commit patchinfo.12097 for openSUSE:Leap:15.1:Update

Sat, 14 Mar 2020 22:15:27 -0700 

Hello community,

here is the log from the commit of package patchinfo.12097 for 
openSUSE:Leap:15.1:Update checked in at 2020-03-15 06:15:08
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.1:Update/patchinfo.12097 (Old)
 and      /work/SRC/openSUSE:Leap:15.1:Update/.patchinfo.12097.new.3160 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "patchinfo.12097"

Sun Mar 15 06:15:08 2020 rev:1 rq:783109 version:unknown

Changes:
--------
New Changes file:

NO CHANGES FILE!!!

New:
----
  _patchinfo

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo incident="12097">
  <issue tracker="cve" id="2020-7063"/>
  <issue tracker="cve" id="2020-7059"/>
  <issue tracker="cve" id="2020-7060"/>
  <issue tracker="cve" id="2020-7062"/>
  <issue tracker="bnc" id="1165289">VUL-0: CVE-2020-7063: php5,php72,php7: 
creating PHAR archive using PharData:buildFromIterator() function will  add 
files  with default permissions</issue>
  <issue tracker="bnc" id="1162632">VUL-0: CVE-2020-7060: 
php5,php72,php7,php53: Global buffer-overflow in mbfl_filt_conv_big5_wchar 
function</issue>
  <issue tracker="bnc" id="1165280">VUL-1: CVE-2020-7062: php5,php72,php7: null 
pointer dereference when using file upload functionality under specific 
circumstances</issue>
  <issue tracker="bnc" id="1162629">VUL-0: CVE-2020-7059: 
php5,php72,php7,php53: Out of bounds read in php_strip_tags_ex</issue>
  <packager>pgajdos</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for php7</summary>
  <description>This update for php7 fixes the following issues:

- CVE-2020-7062: Fixed a null pointer dereference when using file upload 
functionality 
  under specific circumstances (bsc#1165280).
- CVE-2020-7063: Fixed an issue where adding files change the permissions to 
default (bsc#1165289).
- CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may 
have led to 
  denial of service (bsc#1162629).
- CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar 
which  may have  led to 
  memory corruption (bsc#1162632). 

This update was imported from the SUSE:SLE-15:Update update 
project.</description>
</patchinfo>

Reply via email to