SUSE-SU-2023:0476-1 -- SLES php7, apache2-mod_php7ID: oval:org.secpod.oval:def:89048609 | Date: (C)2023-04-11 (M)2024-01-02 |
Class: PATCH | Family: unix |
This update for php7 fixes the following issues: * CVE-2022-31631: Fixed an issue where PDO::quote would return an unquoted string . * CVE-2023-0568: Fixed NULL byte off-by-one in php_check_specific_open_basedir . * CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body . * CVE-2023-0567: Fixed vulnerability where BCrypt hashes erroneously validate if the salt is cut short by `$` .
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
Product: |
php7 |
apache2-mod_php7 |