|Category:||SuSE Local Security Checks|
|Title:||SUSE: Security Advisory (SUSE-SU-2018:2044-1)|
|Summary:||The remote host is missing an update for the 'php53' package(s) announced via the SUSE-SU-2018:2044-1 advisory.|
The remote host is missing an update for the 'php53' package(s) announced via the SUSE-SU-2018:2044-1 advisory.
This update for php53 fixes the following issues:
The following security issue was fixed:
- An out-of-bounds read in the do_core_note function in readelf.c in
libmagic.a allowed remote attackers to cause a denial of service via a
crafted ELF file (CVE-2018-10360, bsc#1096984)
- CVE-2018-12882: exif_read_from_impl allowed attackers to trigger a
use-after-free (in exif_read_from_file) because it closed a stream that
it is not responsible for closing (bsc#1099098)
'php53' package(s) on SUSE Linux Enterprise Software Development Kit 11-SP4, SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Debuginfo 11-SP4
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2018-10360|
Common Vulnerability Exposure (CVE) ID: CVE-2018-12882
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.