Oval Definition:oval:org.opensuse.security:def:53557
Revision Date:2020-12-01Version:1
Title:Security update for php7 (Important)
Description:

This update for php7 fixes the following issues:

- CVE-2020-7069: Fixed an issue when AES-CCM mode was used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV was used (bsc#1177351). - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing prefixed cookie names (bsc#1177352). - Added tmpfiles.d for php-fpm to provide a base for a socket (bsc#1173786)
Family:unixClass:patch
Status:Reference(s):1008029
1017646
1018128
1030263
1032114
1032120
1036453
1051222
1162117
1166844
1166916
1172442
1172443
1173786
1177351
1177352
855676
895129
901902
906878
908362
908372
912014
912015
912018
912292
912293
912294
912296
953817
958331
958791
979907
986247
997857
CVE-2010-0407
CVE-2010-4531
CVE-2011-3635
CVE-2012-6706
CVE-2013-0211
CVE-2014-0004
CVE-2014-3158
CVE-2014-3570
CVE-2014-3571
CVE-2014-3572
CVE-2014-8275
CVE-2015-0204
CVE-2015-0205
CVE-2015-0206
CVE-2015-2304
CVE-2015-3310
CVE-2015-7542
CVE-2015-8023
CVE-2015-8540
CVE-2015-8871
CVE-2015-8915
CVE-2015-8916
CVE-2015-8918
CVE-2015-8919
CVE-2015-8920
CVE-2015-8921
CVE-2015-8922
CVE-2015-8923
CVE-2015-8924
CVE-2015-8925
CVE-2015-8926
CVE-2015-8928
CVE-2015-8929
CVE-2015-8930
CVE-2015-8931
CVE-2015-8932
CVE-2015-8933
CVE-2015-8934
CVE-2016-10087
CVE-2016-10109
CVE-2016-10220
CVE-2016-1541
CVE-2016-4300
CVE-2016-4301
CVE-2016-4302
CVE-2016-4809
CVE-2016-5418
CVE-2016-5773
CVE-2016-5844
CVE-2016-6250
CVE-2016-7163
CVE-2016-8687
CVE-2016-8688
CVE-2016-8689
CVE-2016-9137
CVE-2016-9601
CVE-2017-11185
CVE-2017-5951
CVE-2017-7207
CVE-2017-8291
CVE-2020-10531
CVE-2020-11080
CVE-2020-7069
CVE-2020-7070
CVE-2020-7598
CVE-2020-8174
SUSE-SU-2015:2183-2
SUSE-SU-2016:2975-1
SUSE-SU-2017:0860-1
SUSE-SU-2017:1138-1
SUSE-SU-2017:2143-1
SUSE-SU-2017:2144-1
SUSE-SU-2018:0072-1
SUSE-SU-2020:1568-1
SUSE-SU-2020:2997-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • PackageKit-1.1.10-lp150.2 is installed
  • OR PackageKit-backend-zypp-1.1.10-lp150.2 is installed
  • OR PackageKit-gstreamer-plugin-1.1.10-lp150.2 is installed
  • OR PackageKit-gtk3-module-1.1.10-lp150.2 is installed
  • OR PackageKit-lang-1.1.10-lp150.2 is installed
  • OR libpackagekit-glib2-18-1.1.10-lp150.2 is installed
  • OR typelib-1_0-PackageKitGlib-1_0-1.1.10-lp150.2 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • bzip2-1.0.6-lp151.5.3 is installed
  • OR bzip2-doc-1.0.6-lp151.5.3 is installed
  • OR libbz2-1-1.0.6-lp151.5.3 is installed
  • OR libbz2-1-32bit-1.0.6-lp151.5.3 is installed
  • OR libbz2-devel-1.0.6-lp151.5.3 is installed
  • OR libbz2-devel-32bit-1.0.6-lp151.5.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND puppet-2.6.18-0.12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND libaugeas0-0.9.0-3.15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND python-setuptools-0.6c11-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libopenssl1_0_0-1.0.1i-17 is installed
  • OR libopenssl1_0_0-32bit-1.0.1i-17 is installed
  • OR openssl-1.0.1i-17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • strongswan-5.1.3-22 is installed
  • OR strongswan-doc-5.1.3-22 is installed
  • OR strongswan-ipsec-5.1.3-22 is installed
  • OR strongswan-libs0-5.1.3-22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libpng12-1.2.50-19 is installed
  • OR libpng12-0-1.2.50-19 is installed
  • OR libpng12-0-32bit-1.2.50-19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libpcsclite1-1.8.10-6 is installed
  • OR libpcsclite1-32bit-1.8.10-6 is installed
  • OR pcsc-lite-1.8.10-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • empathy-3.12.13-8.3 is installed
  • OR empathy-lang-3.12.13-8.3 is installed
  • OR telepathy-mission-control-plugin-goa-3.12.13-8.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • e2fsprogs-1.42.11-7 is installed
  • OR libcom_err2-1.42.11-7 is installed
  • OR libcom_err2-32bit-1.42.11-7 is installed
  • OR libext2fs2-1.42.11-7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_69-60_64_32-default-4-3 is installed
  • OR kgraft-patch-3_12_69-60_64_32-xen-4-3 is installed
  • OR kgraft-patch-SLE12-SP1_Update_13-4-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libXrender1-0.9.8-3 is installed
  • OR libXrender1-32bit-0.9.8-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libvirt-2.0.0-27.42 is installed
  • OR libvirt-client-2.0.0-27.42 is installed
  • OR libvirt-daemon-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.42 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-xen-2.0.0-27.42 is installed
  • OR libvirt-doc-2.0.0-27.42 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.42 is installed
  • OR libvirt-nss-2.0.0-27.42 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.35-30.50 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.35-30.50 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.35-30.50 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.35-30.50 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_120-92_70-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_20-5-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gstreamer-1.8.3-9 is installed
  • OR gstreamer-lang-1.8.3-9 is installed
  • OR gstreamer-utils-1.8.3-9 is installed
  • OR libgstreamer-1_0-0-1.8.3-9 is installed
  • OR libgstreamer-1_0-0-32bit-1.8.3-9 is installed
  • OR typelib-1_0-Gst-1_0-1.8.3-9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • evince-3.20.2-6.27 is installed
  • OR evince-browser-plugin-3.20.2-6.27 is installed
  • OR evince-lang-3.20.2-6.27 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.27 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.27 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
  • OR evince-plugin-psdocument-3.20.2-6.27 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
  • OR libevdocument3-4-3.20.2-6.27 is installed
  • OR libevview3-3-3.20.2-6.27 is installed
  • OR nautilus-evince-3.20.2-6.27 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libX11-1.6.2-12.5 is installed
  • OR libX11-6-1.6.2-12.5 is installed
  • OR libX11-6-32bit-1.6.2-12.5 is installed
  • OR libX11-data-1.6.2-12.5 is installed
  • OR libX11-xcb1-1.6.2-12.5 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.5 is installed
  • OR libxcb-1.10-4.3 is installed
  • OR libxcb-dri2-0-1.10-4.3 is installed
  • OR libxcb-dri2-0-32bit-1.10-4.3 is installed
  • OR libxcb-dri3-0-1.10-4.3 is installed
  • OR libxcb-dri3-0-32bit-1.10-4.3 is installed
  • OR libxcb-glx0-1.10-4.3 is installed
  • OR libxcb-glx0-32bit-1.10-4.3 is installed
  • OR libxcb-present0-1.10-4.3 is installed
  • OR libxcb-present0-32bit-1.10-4.3 is installed
  • OR libxcb-randr0-1.10-4.3 is installed
  • OR libxcb-render0-1.10-4.3 is installed
  • OR libxcb-render0-32bit-1.10-4.3 is installed
  • OR libxcb-shape0-1.10-4.3 is installed
  • OR libxcb-shm0-1.10-4.3 is installed
  • OR libxcb-shm0-32bit-1.10-4.3 is installed
  • OR libxcb-sync1-1.10-4.3 is installed
  • OR libxcb-sync1-32bit-1.10-4.3 is installed
  • OR libxcb-xf86dri0-1.10-4.3 is installed
  • OR libxcb-xfixes0-1.10-4.3 is installed
  • OR libxcb-xfixes0-32bit-1.10-4.3 is installed
  • OR libxcb-xinerama0-1.10-4.3 is installed
  • OR libxcb-xkb1-1.10-4.3 is installed
  • OR libxcb-xkb1-32bit-1.10-4.3 is installed
  • OR libxcb-xv0-1.10-4.3 is installed
  • OR libxcb1-1.10-4.3 is installed
  • OR libxcb1-32bit-1.10-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libical1-1.0.1-16.3 is installed
  • OR libical1-32bit-1.0.1-16.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • apache2-mod_php7-7.2.5-4.67 is installed
  • OR php7-7.2.5-4.67 is installed
  • OR php7-bcmath-7.2.5-4.67 is installed
  • OR php7-bz2-7.2.5-4.67 is installed
  • OR php7-calendar-7.2.5-4.67 is installed
  • OR php7-ctype-7.2.5-4.67 is installed
  • OR php7-curl-7.2.5-4.67 is installed
  • OR php7-dba-7.2.5-4.67 is installed
  • OR php7-devel-7.2.5-4.67 is installed
  • OR php7-dom-7.2.5-4.67 is installed
  • OR php7-enchant-7.2.5-4.67 is installed
  • OR php7-exif-7.2.5-4.67 is installed
  • OR php7-fastcgi-7.2.5-4.67 is installed
  • OR php7-fileinfo-7.2.5-4.67 is installed
  • OR php7-fpm-7.2.5-4.67 is installed
  • OR php7-ftp-7.2.5-4.67 is installed
  • OR php7-gd-7.2.5-4.67 is installed
  • OR php7-gettext-7.2.5-4.67 is installed
  • OR php7-gmp-7.2.5-4.67 is installed
  • OR php7-iconv-7.2.5-4.67 is installed
  • OR php7-intl-7.2.5-4.67 is installed
  • OR php7-json-7.2.5-4.67 is installed
  • OR php7-ldap-7.2.5-4.67 is installed
  • OR php7-mbstring-7.2.5-4.67 is installed
  • OR php7-mysql-7.2.5-4.67 is installed
  • OR php7-odbc-7.2.5-4.67 is installed
  • OR php7-opcache-7.2.5-4.67 is installed
  • OR php7-openssl-7.2.5-4.67 is installed
  • OR php7-pcntl-7.2.5-4.67 is installed
  • OR php7-pdo-7.2.5-4.67 is installed
  • OR php7-pear-7.2.5-4.67 is installed
  • OR php7-pear-Archive_Tar-7.2.5-4.67 is installed
  • OR php7-pgsql-7.2.5-4.67 is installed
  • OR php7-phar-7.2.5-4.67 is installed
  • OR php7-posix-7.2.5-4.67 is installed
  • OR php7-readline-7.2.5-4.67 is installed
  • OR php7-shmop-7.2.5-4.67 is installed
  • OR php7-snmp-7.2.5-4.67 is installed
  • OR php7-soap-7.2.5-4.67 is installed
  • OR php7-sockets-7.2.5-4.67 is installed
  • OR php7-sodium-7.2.5-4.67 is installed
  • OR php7-sqlite-7.2.5-4.67 is installed
  • OR php7-sysvmsg-7.2.5-4.67 is installed
  • OR php7-sysvsem-7.2.5-4.67 is installed
  • OR php7-sysvshm-7.2.5-4.67 is installed
  • OR php7-tokenizer-7.2.5-4.67 is installed
  • OR php7-wddx-7.2.5-4.67 is installed
  • OR php7-xmlreader-7.2.5-4.67 is installed
  • OR php7-xmlrpc-7.2.5-4.67 is installed
  • OR php7-xmlwriter-7.2.5-4.67 is installed
  • OR php7-xsl-7.2.5-4.67 is installed
  • OR php7-zip-7.2.5-4.67 is installed
  • OR php7-zlib-7.2.5-4.67 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • nodejs10-10.21.0-1.21 is installed
  • OR nodejs10-devel-10.21.0-1.21 is installed
  • OR nodejs10-docs-10.21.0-1.21 is installed
  • OR npm10-10.21.0-1.21 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-ironic-4.2.3~a0~dev14-1 is installed
  • OR openstack-ironic-api-4.2.3~a0~dev14-1 is installed
  • OR openstack-ironic-conductor-4.2.3~a0~dev14-1 is installed
  • OR python-ironic-4.2.3~a0~dev14-1 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • krb5-1.12.5-40.31 is installed
  • OR krb5-32bit-1.12.5-40.31 is installed
  • OR krb5-client-1.12.5-40.31 is installed
  • OR krb5-doc-1.12.5-40.31 is installed
  • OR krb5-plugin-kdb-ldap-1.12.5-40.31 is installed
  • OR krb5-plugin-preauth-otp-1.12.5-40.31 is installed
  • OR krb5-plugin-preauth-pkinit-1.12.5-40.31 is installed
  • OR krb5-server-1.12.5-40.31 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND cobbler-2.6.6-49.14 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Django1-1.11.20-3.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • wicked-0.6.60-38.27 is installed
  • OR wicked-service-0.6.60-38.27 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
  • OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
  • BACK