{"affected":[{"ecosystem_specific":{"binaries":[{"apache2-mod_php72":"7.2.5-1.20.2","php72":"7.2.5-1.20.2","php72-bcmath":"7.2.5-1.20.2","php72-bz2":"7.2.5-1.20.2","php72-calendar":"7.2.5-1.20.2","php72-ctype":"7.2.5-1.20.2","php72-curl":"7.2.5-1.20.2","php72-dba":"7.2.5-1.20.2","php72-dom":"7.2.5-1.20.2","php72-enchant":"7.2.5-1.20.2","php72-exif":"7.2.5-1.20.2","php72-fastcgi":"7.2.5-1.20.2","php72-fileinfo":"7.2.5-1.20.2","php72-fpm":"7.2.5-1.20.2","php72-ftp":"7.2.5-1.20.2","php72-gd":"7.2.5-1.20.2","php72-gettext":"7.2.5-1.20.2","php72-gmp":"7.2.5-1.20.2","php72-iconv":"7.2.5-1.20.2","php72-imap":"7.2.5-1.20.2","php72-intl":"7.2.5-1.20.2","php72-json":"7.2.5-1.20.2","php72-ldap":"7.2.5-1.20.2","php72-mbstring":"7.2.5-1.20.2","php72-mysql":"7.2.5-1.20.2","php72-odbc":"7.2.5-1.20.2","php72-opcache":"7.2.5-1.20.2","php72-openssl":"7.2.5-1.20.2","php72-pcntl":"7.2.5-1.20.2","php72-pdo":"7.2.5-1.20.2","php72-pear":"7.2.5-1.20.2","php72-pear-Archive_Tar":"7.2.5-1.20.2","php72-pgsql":"7.2.5-1.20.2","php72-phar":"7.2.5-1.20.2","php72-posix":"7.2.5-1.20.2","php72-pspell":"7.2.5-1.20.2","php72-readline":"7.2.5-1.20.2","php72-shmop":"7.2.5-1.20.2","php72-snmp":"7.2.5-1.20.2","php72-soap":"7.2.5-1.20.2","php72-sockets":"7.2.5-1.20.2","php72-sqlite":"7.2.5-1.20.2","php72-sysvmsg":"7.2.5-1.20.2","php72-sysvsem":"7.2.5-1.20.2","php72-sysvshm":"7.2.5-1.20.2","php72-tidy":"7.2.5-1.20.2","php72-tokenizer":"7.2.5-1.20.2","php72-wddx":"7.2.5-1.20.2","php72-xmlreader":"7.2.5-1.20.2","php72-xmlrpc":"7.2.5-1.20.2","php72-xmlwriter":"7.2.5-1.20.2","php72-xsl":"7.2.5-1.20.2","php72-zip":"7.2.5-1.20.2","php72-zlib":"7.2.5-1.20.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Web and Scripting 12","name":"php72","purl":"pkg:rpm/suse/php72&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.2.5-1.20.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"php72-devel":"7.2.5-1.20.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP3","name":"php72","purl":"pkg:rpm/suse/php72&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.2.5-1.20.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"php72-devel":"7.2.5-1.20.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP4","name":"php72","purl":"pkg:rpm/suse/php72&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.2.5-1.20.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for php72 fixes the following issues:\n\nSecurity issues fixed:\t  \n\n- CVE-2019-11039: Fixed a heap-buffer-overflow on php_jpg_get16 (bsc#1138173).\n- CVE-2019-11040: Fixed an out-of-bounds read due to an integer overflow in \n  iconv.c:_php_iconv_mime_decode() (bsc#1138172).\n","id":"SUSE-SU-2019:1724-1","modified":"2019-07-02T14:49:12Z","published":"2019-07-02T14:49:12Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-20191724-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1138172"},{"type":"REPORT","url":"https://bugzilla.suse.com/1138173"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-11039"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-11040"}],"related":["CVE-2019-11039","CVE-2019-11040"],"summary":"Security update for php72","upstream":["CVE-2019-11039","CVE-2019-11040"]}