Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
patchinfo.3012
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.3012
<patchinfo incident="3012"> <issue id="991424" tracker="bnc">VUL-0: CVE-2016-6295: php: Use after free in SNMP with GC and unserialize()</issue> <issue id="991427" tracker="bnc">VUL-0: CVE-2016-6291: php: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE</issue> <issue id="991426" tracker="bnc">VUL-0: CVE-2016-6297: php: Stack-based buffer overflow vulnerability in php_stream_zip_opener</issue> <issue id="991437" tracker="bnc">VUL-0: CVE-2016-6296: php: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c</issue> <issue id="991430" tracker="bnc">VUL-0: php5,php7,php53: CVE-2016-5399: php, bzip2: Improper error handling in bzread()</issue> <issue id="991422" tracker="bnc">VUL-0: CVE-2016-6292: php: Null pointer dereference in exif_process_user_comment</issue> <issue id="988032" tracker="bnc">VUL-1: CVE-2016-6161: php: global out of bounds read when encoding gif from malformed input withgd2togif</issue> <issue id="991429" tracker="bnc">VUL-0: CVE-2016-6290: php: Use after free in unserialize() with Unexpected Session Deserialization</issue> <issue id="991428" tracker="bnc">VUL-0: CVE-2016-6289: php: Integer overflow leads to buffer overflow in virtual_file_ex</issue> <issue id="991434" tracker="bnc">VUL-0: CVE-2016-6207: php: Integer overflow error within _gdContributionsAlloc()</issue> <issue id="987580" tracker="bnc">VUL-1: CVE-2016-6128: php: Invalid color index not properly handled</issue> <issue id="995512" tracker="bnc">VUL-0: CVE-2016-4473: php5,php7,php53: Invalid free() instead of efree() in phar_extract_file()</issue> <issue id="997206" tracker="bnc">VUL-0: CVE-2016-7124: php5: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization</issue> <issue id="997207" tracker="bnc">VUL-0: CVE-2016-7125: php5, php7: PHP Session Data Injection Vulnerability</issue> <issue id="997208" tracker="bnc">VUL-0: CVE-2016-7126: php7: select_colors write out-of-bounds</issue> <issue id="997210" tracker="bnc">VUL-0: CVE-2016-7127: php7: imagegammacorrect allows arbitrary write access</issue> <issue id="997211" tracker="bnc">VUL-0: CVE-2016-7128: php7: Memory Leakage In exif_process_IFD_in_TIFF</issue> <issue id="997220" tracker="bnc">VUL-0: CVE-2016-7129: php5, php7: wddx_deserialize allows illegal memory access</issue> <issue id="997225" tracker="bnc">VUL-0: CVE-2016-7131: php7: wddx_deserialize null dereference with invalid xml</issue> <issue id="997230" tracker="bnc">VUL-0: CVE-2016-7132: php5, php7: wddx_deserialize null dereference in php_wddx_pop_element</issue> <issue id="997247" tracker="bnc">VUL-0: CVE-2016-7133: php7: memory allocator fails to realloc small block to large one</issue> <issue id="997248" tracker="bnc">VUL-0: CVE-2016-7134: php5, php7: Heap overflow in the function curl_escape</issue> <issue id="997257" tracker="bnc">VUL-0: CVE-2016-7130: php5, php7: wddx_deserialize null dereference</issue> <issue id="999679" tracker="bnc">VUL-0: CVE-2016-7413: php5, php53, php7: Use after free in wddx_deserialize</issue> <issue id="999680" tracker="bnc">VUL-0: CVE-2016-7412: php5, php7: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field</issue> <issue id="999684" tracker="bnc">VUL-0: CVE-2016-7417: php5, php7: Missing type check when unserializing SplArray</issue> <issue id="999685" tracker="bnc">VUL-0: CVE-2016-7416: php5, php7: Stack based buffer overflow in msgfmt_format_message</issue> <issue id="999819" tracker="bnc">VUL-0: CVE-2016-7418: php5, php7: Null pointer dereference in php_wddx_push_element</issue> <issue id="999820" tracker="bnc">VUL-0: CVE-2016-7414: php5, php7: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile</issue> <issue id="1001950" tracker="bnc">installing SUSE-SLE-Module-Web-Scripting-12-2016-1403 with zypper patch forces php7</issue> <issue id="999313" tracker="bnc">Cannot prevent update from PHP5 to PHP7 without addlock</issue> <issue id="2016-7412" tracker="cve"/> <issue id="2016-7413" tracker="cve"/> <issue id="2016-7414" tracker="cve"/> <issue id="2016-7416" tracker="cve"/> <issue id="2016-7417" tracker="cve"/> <issue id="2016-7418" tracker="cve"/> <issue id="2016-4473" tracker="cve"/> <issue id="2016-7124" tracker="cve"/> <issue id="2016-7125" tracker="cve"/> <issue id="2016-7126" tracker="cve"/> <issue id="2016-7127" tracker="cve"/> <issue id="2016-7128" tracker="cve"/> <issue id="2016-7129" tracker="cve"/> <issue id="2016-7130" tracker="cve"/> <issue id="2016-7131" tracker="cve"/> <issue id="2016-7132" tracker="cve"/> <issue id="2016-7133" tracker="cve"/> <issue id="2016-7134" tracker="cve"/> <issue id="2016-6128" tracker="cve"/> <issue id="2016-6161" tracker="cve"/> <issue id="2016-5399" tracker="cve"/> <issue id="2016-6207" tracker="cve"/> <issue id="2016-6292" tracker="cve"/> <issue id="2016-6290" tracker="cve"/> <issue id="2016-6291" tracker="cve"/> <issue id="2016-6296" tracker="cve"/> <issue id="2016-6297" tracker="cve"/> <issue id="2016-6295" tracker="cve"/> <issue id="2016-6289" tracker="cve"/> <category>security</category> <rating>important</rating> <packager>pgajdos</packager> <description> This update for php7 fixes the following security issues: * CVE-2016-6128: Invalid color index not properly handled [bsc#987580] * CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif [bsc#988032] * CVE-2016-6292: Null pointer dereference in exif_process_user_comment [bsc#991422] * CVE-2016-6295: Use after free in SNMP with GC and unserialize() [bsc#991424] * CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener [bsc#991426] * CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE [bsc#991427] * CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex [bsc#991428] * CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization [bsc#991429] * CVE-2016-5399: Improper error handling in bzread() [bsc#991430] * CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c [bsc#991437] * CVE-2016-6207: Integer overflow error within _gdContributionsAlloc() [bsc#991434] * CVE-2016-4473: Invalid free() instead of efree() in phar_extract_file() * CVE-2016-7124: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization * CVE-2016-7125: PHP Session Data Injection Vulnerability * CVE-2016-7126: select_colors write out-of-bounds * CVE-2016-7127: imagegammacorrect allowed arbitrary write access * CVE-2016-7128: Memory Leakage In exif_process_IFD_in_TIFF * CVE-2016-7129: wddx_deserialize allowed illegal memory access * CVE-2016-7131: wddx_deserialize null dereference with invalid xml * CVE-2016-7132: wddx_deserialize null dereference in php_wddx_pop_element * CVE-2016-7133: memory allocator fails to realloc small block to large one * CVE-2016-7134: Heap overflow in the function curl_escape * CVE-2016-7130: wddx_deserialize null dereference * CVE-2016-7413: Use after free in wddx_deserialize * CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field * CVE-2016-7417: Missing type check when unserializing SplArray * CVE-2016-7416: Stack based buffer overflow in msgfmt_format_message * CVE-2016-7418: Null pointer dereference in php_wddx_push_element * CVE-2016-7414: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile </description> <summary>Security update for php7</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor