Oval Definition:oval:org.opensuse.security:def:65771
Revision Date:2020-12-01Version:1
Title:Security update for php7 (Important)
Description:

This update for php7 fixes the following issues:

- CVE-2020-7062: Fixed a null pointer dereference when using file upload functionality under specific circumstances (bsc#1165280). - CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289). - CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may have led to denial of service (bsc#1162629). - CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar which may have led to memory corruption (bsc#1162632).
Family:unixClass:patch
Status:Reference(s):1140747
1162629
1162632
1165280
1165289
CVE-2019-11478
CVE-2020-7059
CVE-2020-7060
CVE-2020-7062
CVE-2020-7063
SUSE-SU-2019:1888-1
SUSE-SU-2020:0622-1
Platform(s):SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_4-default-3-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_1-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • php7-7.2.5-4.52 is installed
  • OR php7-embed-7.2.5-4.52 is installed
  • OR php7-readline-7.2.5-4.52 is installed
  • OR php7-sodium-7.2.5-4.52 is installed
  • OR php7-tidy-7.2.5-4.52 is installed
    • BACK