Oval Definition:oval:org.opensuse.security:def:66002
Revision Date:2020-12-01Version:1
Title:Security update for php7 (Important)
Description:

This update for php7 fixes the following issues:

- CVE-2020-7069: Fixed an issue when AES-CCM mode was used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV was used (bsc#1177351). - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing prefixed cookie names (bsc#1177352). - Added tmpfiles.d for php-fpm to provide a base for a socket (bsc#1173786)
Family:unixClass:patch
Status:Reference(s):1076530
1096368
1105606
1106699
1173786
1177351
1177352
CVE-2017-15134
CVE-2017-15135
CVE-2018-10850
CVE-2018-10935
CVE-2018-14624
CVE-2020-7069
CVE-2020-7070
SUSE-SU-2019:1207-2
SUSE-SU-2020:2997-1
Platform(s):SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
  • AND Package Information
  • php7-7.2.5-4.67 is installed
  • OR php7-embed-7.2.5-4.67 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • 389-ds-1.4.0.3-4.7 is installed
  • OR 389-ds-devel-1.4.0.3-4.7 is installed
    • BACK