Security update for php7
This update for php7 fixes the following issues:
Security issues fixed:
- CVE-2017-16642: Fix timelib_meridian error that could be used to leak information from the interpreter (bsc#1067441).
- CVE-2017-9229: Fix invalid pointer dereference in left_adjust_char_head() (bsc#1069631).
- CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitset_set_range() during regex compilation (bsc#1069606).
Bugs fixed:
- Fix wrong reference when serialize/unserialize an object (bsc#1063815).
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#1063815
[PHP] Wrong reference when serialize/unserialize an object
bnc#1067441
VUL-1: CVE-2017-16642: php5,php7,php53: timelib_meridian error could be used to leak information from the interpreter
bnc#1069631
VUL-0: CVE-2017-9229: php5,php7,php53: oniguruma: Invalid pointer dereference in left_adjust_char_head()
bnc#1069606
VUL-0: CVE-2017-9228: php5,php53,php7: heap out-of-bounds write occurs in bitset_set_range() during regex compilation
