SUSE SLES12 Security Update : php7 (SUSE-SU-2017:1717-1)

This update for php7 fixes the following security issues : - CVE-2017-9224: stack out-of-bounds read occurs in matchat could lead to Denial of service bsc1040891 - CVE-2017-9226: heap out-of-bounds write orread occurs in nextstateval could lead to Denial of servicebsc1040889 - CVE-2017-9227: stac...

openSUSE Security Update : php7 (openSUSE-2017-790)

This update for php7 fixes the following security issues : - CVE-2017-9224: stack out-of-bounds read occurs in matchat could lead to Denial of service bsc1040891 - CVE-2017-9226: heap out-of-bounds write orread occurs in nextstateval could lead to Denial of servicebsc1040889 - CVE-2017-9227: stac...

CVE-2017-6441

The zvalgetlongfuncex in Zend/zendoperators.c in PHP 7.1.2 allows attackers to cause a denial of service NULL pointer dereference and application crash via crafted use of "declareticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do n...

CVE-2017-6441

CVE-2017-6441 affects PHP 7.1.2 where the function _zval_get_long_func_ex in Zend/zend_operators.c can trigger a denial of service via crafted use of declare(ticks=). The vulnerability leads to a NULL pointer dereference and application crash. Connected documents reference PHP 7.1.2 and describe ...