Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

SUSE Linux 12 SUSE-SU-2016:2460-2 Critical: PHP7 Buffer Overflow

suse
Calendar Grey November 1, 2016
Dist Suse Esm H88
SUSE Security Patch for php8: Urgent resolutions for several vulnerabilities, enhancing system stability and reliability.
An update that solves 29 vulnerabilities and has two fixes An update that solves 29 vulnerabilities and has two fixes An update that solves 29 vulnerabilities and has two fixes is ...

Summary

This update for php7 fixes the following security issues: * CVE-2016-6128: Invalid color index not properly handled [bsc#987580] * CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif [bsc#988032] * CVE-2016-6292: Null pointer dereference in exif_process_user_comment [bsc#991422] * CVE-2016-6295: Use after free in SNMP with GC and unserialize() [bsc#991424] * CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener [bsc#991426] * CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE [bsc#991427] * CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex [bsc#991428] * CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization [bsc#991429]

Topics%20covered

Topics Covered

security advisory update buffer overflow important SUSE Linux web scripting php7

References

#1001950 #987580 #988032 #991422 #991424

#991426 #991427 #991428 #991429 #991430 #991434

#991437 #995512 #997206 #997207 #997208 #997210

#997211 #997220 #997225 #997230 #997247 #997248

#997257 #999313 #999679 #999680 #999684 #999685

#999819 #999820

Cross- CVE-2016-4473 CVE-2016-5399 CVE-2016-6128

CVE-2016-6161 CVE-2016-6207 CVE-2016-6289

CVE-2016-6290 CVE-2016-6291 CVE-2016-6292

CVE-2016-6295 CVE-2016-6296 CVE-2016-6297

CVE-2016-7124 CVE-2016-7125 CVE-2016-7126

CVE-2016-7127 CVE-2016-7128 CVE-2016-7129

CVE-2016-7130 CVE-2016-7131 CVE-2016-7132

CVE-2016-7133 CVE-2016-7134 CVE-2016-7412

CVE-2016-7413 CVE-2016-7414 CVE-2016-7416

CVE-2016-7417 CVE-2016-7418

Affected Products:

SUSE Linux Enter...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2016:2460-2
Rating: important

Topics%20covered

Topics Covered

security advisory update buffer overflow important SUSE Linux web scripting php7

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here