SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-2019-2503

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-2019-2503

Security update for php7

Type: security

Severity: important

Issued: 2019-10-01

Description:

This update for php7 fixes the following issues:

Security issues fixed:

- CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360).
- CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095).

Non-security issue fixed:

- Drop -n from php invocation from pecl (bsc#1151793).

References

Packages

php7-7.2.5-4.40.1