-7 is installed
  • OR libcrack2-2.9.0-7 is installed
  • OR libcrack2-32bit-2.9.0-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.7 is installed
  • OR kernel-default-extra-4.12.14-197.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • kernel-default-5.3.18-24.12 is installed
  • OR kernel-default-extra-5.3.18-24.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • xen-4.5.5_16-22.28 is installed
  • OR xen-doc-html-4.5.5_16-22.28 is installed
  • OR xen-kmp-default-4.5.5_16_k3.12.74_60.64.57-22.28 is installed
  • OR xen-libs-4.5.5_16-22.28 is installed
  • OR xen-libs-32bit-4.5.5_16-22.28 is installed
  • OR xen-tools-4.5.5_16-22.28 is installed
  • OR xen-tools-domU-4.5.5_16-22.28 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • res-signingkeys-3.0.37-52.23 is installed
  • OR smt-3.0.37-52.23 is installed
  • OR smt-support-3.0.37-52.23 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-cryptography-2.0.3-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • mariadb-10.2.25-3.19 is installed
  • OR mariadb-galera-10.2.25-3.19 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ruby2.1-rubygem-loofah-2.0.2-3.8 is installed
  • OR rubygem-loofah-2.0.2-3.8 is installed
    • BACK