Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2020:2477-1 Moderate: Php5 Use Of Freed Key Issue

suse
Calendar Grey September 3, 2020
Dist Suse Esm H88
SUSE has released a necessary security patch for php5 that mitigates CVE-2020-7068 risks and strengthens overall system integrity.
An update that fixes one vulnerability is now available

Summary

This update for php5 fixes the following issues: - CVE-2020-7068: Use of freed hash key in the phar_parse_zipfile function (bsc#1175223). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2020-2477=1 Package List: - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): apache2-mod_php5-5.5.14-109.79.1 apache2-mod_php5-debuginfo-5.5.14-109.79.1 php5-5.5.14-109.79.1 php5-bcmath-5.5.14-109.79.1 php5-bcmath-debuginfo-5.5.14-109.79.1 php5-bz2-5.5.14-109.79.1 php5-bz2-debuginfo-5.5.14-109.79.1

Topics%20covered

Topics Covered

security advisory moderate SUSE product update php5 threat type web scripting

References

#1175223

Cross- CVE-2020-7068

Affected Products:

SUSE Linux Enterprise Module for Web Scripting 12

https://www.suse.com/security/cve/CVE-2020-7068.html

https://bugzilla.suse.com/1175223

Announcement ID: SUSE-SU-2020:2477-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate SUSE product update php5 threat type web scripting

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here