SUSE-SU-2017:0017-1
Advisory lineage Upstream: 4 Downstream: 0
Published: 04 Jan 2017, 10:43
Last modified:02 May 2025, 04:05
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
04 Jan 2017, 10:43
Published
Vulnerability first disclosed
02 May 2025, 04:05
Last Modified
Vulnerability information updated
Description
Security update for php7 This update for php7 fixes the following issues: * CVE-2016-9933 Possible stack overflow on truecolor images handling [bsc#1015187] * CVE-2016-9934 Dereference from NULL pointer could lead to crash [bsc#1015188] * CVE-2016-9935 Invalid read could lead to crash [bsc#1015189] * CVE-2016-9936 Use After free in the function serialize() could lead to crash [bsc#1015191]
Affected Systems
- suse•php7&distro=SUSE Linux Enterprise Module for Web and Scripting 12
< 7.0.7-28.2
- suse•php7&distro=SUSE Linux Enterprise Software Development Kit 12 SP1
< 7.0.7-28.2
- suse•php7&distro=SUSE Linux Enterprise Software Development Kit 12 SP2
< 7.0.7-28.2
References (9)
- https://www.suse.com/support/update/announcement/2017/suse-su-20170017-1/
- https://bugzilla.suse.com/1015187
- https://bugzilla.suse.com/1015188
- https://bugzilla.suse.com/1015189
- https://bugzilla.suse.com/1015191
- https://www.suse.com/security/cve/CVE-2016-9933
- https://www.suse.com/security/cve/CVE-2016-9934
- https://www.suse.com/security/cve/CVE-2016-9935
- https://www.suse.com/security/cve/CVE-2016-9936