Security update for php5 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:3329-1 Final 1 1 2017-12-14T19:11:33Z current 2017-12-14T19:11:33Z 2017-12-14T19:11:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for php5 This update for php5 fixes the following issues: Security issues fixed: - CVE-2017-16642: Fix timelib_meridian error that could be used to leak information from the interpreter (bsc#1067441). - CVE-2017-4025: Fix pathname truncation in set_include_path, tempnam, rmdir, and readlink (bsc#1067090). - CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitset_set_range() during regex compilation (bsc#1069606). - CVE-2017-9229: Fix invalid pointer dereference in left_adjust_char_head() (bsc#1069631). This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-12/msg00055.html E-Mail link for openSUSE-SU-2017:3329-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 openSUSE Leap 42.3 apache2-mod_php5-5.5.14-88.1 php5-5.5.14-88.1 php5-bcmath-5.5.14-88.1 php5-bz2-5.5.14-88.1 php5-calendar-5.5.14-88.1 php5-ctype-5.5.14-88.1 php5-curl-5.5.14-88.1 php5-dba-5.5.14-88.1 php5-devel-5.5.14-88.1 php5-dom-5.5.14-88.1 php5-enchant-5.5.14-88.1 php5-exif-5.5.14-88.1 php5-fastcgi-5.5.14-88.1 php5-fileinfo-5.5.14-88.1 php5-firebird-5.5.14-88.1 php5-fpm-5.5.14-88.1 php5-ftp-5.5.14-88.1 php5-gd-5.5.14-88.1 php5-gettext-5.5.14-88.1 php5-gmp-5.5.14-88.1 php5-iconv-5.5.14-88.1 php5-imap-5.5.14-88.1 php5-intl-5.5.14-88.1 php5-json-5.5.14-88.1 php5-ldap-5.5.14-88.1 php5-mbstring-5.5.14-88.1 php5-mcrypt-5.5.14-88.1 php5-mssql-5.5.14-88.1 php5-mysql-5.5.14-88.1 php5-odbc-5.5.14-88.1 php5-opcache-5.5.14-88.1 php5-openssl-5.5.14-88.1 php5-pcntl-5.5.14-88.1 php5-pdo-5.5.14-88.1 php5-pear-5.5.14-88.1 php5-pgsql-5.5.14-88.1 php5-phar-5.5.14-88.1 php5-posix-5.5.14-88.1 php5-pspell-5.5.14-88.1 php5-readline-5.5.14-88.1 php5-shmop-5.5.14-88.1 php5-snmp-5.5.14-88.1 php5-soap-5.5.14-88.1 php5-sockets-5.5.14-88.1 php5-sqlite-5.5.14-88.1 php5-suhosin-5.5.14-88.1 php5-sysvmsg-5.5.14-88.1 php5-sysvsem-5.5.14-88.1 php5-sysvshm-5.5.14-88.1 php5-tidy-5.5.14-88.1 php5-tokenizer-5.5.14-88.1 php5-wddx-5.5.14-88.1 php5-xmlreader-5.5.14-88.1 php5-xmlrpc-5.5.14-88.1 php5-xmlwriter-5.5.14-88.1 php5-xsl-5.5.14-88.1 php5-zip-5.5.14-88.1 php5-zlib-5.5.14-88.1 apache2-mod_php5-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-bcmath-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-bz2-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-calendar-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-ctype-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-curl-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-dba-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-devel-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-dom-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-enchant-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-exif-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-fastcgi-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-fileinfo-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-firebird-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-fpm-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-ftp-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-gd-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-gettext-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-gmp-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-iconv-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-imap-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-intl-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-json-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-ldap-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-mbstring-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-mcrypt-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-mssql-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-mysql-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-odbc-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-opcache-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-openssl-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-pcntl-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-pdo-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-pear-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-pgsql-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-phar-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-posix-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-pspell-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-readline-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-shmop-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-snmp-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-soap-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-sockets-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-sqlite-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-suhosin-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-sysvmsg-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-sysvsem-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-sysvshm-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-tidy-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-tokenizer-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-wddx-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-xmlreader-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-xmlrpc-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-xmlwriter-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-xsl-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-zip-5.5.14-88.1 as a component of openSUSE Leap 42.2 php5-zlib-5.5.14-88.1 as a component of openSUSE Leap 42.2 apache2-mod_php5-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-bcmath-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-bz2-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-calendar-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-ctype-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-curl-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-dba-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-devel-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-dom-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-enchant-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-exif-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-fastcgi-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-fileinfo-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-firebird-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-fpm-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-ftp-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-gd-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-gettext-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-gmp-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-iconv-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-imap-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-intl-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-json-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-ldap-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-mbstring-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-mcrypt-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-mssql-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-mysql-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-odbc-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-opcache-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-openssl-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-pcntl-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-pdo-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-pear-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-pgsql-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-phar-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-posix-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-pspell-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-readline-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-shmop-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-snmp-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-soap-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-sockets-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-sqlite-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-suhosin-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-sysvmsg-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-sysvsem-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-sysvshm-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-tidy-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-tokenizer-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-wddx-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-xmlreader-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-xmlrpc-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-xmlwriter-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-xsl-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-zip-5.5.14-88.1 as a component of openSUSE Leap 42.3 php5-zlib-5.5.14-88.1 as a component of openSUSE Leap 42.3 PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243. CVE-2015-4025 openSUSE Leap 42.2:apache2-mod_php5-5.5.14-88.1 openSUSE Leap 42.2:php5-5.5.14-88.1 openSUSE Leap 42.2:php5-bcmath-5.5.14-88.1 openSUSE Leap 42.2:php5-bz2-5.5.14-88.1 openSUSE Leap 42.2:php5-calendar-5.5.14-88.1 openSUSE Leap 42.2:php5-ctype-5.5.14-88.1 openSUSE Leap 42.2:php5-curl-5.5.14-88.1 openSUSE Leap 42.2:php5-dba-5.5.14-88.1 openSUSE Leap 42.2:php5-devel-5.5.14-88.1 openSUSE Leap 42.2:php5-dom-5.5.14-88.1 openSUSE Leap 42.2:php5-enchant-5.5.14-88.1 openSUSE Leap 42.2:php5-exif-5.5.14-88.1 openSUSE Leap 42.2:php5-fastcgi-5.5.14-88.1 openSUSE Leap 42.2:php5-fileinfo-5.5.14-88.1 openSUSE Leap 42.2:php5-firebird-5.5.14-88.1 openSUSE Leap 42.2:php5-fpm-5.5.14-88.1 openSUSE Leap 42.2:php5-ftp-5.5.14-88.1 openSUSE Leap 42.2:php5-gd-5.5.14-88.1 openSUSE Leap 42.2:php5-gettext-5.5.14-88.1 openSUSE Leap 42.2:php5-gmp-5.5.14-88.1 openSUSE Leap 42.2:php5-iconv-5.5.14-88.1 openSUSE Leap 42.2:php5-imap-5.5.14-88.1 openSUSE Leap 42.2:php5-intl-5.5.14-88.1 openSUSE Leap 42.2:php5-json-5.5.14-88.1 openSUSE Leap 42.2:php5-ldap-5.5.14-88.1 openSUSE Leap 42.2:php5-mbstring-5.5.14-88.1 openSUSE Leap 42.2:php5-mcrypt-5.5.14-88.1 openSUSE Leap 42.2:php5-mssql-5.5.14-88.1 openSUSE Leap 42.2:php5-mysql-5.5.14-88.1 openSUSE Leap 42.2:php5-odbc-5.5.14-88.1 openSUSE Leap 42.2:php5-opcache-5.5.14-88.1 openSUSE Leap 42.2:php5-openssl-5.5.14-88.1 openSUSE Leap 42.2:php5-pcntl-5.5.14-88.1 openSUSE Leap 42.2:php5-pdo-5.5.14-88.1 openSUSE Leap 42.2:php5-pear-5.5.14-88.1 openSUSE Leap 42.2:php5-pgsql-5.5.14-88.1 openSUSE Leap 42.2:php5-phar-5.5.14-88.1 openSUSE Leap 42.2:php5-posix-5.5.14-88.1 openSUSE Leap 42.2:php5-pspell-5.5.14-88.1 openSUSE Leap 42.2:php5-readline-5.5.14-88.1 openSUSE Leap 42.2:php5-shmop-5.5.14-88.1 openSUSE Leap 42.2:php5-snmp-5.5.14-88.1 openSUSE Leap 42.2:php5-soap-5.5.14-88.1 openSUSE Leap 42.2:php5-sockets-5.5.14-88.1 openSUSE Leap 42.2:php5-sqlite-5.5.14-88.1 openSUSE Leap 42.2:php5-suhosin-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvmsg-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvsem-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvshm-5.5.14-88.1 openSUSE Leap 42.2:php5-tidy-5.5.14-88.1 openSUSE Leap 42.2:php5-tokenizer-5.5.14-88.1 openSUSE Leap 42.2:php5-wddx-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlreader-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlrpc-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlwriter-5.5.14-88.1 openSUSE Leap 42.2:php5-xsl-5.5.14-88.1 openSUSE Leap 42.2:php5-zip-5.5.14-88.1 openSUSE Leap 42.2:php5-zlib-5.5.14-88.1 openSUSE Leap 42.3:apache2-mod_php5-5.5.14-88.1 openSUSE Leap 42.3:php5-5.5.14-88.1 openSUSE Leap 42.3:php5-bcmath-5.5.14-88.1 openSUSE Leap 42.3:php5-bz2-5.5.14-88.1 openSUSE Leap 42.3:php5-calendar-5.5.14-88.1 openSUSE Leap 42.3:php5-ctype-5.5.14-88.1 openSUSE Leap 42.3:php5-curl-5.5.14-88.1 openSUSE Leap 42.3:php5-dba-5.5.14-88.1 openSUSE Leap 42.3:php5-devel-5.5.14-88.1 openSUSE Leap 42.3:php5-dom-5.5.14-88.1 openSUSE Leap 42.3:php5-enchant-5.5.14-88.1 openSUSE Leap 42.3:php5-exif-5.5.14-88.1 openSUSE Leap 42.3:php5-fastcgi-5.5.14-88.1 openSUSE Leap 42.3:php5-fileinfo-5.5.14-88.1 openSUSE Leap 42.3:php5-firebird-5.5.14-88.1 openSUSE Leap 42.3:php5-fpm-5.5.14-88.1 openSUSE Leap 42.3:php5-ftp-5.5.14-88.1 openSUSE Leap 42.3:php5-gd-5.5.14-88.1 openSUSE Leap 42.3:php5-gettext-5.5.14-88.1 openSUSE Leap 42.3:php5-gmp-5.5.14-88.1 openSUSE Leap 42.3:php5-iconv-5.5.14-88.1 openSUSE Leap 42.3:php5-imap-5.5.14-88.1 openSUSE Leap 42.3:php5-intl-5.5.14-88.1 openSUSE Leap 42.3:php5-json-5.5.14-88.1 openSUSE Leap 42.3:php5-ldap-5.5.14-88.1 openSUSE Leap 42.3:php5-mbstring-5.5.14-88.1 openSUSE Leap 42.3:php5-mcrypt-5.5.14-88.1 openSUSE Leap 42.3:php5-mssql-5.5.14-88.1 openSUSE Leap 42.3:php5-mysql-5.5.14-88.1 openSUSE Leap 42.3:php5-odbc-5.5.14-88.1 openSUSE Leap 42.3:php5-opcache-5.5.14-88.1 openSUSE Leap 42.3:php5-openssl-5.5.14-88.1 openSUSE Leap 42.3:php5-pcntl-5.5.14-88.1 openSUSE Leap 42.3:php5-pdo-5.5.14-88.1 openSUSE Leap 42.3:php5-pear-5.5.14-88.1 openSUSE Leap 42.3:php5-pgsql-5.5.14-88.1 openSUSE Leap 42.3:php5-phar-5.5.14-88.1 openSUSE Leap 42.3:php5-posix-5.5.14-88.1 openSUSE Leap 42.3:php5-pspell-5.5.14-88.1 openSUSE Leap 42.3:php5-readline-5.5.14-88.1 openSUSE Leap 42.3:php5-shmop-5.5.14-88.1 openSUSE Leap 42.3:php5-snmp-5.5.14-88.1 openSUSE Leap 42.3:php5-soap-5.5.14-88.1 openSUSE Leap 42.3:php5-sockets-5.5.14-88.1 openSUSE Leap 42.3:php5-sqlite-5.5.14-88.1 openSUSE Leap 42.3:php5-suhosin-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvmsg-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvsem-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvshm-5.5.14-88.1 openSUSE Leap 42.3:php5-tidy-5.5.14-88.1 openSUSE Leap 42.3:php5-tokenizer-5.5.14-88.1 openSUSE Leap 42.3:php5-wddx-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlreader-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlrpc-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlwriter-5.5.14-88.1 openSUSE Leap 42.3:php5-xsl-5.5.14-88.1 openSUSE Leap 42.3:php5-zip-5.5.14-88.1 openSUSE Leap 42.3:php5-zlib-5.5.14-88.1 moderate 4 AV:N/AC:H/Au:N/C:P/I:P/A:N Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-12/msg00055.html https://www.suse.com/security/cve/CVE-2015-4025.html CVE-2015-4025 https://bugzilla.suse.com/1067090 SUSE Bug 1067090 In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145. CVE-2017-16642 openSUSE Leap 42.2:apache2-mod_php5-5.5.14-88.1 openSUSE Leap 42.2:php5-5.5.14-88.1 openSUSE Leap 42.2:php5-bcmath-5.5.14-88.1 openSUSE Leap 42.2:php5-bz2-5.5.14-88.1 openSUSE Leap 42.2:php5-calendar-5.5.14-88.1 openSUSE Leap 42.2:php5-ctype-5.5.14-88.1 openSUSE Leap 42.2:php5-curl-5.5.14-88.1 openSUSE Leap 42.2:php5-dba-5.5.14-88.1 openSUSE Leap 42.2:php5-devel-5.5.14-88.1 openSUSE Leap 42.2:php5-dom-5.5.14-88.1 openSUSE Leap 42.2:php5-enchant-5.5.14-88.1 openSUSE Leap 42.2:php5-exif-5.5.14-88.1 openSUSE Leap 42.2:php5-fastcgi-5.5.14-88.1 openSUSE Leap 42.2:php5-fileinfo-5.5.14-88.1 openSUSE Leap 42.2:php5-firebird-5.5.14-88.1 openSUSE Leap 42.2:php5-fpm-5.5.14-88.1 openSUSE Leap 42.2:php5-ftp-5.5.14-88.1 openSUSE Leap 42.2:php5-gd-5.5.14-88.1 openSUSE Leap 42.2:php5-gettext-5.5.14-88.1 openSUSE Leap 42.2:php5-gmp-5.5.14-88.1 openSUSE Leap 42.2:php5-iconv-5.5.14-88.1 openSUSE Leap 42.2:php5-imap-5.5.14-88.1 openSUSE Leap 42.2:php5-intl-5.5.14-88.1 openSUSE Leap 42.2:php5-json-5.5.14-88.1 openSUSE Leap 42.2:php5-ldap-5.5.14-88.1 openSUSE Leap 42.2:php5-mbstring-5.5.14-88.1 openSUSE Leap 42.2:php5-mcrypt-5.5.14-88.1 openSUSE Leap 42.2:php5-mssql-5.5.14-88.1 openSUSE Leap 42.2:php5-mysql-5.5.14-88.1 openSUSE Leap 42.2:php5-odbc-5.5.14-88.1 openSUSE Leap 42.2:php5-opcache-5.5.14-88.1 openSUSE Leap 42.2:php5-openssl-5.5.14-88.1 openSUSE Leap 42.2:php5-pcntl-5.5.14-88.1 openSUSE Leap 42.2:php5-pdo-5.5.14-88.1 openSUSE Leap 42.2:php5-pear-5.5.14-88.1 openSUSE Leap 42.2:php5-pgsql-5.5.14-88.1 openSUSE Leap 42.2:php5-phar-5.5.14-88.1 openSUSE Leap 42.2:php5-posix-5.5.14-88.1 openSUSE Leap 42.2:php5-pspell-5.5.14-88.1 openSUSE Leap 42.2:php5-readline-5.5.14-88.1 openSUSE Leap 42.2:php5-shmop-5.5.14-88.1 openSUSE Leap 42.2:php5-snmp-5.5.14-88.1 openSUSE Leap 42.2:php5-soap-5.5.14-88.1 openSUSE Leap 42.2:php5-sockets-5.5.14-88.1 openSUSE Leap 42.2:php5-sqlite-5.5.14-88.1 openSUSE Leap 42.2:php5-suhosin-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvmsg-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvsem-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvshm-5.5.14-88.1 openSUSE Leap 42.2:php5-tidy-5.5.14-88.1 openSUSE Leap 42.2:php5-tokenizer-5.5.14-88.1 openSUSE Leap 42.2:php5-wddx-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlreader-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlrpc-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlwriter-5.5.14-88.1 openSUSE Leap 42.2:php5-xsl-5.5.14-88.1 openSUSE Leap 42.2:php5-zip-5.5.14-88.1 openSUSE Leap 42.2:php5-zlib-5.5.14-88.1 openSUSE Leap 42.3:apache2-mod_php5-5.5.14-88.1 openSUSE Leap 42.3:php5-5.5.14-88.1 openSUSE Leap 42.3:php5-bcmath-5.5.14-88.1 openSUSE Leap 42.3:php5-bz2-5.5.14-88.1 openSUSE Leap 42.3:php5-calendar-5.5.14-88.1 openSUSE Leap 42.3:php5-ctype-5.5.14-88.1 openSUSE Leap 42.3:php5-curl-5.5.14-88.1 openSUSE Leap 42.3:php5-dba-5.5.14-88.1 openSUSE Leap 42.3:php5-devel-5.5.14-88.1 openSUSE Leap 42.3:php5-dom-5.5.14-88.1 openSUSE Leap 42.3:php5-enchant-5.5.14-88.1 openSUSE Leap 42.3:php5-exif-5.5.14-88.1 openSUSE Leap 42.3:php5-fastcgi-5.5.14-88.1 openSUSE Leap 42.3:php5-fileinfo-5.5.14-88.1 openSUSE Leap 42.3:php5-firebird-5.5.14-88.1 openSUSE Leap 42.3:php5-fpm-5.5.14-88.1 openSUSE Leap 42.3:php5-ftp-5.5.14-88.1 openSUSE Leap 42.3:php5-gd-5.5.14-88.1 openSUSE Leap 42.3:php5-gettext-5.5.14-88.1 openSUSE Leap 42.3:php5-gmp-5.5.14-88.1 openSUSE Leap 42.3:php5-iconv-5.5.14-88.1 openSUSE Leap 42.3:php5-imap-5.5.14-88.1 openSUSE Leap 42.3:php5-intl-5.5.14-88.1 openSUSE Leap 42.3:php5-json-5.5.14-88.1 openSUSE Leap 42.3:php5-ldap-5.5.14-88.1 openSUSE Leap 42.3:php5-mbstring-5.5.14-88.1 openSUSE Leap 42.3:php5-mcrypt-5.5.14-88.1 openSUSE Leap 42.3:php5-mssql-5.5.14-88.1 openSUSE Leap 42.3:php5-mysql-5.5.14-88.1 openSUSE Leap 42.3:php5-odbc-5.5.14-88.1 openSUSE Leap 42.3:php5-opcache-5.5.14-88.1 openSUSE Leap 42.3:php5-openssl-5.5.14-88.1 openSUSE Leap 42.3:php5-pcntl-5.5.14-88.1 openSUSE Leap 42.3:php5-pdo-5.5.14-88.1 openSUSE Leap 42.3:php5-pear-5.5.14-88.1 openSUSE Leap 42.3:php5-pgsql-5.5.14-88.1 openSUSE Leap 42.3:php5-phar-5.5.14-88.1 openSUSE Leap 42.3:php5-posix-5.5.14-88.1 openSUSE Leap 42.3:php5-pspell-5.5.14-88.1 openSUSE Leap 42.3:php5-readline-5.5.14-88.1 openSUSE Leap 42.3:php5-shmop-5.5.14-88.1 openSUSE Leap 42.3:php5-snmp-5.5.14-88.1 openSUSE Leap 42.3:php5-soap-5.5.14-88.1 openSUSE Leap 42.3:php5-sockets-5.5.14-88.1 openSUSE Leap 42.3:php5-sqlite-5.5.14-88.1 openSUSE Leap 42.3:php5-suhosin-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvmsg-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvsem-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvshm-5.5.14-88.1 openSUSE Leap 42.3:php5-tidy-5.5.14-88.1 openSUSE Leap 42.3:php5-tokenizer-5.5.14-88.1 openSUSE Leap 42.3:php5-wddx-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlreader-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlrpc-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlwriter-5.5.14-88.1 openSUSE Leap 42.3:php5-xsl-5.5.14-88.1 openSUSE Leap 42.3:php5-zip-5.5.14-88.1 openSUSE Leap 42.3:php5-zlib-5.5.14-88.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-12/msg00055.html https://www.suse.com/security/cve/CVE-2017-16642.html CVE-2017-16642 https://bugzilla.suse.com/1048112 SUSE Bug 1048112 https://bugzilla.suse.com/1067441 SUSE Bug 1067441 https://bugzilla.suse.com/1076391 SUSE Bug 1076391 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it's used as an index, resulting in an out-of-bounds write memory corruption. CVE-2017-9228 openSUSE Leap 42.2:apache2-mod_php5-5.5.14-88.1 openSUSE Leap 42.2:php5-5.5.14-88.1 openSUSE Leap 42.2:php5-bcmath-5.5.14-88.1 openSUSE Leap 42.2:php5-bz2-5.5.14-88.1 openSUSE Leap 42.2:php5-calendar-5.5.14-88.1 openSUSE Leap 42.2:php5-ctype-5.5.14-88.1 openSUSE Leap 42.2:php5-curl-5.5.14-88.1 openSUSE Leap 42.2:php5-dba-5.5.14-88.1 openSUSE Leap 42.2:php5-devel-5.5.14-88.1 openSUSE Leap 42.2:php5-dom-5.5.14-88.1 openSUSE Leap 42.2:php5-enchant-5.5.14-88.1 openSUSE Leap 42.2:php5-exif-5.5.14-88.1 openSUSE Leap 42.2:php5-fastcgi-5.5.14-88.1 openSUSE Leap 42.2:php5-fileinfo-5.5.14-88.1 openSUSE Leap 42.2:php5-firebird-5.5.14-88.1 openSUSE Leap 42.2:php5-fpm-5.5.14-88.1 openSUSE Leap 42.2:php5-ftp-5.5.14-88.1 openSUSE Leap 42.2:php5-gd-5.5.14-88.1 openSUSE Leap 42.2:php5-gettext-5.5.14-88.1 openSUSE Leap 42.2:php5-gmp-5.5.14-88.1 openSUSE Leap 42.2:php5-iconv-5.5.14-88.1 openSUSE Leap 42.2:php5-imap-5.5.14-88.1 openSUSE Leap 42.2:php5-intl-5.5.14-88.1 openSUSE Leap 42.2:php5-json-5.5.14-88.1 openSUSE Leap 42.2:php5-ldap-5.5.14-88.1 openSUSE Leap 42.2:php5-mbstring-5.5.14-88.1 openSUSE Leap 42.2:php5-mcrypt-5.5.14-88.1 openSUSE Leap 42.2:php5-mssql-5.5.14-88.1 openSUSE Leap 42.2:php5-mysql-5.5.14-88.1 openSUSE Leap 42.2:php5-odbc-5.5.14-88.1 openSUSE Leap 42.2:php5-opcache-5.5.14-88.1 openSUSE Leap 42.2:php5-openssl-5.5.14-88.1 openSUSE Leap 42.2:php5-pcntl-5.5.14-88.1 openSUSE Leap 42.2:php5-pdo-5.5.14-88.1 openSUSE Leap 42.2:php5-pear-5.5.14-88.1 openSUSE Leap 42.2:php5-pgsql-5.5.14-88.1 openSUSE Leap 42.2:php5-phar-5.5.14-88.1 openSUSE Leap 42.2:php5-posix-5.5.14-88.1 openSUSE Leap 42.2:php5-pspell-5.5.14-88.1 openSUSE Leap 42.2:php5-readline-5.5.14-88.1 openSUSE Leap 42.2:php5-shmop-5.5.14-88.1 openSUSE Leap 42.2:php5-snmp-5.5.14-88.1 openSUSE Leap 42.2:php5-soap-5.5.14-88.1 openSUSE Leap 42.2:php5-sockets-5.5.14-88.1 openSUSE Leap 42.2:php5-sqlite-5.5.14-88.1 openSUSE Leap 42.2:php5-suhosin-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvmsg-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvsem-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvshm-5.5.14-88.1 openSUSE Leap 42.2:php5-tidy-5.5.14-88.1 openSUSE Leap 42.2:php5-tokenizer-5.5.14-88.1 openSUSE Leap 42.2:php5-wddx-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlreader-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlrpc-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlwriter-5.5.14-88.1 openSUSE Leap 42.2:php5-xsl-5.5.14-88.1 openSUSE Leap 42.2:php5-zip-5.5.14-88.1 openSUSE Leap 42.2:php5-zlib-5.5.14-88.1 openSUSE Leap 42.3:apache2-mod_php5-5.5.14-88.1 openSUSE Leap 42.3:php5-5.5.14-88.1 openSUSE Leap 42.3:php5-bcmath-5.5.14-88.1 openSUSE Leap 42.3:php5-bz2-5.5.14-88.1 openSUSE Leap 42.3:php5-calendar-5.5.14-88.1 openSUSE Leap 42.3:php5-ctype-5.5.14-88.1 openSUSE Leap 42.3:php5-curl-5.5.14-88.1 openSUSE Leap 42.3:php5-dba-5.5.14-88.1 openSUSE Leap 42.3:php5-devel-5.5.14-88.1 openSUSE Leap 42.3:php5-dom-5.5.14-88.1 openSUSE Leap 42.3:php5-enchant-5.5.14-88.1 openSUSE Leap 42.3:php5-exif-5.5.14-88.1 openSUSE Leap 42.3:php5-fastcgi-5.5.14-88.1 openSUSE Leap 42.3:php5-fileinfo-5.5.14-88.1 openSUSE Leap 42.3:php5-firebird-5.5.14-88.1 openSUSE Leap 42.3:php5-fpm-5.5.14-88.1 openSUSE Leap 42.3:php5-ftp-5.5.14-88.1 openSUSE Leap 42.3:php5-gd-5.5.14-88.1 openSUSE Leap 42.3:php5-gettext-5.5.14-88.1 openSUSE Leap 42.3:php5-gmp-5.5.14-88.1 openSUSE Leap 42.3:php5-iconv-5.5.14-88.1 openSUSE Leap 42.3:php5-imap-5.5.14-88.1 openSUSE Leap 42.3:php5-intl-5.5.14-88.1 openSUSE Leap 42.3:php5-json-5.5.14-88.1 openSUSE Leap 42.3:php5-ldap-5.5.14-88.1 openSUSE Leap 42.3:php5-mbstring-5.5.14-88.1 openSUSE Leap 42.3:php5-mcrypt-5.5.14-88.1 openSUSE Leap 42.3:php5-mssql-5.5.14-88.1 openSUSE Leap 42.3:php5-mysql-5.5.14-88.1 openSUSE Leap 42.3:php5-odbc-5.5.14-88.1 openSUSE Leap 42.3:php5-opcache-5.5.14-88.1 openSUSE Leap 42.3:php5-openssl-5.5.14-88.1 openSUSE Leap 42.3:php5-pcntl-5.5.14-88.1 openSUSE Leap 42.3:php5-pdo-5.5.14-88.1 openSUSE Leap 42.3:php5-pear-5.5.14-88.1 openSUSE Leap 42.3:php5-pgsql-5.5.14-88.1 openSUSE Leap 42.3:php5-phar-5.5.14-88.1 openSUSE Leap 42.3:php5-posix-5.5.14-88.1 openSUSE Leap 42.3:php5-pspell-5.5.14-88.1 openSUSE Leap 42.3:php5-readline-5.5.14-88.1 openSUSE Leap 42.3:php5-shmop-5.5.14-88.1 openSUSE Leap 42.3:php5-snmp-5.5.14-88.1 openSUSE Leap 42.3:php5-soap-5.5.14-88.1 openSUSE Leap 42.3:php5-sockets-5.5.14-88.1 openSUSE Leap 42.3:php5-sqlite-5.5.14-88.1 openSUSE Leap 42.3:php5-suhosin-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvmsg-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvsem-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvshm-5.5.14-88.1 openSUSE Leap 42.3:php5-tidy-5.5.14-88.1 openSUSE Leap 42.3:php5-tokenizer-5.5.14-88.1 openSUSE Leap 42.3:php5-wddx-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlreader-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlrpc-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlwriter-5.5.14-88.1 openSUSE Leap 42.3:php5-xsl-5.5.14-88.1 openSUSE Leap 42.3:php5-zip-5.5.14-88.1 openSUSE Leap 42.3:php5-zlib-5.5.14-88.1 moderate 4.6 AV:N/AC:H/Au:S/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-12/msg00055.html https://www.suse.com/security/cve/CVE-2017-9228.html CVE-2017-9228 https://bugzilla.suse.com/1068376 SUSE Bug 1068376 https://bugzilla.suse.com/1069606 SUSE Bug 1069606 https://bugzilla.suse.com/1069607 SUSE Bug 1069607 https://bugzilla.suse.com/1076391 SUSE Bug 1076391 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition. CVE-2017-9229 openSUSE Leap 42.2:apache2-mod_php5-5.5.14-88.1 openSUSE Leap 42.2:php5-5.5.14-88.1 openSUSE Leap 42.2:php5-bcmath-5.5.14-88.1 openSUSE Leap 42.2:php5-bz2-5.5.14-88.1 openSUSE Leap 42.2:php5-calendar-5.5.14-88.1 openSUSE Leap 42.2:php5-ctype-5.5.14-88.1 openSUSE Leap 42.2:php5-curl-5.5.14-88.1 openSUSE Leap 42.2:php5-dba-5.5.14-88.1 openSUSE Leap 42.2:php5-devel-5.5.14-88.1 openSUSE Leap 42.2:php5-dom-5.5.14-88.1 openSUSE Leap 42.2:php5-enchant-5.5.14-88.1 openSUSE Leap 42.2:php5-exif-5.5.14-88.1 openSUSE Leap 42.2:php5-fastcgi-5.5.14-88.1 openSUSE Leap 42.2:php5-fileinfo-5.5.14-88.1 openSUSE Leap 42.2:php5-firebird-5.5.14-88.1 openSUSE Leap 42.2:php5-fpm-5.5.14-88.1 openSUSE Leap 42.2:php5-ftp-5.5.14-88.1 openSUSE Leap 42.2:php5-gd-5.5.14-88.1 openSUSE Leap 42.2:php5-gettext-5.5.14-88.1 openSUSE Leap 42.2:php5-gmp-5.5.14-88.1 openSUSE Leap 42.2:php5-iconv-5.5.14-88.1 openSUSE Leap 42.2:php5-imap-5.5.14-88.1 openSUSE Leap 42.2:php5-intl-5.5.14-88.1 openSUSE Leap 42.2:php5-json-5.5.14-88.1 openSUSE Leap 42.2:php5-ldap-5.5.14-88.1 openSUSE Leap 42.2:php5-mbstring-5.5.14-88.1 openSUSE Leap 42.2:php5-mcrypt-5.5.14-88.1 openSUSE Leap 42.2:php5-mssql-5.5.14-88.1 openSUSE Leap 42.2:php5-mysql-5.5.14-88.1 openSUSE Leap 42.2:php5-odbc-5.5.14-88.1 openSUSE Leap 42.2:php5-opcache-5.5.14-88.1 openSUSE Leap 42.2:php5-openssl-5.5.14-88.1 openSUSE Leap 42.2:php5-pcntl-5.5.14-88.1 openSUSE Leap 42.2:php5-pdo-5.5.14-88.1 openSUSE Leap 42.2:php5-pear-5.5.14-88.1 openSUSE Leap 42.2:php5-pgsql-5.5.14-88.1 openSUSE Leap 42.2:php5-phar-5.5.14-88.1 openSUSE Leap 42.2:php5-posix-5.5.14-88.1 openSUSE Leap 42.2:php5-pspell-5.5.14-88.1 openSUSE Leap 42.2:php5-readline-5.5.14-88.1 openSUSE Leap 42.2:php5-shmop-5.5.14-88.1 openSUSE Leap 42.2:php5-snmp-5.5.14-88.1 openSUSE Leap 42.2:php5-soap-5.5.14-88.1 openSUSE Leap 42.2:php5-sockets-5.5.14-88.1 openSUSE Leap 42.2:php5-sqlite-5.5.14-88.1 openSUSE Leap 42.2:php5-suhosin-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvmsg-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvsem-5.5.14-88.1 openSUSE Leap 42.2:php5-sysvshm-5.5.14-88.1 openSUSE Leap 42.2:php5-tidy-5.5.14-88.1 openSUSE Leap 42.2:php5-tokenizer-5.5.14-88.1 openSUSE Leap 42.2:php5-wddx-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlreader-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlrpc-5.5.14-88.1 openSUSE Leap 42.2:php5-xmlwriter-5.5.14-88.1 openSUSE Leap 42.2:php5-xsl-5.5.14-88.1 openSUSE Leap 42.2:php5-zip-5.5.14-88.1 openSUSE Leap 42.2:php5-zlib-5.5.14-88.1 openSUSE Leap 42.3:apache2-mod_php5-5.5.14-88.1 openSUSE Leap 42.3:php5-5.5.14-88.1 openSUSE Leap 42.3:php5-bcmath-5.5.14-88.1 openSUSE Leap 42.3:php5-bz2-5.5.14-88.1 openSUSE Leap 42.3:php5-calendar-5.5.14-88.1 openSUSE Leap 42.3:php5-ctype-5.5.14-88.1 openSUSE Leap 42.3:php5-curl-5.5.14-88.1 openSUSE Leap 42.3:php5-dba-5.5.14-88.1 openSUSE Leap 42.3:php5-devel-5.5.14-88.1 openSUSE Leap 42.3:php5-dom-5.5.14-88.1 openSUSE Leap 42.3:php5-enchant-5.5.14-88.1 openSUSE Leap 42.3:php5-exif-5.5.14-88.1 openSUSE Leap 42.3:php5-fastcgi-5.5.14-88.1 openSUSE Leap 42.3:php5-fileinfo-5.5.14-88.1 openSUSE Leap 42.3:php5-firebird-5.5.14-88.1 openSUSE Leap 42.3:php5-fpm-5.5.14-88.1 openSUSE Leap 42.3:php5-ftp-5.5.14-88.1 openSUSE Leap 42.3:php5-gd-5.5.14-88.1 openSUSE Leap 42.3:php5-gettext-5.5.14-88.1 openSUSE Leap 42.3:php5-gmp-5.5.14-88.1 openSUSE Leap 42.3:php5-iconv-5.5.14-88.1 openSUSE Leap 42.3:php5-imap-5.5.14-88.1 openSUSE Leap 42.3:php5-intl-5.5.14-88.1 openSUSE Leap 42.3:php5-json-5.5.14-88.1 openSUSE Leap 42.3:php5-ldap-5.5.14-88.1 openSUSE Leap 42.3:php5-mbstring-5.5.14-88.1 openSUSE Leap 42.3:php5-mcrypt-5.5.14-88.1 openSUSE Leap 42.3:php5-mssql-5.5.14-88.1 openSUSE Leap 42.3:php5-mysql-5.5.14-88.1 openSUSE Leap 42.3:php5-odbc-5.5.14-88.1 openSUSE Leap 42.3:php5-opcache-5.5.14-88.1 openSUSE Leap 42.3:php5-openssl-5.5.14-88.1 openSUSE Leap 42.3:php5-pcntl-5.5.14-88.1 openSUSE Leap 42.3:php5-pdo-5.5.14-88.1 openSUSE Leap 42.3:php5-pear-5.5.14-88.1 openSUSE Leap 42.3:php5-pgsql-5.5.14-88.1 openSUSE Leap 42.3:php5-phar-5.5.14-88.1 openSUSE Leap 42.3:php5-posix-5.5.14-88.1 openSUSE Leap 42.3:php5-pspell-5.5.14-88.1 openSUSE Leap 42.3:php5-readline-5.5.14-88.1 openSUSE Leap 42.3:php5-shmop-5.5.14-88.1 openSUSE Leap 42.3:php5-snmp-5.5.14-88.1 openSUSE Leap 42.3:php5-soap-5.5.14-88.1 openSUSE Leap 42.3:php5-sockets-5.5.14-88.1 openSUSE Leap 42.3:php5-sqlite-5.5.14-88.1 openSUSE Leap 42.3:php5-suhosin-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvmsg-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvsem-5.5.14-88.1 openSUSE Leap 42.3:php5-sysvshm-5.5.14-88.1 openSUSE Leap 42.3:php5-tidy-5.5.14-88.1 openSUSE Leap 42.3:php5-tokenizer-5.5.14-88.1 openSUSE Leap 42.3:php5-wddx-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlreader-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlrpc-5.5.14-88.1 openSUSE Leap 42.3:php5-xmlwriter-5.5.14-88.1 openSUSE Leap 42.3:php5-xsl-5.5.14-88.1 openSUSE Leap 42.3:php5-zip-5.5.14-88.1 openSUSE Leap 42.3:php5-zlib-5.5.14-88.1 moderate 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-12/msg00055.html https://www.suse.com/security/cve/CVE-2017-9229.html CVE-2017-9229 https://bugzilla.suse.com/1068376 SUSE Bug 1068376 https://bugzilla.suse.com/1069631 SUSE Bug 1069631 https://bugzilla.suse.com/1069632 SUSE Bug 1069632 https://bugzilla.suse.com/1076391 SUSE Bug 1076391