SUSE-SU-2022:4069-1 -- SLES php7, apache2-mod_php7ID: oval:org.secpod.oval:def:89047905 | Date: (C)2022-11-23 (M)2024-04-29 |
Class: PATCH | Family: unix |
This update for php7 fixes the following issues: - Version update to 7.4.33: - CVE-2022-31630: Fixed out-of-bounds read due to insufficient input validation in imageloadfont . - CVE-2022-37454: Fixed buffer overflow in hash_update on long parameter . - Version update to 7.4.32 - CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor while decompressing "quines" gzip files. - CVE-2022-31629: Fixed a bug which could lead an attacker to set an insecure cookie that will treated as secure in the victim"s browser
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
Product: |
php7 |
apache2-mod_php7 |