Recommended update for php7 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2021:1570-1 Final 1 1 2021-12-10T17:06:23Z current 2021-12-10T17:06:23Z 2021-12-10T17:06:23Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Recommended update for php7 This update for php7 fixes the following issues: - CVE-2021-21703: Fixed local privilege escalation via PHP-FPM (bsc#1192050). - CVE-2021-21707: Fixed special character breaks path in xml parsing (bsc#1193041). - Added patch to prevent memory access violation in php7 when running test suite (bsc#1175508) This update was imported from the SUSE:SLE-15-SP2:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2021-1570 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RQSJP4Z6SALIQMUAEV267NSJB6EATBOB/ E-Mail link for openSUSE-SU-2021:1570-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1175508 SUSE Bug 1175508 https://bugzilla.suse.com/1192050 SUSE Bug 1192050 https://bugzilla.suse.com/1193041 SUSE Bug 1193041 https://www.suse.com/security/cve/CVE-2021-21703/ SUSE CVE CVE-2021-21703 page https://www.suse.com/security/cve/CVE-2021-21707/ SUSE CVE CVE-2021-21707 page openSUSE Leap 15.2 apache2-mod_php7-7.4.6-lp152.2.21.1 php7-7.4.6-lp152.2.21.1 php7-bcmath-7.4.6-lp152.2.21.1 php7-bz2-7.4.6-lp152.2.21.1 php7-calendar-7.4.6-lp152.2.21.1 php7-ctype-7.4.6-lp152.2.21.1 php7-curl-7.4.6-lp152.2.21.1 php7-dba-7.4.6-lp152.2.21.1 php7-devel-7.4.6-lp152.2.21.1 php7-dom-7.4.6-lp152.2.21.1 php7-embed-7.4.6-lp152.2.21.1 php7-enchant-7.4.6-lp152.2.21.1 php7-exif-7.4.6-lp152.2.21.1 php7-fastcgi-7.4.6-lp152.2.21.1 php7-fileinfo-7.4.6-lp152.2.21.1 php7-firebird-7.4.6-lp152.2.21.1 php7-fpm-7.4.6-lp152.2.21.1 php7-ftp-7.4.6-lp152.2.21.1 php7-gd-7.4.6-lp152.2.21.1 php7-gettext-7.4.6-lp152.2.21.1 php7-gmp-7.4.6-lp152.2.21.1 php7-iconv-7.4.6-lp152.2.21.1 php7-intl-7.4.6-lp152.2.21.1 php7-json-7.4.6-lp152.2.21.1 php7-ldap-7.4.6-lp152.2.21.1 php7-mbstring-7.4.6-lp152.2.21.1 php7-mysql-7.4.6-lp152.2.21.1 php7-odbc-7.4.6-lp152.2.21.1 php7-opcache-7.4.6-lp152.2.21.1 php7-openssl-7.4.6-lp152.2.21.1 php7-pcntl-7.4.6-lp152.2.21.1 php7-pdo-7.4.6-lp152.2.21.1 php7-pgsql-7.4.6-lp152.2.21.1 php7-phar-7.4.6-lp152.2.21.1 php7-posix-7.4.6-lp152.2.21.1 php7-readline-7.4.6-lp152.2.21.1 php7-shmop-7.4.6-lp152.2.21.1 php7-snmp-7.4.6-lp152.2.21.1 php7-soap-7.4.6-lp152.2.21.1 php7-sockets-7.4.6-lp152.2.21.1 php7-sodium-7.4.6-lp152.2.21.1 php7-sqlite-7.4.6-lp152.2.21.1 php7-sysvmsg-7.4.6-lp152.2.21.1 php7-sysvsem-7.4.6-lp152.2.21.1 php7-sysvshm-7.4.6-lp152.2.21.1 php7-test-7.4.6-lp152.2.21.1 php7-tidy-7.4.6-lp152.2.21.1 php7-tokenizer-7.4.6-lp152.2.21.1 php7-xmlreader-7.4.6-lp152.2.21.1 php7-xmlrpc-7.4.6-lp152.2.21.1 php7-xmlwriter-7.4.6-lp152.2.21.1 php7-xsl-7.4.6-lp152.2.21.1 php7-zip-7.4.6-lp152.2.21.1 php7-zlib-7.4.6-lp152.2.21.1 apache2-mod_php7-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-bcmath-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-bz2-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-calendar-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-ctype-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-curl-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-dba-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-devel-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-dom-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-embed-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-enchant-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-exif-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-fastcgi-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-fileinfo-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-firebird-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-fpm-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-ftp-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-gd-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-gettext-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-gmp-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-iconv-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-intl-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-json-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-ldap-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-mbstring-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-mysql-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-odbc-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-opcache-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-openssl-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-pcntl-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-pdo-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-pgsql-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-phar-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-posix-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-readline-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-shmop-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-snmp-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-soap-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-sockets-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-sodium-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-sqlite-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-sysvmsg-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-sysvsem-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-sysvshm-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-test-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-tidy-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-tokenizer-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-xmlreader-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-xmlrpc-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-xmlwriter-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-xsl-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-zip-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 php7-zlib-7.4.6-lp152.2.21.1 as a component of openSUSE Leap 15.2 In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user. CVE-2021-21703 openSUSE Leap 15.2:apache2-mod_php7-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-bcmath-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-bz2-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-calendar-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-ctype-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-curl-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-dba-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-devel-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-dom-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-embed-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-enchant-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-exif-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-fastcgi-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-fileinfo-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-firebird-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-fpm-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-ftp-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-gd-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-gettext-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-gmp-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-iconv-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-intl-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-json-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-ldap-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-mbstring-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-mysql-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-odbc-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-opcache-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-openssl-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-pcntl-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-pdo-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-pgsql-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-phar-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-posix-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-readline-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-shmop-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-snmp-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-soap-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sockets-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sodium-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sqlite-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sysvmsg-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sysvsem-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sysvshm-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-test-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-tidy-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-tokenizer-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-xmlreader-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-xmlrpc-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-xmlwriter-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-xsl-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-zip-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-zlib-7.4.6-lp152.2.21.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RQSJP4Z6SALIQMUAEV267NSJB6EATBOB/ https://www.suse.com/security/cve/CVE-2021-21703.html CVE-2021-21703 https://bugzilla.suse.com/1192050 SUSE Bug 1192050 In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended. CVE-2021-21707 openSUSE Leap 15.2:apache2-mod_php7-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-bcmath-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-bz2-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-calendar-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-ctype-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-curl-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-dba-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-devel-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-dom-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-embed-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-enchant-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-exif-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-fastcgi-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-fileinfo-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-firebird-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-fpm-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-ftp-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-gd-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-gettext-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-gmp-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-iconv-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-intl-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-json-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-ldap-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-mbstring-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-mysql-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-odbc-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-opcache-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-openssl-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-pcntl-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-pdo-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-pgsql-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-phar-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-posix-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-readline-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-shmop-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-snmp-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-soap-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sockets-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sodium-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sqlite-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sysvmsg-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sysvsem-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-sysvshm-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-test-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-tidy-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-tokenizer-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-xmlreader-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-xmlrpc-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-xmlwriter-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-xsl-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-zip-7.4.6-lp152.2.21.1 openSUSE Leap 15.2:php7-zlib-7.4.6-lp152.2.21.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RQSJP4Z6SALIQMUAEV267NSJB6EATBOB/ https://www.suse.com/security/cve/CVE-2021-21707.html CVE-2021-21707 https://bugzilla.suse.com/1193041 SUSE Bug 1193041