Security update for php5 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:2451-1 Final 1 1 2016-10-04T11:46:06Z current 2016-10-04T11:46:06Z 2016-10-04T11:46:06Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for php5 This update for php5 fixes the following security issues: * CVE-2016-6128: Invalid color index not properly handled [bsc#987580] * CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif [bsc#988032] * CVE-2016-6292: Null pointer dereference in exif_process_user_comment [bsc#991422] * CVE-2016-6295: Use after free in SNMP with GC and unserialize() [bsc#991424] * CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener [bsc#991426] * CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE [bsc#991427] * CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex [bsc#991428] * CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization [bsc#991429] * CVE-2016-5399: Improper error handling in bzread() [bsc#991430] * CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c [bsc#991437] * CVE-2016-6207: Integer overflow error within _gdContributionsAlloc() [bsc#991434] * CVE-2014-3587: Integer overflow in the cdf_read_property_info affecting SLES11 SP3 [bsc#987530] * CVE-2016-6288: Buffer over-read in php_url_parse_ex [bsc#991433] * CVE-2016-7124: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization * CVE-2016-7125: PHP Session Data Injection Vulnerability * CVE-2016-7126: select_colors write out-of-bounds * CVE-2016-7127: imagegammacorrect allowed arbitrary write access * CVE-2016-7128: Memory Leakage In exif_process_IFD_in_TIFF * CVE-2016-7129: wddx_deserialize allowed illegal memory access * CVE-2016-7130: wddx_deserialize null dereference * CVE-2016-7131: wddx_deserialize null dereference with invalid xml * CVE-2016-7132: wddx_deserialize null dereference in php_wddx_pop_element * CVE-2016-7134: Heap overflow in the function curl_escape This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html E-Mail link for openSUSE-SU-2016:2451-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 apache2-mod_php5-5.5.14-59.1 php5-5.5.14-59.1 php5-bcmath-5.5.14-59.1 php5-bz2-5.5.14-59.1 php5-calendar-5.5.14-59.1 php5-ctype-5.5.14-59.1 php5-curl-5.5.14-59.1 php5-dba-5.5.14-59.1 php5-devel-5.5.14-59.1 php5-dom-5.5.14-59.1 php5-enchant-5.5.14-59.1 php5-exif-5.5.14-59.1 php5-fastcgi-5.5.14-59.1 php5-fileinfo-5.5.14-59.1 php5-firebird-5.5.14-59.1 php5-fpm-5.5.14-59.1 php5-ftp-5.5.14-59.1 php5-gd-5.5.14-59.1 php5-gettext-5.5.14-59.1 php5-gmp-5.5.14-59.1 php5-iconv-5.5.14-59.1 php5-imap-5.5.14-59.1 php5-intl-5.5.14-59.1 php5-json-5.5.14-59.1 php5-ldap-5.5.14-59.1 php5-mbstring-5.5.14-59.1 php5-mcrypt-5.5.14-59.1 php5-mssql-5.5.14-59.1 php5-mysql-5.5.14-59.1 php5-odbc-5.5.14-59.1 php5-opcache-5.5.14-59.1 php5-openssl-5.5.14-59.1 php5-pcntl-5.5.14-59.1 php5-pdo-5.5.14-59.1 php5-pear-5.5.14-59.1 php5-pgsql-5.5.14-59.1 php5-phar-5.5.14-59.1 php5-posix-5.5.14-59.1 php5-pspell-5.5.14-59.1 php5-readline-5.5.14-59.1 php5-shmop-5.5.14-59.1 php5-snmp-5.5.14-59.1 php5-soap-5.5.14-59.1 php5-sockets-5.5.14-59.1 php5-sqlite-5.5.14-59.1 php5-suhosin-5.5.14-59.1 php5-sysvmsg-5.5.14-59.1 php5-sysvsem-5.5.14-59.1 php5-sysvshm-5.5.14-59.1 php5-tidy-5.5.14-59.1 php5-tokenizer-5.5.14-59.1 php5-wddx-5.5.14-59.1 php5-xmlreader-5.5.14-59.1 php5-xmlrpc-5.5.14-59.1 php5-xmlwriter-5.5.14-59.1 php5-xsl-5.5.14-59.1 php5-zip-5.5.14-59.1 php5-zlib-5.5.14-59.1 apache2-mod_php5-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-bcmath-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-bz2-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-calendar-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-ctype-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-curl-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-dba-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-devel-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-dom-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-enchant-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-exif-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-fastcgi-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-fileinfo-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-firebird-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-fpm-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-ftp-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-gd-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-gettext-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-gmp-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-iconv-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-imap-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-intl-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-json-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-ldap-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-mbstring-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-mcrypt-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-mssql-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-mysql-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-odbc-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-opcache-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-openssl-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-pcntl-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-pdo-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-pear-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-pgsql-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-phar-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-posix-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-pspell-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-readline-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-shmop-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-snmp-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-soap-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-sockets-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-sqlite-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-suhosin-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-sysvmsg-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-sysvsem-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-sysvshm-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-tidy-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-tokenizer-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-wddx-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-xmlreader-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-xmlrpc-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-xmlwriter-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-xsl-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-zip-5.5.14-59.1 as a component of openSUSE Leap 42.1 php5-zlib-5.5.14-59.1 as a component of openSUSE Leap 42.1 Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571. CVE-2014-3587 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2014-3587.html CVE-2014-3587 https://bugzilla.suse.com/987530 SUSE Bug 987530 https://bugzilla.suse.com/998845 SUSE Bug 998845 Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot. CVE-2016-3587 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-3587.html CVE-2016-3587 https://bugzilla.suse.com/989721 SUSE Bug 989721 https://bugzilla.suse.com/998845 SUSE Bug 998845 The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive. CVE-2016-5399 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-5399.html CVE-2016-5399 https://bugzilla.suse.com/991430 SUSE Bug 991430 The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index. CVE-2016-6128 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6128.html CVE-2016-6128 https://bugzilla.suse.com/987580 SUSE Bug 987580 https://bugzilla.suse.com/991710 SUSE Bug 991710 The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image. CVE-2016-6161 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6161.html CVE-2016-6161 https://bugzilla.suse.com/988032 SUSE Bug 988032 Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors. CVE-2016-6207 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6207.html CVE-2016-6207 https://bugzilla.suse.com/991434 SUSE Bug 991434 https://bugzilla.suse.com/991622 SUSE Bug 991622 The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type. CVE-2016-6288 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6288.html CVE-2016-6288 https://bugzilla.suse.com/991433 SUSE Bug 991433 Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted extract operation on a ZIP archive. CVE-2016-6289 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6289.html CVE-2016-6289 https://bugzilla.suse.com/991428 SUSE Bug 991428 ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization. CVE-2016-6290 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6290.html CVE-2016-6290 https://bugzilla.suse.com/991429 SUSE Bug 991429 The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image. CVE-2016-6291 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6291.html CVE-2016-6291 https://bugzilla.suse.com/991427 SUSE Bug 991427 The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image. CVE-2016-6292 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6292.html CVE-2016-6292 https://bugzilla.suse.com/991422 SUSE Bug 991422 ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773. CVE-2016-6295 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6295.html CVE-2016-6295 https://bugzilla.suse.com/991424 SUSE Bug 991424 Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function. CVE-2016-6296 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 low 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6296.html CVE-2016-6296 https://bugzilla.suse.com/991437 SUSE Bug 991437 Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL. CVE-2016-6297 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-6297.html CVE-2016-6297 https://bugzilla.suse.com/991426 SUSE Bug 991426 ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call. CVE-2016-7124 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 4 AV:N/AC:H/Au:N/C:P/I:P/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-7124.html CVE-2016-7124 https://bugzilla.suse.com/997206 SUSE Bug 997206 ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection. CVE-2016-7125 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-7125.html CVE-2016-7125 https://bugzilla.suse.com/997207 SUSE Bug 997207 The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument. CVE-2016-7126 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-7126.html CVE-2016-7126 https://bugzilla.suse.com/997208 SUSE Bug 997208 The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments. CVE-2016-7127 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-7127.html CVE-2016-7127 https://bugzilla.suse.com/997210 SUSE Bug 997210 The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image. CVE-2016-7128 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-7128.html CVE-2016-7128 https://bugzilla.suse.com/997211 SUSE Bug 997211 The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddx_deserialize call that mishandles a dateTime element in a wddxPacket XML document. CVE-2016-7129 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-7129.html CVE-2016-7129 https://bugzilla.suse.com/997220 SUSE Bug 997220 The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document. CVE-2016-7130 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-7130.html CVE-2016-7130 https://bugzilla.suse.com/997257 SUSE Bug 997257 ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a < (less than) character. CVE-2016-7131 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-7131.html CVE-2016-7131 https://bugzilla.suse.com/997225 SUSE Bug 997225 ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a stray element inside a boolean element, leading to incorrect pop processing. CVE-2016-7132 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-7132.html CVE-2016-7132 https://bugzilla.suse.com/997230 SUSE Bug 997230 ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via a long string that is mishandled in a curl_escape call. CVE-2016-7134 openSUSE Leap 42.1:apache2-mod_php5-5.5.14-59.1 openSUSE Leap 42.1:php5-5.5.14-59.1 openSUSE Leap 42.1:php5-bcmath-5.5.14-59.1 openSUSE Leap 42.1:php5-bz2-5.5.14-59.1 openSUSE Leap 42.1:php5-calendar-5.5.14-59.1 openSUSE Leap 42.1:php5-ctype-5.5.14-59.1 openSUSE Leap 42.1:php5-curl-5.5.14-59.1 openSUSE Leap 42.1:php5-dba-5.5.14-59.1 openSUSE Leap 42.1:php5-devel-5.5.14-59.1 openSUSE Leap 42.1:php5-dom-5.5.14-59.1 openSUSE Leap 42.1:php5-enchant-5.5.14-59.1 openSUSE Leap 42.1:php5-exif-5.5.14-59.1 openSUSE Leap 42.1:php5-fastcgi-5.5.14-59.1 openSUSE Leap 42.1:php5-fileinfo-5.5.14-59.1 openSUSE Leap 42.1:php5-firebird-5.5.14-59.1 openSUSE Leap 42.1:php5-fpm-5.5.14-59.1 openSUSE Leap 42.1:php5-ftp-5.5.14-59.1 openSUSE Leap 42.1:php5-gd-5.5.14-59.1 openSUSE Leap 42.1:php5-gettext-5.5.14-59.1 openSUSE Leap 42.1:php5-gmp-5.5.14-59.1 openSUSE Leap 42.1:php5-iconv-5.5.14-59.1 openSUSE Leap 42.1:php5-imap-5.5.14-59.1 openSUSE Leap 42.1:php5-intl-5.5.14-59.1 openSUSE Leap 42.1:php5-json-5.5.14-59.1 openSUSE Leap 42.1:php5-ldap-5.5.14-59.1 openSUSE Leap 42.1:php5-mbstring-5.5.14-59.1 openSUSE Leap 42.1:php5-mcrypt-5.5.14-59.1 openSUSE Leap 42.1:php5-mssql-5.5.14-59.1 openSUSE Leap 42.1:php5-mysql-5.5.14-59.1 openSUSE Leap 42.1:php5-odbc-5.5.14-59.1 openSUSE Leap 42.1:php5-opcache-5.5.14-59.1 openSUSE Leap 42.1:php5-openssl-5.5.14-59.1 openSUSE Leap 42.1:php5-pcntl-5.5.14-59.1 openSUSE Leap 42.1:php5-pdo-5.5.14-59.1 openSUSE Leap 42.1:php5-pear-5.5.14-59.1 openSUSE Leap 42.1:php5-pgsql-5.5.14-59.1 openSUSE Leap 42.1:php5-phar-5.5.14-59.1 openSUSE Leap 42.1:php5-posix-5.5.14-59.1 openSUSE Leap 42.1:php5-pspell-5.5.14-59.1 openSUSE Leap 42.1:php5-readline-5.5.14-59.1 openSUSE Leap 42.1:php5-shmop-5.5.14-59.1 openSUSE Leap 42.1:php5-snmp-5.5.14-59.1 openSUSE Leap 42.1:php5-soap-5.5.14-59.1 openSUSE Leap 42.1:php5-sockets-5.5.14-59.1 openSUSE Leap 42.1:php5-sqlite-5.5.14-59.1 openSUSE Leap 42.1:php5-suhosin-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvmsg-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvsem-5.5.14-59.1 openSUSE Leap 42.1:php5-sysvshm-5.5.14-59.1 openSUSE Leap 42.1:php5-tidy-5.5.14-59.1 openSUSE Leap 42.1:php5-tokenizer-5.5.14-59.1 openSUSE Leap 42.1:php5-wddx-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlreader-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlrpc-5.5.14-59.1 openSUSE Leap 42.1:php5-xmlwriter-5.5.14-59.1 openSUSE Leap 42.1:php5-xsl-5.5.14-59.1 openSUSE Leap 42.1:php5-zip-5.5.14-59.1 openSUSE Leap 42.1:php5-zlib-5.5.14-59.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00004.html https://www.suse.com/security/cve/CVE-2016-7134.html CVE-2016-7134 https://bugzilla.suse.com/997248 SUSE Bug 997248