Security update for php7
This update for php7 fixes the following issues:
The following security vulnerabilities were fixed:
- CVE-2018-14851: Fixed an out-of-bound read in exif_process_IFD_in_MAKERNOTE,
which could be exploited by an attacker via crafted JPG files, and could
result in an application crash. (bsc#1103659)
- CVE-2017-9120: Fixed an buffer overflow in mysqli_real_escape_string, which
could be exploited via along string and could result in an application crash
or have other unspecified impacts. (bsc#1103661)
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#1103659
VUL-1: CVE-2018-14851: php5,php7,php53: exif: buffer over-read in exif_process_IFD_in_MAKERNOTE()
bnc#1103661
VUL-0: CVE-2017-9120: php7 Integer overflow in mysqli_api.c:mysqli_real_escape_string()
