exploitDog

SUSE-SU-2023:1583-1

Опубликовано: 27 мар. 2023

Источник: suse-cvrf

Описание

Security update for php7

This update for php7 fixes the following issues:

CVE-2022-4900: Fixed potential buffer overflow via PHP_CLI_SERVER_WORKERS environment variable. (bsc#1209537)

Список пакетов

openSUSE Leap 15.4

php7-firebird-7.4.33-150200.3.54.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20231583-1/
Link for SUSE-SU-2023:1583-1
https://lists.suse.com/pipermail/sle-updates/2023-March/028378.html
E-Mail link for SUSE-SU-2023:1583-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1208199
SUSE Bug 1208199
https://bugzilla.suse.com/1209537
SUSE Bug 1209537
https://www.suse.com/security/cve/CVE-2022-4900/
SUSE CVE CVE-2022-4900 page

Описание

A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

Затронутые продукты

openSUSE Leap 15.4:php7-firebird-7.4.33-150200.3.54.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-4900.html
CVE-2022-4900
https://bugzilla.suse.com/1209537
SUSE Bug 1209537