Oval Definition:	oval:org.opensuse.security:def:53412
Revision Date: 2020-12-01 Version: 1 Title: Security update for php7 (Moderate) Description: This update for php7 fixes the following issues: - CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class (bsc#1159923). - CVE-2019-11046: Fixed an information leak in bc_shift_addsub() (bsc#1159924). - CVE-2019-11047, CVE-2019-11050: Fixed multiple information leaks in exif_read_data() (bsc#1159922, bsc#1159927). Family: unix Class: patch Status: Reference(s): 1000662 1007280 1010161 1010163 1011103 1011107 1014172 1028301 1030050 1031247 1031249 1031250 1031254 1031255 1031262 1031263 1046853 1046858 1123156 1159922 1159923 1159924 1159927 1161066 1163018 1165776 1166240 1170940 904017 914890 950474 974449 974840 977333 977374 977376 977381 977386 984813 984815 987351 CVE-2011-2483 CVE-2011-3177 CVE-2013-1990 CVE-2013-1999 CVE-2013-6393 CVE-2014-0172 CVE-2014-2525 CVE-2014-3636 CVE-2014-7824 CVE-2014-8127 CVE-2014-9130 CVE-2014-9447 CVE-2015-7645 CVE-2016-10266 CVE-2016-10267 CVE-2016-10268 CVE-2016-10269 CVE-2016-10270 CVE-2016-10271 CVE-2016-10272 CVE-2016-2805 CVE-2016-2807 CVE-2016-2808 CVE-2016-2814 CVE-2016-3622 CVE-2016-3658 CVE-2016-5321 CVE-2016-5323 CVE-2016-5652 CVE-2016-5759 CVE-2016-5875 CVE-2016-6354 CVE-2016-7953 CVE-2016-9042 CVE-2016-9273 CVE-2016-9297 CVE-2016-9448 CVE-2016-9453 CVE-2017-10684 CVE-2017-10685 CVE-2017-6451 CVE-2017-6458 CVE-2017-6460 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2017-6508 CVE-2017-8422 CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050 CVE-2019-20382 CVE-2019-6778 CVE-2020-1711 CVE-2020-1983 CVE-2020-7039 CVE-2020-8608 SUSE-SU-2015:1770-1 SUSE-SU-2016:1258-1 SUSE-SU-2016:3301-1 SUSE-SU-2017:0800-1 SUSE-SU-2017:1044-1 SUSE-SU-2017:1048-1 SUSE-SU-2017:1815-1 SUSE-SU-2020:0101-1 SUSE-SU-2020:1523-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information accountsservice-0.6.45-lp150.2 is installed OR accountsservice-lang-0.6.45-lp150.2 is installed OR libaccountsservice0-0.6.45-lp150.2 is installed OR typelib-1_0-AccountsService-1_0-0.6.45-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information update-test-32bit-pkg-5.1-lp151.12 is installed OR update-test-affects-package-manager-5.1-lp151.12 is installed OR update-test-broken-5.1-lp151.12 is installed OR update-test-feature-5.1-lp151.12 is installed OR update-test-interactive-5.1-lp151.12 is installed OR update-test-optional-5.1-lp151.12 is installed OR update-test-reboot-needed-5.1-lp151.12 is installed OR update-test-relogin-suggested-5.1-lp151.12 is installed OR update-test-security-5.1-lp151.12 is installed OR update-test-trivial-5.1-lp151.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.11-0.3 is installed OR MozillaFirefox-translations-10.0.11-0.3 is installed OR libfreebl3-3.14-0.3 is installed OR libfreebl3-32bit-3.14-0.3 is installed OR mozilla-nss-3.14-0.3 is installed OR mozilla-nss-32bit-3.14-0.3 is installed OR mozilla-nss-tools-3.14-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.6.0esr-0.8 is installed OR MozillaFirefox-branding-SLED-24-0.7 is installed OR MozillaFirefox-translations-24.6.0esr-0.8 is installed OR libfreebl3-3.16.1-0.8 is installed OR libfreebl3-32bit-3.16.1-0.8 is installed OR libsoftokn3-3.16.1-0.8 is installed OR libsoftokn3-32bit-3.16.1-0.8 is installed OR mozilla-nspr-4.10.6-0.3 is installed OR mozilla-nspr-32bit-4.10.6-0.3 is installed OR mozilla-nss-3.16.1-0.8 is installed OR mozilla-nss-32bit-3.16.1-0.8 is installed OR mozilla-nss-tools-3.16.1-0.8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information ecryptfs-utils-61-1.35 is installed OR ecryptfs-utils-32bit-61-1.35 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information dbus-1-1.8.12-6 is installed OR dbus-1-x11-1.8.12-6 is installed OR libdbus-1-3-1.8.12-6 is installed OR libdbus-1-3-32bit-1.8.12-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libtiff5-4.0.7-35 is installed OR libtiff5-32bit-4.0.7-35 is installed OR tiff-4.0.7-35 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libncurses5-5.9-44 is installed OR libncurses5-32bit-5.9-44 is installed OR libncurses6-5.9-44 is installed OR libncurses6-32bit-5.9-44 is installed OR ncurses-5.9-44 is installed OR ncurses-devel-5.9-44 is installed OR ncurses-utils-5.9-44 is installed OR tack-5.9-44 is installed OR terminfo-5.9-44 is installed OR terminfo-base-5.9-44 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information elfutils-0.158-6 is installed OR libasm1-0.158-6 is installed OR libdw1-0.158-6 is installed OR libdw1-32bit-0.158-6 is installed OR libebl1-0.158-6 is installed OR libebl1-32bit-0.158-6 is installed OR libelf1-0.158-6 is installed OR libelf1-32bit-0.158-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND kdump-0.8.16-9 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information apache2-mod_php7-7.2.5-4.49 is installed OR php7-7.2.5-4.49 is installed OR php7-bcmath-7.2.5-4.49 is installed OR php7-bz2-7.2.5-4.49 is installed OR php7-calendar-7.2.5-4.49 is installed OR php7-ctype-7.2.5-4.49 is installed OR php7-curl-7.2.5-4.49 is installed OR php7-dba-7.2.5-4.49 is installed OR php7-devel-7.2.5-4.49 is installed OR php7-dom-7.2.5-4.49 is installed OR php7-enchant-7.2.5-4.49 is installed OR php7-exif-7.2.5-4.49 is installed OR php7-fastcgi-7.2.5-4.49 is installed OR php7-fileinfo-7.2.5-4.49 is installed OR php7-fpm-7.2.5-4.49 is installed OR php7-ftp-7.2.5-4.49 is installed OR php7-gd-7.2.5-4.49 is installed OR php7-gettext-7.2.5-4.49 is installed OR php7-gmp-7.2.5-4.49 is installed OR php7-iconv-7.2.5-4.49 is installed OR php7-intl-7.2.5-4.49 is installed OR php7-json-7.2.5-4.49 is installed OR php7-ldap-7.2.5-4.49 is installed OR php7-mbstring-7.2.5-4.49 is installed OR php7-mysql-7.2.5-4.49 is installed OR php7-odbc-7.2.5-4.49 is installed OR php7-opcache-7.2.5-4.49 is installed OR php7-openssl-7.2.5-4.49 is installed OR php7-pcntl-7.2.5-4.49 is installed OR php7-pdo-7.2.5-4.49 is installed OR php7-pear-7.2.5-4.49 is installed OR php7-pear-Archive_Tar-7.2.5-4.49 is installed OR php7-pgsql-7.2.5-4.49 is installed OR php7-phar-7.2.5-4.49 is installed OR php7-posix-7.2.5-4.49 is installed OR php7-shmop-7.2.5-4.49 is installed OR php7-snmp-7.2.5-4.49 is installed OR php7-soap-7.2.5-4.49 is installed OR php7-sockets-7.2.5-4.49 is installed OR php7-sodium-7.2.5-4.49 is installed OR php7-sqlite-7.2.5-4.49 is installed OR php7-sysvmsg-7.2.5-4.49 is installed OR php7-sysvsem-7.2.5-4.49 is installed OR php7-sysvshm-7.2.5-4.49 is installed OR php7-tokenizer-7.2.5-4.49 is installed OR php7-wddx-7.2.5-4.49 is installed OR php7-xmlreader-7.2.5-4.49 is installed OR php7-xmlrpc-7.2.5-4.49 is installed OR php7-xmlwriter-7.2.5-4.49 is installed OR php7-xsl-7.2.5-4.49 is installed OR php7-zip-7.2.5-4.49 is installed OR php7-zlib-7.2.5-4.49 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information apache2-2.4.16-5 is installed OR apache2-doc-2.4.16-5 is installed OR apache2-example-pages-2.4.16-5 is installed OR apache2-prefork-2.4.16-5 is installed OR apache2-utils-2.4.16-5 is installed OR apache2-worker-2.4.16-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_35-default-5-2 is installed OR kgraft-patch-3_12_69-60_64_35-xen-5-2 is installed OR kgraft-patch-SLE12-SP1_Update_14-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information tomcat-8.0.36-11 is installed OR tomcat-admin-webapps-8.0.36-11 is installed OR tomcat-docs-webapp-8.0.36-11 is installed OR tomcat-el-3_0-api-8.0.36-11 is installed OR tomcat-javadoc-8.0.36-11 is installed OR tomcat-jsp-2_3-api-8.0.36-11 is installed OR tomcat-lib-8.0.36-11 is installed OR tomcat-servlet-3_1-api-8.0.36-11 is installed OR tomcat-webapps-8.0.36-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information gstreamer-0_10-plugins-base-0.10.36-18.3 is installed OR gstreamer-0_10-plugins-base-32bit-0.10.36-18.3 is installed OR libgstapp-0_10-0-32bit-0.10.36-18.3 is installed OR libgstinterfaces-0_10-0-32bit-0.10.36-18.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cron-4.2-58 is installed OR cronie-1.4.11-58 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_140-94_42-default-10-2 is installed OR kgraft-patch-SLE12-SP3_Update_15-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libtiff5-4.0.9-44.21 is installed OR libtiff5-32bit-4.0.9-44.21 is installed OR tiff-4.0.9-44.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND cifs-utils-6.5-9.3 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information qemu-2.11.2-9.36 is installed OR qemu-arm-2.11.2-9.36 is installed OR qemu-block-curl-2.11.2-9.36 is installed OR qemu-block-iscsi-2.11.2-9.36 is installed OR qemu-block-rbd-2.11.2-9.36 is installed OR qemu-block-ssh-2.11.2-9.36 is installed OR qemu-guest-agent-2.11.2-9.36 is installed OR qemu-ipxe-1.0.0+-9.36 is installed OR qemu-kvm-2.11.2-9.36 is installed OR qemu-lang-2.11.2-9.36 is installed OR qemu-ppc-2.11.2-9.36 is installed OR qemu-s390-2.11.2-9.36 is installed OR qemu-seabios-1.11.0-9.36 is installed OR qemu-sgabios-8-9.36 is installed OR qemu-tools-2.11.2-9.36 is installed OR qemu-vgabios-1.11.0-9.36 is installed OR qemu-x86-2.11.2-9.36 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND couchdb-1.6.1-2 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.25-30.39 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information postgresql96-9.6.17-3.33 is installed OR postgresql96-contrib-9.6.17-3.33 is installed OR postgresql96-docs-9.6.17-3.33 is installed OR postgresql96-libs-9.6.17-3.33 is installed OR postgresql96-plperl-9.6.17-3.33 is installed OR postgresql96-plpython-9.6.17-3.33 is installed OR postgresql96-pltcl-9.6.17-3.33 is installed OR postgresql96-server-9.6.17-3.33 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information ardana-db-9.0+git.1572311426.a6dc2fd-3.13 is installed OR ardana-keystone-9.0+git.1573069087.15ffd1c-3.13 is installed OR ardana-neutron-9.0+git.1572019823.6650494-3.16 is installed OR ardana-nova-9.0+git.1572618171.4460843-3.13 is installed OR openstack-barbican-7.0.1~dev21-3.3 is installed OR openstack-barbican-api-7.0.1~dev21-3.3 is installed OR openstack-barbican-keystone-listener-7.0.1~dev21-3.3 is installed OR openstack-barbican-retry-7.0.1~dev21-3.3 is installed OR openstack-barbican-worker-7.0.1~dev21-3.3 is installed OR openstack-heat-templates-0.0.0+git.1553459627.948e8cc-3.3 is installed OR openstack-keystone-14.1.1~dev28-3.16 is installed OR openstack-neutron-13.0.6~dev8-3.16 is installed OR openstack-neutron-dhcp-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-gbp-5.0.1~dev476-3.13 is installed OR openstack-neutron-ha-tool-13.0.6~dev8-3.16 is installed OR openstack-neutron-l3-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-lbaas-13.0.1~dev16-3.13 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev16-3.13 is installed OR openstack-neutron-linuxbridge-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-macvtap-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-metadata-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-metering-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-openvswitch-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-server-13.0.6~dev8-3.16 is installed OR openstack-nova-18.2.4~dev22-3.16 is installed OR openstack-nova-api-18.2.4~dev22-3.16 is installed OR openstack-nova-cells-18.2.4~dev22-3.16 is installed OR openstack-nova-compute-18.2.4~dev22-3.16 is installed OR openstack-nova-conductor-18.2.4~dev22-3.16 is installed OR openstack-nova-console-18.2.4~dev22-3.16 is installed OR openstack-nova-novncproxy-18.2.4~dev22-3.16 is installed OR openstack-nova-placement-api-18.2.4~dev22-3.16 is installed OR openstack-nova-scheduler-18.2.4~dev22-3.16 is installed OR openstack-nova-serialproxy-18.2.4~dev22-3.16 is installed OR openstack-nova-vncproxy-18.2.4~dev22-3.16 is installed OR openstack-octavia-3.2.1~dev3-3.16 is installed OR openstack-octavia-amphora-agent-3.2.1~dev3-3.16 is installed OR openstack-octavia-api-3.2.1~dev3-3.16 is installed OR openstack-octavia-health-manager-3.2.1~dev3-3.16 is installed OR openstack-octavia-housekeeping-3.2.1~dev3-3.16 is installed OR openstack-octavia-worker-3.2.1~dev3-3.16 is installed OR openstack-sahara-9.0.2~dev14-3.6 is installed OR openstack-sahara-api-9.0.2~dev14-3.6 is installed OR openstack-sahara-engine-9.0.2~dev14-3.6 is installed OR python-barbican-7.0.1~dev21-3.3 is installed OR python-keystone-14.1.1~dev28-3.16 is installed OR python-neutron-13.0.6~dev8-3.16 is installed OR python-neutron-gbp-5.0.1~dev476-3.13 is installed OR python-neutron-lbaas-13.0.1~dev16-3.13 is installed OR python-nova-18.2.4~dev22-3.16 is installed OR python-octavia-3.2.1~dev3-3.16 is installed OR python-psutil-5.4.6-3.3 is installed OR python-sahara-9.0.2~dev14-3.6 is installed OR release-notes-suse-openstack-cloud-9.20191025-3.15 is installed OR venv-openstack-barbican-7.0.1~dev21-3.13 is installed OR venv-openstack-barbican-x86_64-7.0.1~dev21-3.13 is installed OR venv-openstack-cinder-13.0.8~dev8-3.13 is installed OR venv-openstack-cinder-x86_64-13.0.8~dev8-3.13 is installed OR venv-openstack-designate-7.0.1~dev22-3.13 is installed OR venv-openstack-designate-x86_64-7.0.1~dev22-3.13 is installed OR venv-openstack-heat-11.0.3~dev23-3.13 is installed OR venv-openstack-heat-x86_64-11.0.3~dev23-3.13 is installed OR venv-openstack-keystone-14.1.1~dev28-3.13 is installed OR venv-openstack-keystone-x86_64-14.1.1~dev28-3.13 is installed OR venv-openstack-magnum-7.1.1~dev28-4.13 is installed OR venv-openstack-magnum-x86_64-7.1.1~dev28-4.13 is installed OR venv-openstack-manila-7.3.1~dev15-3.13 is installed OR venv-openstack-manila-x86_64-7.3.1~dev15-3.13 is installed OR venv-openstack-monasca-ceilometer-1.8.2~dev3-3.13 is installed OR venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.13 is installed OR venv-openstack-neutron-13.0.6~dev8-6.13 is installed OR venv-openstack-neutron-x86_64-13.0.6~dev8-6.13 is installed OR venv-openstack-nova-18.2.4~dev22-3.13 is installed OR venv-openstack-nova-x86_64-18.2.4~dev22-3.13 is installed OR venv-openstack-octavia-3.2.1~dev3-4.13 is installed OR venv-openstack-octavia-x86_64-3.2.1~dev3-4.13 is installed OR venv-openstack-sahara-9.0.2~dev14-3.13 is installed OR venv-openstack-sahara-x86_64-9.0.2~dev14-3.13 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-Django-1.11.11-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-SQLAlchemy-1.2.10-3.3 is installed
BACK