Security update for php5 (important)

ID OPENSUSE-SU-2016:2837-1
Type suse
Reporter Suse
Modified 2016-11-17T20:11:55


This update for php5 fixes the following security issues:

  • CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp (bsc#1001900)
  • CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf (bsc#1004924)
  • CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf() (bsc#1005274)

This update was imported from the SUSE:SLE-12:Update update project.