SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2021-3943

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2021-3943

Recommended update for php7

Type: security

Severity: moderate

Issued: 2021-12-06

Description:

This update for php7 fixes the following issues:

- CVE-2021-21703: Fixed local privilege escalation via PHP-FPM (bsc#1192050).
- CVE-2021-21707: Fixed special character breaks path in xml parsing (bsc#1193041).

- Added patch to prevent memory access violation in php7 when running test suite (bsc#1175508)

References

Packages

php7-7.4.6-3.29.1