Oval Definition:oval:org.opensuse.security:def:70661
Revision Date:2020-12-01Version:1
Title:Security update for php7 (Important)
Description:

This update for php7 fixes the following issues:

- CVE-2020-7069: Fixed an issue when AES-CCM mode was used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV was used (bsc#1177351). - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing prefixed cookie names (bsc#1177352). - Added tmpfiles.d for php-fpm to provide a base for a socket (bsc#1173786)
Family:unixClass:patch
Status:Reference(s):1173786
1177351
1177352
1178682
CVE-2020-25708
CVE-2020-7069
CVE-2020-7070
SUSE-SU-2020:3515-1
Platform(s):SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.25 is installed
  • OR libvncserver0-0.9.10-4.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • php7-7.2.5-4.67 is installed
  • OR php7-pear-Archive_Tar-7.2.5-4.67 is installed
  • OR php7-wddx-7.2.5-4.67 is installed
    • BACK