Overview

File _patchinfo of Package patchinfo.11984

<patchinfo incident="11984">
  <issue tracker="bnc" id="1140118">VUL-0: CVE-2019-11038: php5,php72, php7,php53:  information disclosure in function gdImageCreateFromXbm()</issue>
  <issue tracker="bnc" id="1146360">VUL-0: CVE-2019-11041: php5,php72,php7,php53: php: heap buffer over-read in exif_scan_thumbnail()</issue>
  <issue tracker="bnc" id="1145095">VUL-1: CVE-2019-11042: php5,php72,php7,php53: php: heap buffer over-read in exif_process_user_comment()</issue>
  <issue tracker="cve" id="2019-11038"/>
  <issue tracker="cve" id="2019-11042"/>                                    
  <issue tracker="cve" id="2019-11041"/> 
  <packager>pgajdos</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for php7</summary>
  <description>This update for php7 fixes the following issues:

Security issues fixed:

- CVE-2019-11038: Fixed a information disclosure in gdImageCreateFromXbm() (bsc#1140118).
- CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360). 
- CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places