Security update for php7 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:2683-1 Final 1 1 2016-10-31T07:15:30Z current 2016-10-31T07:15:30Z 2016-10-31T07:15:30Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for php7 This update for php7 fixes the following security issue: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp (bsc#1001900) - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf (bsc#1004924) - CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf() (bsc#1005274) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Module-Web-Scripting-12-2016-1576,SUSE-SLE-SDK-12-SP1-2016-1576 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20162683-1/ Link for SUSE-SU-2016:2683-1 https://lists.suse.com/pipermail/sle-security-updates/2016-October/002379.html E-Mail link for SUSE-SU-2016:2683-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1001900 SUSE Bug 1001900 https://bugzilla.suse.com/1004924 SUSE Bug 1004924 https://bugzilla.suse.com/1005274 SUSE Bug 1005274 https://www.suse.com/security/cve/CVE-2016-6911/ SUSE CVE CVE-2016-6911 page https://www.suse.com/security/cve/CVE-2016-7568/ SUSE CVE CVE-2016-7568 page https://www.suse.com/security/cve/CVE-2016-8670/ SUSE CVE CVE-2016-8670 page SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Software Development Kit 12 SP1 apache2-mod_php7-7.0.7-20.1 php7-7.0.7-20.1 php7-bcmath-7.0.7-20.1 php7-bz2-7.0.7-20.1 php7-calendar-7.0.7-20.1 php7-ctype-7.0.7-20.1 php7-curl-7.0.7-20.1 php7-dba-7.0.7-20.1 php7-dom-7.0.7-20.1 php7-enchant-7.0.7-20.1 php7-exif-7.0.7-20.1 php7-fastcgi-7.0.7-20.1 php7-fileinfo-7.0.7-20.1 php7-fpm-7.0.7-20.1 php7-ftp-7.0.7-20.1 php7-gd-7.0.7-20.1 php7-gettext-7.0.7-20.1 php7-gmp-7.0.7-20.1 php7-iconv-7.0.7-20.1 php7-imap-7.0.7-20.1 php7-intl-7.0.7-20.1 php7-json-7.0.7-20.1 php7-ldap-7.0.7-20.1 php7-mbstring-7.0.7-20.1 php7-mcrypt-7.0.7-20.1 php7-mysql-7.0.7-20.1 php7-odbc-7.0.7-20.1 php7-opcache-7.0.7-20.1 php7-openssl-7.0.7-20.1 php7-pcntl-7.0.7-20.1 php7-pdo-7.0.7-20.1 php7-pear-7.0.7-20.1 php7-pear-Archive_Tar-7.0.7-20.1 php7-pgsql-7.0.7-20.1 php7-phar-7.0.7-20.1 php7-posix-7.0.7-20.1 php7-pspell-7.0.7-20.1 php7-shmop-7.0.7-20.1 php7-snmp-7.0.7-20.1 php7-soap-7.0.7-20.1 php7-sockets-7.0.7-20.1 php7-sqlite-7.0.7-20.1 php7-sysvmsg-7.0.7-20.1 php7-sysvsem-7.0.7-20.1 php7-sysvshm-7.0.7-20.1 php7-tokenizer-7.0.7-20.1 php7-wddx-7.0.7-20.1 php7-xmlreader-7.0.7-20.1 php7-xmlrpc-7.0.7-20.1 php7-xmlwriter-7.0.7-20.1 php7-xsl-7.0.7-20.1 php7-zip-7.0.7-20.1 php7-zlib-7.0.7-20.1 php7-devel-7.0.7-20.1 apache2-mod_php7-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-bcmath-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-bz2-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-calendar-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-ctype-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-curl-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-dba-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-dom-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-enchant-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-exif-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-fastcgi-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-fileinfo-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-fpm-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-ftp-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-gd-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-gettext-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-gmp-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-iconv-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-imap-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-intl-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-json-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-ldap-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-mbstring-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-mcrypt-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-mysql-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-odbc-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-opcache-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-openssl-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-pcntl-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-pdo-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-pear-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-pear-Archive_Tar-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-pgsql-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-phar-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-posix-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-pspell-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-shmop-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-snmp-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-soap-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-sockets-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-sqlite-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-sysvmsg-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-sysvsem-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-sysvshm-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-tokenizer-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-wddx-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-xmlreader-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-xmlrpc-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-xmlwriter-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-xsl-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-zip-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-zlib-7.0.7-20.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-devel-7.0.7-20.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP1 The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image. CVE-2016-6911 SUSE Linux Enterprise Module for Web and Scripting 12:apache2-mod_php7-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-bcmath-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-bz2-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-calendar-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-ctype-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-curl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-dba-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-dom-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-enchant-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-exif-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-fastcgi-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-fileinfo-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-fpm-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-ftp-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-gd-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-gettext-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-gmp-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-iconv-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-imap-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-intl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-json-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-ldap-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-mbstring-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-mcrypt-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-mysql-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-odbc-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-opcache-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-openssl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pcntl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pdo-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pear-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pear-Archive_Tar-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pgsql-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-phar-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-posix-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pspell-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-shmop-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-snmp-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-soap-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sockets-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sqlite-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sysvmsg-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sysvsem-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sysvshm-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-tokenizer-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-wddx-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xmlreader-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xmlrpc-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xmlwriter-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xsl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-zip-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-zlib-7.0.7-20.1 SUSE Linux Enterprise Software Development Kit 12 SP1:php7-devel-7.0.7-20.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162683-1/ https://www.suse.com/security/cve/CVE-2016-6911.html CVE-2016-6911 https://bugzilla.suse.com/1004924 SUSE Bug 1004924 https://bugzilla.suse.com/1005274 SUSE Bug 1005274 Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls. CVE-2016-7568 SUSE Linux Enterprise Module for Web and Scripting 12:apache2-mod_php7-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-bcmath-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-bz2-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-calendar-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-ctype-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-curl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-dba-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-dom-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-enchant-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-exif-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-fastcgi-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-fileinfo-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-fpm-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-ftp-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-gd-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-gettext-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-gmp-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-iconv-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-imap-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-intl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-json-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-ldap-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-mbstring-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-mcrypt-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-mysql-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-odbc-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-opcache-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-openssl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pcntl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pdo-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pear-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pear-Archive_Tar-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pgsql-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-phar-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-posix-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pspell-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-shmop-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-snmp-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-soap-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sockets-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sqlite-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sysvmsg-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sysvsem-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sysvshm-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-tokenizer-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-wddx-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xmlreader-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xmlrpc-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xmlwriter-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xsl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-zip-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-zlib-7.0.7-20.1 SUSE Linux Enterprise Software Development Kit 12 SP1:php7-devel-7.0.7-20.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162683-1/ https://www.suse.com/security/cve/CVE-2016-7568.html CVE-2016-7568 https://bugzilla.suse.com/1001900 SUSE Bug 1001900 Integer signedness error in the dynamicGetbuf function in gd_io_dp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted imagecreatefromstring call. CVE-2016-8670 SUSE Linux Enterprise Module for Web and Scripting 12:apache2-mod_php7-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-bcmath-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-bz2-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-calendar-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-ctype-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-curl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-dba-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-dom-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-enchant-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-exif-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-fastcgi-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-fileinfo-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-fpm-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-ftp-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-gd-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-gettext-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-gmp-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-iconv-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-imap-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-intl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-json-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-ldap-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-mbstring-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-mcrypt-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-mysql-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-odbc-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-opcache-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-openssl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pcntl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pdo-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pear-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pear-Archive_Tar-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pgsql-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-phar-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-posix-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-pspell-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-shmop-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-snmp-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-soap-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sockets-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sqlite-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sysvmsg-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sysvsem-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-sysvshm-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-tokenizer-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-wddx-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xmlreader-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xmlrpc-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xmlwriter-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-xsl-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-zip-7.0.7-20.1 SUSE Linux Enterprise Module for Web and Scripting 12:php7-zlib-7.0.7-20.1 SUSE Linux Enterprise Software Development Kit 12 SP1:php7-devel-7.0.7-20.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162683-1/ https://www.suse.com/security/cve/CVE-2016-8670.html CVE-2016-8670 https://bugzilla.suse.com/1004924 SUSE Bug 1004924