Security update for php53 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2019:13961-1 Final 1 1 2019-02-14T16:25:47Z current 2019-02-14T16:25:47Z 2019-02-14T16:25:47Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for php53 This update for php53 fixes the following issues: Security issues fixed: - CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function (bsc#1123354). - CVE-2019-6978: Fixed a double free in the gdImage*Ptr() functions (bsc#1123522). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp4-php53-13961,slessp4-php53-13961 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2019/suse-su-201913961-1/ Link for SUSE-SU-2019:13961-1 https://lists.suse.com/pipermail/sle-security-updates/2019-February/005123.html E-Mail link for SUSE-SU-2019:13961-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1123354 SUSE Bug 1123354 https://bugzilla.suse.com/1123522 SUSE Bug 1123522 https://www.suse.com/security/cve/CVE-2019-6977/ SUSE CVE CVE-2019-6977 page https://www.suse.com/security/cve/CVE-2019-6978/ SUSE CVE CVE-2019-6978 page SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 php53-devel-5.3.17-112.53.1 php53-imap-5.3.17-112.53.1 php53-posix-5.3.17-112.53.1 php53-readline-5.3.17-112.53.1 php53-sockets-5.3.17-112.53.1 php53-sqlite-5.3.17-112.53.1 php53-tidy-5.3.17-112.53.1 apache2-mod_php53-5.3.17-112.53.1 php53-5.3.17-112.53.1 php53-bcmath-5.3.17-112.53.1 php53-bz2-5.3.17-112.53.1 php53-calendar-5.3.17-112.53.1 php53-ctype-5.3.17-112.53.1 php53-curl-5.3.17-112.53.1 php53-dba-5.3.17-112.53.1 php53-dom-5.3.17-112.53.1 php53-exif-5.3.17-112.53.1 php53-fastcgi-5.3.17-112.53.1 php53-fileinfo-5.3.17-112.53.1 php53-ftp-5.3.17-112.53.1 php53-gd-5.3.17-112.53.1 php53-gettext-5.3.17-112.53.1 php53-gmp-5.3.17-112.53.1 php53-iconv-5.3.17-112.53.1 php53-intl-5.3.17-112.53.1 php53-json-5.3.17-112.53.1 php53-ldap-5.3.17-112.53.1 php53-mbstring-5.3.17-112.53.1 php53-mcrypt-5.3.17-112.53.1 php53-mysql-5.3.17-112.53.1 php53-odbc-5.3.17-112.53.1 php53-openssl-5.3.17-112.53.1 php53-pcntl-5.3.17-112.53.1 php53-pdo-5.3.17-112.53.1 php53-pear-5.3.17-112.53.1 php53-pgsql-5.3.17-112.53.1 php53-pspell-5.3.17-112.53.1 php53-shmop-5.3.17-112.53.1 php53-snmp-5.3.17-112.53.1 php53-soap-5.3.17-112.53.1 php53-suhosin-5.3.17-112.53.1 php53-sysvmsg-5.3.17-112.53.1 php53-sysvsem-5.3.17-112.53.1 php53-sysvshm-5.3.17-112.53.1 php53-tokenizer-5.3.17-112.53.1 php53-wddx-5.3.17-112.53.1 php53-xmlreader-5.3.17-112.53.1 php53-xmlrpc-5.3.17-112.53.1 php53-xmlwriter-5.3.17-112.53.1 php53-xsl-5.3.17-112.53.1 php53-zip-5.3.17-112.53.1 php53-zlib-5.3.17-112.53.1 apache2-mod_php53-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-bcmath-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-bz2-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-calendar-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-ctype-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-curl-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-dba-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-dom-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-exif-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-fastcgi-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-fileinfo-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-ftp-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-gd-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-gettext-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-gmp-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-iconv-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-intl-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-json-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-ldap-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-mbstring-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-mcrypt-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-mysql-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-odbc-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-openssl-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-pcntl-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-pdo-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-pear-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-pgsql-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-pspell-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-shmop-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-snmp-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-soap-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-suhosin-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-sysvmsg-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-sysvsem-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-sysvshm-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-tokenizer-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-wddx-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-xmlreader-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-xmlrpc-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-xmlwriter-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-xsl-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-zip-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 php53-zlib-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server 11 SP4 apache2-mod_php53-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-bcmath-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-bz2-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-calendar-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-ctype-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-curl-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-dba-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-dom-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-exif-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-fastcgi-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-fileinfo-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-ftp-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-gd-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-gettext-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-gmp-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-iconv-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-intl-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-json-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-ldap-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-mbstring-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-mcrypt-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-mysql-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-odbc-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-openssl-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-pcntl-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-pdo-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-pear-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-pgsql-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-pspell-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-shmop-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-snmp-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-soap-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-suhosin-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-sysvmsg-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-sysvsem-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-sysvshm-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-tokenizer-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-wddx-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-xmlreader-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-xmlrpc-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-xmlwriter-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-xsl-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-zip-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-zlib-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 php53-devel-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 php53-imap-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 php53-posix-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 php53-readline-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 php53-sockets-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 php53-sqlite-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 php53-tidy-5.3.17-112.53.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data. CVE-2019-6977 SUSE Linux Enterprise Server 11 SP4:apache2-mod_php53-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-bcmath-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-bz2-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-calendar-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-ctype-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-curl-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-dba-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-dom-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-exif-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-fastcgi-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-fileinfo-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-ftp-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-gd-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-gettext-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-gmp-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-iconv-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-intl-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-json-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-ldap-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-mbstring-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-mcrypt-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-mysql-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-odbc-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-openssl-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-pcntl-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-pdo-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-pear-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-pgsql-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-pspell-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-shmop-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-snmp-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-soap-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-suhosin-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-sysvmsg-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-sysvsem-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-sysvshm-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-tokenizer-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-wddx-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-xmlreader-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-xmlrpc-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-xmlwriter-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-xsl-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-zip-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-zlib-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-mod_php53-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-bcmath-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-bz2-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-calendar-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-ctype-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-curl-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-dba-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-dom-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-exif-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-fastcgi-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-fileinfo-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-ftp-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-gd-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-gettext-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-gmp-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-iconv-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-intl-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-json-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-ldap-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-mbstring-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-mcrypt-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-mysql-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-odbc-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-openssl-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-pcntl-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-pdo-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-pear-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-pgsql-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-pspell-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-shmop-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-snmp-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-soap-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-suhosin-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-sysvmsg-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-sysvsem-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-sysvshm-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-tokenizer-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-wddx-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-xmlreader-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-xmlrpc-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-xmlwriter-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-xsl-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-zip-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-zlib-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-devel-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-imap-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-posix-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-readline-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-sockets-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-sqlite-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-tidy-5.3.17-112.53.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913961-1/ https://www.suse.com/security/cve/CVE-2019-6977.html CVE-2019-6977 https://bugzilla.suse.com/1123354 SUSE Bug 1123354 https://bugzilla.suse.com/1123361 SUSE Bug 1123361 The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected. CVE-2019-6978 SUSE Linux Enterprise Server 11 SP4:apache2-mod_php53-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-bcmath-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-bz2-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-calendar-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-ctype-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-curl-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-dba-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-dom-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-exif-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-fastcgi-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-fileinfo-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-ftp-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-gd-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-gettext-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-gmp-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-iconv-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-intl-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-json-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-ldap-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-mbstring-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-mcrypt-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-mysql-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-odbc-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-openssl-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-pcntl-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-pdo-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-pear-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-pgsql-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-pspell-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-shmop-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-snmp-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-soap-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-suhosin-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-sysvmsg-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-sysvsem-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-sysvshm-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-tokenizer-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-wddx-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-xmlreader-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-xmlrpc-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-xmlwriter-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-xsl-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-zip-5.3.17-112.53.1 SUSE Linux Enterprise Server 11 SP4:php53-zlib-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-mod_php53-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-bcmath-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-bz2-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-calendar-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-ctype-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-curl-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-dba-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-dom-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-exif-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-fastcgi-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-fileinfo-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-ftp-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-gd-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-gettext-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-gmp-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-iconv-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-intl-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-json-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-ldap-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-mbstring-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-mcrypt-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-mysql-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-odbc-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-openssl-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-pcntl-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-pdo-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-pear-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-pgsql-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-pspell-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-shmop-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-snmp-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-soap-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-suhosin-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-sysvmsg-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-sysvsem-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-sysvshm-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-tokenizer-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-wddx-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-xmlreader-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-xmlrpc-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-xmlwriter-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-xsl-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-zip-5.3.17-112.53.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:php53-zlib-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-devel-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-imap-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-posix-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-readline-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-sockets-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-sqlite-5.3.17-112.53.1 SUSE Linux Enterprise Software Development Kit 11 SP4:php53-tidy-5.3.17-112.53.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 4.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201913961-1/ https://www.suse.com/security/cve/CVE-2019-6978.html CVE-2019-6978 https://bugzilla.suse.com/1123522 SUSE Bug 1123522