129 matches found
SUSE-SU-2023:0527-1 Security update for php8
This update for php8 fixes the following issues: php8 was updated to version 8.0.28: - CVE-2023-0568: Fixed NULL byte off-by-one in phpcheckspecificopenbasedir bnc1208366. - CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body bnc1208367...
DLA-3243-1 php7.3 - security update
Bulletin has no description...
php security update
8.0.13-2 - fix password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626...
Updated php packages fix security vulnerability
Security update for php. See changelog for details...
SUSE-SU-2021:2638-1 Security update for php72
This update for php72 fixes the following issues: - CVE-2021-21704: Fixed security issues in pdofirebase module bsc1188035...
SUSE-SU-2021:2636-1 Security update for php74
This update for php74 fixes the following issues: - CVE-2021-21704: Fixed security issues in pdofirebase module bsc1188035. - CVE-2021-21705: Fixed SSRF bypass in FILTERVALIDATEURL bsc1188037...
DLA-2564-1 php-horde-text-filter - security update
Bulletin has no description...
SUSE-SU-2020:2477-1 Security update for php5
This update for php5 fixes the following issues: - CVE-2020-7068: Use of freed hash key in the pharparsezipfile function bsc1175223...
SUSE-SU-2020:0522-1 Security update for php5
This update for php5 fixes the following issues: Security issues fixed: - CVE-2019-11041: Fixed heap buffer over-read in exifscanthumbnail bsc1146360. - CVE-2019-11042: Fixed heap buffer over-read in exifprocessusercomment bsc1145095. - CVE-2019-11043: Fixed possible remote code execution via...
Medium: php73
Issue Overview: When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash...
php:7.2 security update
php 7.2.11-4 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...
SUSE-SU-2019:14013-1 Security update for php53
This update for php53 fixes the following issues: Security issues fixed: - CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension bsc1128892. - CVE-2019-9675: Fixed improper implementation of rename function and multiple invalid memory...
DSA-4403-1 php7.0 - security update
Bulletin has no description...
DSA-4353-1 php7.0 - security update
Bulletin has no description...
SUSE-SU-2018:2681-1 Security update for php53
This update for php53 fixes the following issues: The following security issues were fixed: - CVE-2018-14851: Fixed an out-of-bound read in exifprocessIFDinMAKERNOTE, which could be exploited by an attacker via crafted JPG files, and could result in an application crash. bsc1103659 -...
MGASA-2018-0085 Updated php & libgd packages fix security vulnerabilities
Potential infinite loop in gdImageCreateFromGifCtx php75571. Reflected XSS in .phar 404 page php74782...
SUSE-SU-2017:0017-1 Security update for php7
This update for php7 fixes the following issues: CVE-2016-9933 Possible stack overflow on truecolor images handling bsc1015187 CVE-2016-9934 Dereference from NULL pointer could lead to crash bsc1015188 CVE-2016-9935 Invalid read could lead to crash bsc1015189 CVE-2016-9936 Use After free in the...
Debian DLA-749-1 : php5 security update (httpoxy)
CVE-2016-5385 PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an application's...
php security and bug fix update
5.4.16-42 - bz2: fix improper error handling in bzread CVE-2016-5399 5.4.16-41 - gd: fix integer overflow in gd2GetHeader resulting in heap overflow CVE-2016-5766 - gd: fix integer overflow in gdImagePaletteToTrueColor resulting in heap overflow CVE-2016-5767 - mbstring: fix double free in...
SUSE-SU-2016:2477-2 Security update for php5
This update for php5 fixes the following security issues: CVE-2016-7411: php5: Memory corruption when destructing deserialized object CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNEDFLAG in BIT field CVE-2016-7413: Use after free in wddxdeserialize CVE-2016-7414: Out of bounds...