SUSE-SU-2020:2997-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2020-7069: Fixed an issue when AES-CCM mode was used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV was used bsc1177351. - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to...

php7.tuodominio.it Cross Site Scripting vulnerability OBB-1434117

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

openSUSE Security Update : php7 (openSUSE-2020-1703)

This update for php7 fixes the following issues : - CVE-2020-7069: Fixed an issue when AES-CCM mode was used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV was used bsc1177351. - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to...

openSUSE: Security Advisory for php7 (openSUSE-SU-2020:1703-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2020:1703-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2020-7069: Fixed an issue when AES-CCM mode was used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV was used bsc1177351. - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to...

Security update for php7 (important)

openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2020:1703-1 Rating: important References: 1177351 1177352 Cross-References: CVE-2020-7069 CVE-2020-7070 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Description: Thi...

SUSE-SU-2020:2941-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2020-7069: Fixed an issue when AES-CCM mode was used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV was used bsc1177351. - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to...

Security fix for the ALT Linux 8 package php7 version 7.2.34-alt1

7.2.34-alt1 built Oct. 13, 2020 Anton Farygin in task 259367 Oct. 7, 2020 Anton Farygin - 7.2.34 Fixes: CVE-2020-7069, CVE-2020-7070...

Security fix for the ALT Linux 9 package php7 version 7.3.23-alt1

7.3.23-alt1 built Oct. 10, 2020 Anton Farygin in task 259362 Oct. 7, 2020 Anton Farygin - 7.3.23 Fixes: CVE-2020-7069, CVE-2020-7070...

Cookie Injection

php7 is vulnerable to cookie injection. The vulnerability exists as cookie names are url-decoded, allowing cookies with prefixes such as Host to be forged...

openSUSE: Security Advisory for php7 (openSUSE-SU-2020:1356-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for php7 (openSUSE-SU-2020:1354-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : php7 (openSUSE-2020-1354)

This update for php7 fixes the following issues : - CVE-2020-7068: Use of freed hash key in the pharparsezipfile function bsc1175223. - Do not install outdated README.SUSE bsc1174010. - Added tmpfiles.d for php-fpm to provide a base for a socket bsc1173786. This update was imported from the...

openSUSE Security Update : php7 (openSUSE-2020-1356)

This update for php7 fixes the following issues : - CVE-2020-7068: Use of freed hash key in the pharparsezipfile function bsc1175223. This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...

OPENSUSE-SU-2020:1356-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2020-7068: Use of freed hash key in the pharparsezipfile function bsc1175223. This update was imported from the SUSE:SLE-15-SP2:Update update project...

OPENSUSE-SU-2020:1354-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2020-7068: Use of freed hash key in the pharparsezipfile function bsc1175223. - Do not install outdated README.SUSE bsc1174010. - Added tmpfiles.d for php-fpm to provide a base for a socket bsc1173786. This update was imported from the...

Information Disclosure

php7 is vulnerable to information disclosure. A use-after-free bug after invoking the efree function causes confidential information stored in memory to be leaked...

Security update for php7 (moderate)

openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2020:1356-1 Rating: moderate References: 1175223 Cross-References: CVE-2020-7068 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for php7 fixes t...

Security update for php7 (moderate)

openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2020:1354-1 Rating: moderate References: 1173786 1174010 1175223 Cross-References: CVE-2020-7068 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has two fixes is now available...

SUSE SLES12 Security Update : php7 (SUSE-SU-2020:2403-1)

This update for php7 fixes the following issues : fix CVE-2020-7068 bsc1175223: Use of freed hash key in the pharparsezipfile function Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...