CVE-2019-11039: Fixed a heap-buffer-overflow on php_jpg_get16 (bsc#1138173).
CVE-2019-11040: Fixed an out-of-bounds read due to an integer overflow in
iconv.c:_php_iconv_mime_decode() (bsc#1138172).
Affected Packages(55 packages)
apache2-mod_php72
SUSE Linux Enterprise Module for Web and Scripting 12
Fixed in:
7.2.5-1.20.2
php72
SUSE Linux Enterprise Module for Web and Scripting 12SUSE Linux Enterprise Software Development Kit 12 SP3SUSE Linux Enterprise Software Development Kit 12 SP4
Fixed in:
7.2.5-1.20.2
php72-bcmath
SUSE Linux Enterprise Module for Web and Scripting 12
Fixed in:
7.2.5-1.20.2
php72-bz2
SUSE Linux Enterprise Module for Web and Scripting 12
Fixed in:
7.2.5-1.20.2
php72-calendar
SUSE Linux Enterprise Module for Web and Scripting 12
Fixed in:
7.2.5-1.20.2
php72-ctype
SUSE Linux Enterprise Module for Web and Scripting 12
Fixed in:
7.2.5-1.20.2
php72-curl
SUSE Linux Enterprise Module for Web and Scripting 12
Fixed in:
7.2.5-1.20.2
php72-dba
SUSE Linux Enterprise Module for Web and Scripting 12
Fixed in:
7.2.5-1.20.2
php72-dom
SUSE Linux Enterprise Module for Web and Scripting 12
Fixed in:
7.2.5-1.20.2
php72-enchant
SUSE Linux Enterprise Module for Web and Scripting 12