{"affected":[{"ecosystem_specific":{"binaries":[{"php7-embed":"7.2.5-4.49.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15","name":"php7","purl":"pkg:rpm/suse/php7&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.2.5-4.49.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache2-mod_php7":"7.2.5-4.49.1","php7":"7.2.5-4.49.1","php7-bcmath":"7.2.5-4.49.1","php7-bz2":"7.2.5-4.49.1","php7-calendar":"7.2.5-4.49.1","php7-ctype":"7.2.5-4.49.1","php7-curl":"7.2.5-4.49.1","php7-dba":"7.2.5-4.49.1","php7-devel":"7.2.5-4.49.1","php7-dom":"7.2.5-4.49.1","php7-enchant":"7.2.5-4.49.1","php7-exif":"7.2.5-4.49.1","php7-fastcgi":"7.2.5-4.49.1","php7-fileinfo":"7.2.5-4.49.1","php7-fpm":"7.2.5-4.49.1","php7-ftp":"7.2.5-4.49.1","php7-gd":"7.2.5-4.49.1","php7-gettext":"7.2.5-4.49.1","php7-gmp":"7.2.5-4.49.1","php7-iconv":"7.2.5-4.49.1","php7-intl":"7.2.5-4.49.1","php7-json":"7.2.5-4.49.1","php7-ldap":"7.2.5-4.49.1","php7-mbstring":"7.2.5-4.49.1","php7-mysql":"7.2.5-4.49.1","php7-odbc":"7.2.5-4.49.1","php7-opcache":"7.2.5-4.49.1","php7-openssl":"7.2.5-4.49.1","php7-pcntl":"7.2.5-4.49.1","php7-pdo":"7.2.5-4.49.1","php7-pear":"7.2.5-4.49.1","php7-pear-Archive_Tar":"7.2.5-4.49.1","php7-pgsql":"7.2.5-4.49.1","php7-phar":"7.2.5-4.49.1","php7-posix":"7.2.5-4.49.1","php7-shmop":"7.2.5-4.49.1","php7-snmp":"7.2.5-4.49.1","php7-soap":"7.2.5-4.49.1","php7-sockets":"7.2.5-4.49.1","php7-sodium":"7.2.5-4.49.1","php7-sqlite":"7.2.5-4.49.1","php7-sysvmsg":"7.2.5-4.49.1","php7-sysvsem":"7.2.5-4.49.1","php7-sysvshm":"7.2.5-4.49.1","php7-tokenizer":"7.2.5-4.49.1","php7-wddx":"7.2.5-4.49.1","php7-xmlreader":"7.2.5-4.49.1","php7-xmlrpc":"7.2.5-4.49.1","php7-xmlwriter":"7.2.5-4.49.1","php7-xsl":"7.2.5-4.49.1","php7-zip":"7.2.5-4.49.1","php7-zlib":"7.2.5-4.49.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Web and Scripting 15","name":"php7","purl":"pkg:rpm/suse/php7&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.2.5-4.49.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"apache2-mod_php7":"7.2.5-4.49.1","php7":"7.2.5-4.49.1","php7-bcmath":"7.2.5-4.49.1","php7-bz2":"7.2.5-4.49.1","php7-calendar":"7.2.5-4.49.1","php7-ctype":"7.2.5-4.49.1","php7-curl":"7.2.5-4.49.1","php7-dba":"7.2.5-4.49.1","php7-devel":"7.2.5-4.49.1","php7-dom":"7.2.5-4.49.1","php7-enchant":"7.2.5-4.49.1","php7-exif":"7.2.5-4.49.1","php7-fastcgi":"7.2.5-4.49.1","php7-fileinfo":"7.2.5-4.49.1","php7-fpm":"7.2.5-4.49.1","php7-ftp":"7.2.5-4.49.1","php7-gd":"7.2.5-4.49.1","php7-gettext":"7.2.5-4.49.1","php7-gmp":"7.2.5-4.49.1","php7-iconv":"7.2.5-4.49.1","php7-intl":"7.2.5-4.49.1","php7-json":"7.2.5-4.49.1","php7-ldap":"7.2.5-4.49.1","php7-mbstring":"7.2.5-4.49.1","php7-mysql":"7.2.5-4.49.1","php7-odbc":"7.2.5-4.49.1","php7-opcache":"7.2.5-4.49.1","php7-openssl":"7.2.5-4.49.1","php7-pcntl":"7.2.5-4.49.1","php7-pdo":"7.2.5-4.49.1","php7-pear":"7.2.5-4.49.1","php7-pear-Archive_Tar":"7.2.5-4.49.1","php7-pgsql":"7.2.5-4.49.1","php7-phar":"7.2.5-4.49.1","php7-posix":"7.2.5-4.49.1","php7-shmop":"7.2.5-4.49.1","php7-snmp":"7.2.5-4.49.1","php7-soap":"7.2.5-4.49.1","php7-sockets":"7.2.5-4.49.1","php7-sodium":"7.2.5-4.49.1","php7-sqlite":"7.2.5-4.49.1","php7-sysvmsg":"7.2.5-4.49.1","php7-sysvsem":"7.2.5-4.49.1","php7-sysvshm":"7.2.5-4.49.1","php7-tokenizer":"7.2.5-4.49.1","php7-wddx":"7.2.5-4.49.1","php7-xmlreader":"7.2.5-4.49.1","php7-xmlrpc":"7.2.5-4.49.1","php7-xmlwriter":"7.2.5-4.49.1","php7-xsl":"7.2.5-4.49.1","php7-zip":"7.2.5-4.49.1","php7-zlib":"7.2.5-4.49.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Web and Scripting 15 SP1","name":"php7","purl":"pkg:rpm/suse/php7&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.2.5-4.49.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for php7 fixes the following issues:\n\n- CVE-2019-11045: Fixed an issue with improper input validation in the filename handling of the DirectoryIterator class (bsc#1159923).\n- CVE-2019-11046: Fixed an information leak in bc_shift_addsub() (bsc#1159924).\n- CVE-2019-11047, CVE-2019-11050: Fixed multiple information leaks in exif_read_data() (bsc#1159922, bsc#1159927).\n","id":"SUSE-SU-2020:0101-1","modified":"2020-01-14T15:24:28Z","published":"2020-01-14T15:24:28Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-20200101-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1159922"},{"type":"REPORT","url":"https://bugzilla.suse.com/1159923"},{"type":"REPORT","url":"https://bugzilla.suse.com/1159924"},{"type":"REPORT","url":"https://bugzilla.suse.com/1159927"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-11045"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-11046"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-11047"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-11050"}],"related":["CVE-2019-11045","CVE-2019-11046","CVE-2019-11047","CVE-2019-11050"],"summary":"Security update for php7","upstream":["CVE-2019-11045","CVE-2019-11046","CVE-2019-11047","CVE-2019-11050"]}