{"affected":[{"ecosystem_specific":{"binaries":[{"apache2-mod_php72":"7.2.5-1.46.1","php72":"7.2.5-1.46.1","php72-bcmath":"7.2.5-1.46.1","php72-bz2":"7.2.5-1.46.1","php72-calendar":"7.2.5-1.46.1","php72-ctype":"7.2.5-1.46.1","php72-curl":"7.2.5-1.46.1","php72-dba":"7.2.5-1.46.1","php72-dom":"7.2.5-1.46.1","php72-enchant":"7.2.5-1.46.1","php72-exif":"7.2.5-1.46.1","php72-fastcgi":"7.2.5-1.46.1","php72-fileinfo":"7.2.5-1.46.1","php72-fpm":"7.2.5-1.46.1","php72-ftp":"7.2.5-1.46.1","php72-gd":"7.2.5-1.46.1","php72-gettext":"7.2.5-1.46.1","php72-gmp":"7.2.5-1.46.1","php72-iconv":"7.2.5-1.46.1","php72-imap":"7.2.5-1.46.1","php72-intl":"7.2.5-1.46.1","php72-json":"7.2.5-1.46.1","php72-ldap":"7.2.5-1.46.1","php72-mbstring":"7.2.5-1.46.1","php72-mysql":"7.2.5-1.46.1","php72-odbc":"7.2.5-1.46.1","php72-opcache":"7.2.5-1.46.1","php72-openssl":"7.2.5-1.46.1","php72-pcntl":"7.2.5-1.46.1","php72-pdo":"7.2.5-1.46.1","php72-pear":"7.2.5-1.46.1","php72-pear-Archive_Tar":"7.2.5-1.46.1","php72-pgsql":"7.2.5-1.46.1","php72-phar":"7.2.5-1.46.1","php72-posix":"7.2.5-1.46.1","php72-pspell":"7.2.5-1.46.1","php72-readline":"7.2.5-1.46.1","php72-shmop":"7.2.5-1.46.1","php72-snmp":"7.2.5-1.46.1","php72-soap":"7.2.5-1.46.1","php72-sockets":"7.2.5-1.46.1","php72-sodium":"7.2.5-1.46.1","php72-sqlite":"7.2.5-1.46.1","php72-sysvmsg":"7.2.5-1.46.1","php72-sysvsem":"7.2.5-1.46.1","php72-sysvshm":"7.2.5-1.46.1","php72-tidy":"7.2.5-1.46.1","php72-tokenizer":"7.2.5-1.46.1","php72-wddx":"7.2.5-1.46.1","php72-xmlreader":"7.2.5-1.46.1","php72-xmlrpc":"7.2.5-1.46.1","php72-xmlwriter":"7.2.5-1.46.1","php72-xsl":"7.2.5-1.46.1","php72-zip":"7.2.5-1.46.1","php72-zlib":"7.2.5-1.46.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Web and Scripting 12","name":"php72","purl":"pkg:rpm/suse/php72&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.2.5-1.46.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"php72-devel":"7.2.5-1.46.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP4","name":"php72","purl":"pkg:rpm/suse/php72&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.2.5-1.46.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"php72-devel":"7.2.5-1.46.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","name":"php72","purl":"pkg:rpm/suse/php72&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.2.5-1.46.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for php72 fixes the following issues:\n\n- CVE-2020-7064: Fixed a one byte read of uninitialized memory in exif_read_data() (bsc#1168326).\n- CVE-2020-7066: Fixed URL truncation get_headers() if the URL contains zero (\\0) character (bsc#1168352).\n- CVE-2019-11048: Improved the handling of overly long filenames or field names in HTTP file uploads (bsc#1171999).\n","id":"SUSE-SU-2020:1546-1","modified":"2020-06-05T10:48:02Z","published":"2020-06-05T10:48:02Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-20201546-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1168326"},{"type":"REPORT","url":"https://bugzilla.suse.com/1168352"},{"type":"REPORT","url":"https://bugzilla.suse.com/1171999"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-11048"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-7064"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-7066"}],"related":["CVE-2019-11048","CVE-2020-7064","CVE-2020-7066"],"summary":"Security update for php72","upstream":["CVE-2019-11048","CVE-2020-7064","CVE-2020-7066"]}