logo
DATABASE RESOURCES PRICING ABOUT US

Security update for php8 (important)

Description

An update that fixes three vulnerabilities is now available. Description: This update for php8 fixes the following issues: - CVE-2021-21707: Fixed a special character that breaks path in xml parsing. (bsc#1193041) - CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. (bsc#1200645) - CVE-2022-31626: Fixed buffer overflow via user-supplied password when using pdo_mysql extension with mysqlnd driver. (bsc#1200628) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-2303=1 - SUSE Linux Enterprise Module for Web Scripting 15-SP4: zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2022-2303=1


Affected Package


OS OS Version Package Name Package Version
openSUSE Leap 15.4 - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
openSUSE Leap 15.4 - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
openSUSE Leap 15.4 - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
openSUSE Leap 15.4 - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
SUSE Linux Enterprise Module for Web Scripting 15 SP4 SUSE Linux Enterprise Module for Web Scripting 15-SP4 (aarch64 ppc64le s390x x86_64):
SUSE Linux Enterprise Module for Web Scripting 15 SP4 SUSE Linux Enterprise Module for Web Scripting 15-SP4 (aarch64 ppc64le s390x x86_64):
SUSE Linux Enterprise Module for Web Scripting 15 SP4 SUSE Linux Enterprise Module for Web Scripting 15-SP4 (aarch64 ppc64le s390x x86_64):
SUSE Linux Enterprise Module for Web Scripting 15 SP4 SUSE Linux Enterprise Module for Web Scripting 15-SP4 (aarch64 ppc64le s390x x86_64):

Related