OVAL Reference oval:org.opensuse.security:def:53595

Oval Definition:

oval:org.opensuse.security:def:53595

Revision Date:	2020-12-01	Version:	1
Title:	Security update for php7 (Important)
Description:	This update for php7 fixes the following issues: - CVE-2020-7062: Fixed a null pointer dereference when using file upload functionality under specific circumstances (bsc#1165280). - CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289). - CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may have led to denial of service (bsc#1162629). - CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar which may have led to memory corruption (bsc#1162632).
Family:	unix	Class:	patch
Status:		Reference(s):	1002573 1005522 1005523 1005524 1005525 1005526 1005527 1005528 1026236 1027519 1035231 1036244 1046637 1047536 1049578 1050707 1051787 1051788 1051789 1052686 1055695 1058565 1058622 1058624 1162629 1162632 1165280 1165289 1174662 814241 826717 866902 879138 880984 882089 889526 896023 897614 897906 898772 900292 901317 903357 903359 903850 903967 903970 905465 905467 906439 915410 936923 956159 960506 961305 CVE-2009-0758 CVE-2010-2242 CVE-2010-2244 CVE-2011-1002 CVE-2011-1146 CVE-2011-2511 CVE-2011-4600 CVE-2012-3445 CVE-2012-6706 CVE-2013-0170 CVE-2013-1962 CVE-2013-2218 CVE-2013-2230 CVE-2013-3495 CVE-2013-4153 CVE-2013-4154 CVE-2013-4239 CVE-2013-4296 CVE-2013-4297 CVE-2013-4311 CVE-2013-4399 CVE-2013-4400 CVE-2013-4401 CVE-2013-6436 CVE-2013-6456 CVE-2013-6457 CVE-2013-6458 CVE-2014-0028 CVE-2014-0179 CVE-2014-1447 CVE-2014-3633 CVE-2014-3657 CVE-2014-5146 CVE-2014-5149 CVE-2014-7823 CVE-2014-8104 CVE-2014-8131 CVE-2014-8594 CVE-2014-8595 CVE-2014-8866 CVE-2014-8867 CVE-2014-9030 CVE-2014-9087 CVE-2014-9512 CVE-2015-0236 CVE-2015-5247 CVE-2015-5313 CVE-2015-8605 CVE-2016-10198 CVE-2016-10199 CVE-2016-4574 CVE-2016-4579 CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 CVE-2016-6329 CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9807 CVE-2016-9808 CVE-2016-9810 CVE-2017-10664 CVE-2017-11434 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 CVE-2017-12166 CVE-2017-12855 CVE-2017-2635 CVE-2017-5840 CVE-2017-5841 CVE-2017-5845 CVE-2017-7478 CVE-2017-7479 CVE-2017-7508 CVE-2017-7520 CVE-2017-7521 CVE-2017-8422 CVE-2020-7059 CVE-2020-7060 CVE-2020-7062 CVE-2020-7063 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 SUSE-SU-2016:0541-1 SUSE-SU-2016:2151-1 SUSE-SU-2016:2953-1 SUSE-SU-2017:1335-1 SUSE-SU-2017:2327-1 SUSE-SU-2017:2695-1 SUSE-SU-2017:2744-1 SUSE-SU-2020:0622-1 SUSE-SU-2020:2198-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information aaa_base-84.87+git20180409.04c9dae-lp150.1 is installed OR aaa_base-extras-84.87+git20180409.04c9dae-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information chromedriver-75.0.3770.90-2 is installed OR chromium-75.0.3770.90-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND clamav-0.97.8-0.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND libaugeas0-0.9.0-3.15 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information ecryptfs-utils-61-1.35 is installed OR ecryptfs-utils-32bit-61-1.35 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information xen-4.4.1_08-5 is installed OR xen-kmp-default-4.4.1_08_k3.12.28_4-5 is installed OR xen-libs-4.4.1_08-5 is installed OR xen-libs-32bit-4.4.1_08-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND rsync-3.1.0-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information java-1_7_0-openjdk-1.7.0.121-36 is installed OR java-1_7_0-openjdk-headless-1.7.0.121-36 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libvirt-3.3.0-4 is installed OR libvirt-admin-3.3.0-4 is installed OR libvirt-client-3.3.0-4 is installed OR libvirt-daemon-3.3.0-4 is installed OR libvirt-daemon-config-network-3.3.0-4 is installed OR libvirt-daemon-config-nwfilter-3.3.0-4 is installed OR libvirt-daemon-driver-interface-3.3.0-4 is installed OR libvirt-daemon-driver-libxl-3.3.0-4 is installed OR libvirt-daemon-driver-lxc-3.3.0-4 is installed OR libvirt-daemon-driver-network-3.3.0-4 is installed OR libvirt-daemon-driver-nodedev-3.3.0-4 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-4 is installed OR libvirt-daemon-driver-qemu-3.3.0-4 is installed OR libvirt-daemon-driver-secret-3.3.0-4 is installed OR libvirt-daemon-driver-storage-3.3.0-4 is installed OR libvirt-daemon-driver-storage-core-3.3.0-4 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-4 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-4 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-4 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-4 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-4 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-4 is installed OR libvirt-daemon-lxc-3.3.0-4 is installed OR libvirt-daemon-qemu-3.3.0-4 is installed OR libvirt-daemon-xen-3.3.0-4 is installed OR libvirt-doc-3.3.0-4 is installed OR libvirt-libs-3.3.0-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information sysvinit-tools-2.88+-94 is installed OR whois-5.1.1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_18-default-10-2 is installed OR kgraft-patch-3_12_67-60_64_18-xen-10-2 is installed OR kgraft-patch-SLE12-SP1_Update_9-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.12.5-1 is installed OR libwebkit2gtk-4_0-37-2.12.5-1 is installed OR typelib-1_0-JavaScriptCore-4_0-2.12.5-1 is installed OR typelib-1_0-WebKit2-4_0-2.12.5-1 is installed OR webkit2gtk-4_0-injected-bundles-2.12.5-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ghostscript-9.25-23.13 is installed OR ghostscript-x11-9.25-23.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_117-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_31-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libXfixes3-5.0.1-7 is installed OR libXfixes3-32bit-5.0.1-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.107 is installed OR kernel-default-base-4.4.180-94.107 is installed OR kernel-default-devel-4.4.180-94.107 is installed OR kernel-devel-4.4.180-94.107 is installed OR kernel-macros-4.4.180-94.107 is installed OR kernel-source-4.4.180-94.107 is installed OR kernel-syms-4.4.180-94.107 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libjpeg-turbo-1.5.3-31.19 is installed OR libjpeg62-62.2.0-31.19 is installed OR libjpeg62-32bit-62.2.0-31.19 is installed OR libjpeg62-turbo-1.5.3-31.19 is installed OR libjpeg8-8.1.2-31.19 is installed OR libjpeg8-32bit-8.1.2-31.19 is installed OR libturbojpeg0-8.1.2-31.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information nfs-client-1.3.0-34.22 is installed OR nfs-doc-1.3.0-34.22 is installed OR nfs-kernel-server-1.3.0-34.22 is installed OR nfs-utils-1.3.0-34.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libQtWebKit4-4.8.7+2.3.4-4.7 is installed OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed OR libqca2-2.0.3-17.7 is installed OR libqca2-32bit-2.0.3-17.7 is installed OR libqt4-4.8.7-8.8 is installed OR libqt4-32bit-4.8.7-8.8 is installed OR libqt4-devel-doc-4.8.7-8.8 is installed OR libqt4-qt3support-4.8.7-8.8 is installed OR libqt4-qt3support-32bit-4.8.7-8.8 is installed OR libqt4-sql-4.8.7-8.8 is installed OR libqt4-sql-32bit-4.8.7-8.8 is installed OR libqt4-sql-mysql-4.8.7-8.8 is installed OR libqt4-sql-plugins-4.8.7-8.8 is installed OR libqt4-sql-sqlite-4.8.7-8.8 is installed OR libqt4-x11-4.8.7-8.8 is installed OR libqt4-x11-32bit-4.8.7-8.8 is installed OR qt4-x11-tools-4.8.7-8.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libopenvswitch-2_8-0-2.8.4-3 is installed OR openvswitch-2.8.4-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information apache2-mod_php7-7.2.5-4.52 is installed OR php7-7.2.5-4.52 is installed OR php7-bcmath-7.2.5-4.52 is installed OR php7-bz2-7.2.5-4.52 is installed OR php7-calendar-7.2.5-4.52 is installed OR php7-ctype-7.2.5-4.52 is installed OR php7-curl-7.2.5-4.52 is installed OR php7-dba-7.2.5-4.52 is installed OR php7-devel-7.2.5-4.52 is installed OR php7-dom-7.2.5-4.52 is installed OR php7-enchant-7.2.5-4.52 is installed OR php7-exif-7.2.5-4.52 is installed OR php7-fastcgi-7.2.5-4.52 is installed OR php7-fileinfo-7.2.5-4.52 is installed OR php7-fpm-7.2.5-4.52 is installed OR php7-ftp-7.2.5-4.52 is installed OR php7-gd-7.2.5-4.52 is installed OR php7-gettext-7.2.5-4.52 is installed OR php7-gmp-7.2.5-4.52 is installed OR php7-iconv-7.2.5-4.52 is installed OR php7-intl-7.2.5-4.52 is installed OR php7-json-7.2.5-4.52 is installed OR php7-ldap-7.2.5-4.52 is installed OR php7-mbstring-7.2.5-4.52 is installed OR php7-mysql-7.2.5-4.52 is installed OR php7-odbc-7.2.5-4.52 is installed OR php7-opcache-7.2.5-4.52 is installed OR php7-openssl-7.2.5-4.52 is installed OR php7-pcntl-7.2.5-4.52 is installed OR php7-pdo-7.2.5-4.52 is installed OR php7-pear-7.2.5-4.52 is installed OR php7-pear-Archive_Tar-7.2.5-4.52 is installed OR php7-pgsql-7.2.5-4.52 is installed OR php7-phar-7.2.5-4.52 is installed OR php7-posix-7.2.5-4.52 is installed OR php7-shmop-7.2.5-4.52 is installed OR php7-snmp-7.2.5-4.52 is installed OR php7-soap-7.2.5-4.52 is installed OR php7-sockets-7.2.5-4.52 is installed OR php7-sodium-7.2.5-4.52 is installed OR php7-sqlite-7.2.5-4.52 is installed OR php7-sysvmsg-7.2.5-4.52 is installed OR php7-sysvsem-7.2.5-4.52 is installed OR php7-sysvshm-7.2.5-4.52 is installed OR php7-tokenizer-7.2.5-4.52 is installed OR php7-wddx-7.2.5-4.52 is installed OR php7-xmlreader-7.2.5-4.52 is installed OR php7-xmlrpc-7.2.5-4.52 is installed OR php7-xmlwriter-7.2.5-4.52 is installed OR php7-xsl-7.2.5-4.52 is installed OR php7-zip-7.2.5-4.52 is installed OR php7-zlib-7.2.5-4.52 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.4-3.60 is installed OR libwebkit2gtk-4_0-37-2.28.4-3.60 is installed OR libwebkit2gtk3-lang-2.28.4-3.60 is installed OR webkit2gtk-4_0-injected-bundles-2.28.4-3.60 is installed OR webkit2gtk3-2.28.4-3.60 is installed OR webkit2gtk3-devel-2.28.4-3.60 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information python-keystoneclient-1.7.2-3 is installed OR python-keystoneclient-doc-1.7.2-3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.35-30.50 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.35-30.50 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.35-30.50 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.35-30.50 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1571412352.8da4d261f-3.13 is installed OR crowbar-core-branding-upstream-6.0+git.1571412352.8da4d261f-3.13 is installed OR crowbar-openstack-6.0+git.1572264221.3826a58b8-3.13 is installed OR grafana-6.2.5-3.9 is installed OR openstack-cinder-13.0.8~dev8-3.13 is installed OR openstack-cinder-api-13.0.8~dev8-3.13 is installed OR openstack-cinder-backup-13.0.8~dev8-3.13 is installed OR openstack-cinder-scheduler-13.0.8~dev8-3.13 is installed OR openstack-cinder-volume-13.0.8~dev8-3.13 is installed OR openstack-dashboard-14.0.5~dev1-3.9 is installed OR openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR openstack-keystone-14.1.1~dev26-3.13 is installed OR openstack-manila-7.3.1~dev15-4.13 is installed OR openstack-manila-api-7.3.1~dev15-4.13 is installed OR openstack-manila-data-7.3.1~dev15-4.13 is installed OR openstack-manila-scheduler-7.3.1~dev15-4.13 is installed OR openstack-manila-share-7.3.1~dev15-4.13 is installed OR openstack-neutron-13.0.6~dev3-3.13 is installed OR openstack-neutron-dhcp-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-fwaas-13.0.3~dev2-3.6 is installed OR openstack-neutron-ha-tool-13.0.6~dev3-3.13 is installed OR openstack-neutron-l3-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-lbaas-13.0.1~dev15-3.10 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev15-3.10 is installed OR openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-macvtap-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metadata-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metering-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-server-13.0.6~dev3-3.13 is installed OR openstack-nova-18.2.4~dev18-3.13 is installed OR openstack-nova-api-18.2.4~dev18-3.13 is installed OR openstack-nova-cells-18.2.4~dev18-3.13 is installed OR openstack-nova-compute-18.2.4~dev18-3.13 is installed OR openstack-nova-conductor-18.2.4~dev18-3.13 is installed OR openstack-nova-console-18.2.4~dev18-3.13 is installed OR openstack-nova-novncproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-placement-api-18.2.4~dev18-3.13 is installed OR openstack-nova-scheduler-18.2.4~dev18-3.13 is installed OR openstack-nova-serialproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-vncproxy-18.2.4~dev18-3.13 is installed OR openstack-octavia-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-agent-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-image-0.1.1-7.3 is installed OR openstack-octavia-amphora-image-x86_64-0.1.1-7.3 is installed OR openstack-octavia-api-3.2.1~dev1-3.13 is installed OR openstack-octavia-health-manager-3.2.1~dev1-3.13 is installed OR openstack-octavia-housekeeping-3.2.1~dev1-3.13 is installed OR openstack-octavia-worker-3.2.1~dev1-3.13 is installed OR python-Django1-1.11.24-3.12 is installed OR python-cinder-13.0.8~dev8-3.13 is installed OR python-horizon-14.0.5~dev1-3.9 is installed OR python-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR python-keystone-14.1.1~dev26-3.13 is installed OR python-keystonemiddleware-5.2.1-11 is installed OR python-manila-7.3.1~dev15-4.13 is installed OR python-neutron-13.0.6~dev3-3.13 is installed OR python-neutron-fwaas-13.0.3~dev2-3.6 is installed OR python-neutron-lbaas-13.0.1~dev15-3.10 is installed OR python-nova-18.2.4~dev18-3.13 is installed OR python-octavia-3.2.1~dev1-3.13 is installed OR python-octaviaclient-1.6.1-3.3 is installed OR python-openstack_auth-14.0.5~dev1-3.9 is installed OR python-os-brick-2.5.8-3.6 is installed OR python-os-brick-common-2.5.8-3.6 is installed OR python-oslo.cache-1.30.4-3.3 is installed OR python-oslo.messaging-8.1.4-3.3 is installed

BACK