Security update for php5 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:1688-1 Final 1 1 2016-06-27T09:08:13Z current 2016-06-27T09:08:13Z 2016-06-27T09:08:13Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for php5 This update for php5 fixes the following issues: - CVE-2013-7456: imagescale out-of-bounds read (bnc#982009). - CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010). - CVE-2016-5094: Don't create strings with lengths outside of valid range (bnc#982011). - CVE-2016-5095: Don't create strings with lengths outside of valid range (bnc#982012). - CVE-2016-5096: int/size_t confusion in fread (bsc#982013). - CVE-2015-8877: The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) as used in PHP used inconsistent allocate and free approaches, which allowed remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function (bsc#981061). - CVE-2015-8876: Zend/zend_exceptions.c in PHP did not validate certain Exception objects, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data (bsc#981049). - CVE-2015-8879: The odbc_bindcols function in ext/odbc/php_odbc.c in PHP mishandles driver behavior for SQL_WVARCHAR columns, which allowed remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table (bsc#981050). This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2016-06/msg00108.html E-Mail link for openSUSE-SU-2016:1688-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 apache2-mod_php5-5.5.14-53.1 imap-2007e_suse-22.1 imap-devel-2007e_suse-22.1 libc-client2007e_suse-2007e_suse-22.1 php5-5.5.14-53.1 php5-bcmath-5.5.14-53.1 php5-bz2-5.5.14-53.1 php5-calendar-5.5.14-53.1 php5-ctype-5.5.14-53.1 php5-curl-5.5.14-53.1 php5-dba-5.5.14-53.1 php5-devel-5.5.14-53.1 php5-dom-5.5.14-53.1 php5-enchant-5.5.14-53.1 php5-exif-5.5.14-53.1 php5-fastcgi-5.5.14-53.1 php5-fileinfo-5.5.14-53.1 php5-firebird-5.5.14-53.1 php5-fpm-5.5.14-53.1 php5-ftp-5.5.14-53.1 php5-gd-5.5.14-53.1 php5-gettext-5.5.14-53.1 php5-gmp-5.5.14-53.1 php5-iconv-5.5.14-53.1 php5-imap-5.5.14-53.1 php5-intl-5.5.14-53.1 php5-json-5.5.14-53.1 php5-ldap-5.5.14-53.1 php5-mbstring-5.5.14-53.1 php5-mcrypt-5.5.14-53.1 php5-mssql-5.5.14-53.1 php5-mysql-5.5.14-53.1 php5-odbc-5.5.14-53.1 php5-opcache-5.5.14-53.1 php5-openssl-5.5.14-53.1 php5-pcntl-5.5.14-53.1 php5-pdo-5.5.14-53.1 php5-pear-5.5.14-53.1 php5-pgsql-5.5.14-53.1 php5-phar-5.5.14-53.1 php5-posix-5.5.14-53.1 php5-pspell-5.5.14-53.1 php5-readline-5.5.14-53.1 php5-shmop-5.5.14-53.1 php5-snmp-5.5.14-53.1 php5-soap-5.5.14-53.1 php5-sockets-5.5.14-53.1 php5-sqlite-5.5.14-53.1 php5-suhosin-5.5.14-53.1 php5-sysvmsg-5.5.14-53.1 php5-sysvsem-5.5.14-53.1 php5-sysvshm-5.5.14-53.1 php5-tidy-5.5.14-53.1 php5-tokenizer-5.5.14-53.1 php5-wddx-5.5.14-53.1 php5-xmlreader-5.5.14-53.1 php5-xmlrpc-5.5.14-53.1 php5-xmlwriter-5.5.14-53.1 php5-xsl-5.5.14-53.1 php5-zip-5.5.14-53.1 php5-zlib-5.5.14-53.1 apache2-mod_php5-5.5.14-53.1 as a component of openSUSE Leap 42.1 imap-2007e_suse-22.1 as a component of openSUSE Leap 42.1 imap-devel-2007e_suse-22.1 as a component of openSUSE Leap 42.1 libc-client2007e_suse-2007e_suse-22.1 as a component of openSUSE Leap 42.1 php5-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-bcmath-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-bz2-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-calendar-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-ctype-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-curl-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-dba-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-devel-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-dom-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-enchant-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-exif-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-fastcgi-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-fileinfo-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-firebird-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-fpm-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-ftp-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-gd-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-gettext-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-gmp-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-iconv-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-imap-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-intl-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-json-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-ldap-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-mbstring-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-mcrypt-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-mssql-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-mysql-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-odbc-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-opcache-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-openssl-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-pcntl-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-pdo-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-pear-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-pgsql-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-phar-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-posix-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-pspell-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-readline-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-shmop-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-snmp-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-soap-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-sockets-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-sqlite-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-suhosin-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-sysvmsg-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-sysvsem-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-sysvshm-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-tidy-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-tokenizer-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-wddx-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-xmlreader-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-xmlrpc-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-xmlwriter-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-xsl-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-zip-5.5.14-53.1 as a component of openSUSE Leap 42.1 php5-zlib-5.5.14-53.1 as a component of openSUSE Leap 42.1 gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function. CVE-2013-7456 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1 openSUSE Leap 42.1:imap-2007e_suse-22.1 openSUSE Leap 42.1:imap-devel-2007e_suse-22.1 openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1 openSUSE Leap 42.1:php5-5.5.14-53.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-53.1 openSUSE Leap 42.1:php5-bz2-5.5.14-53.1 openSUSE Leap 42.1:php5-calendar-5.5.14-53.1 openSUSE Leap 42.1:php5-ctype-5.5.14-53.1 openSUSE Leap 42.1:php5-curl-5.5.14-53.1 openSUSE Leap 42.1:php5-dba-5.5.14-53.1 openSUSE Leap 42.1:php5-devel-5.5.14-53.1 openSUSE Leap 42.1:php5-dom-5.5.14-53.1 openSUSE Leap 42.1:php5-enchant-5.5.14-53.1 openSUSE Leap 42.1:php5-exif-5.5.14-53.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-53.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-53.1 openSUSE Leap 42.1:php5-firebird-5.5.14-53.1 openSUSE Leap 42.1:php5-fpm-5.5.14-53.1 openSUSE Leap 42.1:php5-ftp-5.5.14-53.1 openSUSE Leap 42.1:php5-gd-5.5.14-53.1 openSUSE Leap 42.1:php5-gettext-5.5.14-53.1 openSUSE Leap 42.1:php5-gmp-5.5.14-53.1 openSUSE Leap 42.1:php5-iconv-5.5.14-53.1 openSUSE Leap 42.1:php5-imap-5.5.14-53.1 openSUSE Leap 42.1:php5-intl-5.5.14-53.1 openSUSE Leap 42.1:php5-json-5.5.14-53.1 openSUSE Leap 42.1:php5-ldap-5.5.14-53.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-53.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-53.1 openSUSE Leap 42.1:php5-mssql-5.5.14-53.1 openSUSE Leap 42.1:php5-mysql-5.5.14-53.1 openSUSE Leap 42.1:php5-odbc-5.5.14-53.1 openSUSE Leap 42.1:php5-opcache-5.5.14-53.1 openSUSE Leap 42.1:php5-openssl-5.5.14-53.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-53.1 openSUSE Leap 42.1:php5-pdo-5.5.14-53.1 openSUSE Leap 42.1:php5-pear-5.5.14-53.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-53.1 openSUSE Leap 42.1:php5-phar-5.5.14-53.1 openSUSE Leap 42.1:php5-posix-5.5.14-53.1 openSUSE Leap 42.1:php5-pspell-5.5.14-53.1 openSUSE Leap 42.1:php5-readline-5.5.14-53.1 openSUSE Leap 42.1:php5-shmop-5.5.14-53.1 openSUSE Leap 42.1:php5-snmp-5.5.14-53.1 openSUSE Leap 42.1:php5-soap-5.5.14-53.1 openSUSE Leap 42.1:php5-sockets-5.5.14-53.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-53.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-53.1 openSUSE Leap 42.1:php5-tidy-5.5.14-53.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-53.1 openSUSE Leap 42.1:php5-wddx-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-53.1 openSUSE Leap 42.1:php5-xsl-5.5.14-53.1 openSUSE Leap 42.1:php5-zip-5.5.14-53.1 openSUSE Leap 42.1:php5-zlib-5.5.14-53.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-06/msg00108.html https://www.suse.com/security/cve/CVE-2013-7456.html CVE-2013-7456 https://bugzilla.suse.com/982009 SUSE Bug 982009 Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data. CVE-2015-8876 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1 openSUSE Leap 42.1:imap-2007e_suse-22.1 openSUSE Leap 42.1:imap-devel-2007e_suse-22.1 openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1 openSUSE Leap 42.1:php5-5.5.14-53.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-53.1 openSUSE Leap 42.1:php5-bz2-5.5.14-53.1 openSUSE Leap 42.1:php5-calendar-5.5.14-53.1 openSUSE Leap 42.1:php5-ctype-5.5.14-53.1 openSUSE Leap 42.1:php5-curl-5.5.14-53.1 openSUSE Leap 42.1:php5-dba-5.5.14-53.1 openSUSE Leap 42.1:php5-devel-5.5.14-53.1 openSUSE Leap 42.1:php5-dom-5.5.14-53.1 openSUSE Leap 42.1:php5-enchant-5.5.14-53.1 openSUSE Leap 42.1:php5-exif-5.5.14-53.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-53.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-53.1 openSUSE Leap 42.1:php5-firebird-5.5.14-53.1 openSUSE Leap 42.1:php5-fpm-5.5.14-53.1 openSUSE Leap 42.1:php5-ftp-5.5.14-53.1 openSUSE Leap 42.1:php5-gd-5.5.14-53.1 openSUSE Leap 42.1:php5-gettext-5.5.14-53.1 openSUSE Leap 42.1:php5-gmp-5.5.14-53.1 openSUSE Leap 42.1:php5-iconv-5.5.14-53.1 openSUSE Leap 42.1:php5-imap-5.5.14-53.1 openSUSE Leap 42.1:php5-intl-5.5.14-53.1 openSUSE Leap 42.1:php5-json-5.5.14-53.1 openSUSE Leap 42.1:php5-ldap-5.5.14-53.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-53.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-53.1 openSUSE Leap 42.1:php5-mssql-5.5.14-53.1 openSUSE Leap 42.1:php5-mysql-5.5.14-53.1 openSUSE Leap 42.1:php5-odbc-5.5.14-53.1 openSUSE Leap 42.1:php5-opcache-5.5.14-53.1 openSUSE Leap 42.1:php5-openssl-5.5.14-53.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-53.1 openSUSE Leap 42.1:php5-pdo-5.5.14-53.1 openSUSE Leap 42.1:php5-pear-5.5.14-53.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-53.1 openSUSE Leap 42.1:php5-phar-5.5.14-53.1 openSUSE Leap 42.1:php5-posix-5.5.14-53.1 openSUSE Leap 42.1:php5-pspell-5.5.14-53.1 openSUSE Leap 42.1:php5-readline-5.5.14-53.1 openSUSE Leap 42.1:php5-shmop-5.5.14-53.1 openSUSE Leap 42.1:php5-snmp-5.5.14-53.1 openSUSE Leap 42.1:php5-soap-5.5.14-53.1 openSUSE Leap 42.1:php5-sockets-5.5.14-53.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-53.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-53.1 openSUSE Leap 42.1:php5-tidy-5.5.14-53.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-53.1 openSUSE Leap 42.1:php5-wddx-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-53.1 openSUSE Leap 42.1:php5-xsl-5.5.14-53.1 openSUSE Leap 42.1:php5-zip-5.5.14-53.1 openSUSE Leap 42.1:php5-zlib-5.5.14-53.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-06/msg00108.html https://www.suse.com/security/cve/CVE-2015-8876.html CVE-2015-8876 https://bugzilla.suse.com/1019550 SUSE Bug 1019550 https://bugzilla.suse.com/981049 SUSE Bug 981049 The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. CVE-2015-8877 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1 openSUSE Leap 42.1:imap-2007e_suse-22.1 openSUSE Leap 42.1:imap-devel-2007e_suse-22.1 openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1 openSUSE Leap 42.1:php5-5.5.14-53.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-53.1 openSUSE Leap 42.1:php5-bz2-5.5.14-53.1 openSUSE Leap 42.1:php5-calendar-5.5.14-53.1 openSUSE Leap 42.1:php5-ctype-5.5.14-53.1 openSUSE Leap 42.1:php5-curl-5.5.14-53.1 openSUSE Leap 42.1:php5-dba-5.5.14-53.1 openSUSE Leap 42.1:php5-devel-5.5.14-53.1 openSUSE Leap 42.1:php5-dom-5.5.14-53.1 openSUSE Leap 42.1:php5-enchant-5.5.14-53.1 openSUSE Leap 42.1:php5-exif-5.5.14-53.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-53.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-53.1 openSUSE Leap 42.1:php5-firebird-5.5.14-53.1 openSUSE Leap 42.1:php5-fpm-5.5.14-53.1 openSUSE Leap 42.1:php5-ftp-5.5.14-53.1 openSUSE Leap 42.1:php5-gd-5.5.14-53.1 openSUSE Leap 42.1:php5-gettext-5.5.14-53.1 openSUSE Leap 42.1:php5-gmp-5.5.14-53.1 openSUSE Leap 42.1:php5-iconv-5.5.14-53.1 openSUSE Leap 42.1:php5-imap-5.5.14-53.1 openSUSE Leap 42.1:php5-intl-5.5.14-53.1 openSUSE Leap 42.1:php5-json-5.5.14-53.1 openSUSE Leap 42.1:php5-ldap-5.5.14-53.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-53.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-53.1 openSUSE Leap 42.1:php5-mssql-5.5.14-53.1 openSUSE Leap 42.1:php5-mysql-5.5.14-53.1 openSUSE Leap 42.1:php5-odbc-5.5.14-53.1 openSUSE Leap 42.1:php5-opcache-5.5.14-53.1 openSUSE Leap 42.1:php5-openssl-5.5.14-53.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-53.1 openSUSE Leap 42.1:php5-pdo-5.5.14-53.1 openSUSE Leap 42.1:php5-pear-5.5.14-53.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-53.1 openSUSE Leap 42.1:php5-phar-5.5.14-53.1 openSUSE Leap 42.1:php5-posix-5.5.14-53.1 openSUSE Leap 42.1:php5-pspell-5.5.14-53.1 openSUSE Leap 42.1:php5-readline-5.5.14-53.1 openSUSE Leap 42.1:php5-shmop-5.5.14-53.1 openSUSE Leap 42.1:php5-snmp-5.5.14-53.1 openSUSE Leap 42.1:php5-soap-5.5.14-53.1 openSUSE Leap 42.1:php5-sockets-5.5.14-53.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-53.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-53.1 openSUSE Leap 42.1:php5-tidy-5.5.14-53.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-53.1 openSUSE Leap 42.1:php5-wddx-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-53.1 openSUSE Leap 42.1:php5-xsl-5.5.14-53.1 openSUSE Leap 42.1:php5-zip-5.5.14-53.1 openSUSE Leap 42.1:php5-zlib-5.5.14-53.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-06/msg00108.html https://www.suse.com/security/cve/CVE-2015-8877.html CVE-2015-8877 https://bugzilla.suse.com/981061 SUSE Bug 981061 The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table. CVE-2015-8879 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1 openSUSE Leap 42.1:imap-2007e_suse-22.1 openSUSE Leap 42.1:imap-devel-2007e_suse-22.1 openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1 openSUSE Leap 42.1:php5-5.5.14-53.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-53.1 openSUSE Leap 42.1:php5-bz2-5.5.14-53.1 openSUSE Leap 42.1:php5-calendar-5.5.14-53.1 openSUSE Leap 42.1:php5-ctype-5.5.14-53.1 openSUSE Leap 42.1:php5-curl-5.5.14-53.1 openSUSE Leap 42.1:php5-dba-5.5.14-53.1 openSUSE Leap 42.1:php5-devel-5.5.14-53.1 openSUSE Leap 42.1:php5-dom-5.5.14-53.1 openSUSE Leap 42.1:php5-enchant-5.5.14-53.1 openSUSE Leap 42.1:php5-exif-5.5.14-53.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-53.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-53.1 openSUSE Leap 42.1:php5-firebird-5.5.14-53.1 openSUSE Leap 42.1:php5-fpm-5.5.14-53.1 openSUSE Leap 42.1:php5-ftp-5.5.14-53.1 openSUSE Leap 42.1:php5-gd-5.5.14-53.1 openSUSE Leap 42.1:php5-gettext-5.5.14-53.1 openSUSE Leap 42.1:php5-gmp-5.5.14-53.1 openSUSE Leap 42.1:php5-iconv-5.5.14-53.1 openSUSE Leap 42.1:php5-imap-5.5.14-53.1 openSUSE Leap 42.1:php5-intl-5.5.14-53.1 openSUSE Leap 42.1:php5-json-5.5.14-53.1 openSUSE Leap 42.1:php5-ldap-5.5.14-53.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-53.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-53.1 openSUSE Leap 42.1:php5-mssql-5.5.14-53.1 openSUSE Leap 42.1:php5-mysql-5.5.14-53.1 openSUSE Leap 42.1:php5-odbc-5.5.14-53.1 openSUSE Leap 42.1:php5-opcache-5.5.14-53.1 openSUSE Leap 42.1:php5-openssl-5.5.14-53.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-53.1 openSUSE Leap 42.1:php5-pdo-5.5.14-53.1 openSUSE Leap 42.1:php5-pear-5.5.14-53.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-53.1 openSUSE Leap 42.1:php5-phar-5.5.14-53.1 openSUSE Leap 42.1:php5-posix-5.5.14-53.1 openSUSE Leap 42.1:php5-pspell-5.5.14-53.1 openSUSE Leap 42.1:php5-readline-5.5.14-53.1 openSUSE Leap 42.1:php5-shmop-5.5.14-53.1 openSUSE Leap 42.1:php5-snmp-5.5.14-53.1 openSUSE Leap 42.1:php5-soap-5.5.14-53.1 openSUSE Leap 42.1:php5-sockets-5.5.14-53.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-53.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-53.1 openSUSE Leap 42.1:php5-tidy-5.5.14-53.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-53.1 openSUSE Leap 42.1:php5-wddx-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-53.1 openSUSE Leap 42.1:php5-xsl-5.5.14-53.1 openSUSE Leap 42.1:php5-zip-5.5.14-53.1 openSUSE Leap 42.1:php5-zlib-5.5.14-53.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-06/msg00108.html https://www.suse.com/security/cve/CVE-2015-8879.html CVE-2015-8879 https://bugzilla.suse.com/981050 SUSE Bug 981050 The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call. CVE-2016-5093 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1 openSUSE Leap 42.1:imap-2007e_suse-22.1 openSUSE Leap 42.1:imap-devel-2007e_suse-22.1 openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1 openSUSE Leap 42.1:php5-5.5.14-53.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-53.1 openSUSE Leap 42.1:php5-bz2-5.5.14-53.1 openSUSE Leap 42.1:php5-calendar-5.5.14-53.1 openSUSE Leap 42.1:php5-ctype-5.5.14-53.1 openSUSE Leap 42.1:php5-curl-5.5.14-53.1 openSUSE Leap 42.1:php5-dba-5.5.14-53.1 openSUSE Leap 42.1:php5-devel-5.5.14-53.1 openSUSE Leap 42.1:php5-dom-5.5.14-53.1 openSUSE Leap 42.1:php5-enchant-5.5.14-53.1 openSUSE Leap 42.1:php5-exif-5.5.14-53.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-53.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-53.1 openSUSE Leap 42.1:php5-firebird-5.5.14-53.1 openSUSE Leap 42.1:php5-fpm-5.5.14-53.1 openSUSE Leap 42.1:php5-ftp-5.5.14-53.1 openSUSE Leap 42.1:php5-gd-5.5.14-53.1 openSUSE Leap 42.1:php5-gettext-5.5.14-53.1 openSUSE Leap 42.1:php5-gmp-5.5.14-53.1 openSUSE Leap 42.1:php5-iconv-5.5.14-53.1 openSUSE Leap 42.1:php5-imap-5.5.14-53.1 openSUSE Leap 42.1:php5-intl-5.5.14-53.1 openSUSE Leap 42.1:php5-json-5.5.14-53.1 openSUSE Leap 42.1:php5-ldap-5.5.14-53.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-53.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-53.1 openSUSE Leap 42.1:php5-mssql-5.5.14-53.1 openSUSE Leap 42.1:php5-mysql-5.5.14-53.1 openSUSE Leap 42.1:php5-odbc-5.5.14-53.1 openSUSE Leap 42.1:php5-opcache-5.5.14-53.1 openSUSE Leap 42.1:php5-openssl-5.5.14-53.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-53.1 openSUSE Leap 42.1:php5-pdo-5.5.14-53.1 openSUSE Leap 42.1:php5-pear-5.5.14-53.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-53.1 openSUSE Leap 42.1:php5-phar-5.5.14-53.1 openSUSE Leap 42.1:php5-posix-5.5.14-53.1 openSUSE Leap 42.1:php5-pspell-5.5.14-53.1 openSUSE Leap 42.1:php5-readline-5.5.14-53.1 openSUSE Leap 42.1:php5-shmop-5.5.14-53.1 openSUSE Leap 42.1:php5-snmp-5.5.14-53.1 openSUSE Leap 42.1:php5-soap-5.5.14-53.1 openSUSE Leap 42.1:php5-sockets-5.5.14-53.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-53.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-53.1 openSUSE Leap 42.1:php5-tidy-5.5.14-53.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-53.1 openSUSE Leap 42.1:php5-wddx-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-53.1 openSUSE Leap 42.1:php5-xsl-5.5.14-53.1 openSUSE Leap 42.1:php5-zip-5.5.14-53.1 openSUSE Leap 42.1:php5-zlib-5.5.14-53.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-06/msg00108.html https://www.suse.com/security/cve/CVE-2016-5093.html CVE-2016-5093 https://bugzilla.suse.com/982010 SUSE Bug 982010 Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function. CVE-2016-5094 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1 openSUSE Leap 42.1:imap-2007e_suse-22.1 openSUSE Leap 42.1:imap-devel-2007e_suse-22.1 openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1 openSUSE Leap 42.1:php5-5.5.14-53.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-53.1 openSUSE Leap 42.1:php5-bz2-5.5.14-53.1 openSUSE Leap 42.1:php5-calendar-5.5.14-53.1 openSUSE Leap 42.1:php5-ctype-5.5.14-53.1 openSUSE Leap 42.1:php5-curl-5.5.14-53.1 openSUSE Leap 42.1:php5-dba-5.5.14-53.1 openSUSE Leap 42.1:php5-devel-5.5.14-53.1 openSUSE Leap 42.1:php5-dom-5.5.14-53.1 openSUSE Leap 42.1:php5-enchant-5.5.14-53.1 openSUSE Leap 42.1:php5-exif-5.5.14-53.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-53.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-53.1 openSUSE Leap 42.1:php5-firebird-5.5.14-53.1 openSUSE Leap 42.1:php5-fpm-5.5.14-53.1 openSUSE Leap 42.1:php5-ftp-5.5.14-53.1 openSUSE Leap 42.1:php5-gd-5.5.14-53.1 openSUSE Leap 42.1:php5-gettext-5.5.14-53.1 openSUSE Leap 42.1:php5-gmp-5.5.14-53.1 openSUSE Leap 42.1:php5-iconv-5.5.14-53.1 openSUSE Leap 42.1:php5-imap-5.5.14-53.1 openSUSE Leap 42.1:php5-intl-5.5.14-53.1 openSUSE Leap 42.1:php5-json-5.5.14-53.1 openSUSE Leap 42.1:php5-ldap-5.5.14-53.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-53.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-53.1 openSUSE Leap 42.1:php5-mssql-5.5.14-53.1 openSUSE Leap 42.1:php5-mysql-5.5.14-53.1 openSUSE Leap 42.1:php5-odbc-5.5.14-53.1 openSUSE Leap 42.1:php5-opcache-5.5.14-53.1 openSUSE Leap 42.1:php5-openssl-5.5.14-53.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-53.1 openSUSE Leap 42.1:php5-pdo-5.5.14-53.1 openSUSE Leap 42.1:php5-pear-5.5.14-53.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-53.1 openSUSE Leap 42.1:php5-phar-5.5.14-53.1 openSUSE Leap 42.1:php5-posix-5.5.14-53.1 openSUSE Leap 42.1:php5-pspell-5.5.14-53.1 openSUSE Leap 42.1:php5-readline-5.5.14-53.1 openSUSE Leap 42.1:php5-shmop-5.5.14-53.1 openSUSE Leap 42.1:php5-snmp-5.5.14-53.1 openSUSE Leap 42.1:php5-soap-5.5.14-53.1 openSUSE Leap 42.1:php5-sockets-5.5.14-53.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-53.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-53.1 openSUSE Leap 42.1:php5-tidy-5.5.14-53.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-53.1 openSUSE Leap 42.1:php5-wddx-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-53.1 openSUSE Leap 42.1:php5-xsl-5.5.14-53.1 openSUSE Leap 42.1:php5-zip-5.5.14-53.1 openSUSE Leap 42.1:php5-zlib-5.5.14-53.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-06/msg00108.html https://www.suse.com/security/cve/CVE-2016-5094.html CVE-2016-5094 https://bugzilla.suse.com/982011 SUSE Bug 982011 https://bugzilla.suse.com/982012 SUSE Bug 982012 Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094. CVE-2016-5095 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1 openSUSE Leap 42.1:imap-2007e_suse-22.1 openSUSE Leap 42.1:imap-devel-2007e_suse-22.1 openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1 openSUSE Leap 42.1:php5-5.5.14-53.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-53.1 openSUSE Leap 42.1:php5-bz2-5.5.14-53.1 openSUSE Leap 42.1:php5-calendar-5.5.14-53.1 openSUSE Leap 42.1:php5-ctype-5.5.14-53.1 openSUSE Leap 42.1:php5-curl-5.5.14-53.1 openSUSE Leap 42.1:php5-dba-5.5.14-53.1 openSUSE Leap 42.1:php5-devel-5.5.14-53.1 openSUSE Leap 42.1:php5-dom-5.5.14-53.1 openSUSE Leap 42.1:php5-enchant-5.5.14-53.1 openSUSE Leap 42.1:php5-exif-5.5.14-53.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-53.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-53.1 openSUSE Leap 42.1:php5-firebird-5.5.14-53.1 openSUSE Leap 42.1:php5-fpm-5.5.14-53.1 openSUSE Leap 42.1:php5-ftp-5.5.14-53.1 openSUSE Leap 42.1:php5-gd-5.5.14-53.1 openSUSE Leap 42.1:php5-gettext-5.5.14-53.1 openSUSE Leap 42.1:php5-gmp-5.5.14-53.1 openSUSE Leap 42.1:php5-iconv-5.5.14-53.1 openSUSE Leap 42.1:php5-imap-5.5.14-53.1 openSUSE Leap 42.1:php5-intl-5.5.14-53.1 openSUSE Leap 42.1:php5-json-5.5.14-53.1 openSUSE Leap 42.1:php5-ldap-5.5.14-53.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-53.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-53.1 openSUSE Leap 42.1:php5-mssql-5.5.14-53.1 openSUSE Leap 42.1:php5-mysql-5.5.14-53.1 openSUSE Leap 42.1:php5-odbc-5.5.14-53.1 openSUSE Leap 42.1:php5-opcache-5.5.14-53.1 openSUSE Leap 42.1:php5-openssl-5.5.14-53.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-53.1 openSUSE Leap 42.1:php5-pdo-5.5.14-53.1 openSUSE Leap 42.1:php5-pear-5.5.14-53.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-53.1 openSUSE Leap 42.1:php5-phar-5.5.14-53.1 openSUSE Leap 42.1:php5-posix-5.5.14-53.1 openSUSE Leap 42.1:php5-pspell-5.5.14-53.1 openSUSE Leap 42.1:php5-readline-5.5.14-53.1 openSUSE Leap 42.1:php5-shmop-5.5.14-53.1 openSUSE Leap 42.1:php5-snmp-5.5.14-53.1 openSUSE Leap 42.1:php5-soap-5.5.14-53.1 openSUSE Leap 42.1:php5-sockets-5.5.14-53.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-53.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-53.1 openSUSE Leap 42.1:php5-tidy-5.5.14-53.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-53.1 openSUSE Leap 42.1:php5-wddx-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-53.1 openSUSE Leap 42.1:php5-xsl-5.5.14-53.1 openSUSE Leap 42.1:php5-zip-5.5.14-53.1 openSUSE Leap 42.1:php5-zlib-5.5.14-53.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-06/msg00108.html https://www.suse.com/security/cve/CVE-2016-5095.html CVE-2016-5095 https://bugzilla.suse.com/982011 SUSE Bug 982011 https://bugzilla.suse.com/982012 SUSE Bug 982012 Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument. CVE-2016-5096 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1 openSUSE Leap 42.1:imap-2007e_suse-22.1 openSUSE Leap 42.1:imap-devel-2007e_suse-22.1 openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1 openSUSE Leap 42.1:php5-5.5.14-53.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-53.1 openSUSE Leap 42.1:php5-bz2-5.5.14-53.1 openSUSE Leap 42.1:php5-calendar-5.5.14-53.1 openSUSE Leap 42.1:php5-ctype-5.5.14-53.1 openSUSE Leap 42.1:php5-curl-5.5.14-53.1 openSUSE Leap 42.1:php5-dba-5.5.14-53.1 openSUSE Leap 42.1:php5-devel-5.5.14-53.1 openSUSE Leap 42.1:php5-dom-5.5.14-53.1 openSUSE Leap 42.1:php5-enchant-5.5.14-53.1 openSUSE Leap 42.1:php5-exif-5.5.14-53.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-53.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-53.1 openSUSE Leap 42.1:php5-firebird-5.5.14-53.1 openSUSE Leap 42.1:php5-fpm-5.5.14-53.1 openSUSE Leap 42.1:php5-ftp-5.5.14-53.1 openSUSE Leap 42.1:php5-gd-5.5.14-53.1 openSUSE Leap 42.1:php5-gettext-5.5.14-53.1 openSUSE Leap 42.1:php5-gmp-5.5.14-53.1 openSUSE Leap 42.1:php5-iconv-5.5.14-53.1 openSUSE Leap 42.1:php5-imap-5.5.14-53.1 openSUSE Leap 42.1:php5-intl-5.5.14-53.1 openSUSE Leap 42.1:php5-json-5.5.14-53.1 openSUSE Leap 42.1:php5-ldap-5.5.14-53.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-53.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-53.1 openSUSE Leap 42.1:php5-mssql-5.5.14-53.1 openSUSE Leap 42.1:php5-mysql-5.5.14-53.1 openSUSE Leap 42.1:php5-odbc-5.5.14-53.1 openSUSE Leap 42.1:php5-opcache-5.5.14-53.1 openSUSE Leap 42.1:php5-openssl-5.5.14-53.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-53.1 openSUSE Leap 42.1:php5-pdo-5.5.14-53.1 openSUSE Leap 42.1:php5-pear-5.5.14-53.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-53.1 openSUSE Leap 42.1:php5-phar-5.5.14-53.1 openSUSE Leap 42.1:php5-posix-5.5.14-53.1 openSUSE Leap 42.1:php5-pspell-5.5.14-53.1 openSUSE Leap 42.1:php5-readline-5.5.14-53.1 openSUSE Leap 42.1:php5-shmop-5.5.14-53.1 openSUSE Leap 42.1:php5-snmp-5.5.14-53.1 openSUSE Leap 42.1:php5-soap-5.5.14-53.1 openSUSE Leap 42.1:php5-sockets-5.5.14-53.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-53.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-53.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-53.1 openSUSE Leap 42.1:php5-tidy-5.5.14-53.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-53.1 openSUSE Leap 42.1:php5-wddx-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-53.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-53.1 openSUSE Leap 42.1:php5-xsl-5.5.14-53.1 openSUSE Leap 42.1:php5-zip-5.5.14-53.1 openSUSE Leap 42.1:php5-zlib-5.5.14-53.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-06/msg00108.html https://www.suse.com/security/cve/CVE-2016-5096.html CVE-2016-5096 https://bugzilla.suse.com/982013 SUSE Bug 982013