SUSE: 2019:1461-1 moderate: php7

    Date11 Jun 2019
    CategorySuSE
    491
    Posted ByLinuxSecurity Advisories
    An update that solves 16 vulnerabilities and has two fixes is now available.
    
       SUSE Security Update: Security update for php7
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2019:1461-1
    Rating:             moderate
    References:         #1118832 #1119396 #1126711 #1126713 #1126821 
                        #1126823 #1126827 #1127122 #1128722 #1128883 
                        #1128886 #1128887 #1128889 #1128892 #1129032 
                        #1132837 #1132838 #1134322 
    Cross-References:   CVE-2018-19935 CVE-2018-20783 CVE-2019-11034
                        CVE-2019-11035 CVE-2019-11036 CVE-2019-9020
                        CVE-2019-9021 CVE-2019-9022 CVE-2019-9023
                        CVE-2019-9024 CVE-2019-9637 CVE-2019-9638
                        CVE-2019-9639 CVE-2019-9640 CVE-2019-9641
                        CVE-2019-9675
    Affected Products:
                        SUSE Linux Enterprise Module for Web Scripting 15
                        SUSE Linux Enterprise Module for Packagehub Subpackages 15
                        SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
    ______________________________________________________________________________
    
       An update that solves 16 vulnerabilities and has two fixes
       is now available.
    
    Description:
    
       This update for php7 fixes the following issues:
    
       Security issues fixed:
    
       - CVE-2019-9637: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128892).
       - CVE-2019-9675: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128886).
       - CVE-2019-9638: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension ((bsc#1128889).
       - CVE-2019-9639: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128887).
       - CVE-2019-9640: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128883).
       - CVE-2019-9022: Fixed a vulnerability which could allow a hostile DNS
         server to make PHP misuse memcpy (bsc#1126827).
       - CVE-2019-9024: Fixed a vulnerability in xmlrpc_decode function which
         could allow to a hostile XMLRPC server to cause memory read outside the
         allocated areas (bsc#1126821).
       - CVE-2019-9020: Fixed a heap out of bounds in xmlrpc_decode function
         (bsc#1126711).
       - CVE-2018-20783: Fixed a buffer over-read in PHAR reading functions which
         could allow an attacker to read allocated and unallocated memory when
         parsing a phar file (bsc#1127122).
       - CVE-2019-9021: Fixed a heap buffer-based buffer over-read in PHAR
         reading functions which could allow an attacker to read allocated and
         unallocated memory when parsing a phar file (bsc#1126713).
       - CVE-2019-9023: Fixed multiple heap-based buffer over-read instances in
         mbstring regular expression functions (bsc#1126823).
       - CVE-2019-9641: Fixed multiple invalid memory access in EXIF extension
         and improved insecure implementation
         of rename function (bsc#1128722).
       - CVE-2018-19935: Fixed a Denial of Service in php_imap.c which could be
         triggered via an empty string in the message argument to imap_mail
         (bsc#1118832).
       - CVE-2019-11034: Fixed a heap-buffer overflow in php_ifd_get32si()
         (bsc#1132838).
       - CVE-2019-11035: Fixed a heap-buffer overflow in exif_iif_add_value()
         (bsc#1132837).
       - CVE-2019-11036: Fixed buffer over-read in exif_process_IFD_TAG function
         leading to information disclosure (bsc#1134322).
    
       Other issue addressed:
    
       - Deleted README.default_socket_timeout which is not needed anymore
         (bsc#1129032).
       - Enabled php7 testsuite (bsc#1119396).
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Module for Web Scripting 15:
    
          zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-2019-1461=1
    
       - SUSE Linux Enterprise Module for Packagehub Subpackages 15:
    
          zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2019-1461=1
    
       - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:
    
          zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-1461=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Module for Web Scripting 15 (aarch64 ppc64le s390x x86_64):
    
          apache2-mod_php7-7.2.5-4.32.1
          apache2-mod_php7-debuginfo-7.2.5-4.32.1
          php7-7.2.5-4.32.1
          php7-bcmath-7.2.5-4.32.1
          php7-bcmath-debuginfo-7.2.5-4.32.1
          php7-bz2-7.2.5-4.32.1
          php7-bz2-debuginfo-7.2.5-4.32.1
          php7-calendar-7.2.5-4.32.1
          php7-calendar-debuginfo-7.2.5-4.32.1
          php7-ctype-7.2.5-4.32.1
          php7-ctype-debuginfo-7.2.5-4.32.1
          php7-curl-7.2.5-4.32.1
          php7-curl-debuginfo-7.2.5-4.32.1
          php7-dba-7.2.5-4.32.1
          php7-dba-debuginfo-7.2.5-4.32.1
          php7-debuginfo-7.2.5-4.32.1
          php7-debugsource-7.2.5-4.32.1
          php7-devel-7.2.5-4.32.1
          php7-dom-7.2.5-4.32.1
          php7-dom-debuginfo-7.2.5-4.32.1
          php7-enchant-7.2.5-4.32.1
          php7-enchant-debuginfo-7.2.5-4.32.1
          php7-exif-7.2.5-4.32.1
          php7-exif-debuginfo-7.2.5-4.32.1
          php7-fastcgi-7.2.5-4.32.1
          php7-fastcgi-debuginfo-7.2.5-4.32.1
          php7-fileinfo-7.2.5-4.32.1
          php7-fileinfo-debuginfo-7.2.5-4.32.1
          php7-fpm-7.2.5-4.32.1
          php7-fpm-debuginfo-7.2.5-4.32.1
          php7-ftp-7.2.5-4.32.1
          php7-ftp-debuginfo-7.2.5-4.32.1
          php7-gd-7.2.5-4.32.1
          php7-gd-debuginfo-7.2.5-4.32.1
          php7-gettext-7.2.5-4.32.1
          php7-gettext-debuginfo-7.2.5-4.32.1
          php7-gmp-7.2.5-4.32.1
          php7-gmp-debuginfo-7.2.5-4.32.1
          php7-iconv-7.2.5-4.32.1
          php7-iconv-debuginfo-7.2.5-4.32.1
          php7-intl-7.2.5-4.32.1
          php7-intl-debuginfo-7.2.5-4.32.1
          php7-json-7.2.5-4.32.1
          php7-json-debuginfo-7.2.5-4.32.1
          php7-ldap-7.2.5-4.32.1
          php7-ldap-debuginfo-7.2.5-4.32.1
          php7-mbstring-7.2.5-4.32.1
          php7-mbstring-debuginfo-7.2.5-4.32.1
          php7-mysql-7.2.5-4.32.1
          php7-mysql-debuginfo-7.2.5-4.32.1
          php7-odbc-7.2.5-4.32.1
          php7-odbc-debuginfo-7.2.5-4.32.1
          php7-opcache-7.2.5-4.32.1
          php7-opcache-debuginfo-7.2.5-4.32.1
          php7-openssl-7.2.5-4.32.1
          php7-openssl-debuginfo-7.2.5-4.32.1
          php7-pcntl-7.2.5-4.32.1
          php7-pcntl-debuginfo-7.2.5-4.32.1
          php7-pdo-7.2.5-4.32.1
          php7-pdo-debuginfo-7.2.5-4.32.1
          php7-pgsql-7.2.5-4.32.1
          php7-pgsql-debuginfo-7.2.5-4.32.1
          php7-phar-7.2.5-4.32.1
          php7-phar-debuginfo-7.2.5-4.32.1
          php7-posix-7.2.5-4.32.1
          php7-posix-debuginfo-7.2.5-4.32.1
          php7-shmop-7.2.5-4.32.1
          php7-shmop-debuginfo-7.2.5-4.32.1
          php7-snmp-7.2.5-4.32.1
          php7-snmp-debuginfo-7.2.5-4.32.1
          php7-soap-7.2.5-4.32.1
          php7-soap-debuginfo-7.2.5-4.32.1
          php7-sockets-7.2.5-4.32.1
          php7-sockets-debuginfo-7.2.5-4.32.1
          php7-sodium-7.2.5-4.32.1
          php7-sodium-debuginfo-7.2.5-4.32.1
          php7-sqlite-7.2.5-4.32.1
          php7-sqlite-debuginfo-7.2.5-4.32.1
          php7-sysvmsg-7.2.5-4.32.1
          php7-sysvmsg-debuginfo-7.2.5-4.32.1
          php7-sysvsem-7.2.5-4.32.1
          php7-sysvsem-debuginfo-7.2.5-4.32.1
          php7-sysvshm-7.2.5-4.32.1
          php7-sysvshm-debuginfo-7.2.5-4.32.1
          php7-tokenizer-7.2.5-4.32.1
          php7-tokenizer-debuginfo-7.2.5-4.32.1
          php7-wddx-7.2.5-4.32.1
          php7-wddx-debuginfo-7.2.5-4.32.1
          php7-xmlreader-7.2.5-4.32.1
          php7-xmlreader-debuginfo-7.2.5-4.32.1
          php7-xmlrpc-7.2.5-4.32.1
          php7-xmlrpc-debuginfo-7.2.5-4.32.1
          php7-xmlwriter-7.2.5-4.32.1
          php7-xmlwriter-debuginfo-7.2.5-4.32.1
          php7-xsl-7.2.5-4.32.1
          php7-xsl-debuginfo-7.2.5-4.32.1
          php7-zip-7.2.5-4.32.1
          php7-zip-debuginfo-7.2.5-4.32.1
          php7-zlib-7.2.5-4.32.1
          php7-zlib-debuginfo-7.2.5-4.32.1
    
       - SUSE Linux Enterprise Module for Web Scripting 15 (noarch):
    
          php7-pear-7.2.5-4.32.1
          php7-pear-Archive_Tar-7.2.5-4.32.1
    
       - SUSE Linux Enterprise Module for Packagehub Subpackages 15 (aarch64 ppc64le s390x x86_64):
    
          php7-debuginfo-7.2.5-4.32.1
          php7-debugsource-7.2.5-4.32.1
          php7-embed-7.2.5-4.32.1
          php7-embed-debuginfo-7.2.5-4.32.1
    
       - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64):
    
          php7-debuginfo-7.2.5-4.32.1
          php7-debugsource-7.2.5-4.32.1
          php7-embed-7.2.5-4.32.1
          php7-embed-debuginfo-7.2.5-4.32.1
          php7-readline-7.2.5-4.32.1
          php7-readline-debuginfo-7.2.5-4.32.1
          php7-sodium-7.2.5-4.32.1
          php7-sodium-debuginfo-7.2.5-4.32.1
          php7-tidy-7.2.5-4.32.1
          php7-tidy-debuginfo-7.2.5-4.32.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2018-19935.html
       https://www.suse.com/security/cve/CVE-2018-20783.html
       https://www.suse.com/security/cve/CVE-2019-11034.html
       https://www.suse.com/security/cve/CVE-2019-11035.html
       https://www.suse.com/security/cve/CVE-2019-11036.html
       https://www.suse.com/security/cve/CVE-2019-9020.html
       https://www.suse.com/security/cve/CVE-2019-9021.html
       https://www.suse.com/security/cve/CVE-2019-9022.html
       https://www.suse.com/security/cve/CVE-2019-9023.html
       https://www.suse.com/security/cve/CVE-2019-9024.html
       https://www.suse.com/security/cve/CVE-2019-9637.html
       https://www.suse.com/security/cve/CVE-2019-9638.html
       https://www.suse.com/security/cve/CVE-2019-9639.html
       https://www.suse.com/security/cve/CVE-2019-9640.html
       https://www.suse.com/security/cve/CVE-2019-9641.html
       https://www.suse.com/security/cve/CVE-2019-9675.html
       https://bugzilla.suse.com/1118832
       https://bugzilla.suse.com/1119396
       https://bugzilla.suse.com/1126711
       https://bugzilla.suse.com/1126713
       https://bugzilla.suse.com/1126821
       https://bugzilla.suse.com/1126823
       https://bugzilla.suse.com/1126827
       https://bugzilla.suse.com/1127122
       https://bugzilla.suse.com/1128722
       https://bugzilla.suse.com/1128883
       https://bugzilla.suse.com/1128886
       https://bugzilla.suse.com/1128887
       https://bugzilla.suse.com/1128889
       https://bugzilla.suse.com/1128892
       https://bugzilla.suse.com/1129032
       https://bugzilla.suse.com/1132837
       https://bugzilla.suse.com/1132838
       https://bugzilla.suse.com/1134322
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://lists.suse.com/mailman/listinfo/sle-security-updates
    
    You are not authorised to post comments.

    ccommentViewComments Object ( [document] => [_name:protected] => comments [_models:protected] => Array ( ) [_basePath:protected] => /var/www/www.linuxsecurity.com-443/html/components/com_comment [_defaultModel:protected] => [_layout:protected] => default [_layoutExt:protected] => php [_layoutTemplate:protected] => _ [_path:protected] => Array ( [template] => Array ( [0] => /var/www/www.linuxsecurity.com-443/html/templates/shaperhelix_child/html/com_comment/templates/default/ [1] => /var/www/www.linuxsecurity.com-443/html/components/com_comment/templates/default/ [2] => /var/www/www.linuxsecurity.com-443/html/templates/shaperhelix_child/html/com_content/comments/ [3] => /var/www/www.linuxsecurity.com-443/html/components/com_comment/views/comments/tmpl/ ) [helper] => Array ( [0] => /var/www/www.linuxsecurity.com-443/html/components/com_comment/helpers/ ) ) [_template:protected] => /var/www/www.linuxsecurity.com-443/html/components/com_comment/templates/default/default_menu.php [_output:protected] => [_escape:protected] => htmlspecialchars [_charset:protected] => UTF-8 [_errors:protected] => Array ( ) [baseurl] => [plugin] => CcommentComponentContentPlugin Object ( [row] => stdClass Object ( [id] => 268477 [asset_id] => 0 [title] => SUSE: 2019:1461-1 moderate: php7 [alias] => suse-2019-1461-1-moderate-php7 [introtext] => An update that solves 16 vulnerabilities and has two fixes is now available. [fulltext] =>
    
       SUSE Security Update: Security update for php7
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2019:1461-1
    Rating:             moderate
    References:         #1118832 #1119396 #1126711 #1126713 #1126821 
                        #1126823 #1126827 #1127122 #1128722 #1128883 
                        #1128886 #1128887 #1128889 #1128892 #1129032 
                        #1132837 #1132838 #1134322 
    Cross-References:   CVE-2018-19935 CVE-2018-20783 CVE-2019-11034
                        CVE-2019-11035 CVE-2019-11036 CVE-2019-9020
                        CVE-2019-9021 CVE-2019-9022 CVE-2019-9023
                        CVE-2019-9024 CVE-2019-9637 CVE-2019-9638
                        CVE-2019-9639 CVE-2019-9640 CVE-2019-9641
                        CVE-2019-9675
    Affected Products:
                        SUSE Linux Enterprise Module for Web Scripting 15
                        SUSE Linux Enterprise Module for Packagehub Subpackages 15
                        SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
    ______________________________________________________________________________
    
       An update that solves 16 vulnerabilities and has two fixes
       is now available.
    
    Description:
    
       This update for php7 fixes the following issues:
    
       Security issues fixed:
    
       - CVE-2019-9637: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128892).
       - CVE-2019-9675: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128886).
       - CVE-2019-9638: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension ((bsc#1128889).
       - CVE-2019-9639: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128887).
       - CVE-2019-9640: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128883).
       - CVE-2019-9022: Fixed a vulnerability which could allow a hostile DNS
         server to make PHP misuse memcpy (bsc#1126827).
       - CVE-2019-9024: Fixed a vulnerability in xmlrpc_decode function which
         could allow to a hostile XMLRPC server to cause memory read outside the
         allocated areas (bsc#1126821).
       - CVE-2019-9020: Fixed a heap out of bounds in xmlrpc_decode function
         (bsc#1126711).
       - CVE-2018-20783: Fixed a buffer over-read in PHAR reading functions which
         could allow an attacker to read allocated and unallocated memory when
         parsing a phar file (bsc#1127122).
       - CVE-2019-9021: Fixed a heap buffer-based buffer over-read in PHAR
         reading functions which could allow an attacker to read allocated and
         unallocated memory when parsing a phar file (bsc#1126713).
       - CVE-2019-9023: Fixed multiple heap-based buffer over-read instances in
         mbstring regular expression functions (bsc#1126823).
       - CVE-2019-9641: Fixed multiple invalid memory access in EXIF extension
         and improved insecure implementation
         of rename function (bsc#1128722).
       - CVE-2018-19935: Fixed a Denial of Service in php_imap.c which could be
         triggered via an empty string in the message argument to imap_mail
         (bsc#1118832).
       - CVE-2019-11034: Fixed a heap-buffer overflow in php_ifd_get32si()
         (bsc#1132838).
       - CVE-2019-11035: Fixed a heap-buffer overflow in exif_iif_add_value()
         (bsc#1132837).
       - CVE-2019-11036: Fixed buffer over-read in exif_process_IFD_TAG function
         leading to information disclosure (bsc#1134322).
    
       Other issue addressed:
    
       - Deleted README.default_socket_timeout which is not needed anymore
         (bsc#1129032).
       - Enabled php7 testsuite (bsc#1119396).
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Module for Web Scripting 15:
    
          zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-2019-1461=1
    
       - SUSE Linux Enterprise Module for Packagehub Subpackages 15:
    
          zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2019-1461=1
    
       - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:
    
          zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-1461=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Module for Web Scripting 15 (aarch64 ppc64le s390x x86_64):
    
          apache2-mod_php7-7.2.5-4.32.1
          apache2-mod_php7-debuginfo-7.2.5-4.32.1
          php7-7.2.5-4.32.1
          php7-bcmath-7.2.5-4.32.1
          php7-bcmath-debuginfo-7.2.5-4.32.1
          php7-bz2-7.2.5-4.32.1
          php7-bz2-debuginfo-7.2.5-4.32.1
          php7-calendar-7.2.5-4.32.1
          php7-calendar-debuginfo-7.2.5-4.32.1
          php7-ctype-7.2.5-4.32.1
          php7-ctype-debuginfo-7.2.5-4.32.1
          php7-curl-7.2.5-4.32.1
          php7-curl-debuginfo-7.2.5-4.32.1
          php7-dba-7.2.5-4.32.1
          php7-dba-debuginfo-7.2.5-4.32.1
          php7-debuginfo-7.2.5-4.32.1
          php7-debugsource-7.2.5-4.32.1
          php7-devel-7.2.5-4.32.1
          php7-dom-7.2.5-4.32.1
          php7-dom-debuginfo-7.2.5-4.32.1
          php7-enchant-7.2.5-4.32.1
          php7-enchant-debuginfo-7.2.5-4.32.1
          php7-exif-7.2.5-4.32.1
          php7-exif-debuginfo-7.2.5-4.32.1
          php7-fastcgi-7.2.5-4.32.1
          php7-fastcgi-debuginfo-7.2.5-4.32.1
          php7-fileinfo-7.2.5-4.32.1
          php7-fileinfo-debuginfo-7.2.5-4.32.1
          php7-fpm-7.2.5-4.32.1
          php7-fpm-debuginfo-7.2.5-4.32.1
          php7-ftp-7.2.5-4.32.1
          php7-ftp-debuginfo-7.2.5-4.32.1
          php7-gd-7.2.5-4.32.1
          php7-gd-debuginfo-7.2.5-4.32.1
          php7-gettext-7.2.5-4.32.1
          php7-gettext-debuginfo-7.2.5-4.32.1
          php7-gmp-7.2.5-4.32.1
          php7-gmp-debuginfo-7.2.5-4.32.1
          php7-iconv-7.2.5-4.32.1
          php7-iconv-debuginfo-7.2.5-4.32.1
          php7-intl-7.2.5-4.32.1
          php7-intl-debuginfo-7.2.5-4.32.1
          php7-json-7.2.5-4.32.1
          php7-json-debuginfo-7.2.5-4.32.1
          php7-ldap-7.2.5-4.32.1
          php7-ldap-debuginfo-7.2.5-4.32.1
          php7-mbstring-7.2.5-4.32.1
          php7-mbstring-debuginfo-7.2.5-4.32.1
          php7-mysql-7.2.5-4.32.1
          php7-mysql-debuginfo-7.2.5-4.32.1
          php7-odbc-7.2.5-4.32.1
          php7-odbc-debuginfo-7.2.5-4.32.1
          php7-opcache-7.2.5-4.32.1
          php7-opcache-debuginfo-7.2.5-4.32.1
          php7-openssl-7.2.5-4.32.1
          php7-openssl-debuginfo-7.2.5-4.32.1
          php7-pcntl-7.2.5-4.32.1
          php7-pcntl-debuginfo-7.2.5-4.32.1
          php7-pdo-7.2.5-4.32.1
          php7-pdo-debuginfo-7.2.5-4.32.1
          php7-pgsql-7.2.5-4.32.1
          php7-pgsql-debuginfo-7.2.5-4.32.1
          php7-phar-7.2.5-4.32.1
          php7-phar-debuginfo-7.2.5-4.32.1
          php7-posix-7.2.5-4.32.1
          php7-posix-debuginfo-7.2.5-4.32.1
          php7-shmop-7.2.5-4.32.1
          php7-shmop-debuginfo-7.2.5-4.32.1
          php7-snmp-7.2.5-4.32.1
          php7-snmp-debuginfo-7.2.5-4.32.1
          php7-soap-7.2.5-4.32.1
          php7-soap-debuginfo-7.2.5-4.32.1
          php7-sockets-7.2.5-4.32.1
          php7-sockets-debuginfo-7.2.5-4.32.1
          php7-sodium-7.2.5-4.32.1
          php7-sodium-debuginfo-7.2.5-4.32.1
          php7-sqlite-7.2.5-4.32.1
          php7-sqlite-debuginfo-7.2.5-4.32.1
          php7-sysvmsg-7.2.5-4.32.1
          php7-sysvmsg-debuginfo-7.2.5-4.32.1
          php7-sysvsem-7.2.5-4.32.1
          php7-sysvsem-debuginfo-7.2.5-4.32.1
          php7-sysvshm-7.2.5-4.32.1
          php7-sysvshm-debuginfo-7.2.5-4.32.1
          php7-tokenizer-7.2.5-4.32.1
          php7-tokenizer-debuginfo-7.2.5-4.32.1
          php7-wddx-7.2.5-4.32.1
          php7-wddx-debuginfo-7.2.5-4.32.1
          php7-xmlreader-7.2.5-4.32.1
          php7-xmlreader-debuginfo-7.2.5-4.32.1
          php7-xmlrpc-7.2.5-4.32.1
          php7-xmlrpc-debuginfo-7.2.5-4.32.1
          php7-xmlwriter-7.2.5-4.32.1
          php7-xmlwriter-debuginfo-7.2.5-4.32.1
          php7-xsl-7.2.5-4.32.1
          php7-xsl-debuginfo-7.2.5-4.32.1
          php7-zip-7.2.5-4.32.1
          php7-zip-debuginfo-7.2.5-4.32.1
          php7-zlib-7.2.5-4.32.1
          php7-zlib-debuginfo-7.2.5-4.32.1
    
       - SUSE Linux Enterprise Module for Web Scripting 15 (noarch):
    
          php7-pear-7.2.5-4.32.1
          php7-pear-Archive_Tar-7.2.5-4.32.1
    
       - SUSE Linux Enterprise Module for Packagehub Subpackages 15 (aarch64 ppc64le s390x x86_64):
    
          php7-debuginfo-7.2.5-4.32.1
          php7-debugsource-7.2.5-4.32.1
          php7-embed-7.2.5-4.32.1
          php7-embed-debuginfo-7.2.5-4.32.1
    
       - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64):
    
          php7-debuginfo-7.2.5-4.32.1
          php7-debugsource-7.2.5-4.32.1
          php7-embed-7.2.5-4.32.1
          php7-embed-debuginfo-7.2.5-4.32.1
          php7-readline-7.2.5-4.32.1
          php7-readline-debuginfo-7.2.5-4.32.1
          php7-sodium-7.2.5-4.32.1
          php7-sodium-debuginfo-7.2.5-4.32.1
          php7-tidy-7.2.5-4.32.1
          php7-tidy-debuginfo-7.2.5-4.32.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2018-19935.html
       https://www.suse.com/security/cve/CVE-2018-20783.html
       https://www.suse.com/security/cve/CVE-2019-11034.html
       https://www.suse.com/security/cve/CVE-2019-11035.html
       https://www.suse.com/security/cve/CVE-2019-11036.html
       https://www.suse.com/security/cve/CVE-2019-9020.html
       https://www.suse.com/security/cve/CVE-2019-9021.html
       https://www.suse.com/security/cve/CVE-2019-9022.html
       https://www.suse.com/security/cve/CVE-2019-9023.html
       https://www.suse.com/security/cve/CVE-2019-9024.html
       https://www.suse.com/security/cve/CVE-2019-9637.html
       https://www.suse.com/security/cve/CVE-2019-9638.html
       https://www.suse.com/security/cve/CVE-2019-9639.html
       https://www.suse.com/security/cve/CVE-2019-9640.html
       https://www.suse.com/security/cve/CVE-2019-9641.html
       https://www.suse.com/security/cve/CVE-2019-9675.html
       https://bugzilla.suse.com/1118832
       https://bugzilla.suse.com/1119396
       https://bugzilla.suse.com/1126711
       https://bugzilla.suse.com/1126713
       https://bugzilla.suse.com/1126821
       https://bugzilla.suse.com/1126823
       https://bugzilla.suse.com/1126827
       https://bugzilla.suse.com/1127122
       https://bugzilla.suse.com/1128722
       https://bugzilla.suse.com/1128883
       https://bugzilla.suse.com/1128886
       https://bugzilla.suse.com/1128887
       https://bugzilla.suse.com/1128889
       https://bugzilla.suse.com/1128892
       https://bugzilla.suse.com/1129032
       https://bugzilla.suse.com/1132837
       https://bugzilla.suse.com/1132838
       https://bugzilla.suse.com/1134322
    
    _______________________________________________
    sle-security-updates mailing list
    sle-security-updates@lists.suse.com
    http://lists.suse.com/mailman/listinfo/sle-security-updates
    
    [state] => 1 [catid] => 100 [created] => 2019-06-11 20:10:00 [created_by] => 62 [created_by_alias] => LinuxSecurity.com Team [modified] => 2019-06-11 20:10:00 [modified_by] => 0 [checked_out] => 0 [checked_out_time] => 0000-00-00 00:00:00 [publish_up] => 2019-06-11 20:10:00 [publish_down] => 0000-00-00 00:00:00 [images] => {"image_fulltext_alt":"'SUSE: 2019:1461-1 moderate: php7'","float_intro":"","float_fulltext":"/images/distros-large/suse-large.png","image_intro_alt":"'SUSE: 2019:1461-1 moderate: php7'","image_fulltext_caption":"'SUSE: 2019:1461-1 moderate: php7'","image_intro_caption":"'SUSE: 2019:1461-1 moderate: php7'","image_intro":"/images/distros-large/suse-large.png","image_fulltext":"/images/distros-large/suse-large.png"} [urls] => [attribs] => [version] => 1 [ordering] => 1 [metakey] => [metadesc] => [access] => 1 [hits] => 491 [metadata] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( [robots] => [author] => [rights] => [xreference] => ) [initialized:protected] => 1 [separator] => . ) [featured] => 0 [language] => * [xreference] => [category_title] => SuSE [category_alias] => suse [category_access] => 1 [author] => LinuxSecurity Advisories [parent_title] => ADVISORIES [parent_id] => 181 [parent_route] => advisories [parent_alias] => advisories [rating] => [rating_count] => [params] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( [article_layout] => _:default [show_title] => 1 [link_titles] => 1 [show_intro] => 1 [info_block_position] => 0 [info_block_show_title] => 1 [show_category] => 1 [link_category] => 1 [show_parent_category] => 0 [link_parent_category] => 0 [show_associations] => 0 [flags] => 1 [show_author] => 1 [link_author] => 0 [show_create_date] => 0 [show_modify_date] => 0 [show_publish_date] => 1 [show_item_navigation] => 1 [show_vote] => 0 [show_readmore] => 1 [show_readmore_title] => 1 [readmore_limit] => 100 [show_tags] => 1 [show_icons] => 1 [show_print_icon] => 1 [show_email_icon] => 0 [show_hits] => 1 [show_noauth] => 0 [urls_position] => 0 [captcha] => [show_publishing_options] => 1 [show_article_options] => 1 [save_history] => 1 [history_limit] => 10 [show_urls_images_frontend] => 0 [show_urls_images_backend] => 1 [targeta] => 0 [targetb] => 0 [targetc] => 0 [float_intro] => left [float_fulltext] => left [category_layout] => _:blog [show_category_heading_title_text] => 1 [show_category_title] => 0 [show_description] => 0 [show_description_image] => 0 [maxLevel] => 1 [show_empty_categories] => 0 [show_no_articles] => 1 [show_subcat_desc] => 1 [show_cat_num_articles] => 0 [show_cat_tags] => 1 [show_base_description] => 1 [maxLevelcat] => -1 [show_empty_categories_cat] => 0 [show_subcat_desc_cat] => 1 [show_cat_num_articles_cat] => 1 [num_leading_articles] => 0 [num_intro_articles] => 5 [num_columns] => 1 [num_links] => 4 [multi_column_order] => 0 [show_subcategory_content] => 0 [show_pagination_limit] => 1 [filter_field] => hide [show_headings] => 1 [list_show_date] => 0 [date_format] => [list_show_hits] => 1 [list_show_author] => 1 [orderby_pri] => alpha [orderby_sec] => rdate [order_date] => created [show_pagination] => 2 [show_pagination_results] => 1 [show_featured] => show [show_feed_link] => 1 [feed_summary] => 0 [feed_show_readmore] => 0 [sef_advanced] => 1 [sef_ids] => 1 [custom_fields_enable] => 0 [show_page_heading] => 0 [layout_type] => blog [menu_text] => 1 [menu_show] => 1 [secure] => 0 [menulayout] => {"width":600,"menuItem":1,"menuAlign":"right","layout":[{"type":"row","attr":[{"type":"column","colGrid":12,"menuParentId":"108","moduleId":""}]}]} [megamenu] => 0 [showmenutitle] => 1 [enable_page_title] => 0 [page_title] => Advisories [page_description] => LinuxSecurity.com is the community's central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals. [page_rights] => [robots] => [access-view] => 1 ) [initialized:protected] => 1 [separator] => . ) [tagLayout] => Joomla\CMS\Layout\FileLayout Object ( [layoutId:protected] => joomla.content.tags [basePath:protected] => [fullPath:protected] => [includePaths:protected] => Array ( ) [options:protected] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( [component] => com_content [client] => 0 ) [initialized:protected] => [separator] => . ) [data:protected] => Array ( ) [debugMessages:protected] => Array ( ) ) [slug] => 268477:suse-2019-1461-1-moderate-php7 [catslug] => 100:suse [parent_slug] => 181:advisories [readmore_link] => /advisories/suse/suse-2019-1461-1-moderate-php7 [text] => An update that solves 16 vulnerabilities and has two fixes is now available.
    
       SUSE Security Update: Security update for php7
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2019:1461-1
    Rating:             moderate
    References:         #1118832 #1119396 #1126711 #1126713 #1126821 
                        #1126823 #1126827 #1127122 #1128722 #1128883 
                        #1128886 #1128887 #1128889 #1128892 #1129032 
                        #1132837 #1132838 #1134322 
    Cross-References:   CVE-2018-19935 CVE-2018-20783 CVE-2019-11034
                        CVE-2019-11035 CVE-2019-11036 CVE-2019-9020
                        CVE-2019-9021 CVE-2019-9022 CVE-2019-9023
                        CVE-2019-9024 CVE-2019-9637 CVE-2019-9638
                        CVE-2019-9639 CVE-2019-9640 CVE-2019-9641
                        CVE-2019-9675
    Affected Products:
                        SUSE Linux Enterprise Module for Web Scripting 15
                        SUSE Linux Enterprise Module for Packagehub Subpackages 15
                        SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
    ______________________________________________________________________________
    
       An update that solves 16 vulnerabilities and has two fixes
       is now available.
    
    Description:
    
       This update for php7 fixes the following issues:
    
       Security issues fixed:
    
       - CVE-2019-9637: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128892).
       - CVE-2019-9675: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128886).
       - CVE-2019-9638: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension ((bsc#1128889).
       - CVE-2019-9639: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128887).
       - CVE-2019-9640: Fixed improper implementation of rename function and
         multiple invalid memory access in EXIF extension (bsc#1128883).
       - CVE-2019-9022: Fixed a vulnerability which could allow a hostile DNS
         server to make PHP misuse memcpy (bsc#1126827).
       - CVE-2019-9024: Fixed a vulnerability in xmlrpc_decode function which
         could allow to a hostile XMLRPC server to cause memory read outside the
         allocated areas (bsc#1126821).
       - CVE-2019-9020: Fixed a heap out of bounds in xmlrpc_decode function
         (bsc#1126711).
       - CVE-2018-20783: Fixed a buffer over-read in PHAR reading functions which
         could allow an attacker to read allocated and unallocated memory when
         parsing a phar file (bsc#1127122).
       - CVE-2019-9021: Fixed a heap buffer-based buffer over-read in PHAR
         reading functions which could allow an attacker to read allocated and
         unallocated memory when parsing a phar file (bsc#1126713).
       - CVE-2019-9023: Fixed multiple heap-based buffer over-read instances in
         mbstring regular expression functions (bsc#1126823).
       - CVE-2019-9641: Fixed multiple invalid memory access in EXIF extension
         and improved insecure implementation
         of rename function (bsc#1128722).
       - CVE-2018-19935: Fixed a Denial of Service in php_imap.c which could be
         triggered via an empty string in the message argument to imap_mail
         (bsc#1118832).
       - CVE-2019-11034: Fixed a heap-buffer overflow in php_ifd_get32si()
         (bsc#1132838).
       - CVE-2019-11035: Fixed a heap-buffer overflow in exif_iif_add_value()
         (bsc#1132837).
       - CVE-2019-11036: Fixed buffer over-read in exif_process_IFD_TAG function
         leading to information disclosure (bsc#1134322).
    
       Other issue addressed:
    
       - Deleted README.default_socket_timeout which is not needed anymore
         (bsc#1129032).
       - Enabled php7 testsuite (bsc#1119396).
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Module for Web Scripting 15:
    
          zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-2019-1461=1
    
       - SUSE Linux Enterprise Module for Packagehub Subpackages 15:
    
          zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2019-1461=1
    
       - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:
    
          zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-1461=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Module for Web Scripting 15 (aarch64 ppc64le s390x x86_64):
    
          apache2-mod_php7-7.2.5-4.32.1
          apache2-mod_php7-debuginfo-7.2.5-4.32.1
          php7-7.2.5-4.32.1
          php7-bcmath-7.2.5-4.32.1
          php7-bcmath-debuginfo-7.2.5-4.32.1
          php7-bz2-7.2.5-4.32.1
          php7-bz2-debuginfo-7.2.5-4.32.1
          php7-calendar-7.2.5-4.32.1
          php7-calendar-debuginfo-7.2.5-4.32.1
          php7-ctype-7.2.5-4.32.1
          php7-ctype-debuginfo-7.2.5-4.32.1
          php7-curl-7.2.5-4.32.1
          php7-curl-debuginfo-7.2.5-4.32.1
          php7-dba-7.2.5-4.32.1
          php7-dba-debuginfo-7.2.5-4.32.1
          php7-debuginfo-7.2.5-4.32.1
          php7-debugsource-7.2.5-4.32.1
          php7-devel-7.2.5-4.32.1
          php7-dom-7.2.5-4.32.1
          php7-dom-debuginfo-7.2.5-4.32.1
          php7-enchant-7.2.5-4.32.1
          php7-enchant-debuginfo-7.2.5-4.32.1
          php7-exif-7.2.5-4.32.1
          php7-exif-debuginfo-7.2.5-4.32.1
          php7-fastcgi-7.2.5-4.32.1
          php7-fastcgi-debuginfo-7.2.5-4.32.1
          php7-fileinfo-7.2.5-4.32.1
          php7-fileinfo-debuginfo-7.2.5-4.32.1
          php7-fpm-7.2.5-4.32.1
          php7-fpm-debuginfo-7.2.5-4.32.1
          php7-ftp-7.2.5-4.32.1
          php7-ftp-debuginfo-7.2.5-4.32.1
          php7-gd-7.2.5-4.32.1
          php7-gd-debuginfo-7.2.5-4.32.1
          php7-gettext-7.2.5-4.32.1
          php7-gettext-debuginfo-7.2.5-4.32.1
          php7-gmp-7.2.5-4.32.1
          php7-gmp-debuginfo-7.2.5-4.32.1
          php7-iconv-7.2.5-4.32.1
          php7-iconv-debuginfo-7.2.5-4.32.1
          php7-intl-7.2.5-4.32.1
          php7-intl-debuginfo-7.2.5-4.32.1
          php7-json-7.2.5-4.32.1
          php7-json-debuginfo-7.2.5-4.32.1
          php7-ldap-7.2.5-4.32.1
          php7-ldap-debuginfo-7.2.5-4.32.1
          php7-mbstring-7.2.5-4.32.1
          php7-mbstring-debuginfo-7.2.5-4.32.1
          php7-mysql-7.2.5-4.32.1
          php7-mysql-debuginfo-7.2.5-4.32.1
          php7-odbc-7.2.5-4.32.1
          php7-odbc-debuginfo-7.2.5-4.32.1
          php7-opcache-7.2.5-4.32.1
          php7-opcache-debuginfo-7.2.5-4.32.1
          php7-openssl-7.2.5-4.32.1
          php7-openssl-debuginfo-7.2.5-4.32.1
          php7-pcntl-7.2.5-4.32.1
          php7-pcntl-debuginfo-7.2.5-4.32.1
          php7-pdo-7.2.5-4.32.1
          php7-pdo-debuginfo-7.2.5-4.32.1
          php7-pgsql-7.2.5-4.32.1
          php7-pgsql-debuginfo-7.2.5-4.32.1
          php7-phar-7.2.5-4.32.1
          php7-phar-debuginfo-7.2.5-4.32.1
          php7-posix-7.2.5-4.32.1
          php7-posix-debuginfo-7.2.5-4.32.1
          php7-shmop-7.2.5-4.32.1
          php7-shmop-debuginfo-7.2.5-4.32.1
          php7-snmp-7.2.5-4.32.1
          php7-snmp-debuginfo-7.2.5-4.32.1
          php7-soap-7.2.5-4.32.1
          php7-soap-debuginfo-7.2.5-4.32.1
          php7-sockets-7.2.5-4.32.1
          php7-sockets-debuginfo-7.2.5-4.32.1
          php7-sodium-7.2.5-4.32.1
          php7-sodium-debuginfo-7.2.5-4.32.1
          php7-sqlite-7.2.5-4.32.1
          php7-sqlite-debuginfo-7.2.5-4.32.1
          php7-sysvmsg-7.2.5-4.32.1
          php7-sysvmsg-debuginfo-7.2.5-4.32.1
          php7-sysvsem-7.2.5-4.32.1
          php7-sysvsem-debuginfo-7.2.5-4.32.1
          php7-sysvshm-7.2.5-4.32.1
          php7-sysvshm-debuginfo-7.2.5-4.32.1
          php7-tokenizer-7.2.5-4.32.1
          php7-tokenizer-debuginfo-7.2.5-4.32.1
          php7-wddx-7.2.5-4.32.1
          php7-wddx-debuginfo-7.2.5-4.32.1
          php7-xmlreader-7.2.5-4.32.1
          php7-xmlreader-debuginfo-7.2.5-4.32.1
          php7-xmlrpc-7.2.5-4.32.1
          php7-xmlrpc-debuginfo-7.2.5-4.32.1
          php7-xmlwriter-7.2.5-4.32.1
          php7-xmlwriter-debuginfo-7.2.5-4.32.1
          php7-xsl-7.2.5-4.32.1
          php7-xsl-debuginfo-7.2.5-4.32.1
          php7-zip-7.2.5-4.32.1
          php7-zip-debuginfo-7.2.5-4.32.1
          php7-zlib-7.2.5-4.32.1
          php7-zlib-debuginfo-7.2.5-4.32.1
    
       - SUSE Linux Enterprise Module for Web Scripting 15 (noarch):
    
          php7-pear-7.2.5-4.32.1
          php7-pear-Archive_Tar-7.2.5-4.32.1
    
       - SUSE Linux Enterprise Module for Packagehub Subpackages 15 (aarch64 ppc64le s390x x86_64):
    
          php7-debuginfo-7.2.5-4.32.1
          php7-debugsource-7.2.5-4.32.1
          php7-embed-7.2.5-4.32.1
          php7-embed-debuginfo-7.2.5-4.32.1
    
       - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64):
    
          php7-debuginfo-7.2.5-4.32.1
          php7-debugsource-7.2.5-4.32.1
          php7-embed-7.2.5-4.32.1
          php7-embed-debuginfo-7.2.5-4.32.1
          php7-readline-7.2.5-4.32.1
          php7-readline-debuginfo-7.2.5-4.32.1
          php7-sodium-7.2.5-4.32.1
          php7-sodium-debuginfo-7.2.5-4.32.1
          php7-tidy-7.2.5-4.32.1
          php7-tidy-debuginfo-7.2.5-4.32.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2018-19935.html
       https://www.suse.com/security/cve/CVE-2018-20783.html
       https://www.suse.com/security/cve/CVE-2019-11034.html
       https://www.suse.com/security/cve/CVE-2019-11035.html
       https://www.suse.com/security/cve/CVE-2019-11036.html
       https://www.suse.com/security/cve/CVE-2019-9020.html
       https://www.suse.com/security/cve/CVE-2019-9021.html
       https://www.suse.com/security/cve/CVE-2019-9022.html
       https://www.suse.com/security/cve/CVE-2019-9023.html
       https://www.suse.com/security/cve/CVE-2019-9024.html
       https://www.suse.com/security/cve/CVE-2019-9637.html
       https://www.suse.com/security/cve/CVE-2019-9638.html
       https://www.suse.com/security/cve/CVE-2019-9639.html
       https://www.suse.com/security/cve/CVE-2019-9640.html
       https://www.suse.com/security/cve/CVE-2019-9641.html
       https://www.suse.com/security/cve/CVE-2019-9675.html
       https://bugzilla.suse.com/1118832
       https://bugzilla.suse.com/1119396
       https://bugzilla.suse.com/1126711
       https://bugzilla.suse.com/1126713
       https://bugzilla.suse.com/1126821
       https://bugzilla.suse.com/1126823
       https://bugzilla.suse.com/1126827
       https://bugzilla.suse.com/1127122
       https://bugzilla.suse.com/1128722
       https://bugzilla.suse.com/1128883
       https://bugzilla.suse.com/1128886
       https://bugzilla.suse.com/1128887
       https://bugzilla.suse.com/1128889
       https://bugzilla.suse.com/1128892
       https://bugzilla.suse.com/1129032
       https://bugzilla.suse.com/1132837
       https://bugzilla.suse.com/1132838
       https://bugzilla.suse.com/1134322
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://lists.suse.com/mailman/listinfo/sle-security-updates
    
    [tags] => Joomla\CMS\Helper\TagsHelper Object ( [tagsChanged:protected] => [replaceTags:protected] => [typeAlias] => [itemTags] => Array ( ) ) [jcfields] => Array ( ) [event] => stdClass Object ( [afterDisplayTitle] => [beforeDisplayContent] => ) [prev] => /advisories/suse/suse-2019-1468-1-moderate-libcroco [next] => /advisories/suse/suse-2019-1459-1-moderate-gnome-shell [prev_label] => Prev [next_label] => Next [pagination] => [paginationposition] => 1 [paginationrelative] => 0 ) [params] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( [article_layout] => _:default [show_title] => 1 [link_titles] => 1 [show_intro] => 1 [info_block_position] => 0 [info_block_show_title] => 1 [show_category] => 1 [link_category] => 1 [show_parent_category] => 0 [link_parent_category] => 0 [show_associations] => 0 [flags] => 1 [show_author] => 1 [link_author] => 0 [show_create_date] => 0 [show_modify_date] => 0 [show_publish_date] => 1 [show_item_navigation] => 1 [show_vote] => 0 [show_readmore] => 1 [show_readmore_title] => 1 [readmore_limit] => 100 [show_tags] => 1 [show_icons] => 1 [show_print_icon] => 1 [show_email_icon] => 0 [show_hits] => 1 [show_noauth] => 0 [urls_position] => 0 [captcha] => [show_publishing_options] => 1 [show_article_options] => 1 [save_history] => 1 [history_limit] => 10 [show_urls_images_frontend] => 0 [show_urls_images_backend] => 1 [targeta] => 0 [targetb] => 0 [targetc] => 0 [float_intro] => left [float_fulltext] => left [category_layout] => _:blog [show_category_heading_title_text] => 1 [show_category_title] => 0 [show_description] => 0 [show_description_image] => 0 [maxLevel] => 1 [show_empty_categories] => 0 [show_no_articles] => 1 [show_subcat_desc] => 1 [show_cat_num_articles] => 0 [show_cat_tags] => 1 [show_base_description] => 1 [maxLevelcat] => -1 [show_empty_categories_cat] => 0 [show_subcat_desc_cat] => 1 [show_cat_num_articles_cat] => 1 [num_leading_articles] => 0 [num_intro_articles] => 5 [num_columns] => 1 [num_links] => 4 [multi_column_order] => 0 [show_subcategory_content] => 0 [show_pagination_limit] => 1 [filter_field] => hide [show_headings] => 1 [list_show_date] => 0 [date_format] => [list_show_hits] => 1 [list_show_author] => 1 [orderby_pri] => alpha [orderby_sec] => rdate [order_date] => created [show_pagination] => 2 [show_pagination_results] => 1 [show_featured] => show [show_feed_link] => 1 [feed_summary] => 0 [feed_show_readmore] => 0 [sef_advanced] => 1 [sef_ids] => 1 [custom_fields_enable] => 0 [show_page_heading] => 0 [layout_type] => blog [menu_text] => 1 [menu_show] => 1 [secure] => 0 [menulayout] => {"width":600,"menuItem":1,"menuAlign":"right","layout":[{"type":"row","attr":[{"type":"column","colGrid":12,"menuParentId":"108","moduleId":""}]}]} [megamenu] => 0 [showmenutitle] => 1 [enable_page_title] => 0 [page_title] => Advisories [page_description] => LinuxSecurity.com is the community's central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals. [page_rights] => [robots] => [access-view] => 1 ) [initialized:protected] => 1 [separator] => . ) ) [config] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( [basic] => stdClass Object ( [include_categories] => 1 [categories] => Array ( [0] => 179 [1] => 171 [2] => 84 [3] => 83 [4] => 82 [5] => 81 [6] => 80 [7] => 79 [8] => 78 [9] => 77 [10] => 76 [11] => 75 [12] => 74 [13] => 73 [14] => 72 [15] => 69 [16] => 67 [17] => 178 [18] => 181 [19] => 87 [20] => 89 [21] => 91 [22] => 98 [23] => 99 [24] => 100 [25] => 172 [26] => 197 [27] => 198 [28] => 199 [29] => 200 [30] => 182 [31] => 159 [32] => 102 [33] => 183 [34] => 157 [35] => 156 [36] => 184 [37] => 107 [38] => 106 [39] => 105 [40] => 104 [41] => 103 [42] => 185 [43] => 186 [44] => 108 [45] => 187 [46] => 160 [47] => 166 [48] => 169 [49] => 161 [50] => 167 [51] => 162 [52] => 163 [53] => 188 [54] => 170 [55] => 189 [56] => 196 ) [exclude_content_items] => Array ( ) [disable_additional_comments] => Array ( ) ) [security] => stdClass Object ( [authorised_users] => Array ( [0] => 6 [1] => 7 [2] => 2 [3] => 3 [4] => 4 [5] => 5 [6] => 8 ) [auto_publish] => 1 [notify_moderators] => 0 [moderators] => Array ( [0] => 8 ) [captcha] => 1 [captcha_type] => default [maxlength_text] => 30000 ) [layout] => stdClass Object ( [tree] => 1 [sort] => 0 [comments_per_page] => 10 [support_ubb] => 1 [support_pictures] => 0 [pictures_maxwidth] => 200 [voting_visible] => 1 [date_format] => age [show_readon] => 1 [menu_readon] => 0 [intro_only] => 0 [emoticon_pack] => modern ) [template] => stdClass Object ( [template] => default ) [template_params] => stdClass Object ( [emulate_bootstrap] => 1 [minify_scripts] => 0 [notify_users] => 1 [pagination_position] => 0 [form_position] => 1 [form_avatar] => 1 [form_ubb] => 1 [required_user] => 1 [required_email] => 1 [show_rss] => 1 [show_search] => 1 [preview_visible] => 1 [preview_length] => 80 [preview_lines] => 10 ) [integrations] => stdClass Object ( [gravatar] => 1 [support_profiles] => 0 ) [global] => stdClass Object ( [censorship_word_list] => Array ( ) ) ) [initialized:protected] => 1 [separator] => . [id] => 1 [component] => com_content ) [count] => 0 [contentId] => 268477 [component] => com_content [allowedToPost] => [discussionClosed] => [emoticons] => Array ( [:angry:] => /media/com_comment/emoticons/modern/images/Angry.gif [:angry-red:] => /media/com_comment/emoticons/modern/images/Angry-Red.gif [:evil:] => /media/com_comment/emoticons/modern/images/Evil-Toothy.gif [:idea:] => /media/com_comment/emoticons/modern/images/Idea.gif [:love:] => /media/com_comment/emoticons/modern/images/Love.gif [:x] => /media/com_comment/emoticons/modern/images/Mad.gif [:no-comments:] => /media/com_comment/emoticons/modern/images/No-Comments.gif [:ooo:] => /media/com_comment/emoticons/modern/images/Oooo.gif [:pirate:] => /media/com_comment/emoticons/modern/images/Pirate.gif [:?:] => /media/com_comment/emoticons/modern/images/Question.gif [:(] => /media/com_comment/emoticons/modern/images/Sad.gif [:sleep:] => /media/com_comment/emoticons/modern/images/Sleeping.gif [:)] => /media/com_comment/emoticons/modern/images/Smile.gif [,)] => /media/com_comment/emoticons/modern/images/Wink.gif [,))] => /media/com_comment/emoticons/modern/images/Wink-2.gif [:0] => /media/com_comment/emoticons/modern/images/Wooo.gif ) [customfieldsForm] => Joomla\CMS\Form\Form Object ( [data:protected] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( ) [initialized:protected] => [separator] => . ) [errors:protected] => Array ( ) [name:protected] => customfields [options:protected] => Array ( [control] => jform ) [xml:protected] => SimpleXMLElement Object ( [fields] => SimpleXMLElement Object ( [@attributes] => Array ( [name] => customfields ) ) ) [repeat] => ) )

    Comments powered by CComment

    LinuxSecurity Poll

    Have you used our RSS feeds?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    21
    radio
    [{"id":"77","title":"Yes, for articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"78","title":"Yes, for advisories","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"79","title":"Hybrid that contains both","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"80","title":"No","votes":"0","type":"x","order":"4","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.