OVAL Reference oval:org.opensuse.security:def:53426

Oval Definition:

oval:org.opensuse.security:def:53426

Revision Date:	2020-12-01	Version:	1
Title:	Security update for php7 (Important)
Description:	This update for php7 fixes the following issues: Security issues fixed: - CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360). - CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095). Non-security issue fixed: - Drop -n from php invocation from pecl (bsc#1151793).
Family:	unix	Class:	patch
Status:		Reference(s):	1015499 1015547 1021636 1024051 1026102 1030071 1034570 1034571 1034572 1034574 1035082 1041783 1042802 1042803 1043088 1045719 1045721 1145095 1146360 1151793 1172906 1172935 1173197 901223 901277 948011 952188 952189 952190 954980 963963 965283 978395 981040 981041 981108 981109 981111 981112 981114 981115 981548 981549 981550 983639 CVE-2010-3609 CVE-2014-2497 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-6272 CVE-2014-9709 CVE-2015-2695 CVE-2015-2696 CVE-2015-2697 CVE-2015-7747 CVE-2015-8079 CVE-2015-8126 CVE-2015-8806 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-10324 CVE-2016-10325 CVE-2016-10326 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-1950 CVE-2016-2073 CVE-2016-2834 CVE-2016-3698 CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4912 CVE-2016-5116 CVE-2016-6128 CVE-2016-6132 CVE-2016-6161 CVE-2016-6207 CVE-2016-6214 CVE-2016-6354 CVE-2016-6905 CVE-2016-6906 CVE-2016-6911 CVE-2016-6912 CVE-2016-7567 CVE-2016-7568 CVE-2016-8635 CVE-2016-8670 CVE-2016-9317 CVE-2016-9574 CVE-2016-9933 CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5469 CVE-2017-5838 CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830 CVE-2017-6831 CVE-2017-6832 CVE-2017-6833 CVE-2017-6834 CVE-2017-6835 CVE-2017-6836 CVE-2017-6837 CVE-2017-6838 CVE-2017-6839 CVE-2017-7511 CVE-2017-7515 CVE-2017-7853 CVE-2017-9406 CVE-2017-9408 CVE-2017-9775 CVE-2017-9776 CVE-2019-11041 CVE-2019-11042 CVE-2020-14093 CVE-2020-14154 CVE-2020-14954 SUSE-SU-2015:1897-1 SUSE-SU-2016:0041-1 SUSE-SU-2016:1538-1 SUSE-SU-2017:0966-1 SUSE-SU-2017:1187-1 SUSE-SU-2017:1248-1 SUSE-SU-2017:1999-1 SUSE-SU-2019:2503-1 SUSE-SU-2020:1771-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information bzip2-1.0.6-lp150.3 is installed OR libbz2-1-1.0.6-lp150.3 is installed OR libbz2-1-32bit-1.0.6-lp150.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information GraphicsMagick-1.3.29-lp151.4.3 is installed OR GraphicsMagick-devel-1.3.29-lp151.4.3 is installed OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.3 is installed OR libGraphicsMagick++-devel-1.3.29-lp151.4.3 is installed OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.3 is installed OR libGraphicsMagick3-config-1.3.29-lp151.4.3 is installed OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.3 is installed OR perl-GraphicsMagick-1.3.29-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information hplip-3.11.10-0.6.11 is installed OR hplip-hpijs-3.11.10-0.6.11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information bind-9.9.6P1-0.12 is installed OR bind-libs-9.9.6P1-0.12 is installed OR bind-libs-32bit-9.9.6P1-0.12 is installed OR bind-utils-9.9.6P1-0.12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.559-0.32 is installed OR flash-player-gnome-11.2.202.559-0.32 is installed OR flash-player-kde4-11.2.202.559-0.32 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libopenssl1_0_0-1.0.1i-9 is installed OR libopenssl1_0_0-32bit-1.0.1i-9 is installed OR openssl-1.0.1i-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libpng15-1.5.22-4 is installed OR libpng15-15-1.5.22-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libpoppler-glib8-0.43.0-16.5 is installed OR libpoppler-qt4-4-0.43.0-16.5 is installed OR libpoppler60-0.43.0-16.5 is installed OR poppler-0.43.0-16.5 is installed OR poppler-qt-0.43.0-16.5 is installed OR poppler-tools-0.43.0-16.5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gd-2.1.0-23 is installed OR gd-32bit-2.1.0-23 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information apache2-mod_php7-7.2.5-4.40 is installed OR php7-7.2.5-4.40 is installed OR php7-bcmath-7.2.5-4.40 is installed OR php7-bz2-7.2.5-4.40 is installed OR php7-calendar-7.2.5-4.40 is installed OR php7-ctype-7.2.5-4.40 is installed OR php7-curl-7.2.5-4.40 is installed OR php7-dba-7.2.5-4.40 is installed OR php7-devel-7.2.5-4.40 is installed OR php7-dom-7.2.5-4.40 is installed OR php7-enchant-7.2.5-4.40 is installed OR php7-exif-7.2.5-4.40 is installed OR php7-fastcgi-7.2.5-4.40 is installed OR php7-fileinfo-7.2.5-4.40 is installed OR php7-fpm-7.2.5-4.40 is installed OR php7-ftp-7.2.5-4.40 is installed OR php7-gd-7.2.5-4.40 is installed OR php7-gettext-7.2.5-4.40 is installed OR php7-gmp-7.2.5-4.40 is installed OR php7-iconv-7.2.5-4.40 is installed OR php7-intl-7.2.5-4.40 is installed OR php7-json-7.2.5-4.40 is installed OR php7-ldap-7.2.5-4.40 is installed OR php7-mbstring-7.2.5-4.40 is installed OR php7-mysql-7.2.5-4.40 is installed OR php7-odbc-7.2.5-4.40 is installed OR php7-opcache-7.2.5-4.40 is installed OR php7-openssl-7.2.5-4.40 is installed OR php7-pcntl-7.2.5-4.40 is installed OR php7-pdo-7.2.5-4.40 is installed OR php7-pear-7.2.5-4.40 is installed OR php7-pear-Archive_Tar-7.2.5-4.40 is installed OR php7-pgsql-7.2.5-4.40 is installed OR php7-phar-7.2.5-4.40 is installed OR php7-posix-7.2.5-4.40 is installed OR php7-shmop-7.2.5-4.40 is installed OR php7-snmp-7.2.5-4.40 is installed OR php7-soap-7.2.5-4.40 is installed OR php7-sockets-7.2.5-4.40 is installed OR php7-sqlite-7.2.5-4.40 is installed OR php7-sysvmsg-7.2.5-4.40 is installed OR php7-sysvsem-7.2.5-4.40 is installed OR php7-sysvshm-7.2.5-4.40 is installed OR php7-tokenizer-7.2.5-4.40 is installed OR php7-wddx-7.2.5-4.40 is installed OR php7-xmlreader-7.2.5-4.40 is installed OR php7-xmlrpc-7.2.5-4.40 is installed OR php7-xmlwriter-7.2.5-4.40 is installed OR php7-xsl-7.2.5-4.40 is installed OR php7-zip-7.2.5-4.40 is installed OR php7-zlib-7.2.5-4.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND clamav-0.98.7-13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information xen-4.5.5_12-22.18 is installed OR xen-doc-html-4.5.5_12-22.18 is installed OR xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18 is installed OR xen-libs-4.5.5_12-22.18 is installed OR xen-libs-32bit-4.5.5_12-22.18 is installed OR xen-tools-4.5.5_12-22.18 is installed OR xen-tools-domU-4.5.5_12-22.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND xf86-video-intel-2.99.917.641_ge4ef6e9-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180703-13.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kernel-default-4.4.121-92.117 is installed OR kernel-default-base-4.4.121-92.117 is installed OR kernel-default-devel-4.4.121-92.117 is installed OR kernel-default-man-4.4.121-92.117 is installed OR kernel-devel-4.4.121-92.117 is installed OR kernel-macros-4.4.121-92.117 is installed OR kernel-source-4.4.121-92.117 is installed OR kernel-syms-4.4.121-92.117 is installed OR kgraft-patch-4_4_121-92_117-default-1-3.3 is installed OR kgraft-patch-SLE12-SP2_Update_31-1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information dovecot22-2.2.30.2-14 is installed OR dovecot22-backend-mysql-2.2.30.2-14 is installed OR dovecot22-backend-pgsql-2.2.30.2-14 is installed OR dovecot22-backend-sqlite-2.2.30.2-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND mailman-2.1.17-3.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND ucode-intel-20180807-13.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information curl-7.60.0-2 is installed OR libcurl4-7.60.0-2 is installed OR libcurl4-32bit-7.60.0-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information mutt-1.10.1-3.8 is installed OR mutt-doc-1.10.1-3.8 is installed OR mutt-lang-1.10.1-3.8 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information openstack-keystone-8.0.2~a0~dev8-1 is installed OR python-keystone-8.0.2~a0~dev8-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND python-Pillow-2.8.1-4.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.6.1-109.113 is installed OR MozillaFirefox-translations-common-68.6.1-109.113 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-core-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-ha-5.0+git.1530177874.35b9099-3.3 is installed OR crowbar-init-5.0+git.1520420379.d5bbb35-3.3 is installed OR crowbar-openstack-5.0+git.1534167599.d325ef804-4.8 is installed OR crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-loofah-2.0.2-3.8 is installed OR rubygem-loofah-2.0.2-3.8 is installed

BACK