Overview

File _patchinfo of Package patchinfo.8388

<patchinfo incident="8388">
  <issue tracker="bnc" id="1099098">VUL-0: CVE-2018-12882: php7: exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allowsattackers to trigger a use-after-free (in exif_read_from_file) because it closesa stream that it is not responsible for closing. The vuln</issue>
  <issue tracker="cve" id="2018-12882"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>pgajdos</packager>
  <description>This update for php7 fixes the following issues:

- CVE-2018-12882: exif_read_from_impl allowed attackers to trigger a
  use-after-free (in exif_read_from_file) because it closed a stream that it is
  not responsible for closing (bsc#1099098)

This update was imported from the SUSE:SLE-12:Update update project.</description>
  <summary>Security update for php7</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places