Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
patchinfo.14088
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.14088
<patchinfo incident="14088"> <issue tracker="cve" id="2019-11047"/> <issue tracker="cve" id="2019-11041"/> <issue tracker="cve" id="2020-7059"/> <issue tracker="cve" id="2019-11045"/> <issue tracker="cve" id="2019-11043"/> <issue tracker="cve" id="2020-7060"/> <issue tracker="cve" id="2019-11050"/> <issue tracker="cve" id="2019-11046"/> <issue tracker="cve" id="2019-11042"/> <issue tracker="bnc" id="1162629">VUL-0: CVE-2020-7059: php5,php72,php7,php53: Out of bounds read in php_strip_tags_ex</issue> <issue tracker="bnc" id="1145095">VUL-1: CVE-2019-11042: php5,php72,php7,php53: php: heap buffer over-read in exif_process_user_comment()</issue> <issue tracker="bnc" id="1146360">VUL-0: CVE-2019-11041: php5,php72,php7,php53: php: heap buffer over-read in exif_scan_thumbnail()</issue> <issue tracker="bnc" id="1159923">VUL-0: CVE-2019-11045: php5,php72,php7,php53: PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte</issue> <issue tracker="bnc" id="1159922">VUL-0: CVE-2019-11047: php5,php72,php7,php53: information disclosure in exif_read_data()</issue> <issue tracker="bnc" id="1161982">VUL-1: CVE-2019-20433: aspell: encoding set to ucs-2 or ucs-4 for a string ending with a single '\0' byte leads to a buffer over-read</issue> <issue tracker="bnc" id="1162632">VUL-0: CVE-2020-7060: php5,php72,php7,php53: Global buffer-overflow in mbfl_filt_conv_big5_wchar function</issue> <issue tracker="bnc" id="1154999">VUL-0: CVE-2019-11043: php5,php72,php7,php53: env_path_info underflow in fpm_main.c can lead to RCE</issue> <issue tracker="bnc" id="1159924">VUL-0: CVE-2019-11046: php5,php72,php7,php53: OOB read in bc_shift_addsub</issue> <issue tracker="bnc" id="1159927">VUL-0: CVE-2019-11050: php5,php72,php7,php53: PHP EXIF extension is parsing EXIF information from an image that can cause it to read past the allocated buffer</issue> <packager>pgajdos</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for php5</summary> <description>This update for php5 fixes the following issues: Security issues fixed: - CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360). - CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095). - CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). - CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes (bsc#1159923). - CVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub (bsc#1159924). - CVE-2019-11047: Fixed an information disclosure in exif_read_data (bsc#1159922). - CVE-2019-11050: Fixed a buffer over-read in the EXIF extension (bsc#1159927). - CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629). - CVE-2020-7060: Fixed a global buffer-overflow in mbfl_filt_conv_big5_wchar (bsc#1162632). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor