| Revision Date: | 2020-10-22 | Version: | 1 |
| Title: | Security update for php7 (Important) |
| Description: |
This update for php7 fixes the following issues:
- CVE-2020-7069: Fixed an issue when AES-CCM mode was used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV was used (bsc#1177351). - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing prefixed cookie names (bsc#1177352). - Added tmpfiles.d for php-fpm to provide a base for a socket (bsc#1173786)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1173786
1177351
1177352
CVE-2020-7069
CVE-2020-7070
SUSE-SU-2020:2997-1
|
| Platform(s): | SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND php7-embed-7.2.5-4.67.2 is installed
|