Overview

File _patchinfo of Package patchinfo.11083

<patchinfo incident="11083">
  <issue tracker="bnc" id="1132837">VUL-1: CVE-2019-11035: php5,php72,php7,php53: Heap-buffer-overflow in exif_iif_add_value in EXIF</issue>
  <issue tracker="bnc" id="1132838">VUL-1: CVE-2019-11034: php5,php72,php7,php53: Heap-buffer-overflow in php_ifd_get32s</issue>
  <issue tracker="bnc" id="1133714">php72-gd: imagefttext()  function undefined</issue>
  <issue id="1134322" tracker="bnc">VUL-0: CVE-2019-11036: php5,php72,php7,php53: php: buffer over-read in exif_process_IFD_TAG function leading to information disclosure</issue>
  <issue id="2019-11036" tracker="cve" />
  <issue tracker="cve" id="2019-11035"/>
  <issue tracker="cve" id="2019-11034"/>
  <packager>pgajdos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for php72</summary>
  <description>This update for php72 fixes the following issues:

Security issues fixed:

- CVE-2019-11034: Fixed a heap-buffer overflow in php_ifd_get32si() (bsc#1132838).
- CVE-2019-11035: Fixed a heap-buffer overflow in exif_iif_add_value() (bsc#1132837).
- CVE-2019-11036: Fixed buffer over-read in exif_process_IFD_TAG function leading to information disclosure (bsc#1134322).

Non-security issue fixed:

- Use system gd (bsc#1133714).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places