Oval Definition:	oval:org.opensuse.security:def:52959
Revision Date: 2020-12-01 Version: 1 Title: Security update for php7 (Moderate) Description: This update for php7 fixes the following issues: Security issues fixed: - CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128892). - CVE-2019-9675: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128886). - CVE-2019-9638: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension ((bsc#1128889). - CVE-2019-9639: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128887). - CVE-2019-9640: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128883). - CVE-2019-9022: Fixed a vulnerability which could allow a hostile DNS server to make PHP misuse memcpy (bsc#1126827). - CVE-2019-9024: Fixed a vulnerability in xmlrpc_decode function which could allow to a hostile XMLRPC server to cause memory read outside the allocated areas (bsc#1126821). - CVE-2019-9020: Fixed a heap out of bounds in xmlrpc_decode function (bsc#1126711). - CVE-2018-20783: Fixed a buffer over-read in PHAR reading functions which could allow an attacker to read allocated and unallocated memory when parsing a phar file (bsc#1127122). - CVE-2019-9021: Fixed a heap buffer-based buffer over-read in PHAR reading functions which could allow an attacker to read allocated and unallocated memory when parsing a phar file (bsc#1126713). - CVE-2019-9023: Fixed multiple heap-based buffer over-read instances in mbstring regular expression functions (bsc#1126823). - CVE-2019-9641: Fixed multiple invalid memory access in EXIF extension and improved insecure implementation of rename function (bsc#1128722). - CVE-2018-19935: Fixed a Denial of Service in php_imap.c which could be triggered via an empty string in the message argument to imap_mail (bsc#1118832). - CVE-2019-11034: Fixed a heap-buffer overflow in php_ifd_get32si() (bsc#1132838). - CVE-2019-11035: Fixed a heap-buffer overflow in exif_iif_add_value() (bsc#1132837). - CVE-2019-11036: Fixed buffer over-read in exif_process_IFD_TAG function leading to information disclosure (bsc#1134322). Other issue addressed: - Deleted README.default_socket_timeout which is not needed anymore (bsc#1129032). - Enabled php7 testsuite (bsc#1119396). Family: unix Class: patch Status: Reference(s): 1001600 1118832 1119396 1126711 1126713 1126821 1126823 1126827 1127122 1128722 1128883 1128886 1128887 1128889 1128892 1129032 1132837 1132838 1134322 1146608 902408 902409 902410 934333 936676 951166 958963 960155 962983 962996 974655 980722 983582 984751 985177 985348 989523 991069 994989 CVE-2008-1227 CVE-2009-0696 CVE-2009-4022 CVE-2010-3613 CVE-2010-3614 CVE-2010-3615 CVE-2011-0414 CVE-2011-1000 CVE-2011-1907 CVE-2011-1910 CVE-2011-2464 CVE-2011-3389 CVE-2011-4313 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2012-1667 CVE-2012-3817 CVE-2012-3868 CVE-2012-4244 CVE-2012-5166 CVE-2012-5688 CVE-2012-5689 CVE-2013-1431 CVE-2013-1752 CVE-2013-2266 CVE-2013-4238 CVE-2013-4854 CVE-2014-0591 CVE-2014-2667 CVE-2014-3695 CVE-2014-3696 CVE-2014-3698 CVE-2014-4650 CVE-2014-8500 CVE-2014-9622 CVE-2015-1191 CVE-2015-1349 CVE-2015-2590 CVE-2015-2590 CVE-2015-2597 CVE-2015-2597 CVE-2015-2601 CVE-2015-2601 CVE-2015-2613 CVE-2015-2613 CVE-2015-2619 CVE-2015-2619 CVE-2015-2621 CVE-2015-2621 CVE-2015-2625 CVE-2015-2625 CVE-2015-2627 CVE-2015-2627 CVE-2015-2628 CVE-2015-2628 CVE-2015-2632 CVE-2015-2632 CVE-2015-2637 CVE-2015-2637 CVE-2015-2638 CVE-2015-2638 CVE-2015-2659 CVE-2015-2659 CVE-2015-2664 CVE-2015-2664 CVE-2015-2808 CVE-2015-2808 CVE-2015-4000 CVE-2015-4000 CVE-2015-4620 CVE-2015-4729 CVE-2015-4729 CVE-2015-4731 CVE-2015-4731 CVE-2015-4732 CVE-2015-4732 CVE-2015-4733 CVE-2015-4733 CVE-2015-4734 CVE-2015-4734 CVE-2015-4736 CVE-2015-4736 CVE-2015-4748 CVE-2015-4748 CVE-2015-4749 CVE-2015-4749 CVE-2015-4760 CVE-2015-4760 CVE-2015-4803 CVE-2015-4803 CVE-2015-4805 CVE-2015-4805 CVE-2015-4806 CVE-2015-4806 CVE-2015-4810 CVE-2015-4810 CVE-2015-4835 CVE-2015-4835 CVE-2015-4840 CVE-2015-4840 CVE-2015-4842 CVE-2015-4842 CVE-2015-4843 CVE-2015-4843 CVE-2015-4844 CVE-2015-4844 CVE-2015-4860 CVE-2015-4860 CVE-2015-4868 CVE-2015-4868 CVE-2015-4872 CVE-2015-4872 CVE-2015-4881 CVE-2015-4881 CVE-2015-4882 CVE-2015-4882 CVE-2015-4883 CVE-2015-4883 CVE-2015-4893 CVE-2015-4893 CVE-2015-4901 CVE-2015-4901 CVE-2015-4902 CVE-2015-4902 CVE-2015-4903 CVE-2015-4903 CVE-2015-4906 CVE-2015-4906 CVE-2015-4908 CVE-2015-4908 CVE-2015-4911 CVE-2015-4911 CVE-2015-4916 CVE-2015-4916 CVE-2015-5477 CVE-2015-5722 CVE-2015-7552 CVE-2015-7575 CVE-2015-7575 CVE-2015-8000 CVE-2015-8126 CVE-2015-8126 CVE-2015-8704 CVE-2016-0402 CVE-2016-0402 CVE-2016-0448 CVE-2016-0448 CVE-2016-0466 CVE-2016-0466 CVE-2016-0475 CVE-2016-0475 CVE-2016-0483 CVE-2016-0483 CVE-2016-0494 CVE-2016-0494 CVE-2016-0636 CVE-2016-0636 CVE-2016-0686 CVE-2016-0686 CVE-2016-0687 CVE-2016-0687 CVE-2016-0695 CVE-2016-0695 CVE-2016-0755 CVE-2016-0772 CVE-2016-1000110 CVE-2016-10165 CVE-2016-1285 CVE-2016-1286 CVE-2016-2183 CVE-2016-2776 CVE-2016-2851 CVE-2016-3425 CVE-2016-3425 CVE-2016-3426 CVE-2016-3426 CVE-2016-3427 CVE-2016-3427 CVE-2016-3458 CVE-2016-3458 CVE-2016-3485 CVE-2016-3485 CVE-2016-3498 CVE-2016-3498 CVE-2016-3500 CVE-2016-3500 CVE-2016-3503 CVE-2016-3503 CVE-2016-3508 CVE-2016-3508 CVE-2016-3511 CVE-2016-3511 CVE-2016-3550 CVE-2016-3550 CVE-2016-3552 CVE-2016-3552 CVE-2016-3587 CVE-2016-3587 CVE-2016-3598 CVE-2016-3598 CVE-2016-3606 CVE-2016-3606 CVE-2016-3610 CVE-2016-3610 CVE-2016-4912 CVE-2016-5542 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 CVE-2016-5636 CVE-2016-5699 CVE-2016-7567 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10078 CVE-2017-10081 CVE-2017-10086 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10114 CVE-2017-10115 CVE-2017-10116 CVE-2017-10118 CVE-2017-10125 CVE-2017-10135 CVE-2017-10176 CVE-2017-10193 CVE-2017-10198 CVE-2017-10243 CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3512 CVE-2017-3514 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 CVE-2018-19935 CVE-2018-20783 CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 CVE-2018-2938 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-3639 CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 CVE-2019-14973 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 CVE-2019-9675 SUSE-SU-2016:0225-1 SUSE-SU-2016:0340-1 SUSE-SU-2016:2653-1 SUSE-SU-2016:2661-1 SUSE-SU-2019:1461-1 SUSE-SU-2020:2744-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gstreamer-plugins-bad-1.12.5-lp150.1 is installed OR gstreamer-plugins-bad-lang-1.12.5-lp150.1 is installed OR libgstadaptivedemux-1_0-0-1.12.5-lp150.1 is installed OR libgstbadaudio-1_0-0-1.12.5-lp150.1 is installed OR libgstbadbase-1_0-0-1.12.5-lp150.1 is installed OR libgstbadvideo-1_0-0-1.12.5-lp150.1 is installed OR libgstbasecamerabinsrc-1_0-0-1.12.5-lp150.1 is installed OR libgstcodecparsers-1_0-0-1.12.5-lp150.1 is installed OR libgstgl-1_0-0-1.12.5-lp150.1 is installed OR libgstmpegts-1_0-0-1.12.5-lp150.1 is installed OR libgstphotography-1_0-0-1.12.5-lp150.1 is installed OR libgsturidownloader-1_0-0-1.12.5-lp150.1 is installed OR libgstwayland-1_0-0-1.12.5-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information expat-2.2.5-lp151.3.3 is installed OR libexpat-devel-2.2.5-lp151.3.3 is installed OR libexpat-devel-32bit-2.2.5-lp151.3.3 is installed OR libexpat1-2.2.5-lp151.3.3 is installed OR libexpat1-32bit-2.2.5-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libvirt-0.9.6-0.21 is installed OR libvirt-client-0.9.6-0.21 is installed OR libvirt-client-32bit-0.9.6-0.21 is installed OR libvirt-doc-0.9.6-0.21 is installed OR libvirt-python-0.9.6-0.21 is installed OR virt-manager-0.9.0-3.19 is installed OR vm-install-0.5.10-0.5 is installed OR xen-4.1.2_20-0.5 is installed OR xen-doc-html-4.1.2_20-0.5 is installed OR xen-doc-pdf-4.1.2_20-0.5 is installed OR xen-kmp-default-4.1.2_20_3.0.38_0.5-0.5 is installed OR xen-kmp-trace-4.1.2_20_3.0.38_0.5-0.5 is installed OR xen-libs-4.1.2_20-0.5 is installed OR xen-libs-32bit-4.1.2_20-0.5 is installed OR xen-tools-4.1.2_20-0.5 is installed OR xen-tools-domU-4.1.2_20-0.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information evolution-data-server-2.28.2-0.32 is installed OR evolution-data-server-32bit-2.28.2-0.32 is installed OR evolution-data-server-lang-2.28.2-0.32 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libtidy-1.0-37 is installed OR tidy-1.0-37 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information finch-2.10.9-8 is installed OR libpurple-2.10.9-8 is installed OR libpurple-lang-2.10.9-8 is installed OR libpurple-meanwhile-2.10.9-8 is installed OR libpurple-tcl-2.10.9-8 is installed OR pidgin-2.10.9-8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libsilc-1_1-2-1.1.10-24 is installed OR libsilcclient-1_1-3-1.1.10-24 is installed OR silc-toolkit-1.1.10-24 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bind-libs-9.9.9P1-46 is installed OR bind-libs-32bit-9.9.9P1-46 is installed OR bind-utils-9.9.9P1-46 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND pigz-2.3-5 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information php7-7.2.5-4.32 is installed OR php7-embed-7.2.5-4.32 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND tiff-4.0.9-5.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_8_0-openjdk-1.8.0.65-1 is installed OR java-1_8_0-openjdk-demo-1.8.0.65-1 is installed OR java-1_8_0-openjdk-devel-1.8.0.65-1 is installed OR java-1_8_0-openjdk-headless-1.8.0.65-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information postgresql94-9.4.24-21.25 is installed OR postgresql94-contrib-9.4.24-21.25 is installed OR postgresql94-docs-9.4.24-21.25 is installed OR postgresql94-plperl-9.4.24-21.25 is installed OR postgresql94-plpython-9.4.24-21.25 is installed OR postgresql94-pltcl-9.4.24-21.25 is installed OR postgresql94-server-9.4.24-21.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information emacs-24.3-16 is installed OR emacs-el-24.3-16 is installed OR emacs-info-24.3-16 is installed OR emacs-nox-24.3-16 is installed OR emacs-x11-24.3-16 is installed OR etags-24.3-16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libdcerpc-binding0-4.4.2-38.20 is installed OR libdcerpc-binding0-32bit-4.4.2-38.20 is installed OR libdcerpc0-4.4.2-38.20 is installed OR libdcerpc0-32bit-4.4.2-38.20 is installed OR libndr-krb5pac0-4.4.2-38.20 is installed OR libndr-krb5pac0-32bit-4.4.2-38.20 is installed OR libndr-nbt0-4.4.2-38.20 is installed OR libndr-nbt0-32bit-4.4.2-38.20 is installed OR libndr-standard0-4.4.2-38.20 is installed OR libndr-standard0-32bit-4.4.2-38.20 is installed OR libndr0-4.4.2-38.20 is installed OR libndr0-32bit-4.4.2-38.20 is installed OR libnetapi0-4.4.2-38.20 is installed OR libnetapi0-32bit-4.4.2-38.20 is installed OR libsamba-credentials0-4.4.2-38.20 is installed OR libsamba-credentials0-32bit-4.4.2-38.20 is installed OR libsamba-errors0-4.4.2-38.20 is installed OR libsamba-errors0-32bit-4.4.2-38.20 is installed OR libsamba-hostconfig0-4.4.2-38.20 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.20 is installed OR libsamba-passdb0-4.4.2-38.20 is installed OR libsamba-passdb0-32bit-4.4.2-38.20 is installed OR libsamba-util0-4.4.2-38.20 is installed OR libsamba-util0-32bit-4.4.2-38.20 is installed OR libsamdb0-4.4.2-38.20 is installed OR libsamdb0-32bit-4.4.2-38.20 is installed OR libsmbclient0-4.4.2-38.20 is installed OR libsmbclient0-32bit-4.4.2-38.20 is installed OR libsmbconf0-4.4.2-38.20 is installed OR libsmbconf0-32bit-4.4.2-38.20 is installed OR libsmbldap0-4.4.2-38.20 is installed OR libsmbldap0-32bit-4.4.2-38.20 is installed OR libtevent-util0-4.4.2-38.20 is installed OR libtevent-util0-32bit-4.4.2-38.20 is installed OR libwbclient0-4.4.2-38.20 is installed OR libwbclient0-32bit-4.4.2-38.20 is installed OR samba-4.4.2-38.20 is installed OR samba-client-4.4.2-38.20 is installed OR samba-client-32bit-4.4.2-38.20 is installed OR samba-doc-4.4.2-38.20 is installed OR samba-libs-4.4.2-38.20 is installed OR samba-libs-32bit-4.4.2-38.20 is installed OR samba-winbind-4.4.2-38.20 is installed OR samba-winbind-32bit-4.4.2-38.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_38-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_13-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information crash-7.1.8-3 is installed OR crash-kmp-default-7.1.8_k4.4.73_5-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information python-PyYAML-5.1.2-26.9 is installed OR python-asn1crypto-0.24.0-2.5 is installed OR python-packaging-17.1-2.5 is installed OR python3-PyYAML-5.1.2-26.9 is installed OR python3-asn1crypto-0.24.0-2.5 is installed OR python3-packaging-17.1-2.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information curl-7.37.0-37.26 is installed OR libcurl4-7.37.0-37.26 is installed OR libcurl4-32bit-7.37.0-37.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND crowbar-openstack-3.0+git.1456169766.1e60d19-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information ghostscript-9.26a-23.19 is installed OR ghostscript-x11-9.26a-23.19 is installed OR libspectre-0.2.7-12.6 is installed OR libspectre1-0.2.7-12.6 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND git-2.12.3-27.14 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR libwebkit2gtk3-lang-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed
BACK