Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 530
Alerts This Week
Warning Icon 1 530

SUSE: 2019:1461-1 Moderate: Php7 Memory Access Issues Fix

suse
Calendar Grey June 11, 2019
Dist Suse Esm H88
SUSE Security Update: Security update for php7 _____________________________________________________
An update that solves 16 vulnerabilities and has two fixes is now available

Summary

This update for php7 fixes the following issues: Security issues fixed: - CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128892). - CVE-2019-9675: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128886). - CVE-2019-9638: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension ((bsc#1128889). - CVE-2019-9639: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128887). - CVE-2019-9640: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128883).

References

#1118832 #1119396 #1126711 #1126713 #1126821

#1126823 #1126827 #1127122 #1128722 #1128883

#1128886 #1128887 #1128889 #1128892 #1129032

#1132837 #1132838 #1134322

Cross- CVE-2018-19935 CVE-2018-20783 CVE-2019-11034

CVE-2019-11035 CVE-2019-11036 CVE-2019-9020

CVE-2019-9021 CVE-2019-9022 CVE-2019-9023

CVE-2019-9024 CVE-2019-9637 CVE-2019-9638

CVE-2019-9639 CVE-2019-9640 CVE-2019-9641

CVE-2019-9675

Affected Products:

SUSE Linux Enterprise Module for Web Scripting 15

SUSE Linux Enterprise Module for Packagehub Subpackages 15

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

https://www.suse.com/security/cve/CVE-2018-19935.html

https://www.suse.com/security/cve/CVE-2018-20783.html

https://www.suse.com/security/cve/CVE-2019-11034.html

Announcement ID: SUSE-SU-2019:1461-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.