Details of VAR-201908-1840

ID

VAR-201908-1840

CVE

CVE-2019-11041

TITLE

PHP EXIF Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-007694

DESCRIPTION

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. PHP EXIF Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A buffer error vulnerability exists in PHP 7.1.x prior to 7.1.31, 7.2.x prior to 7.2.21, and 7.3.x prior to 7.3.8. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. PHP is prone to a heap-based buffer-overflow vulnerability. Failed exploits will result in denial-of-service conditions. PHP versions before 7.3.8 are vulnerable. ========================================================================= Ubuntu Security Notice USN-4097-2 August 13, 2019 php5 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: PHP could be made to crash or execute arbitrary code if it received specially crafted image. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2019-11041, CVE-2019-11042) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.29+esm5 php5-cgi 5.5.9+dfsg-1ubuntu4.29+esm5 php5-cli 5.5.9+dfsg-1ubuntu4.29+esm5 php5-fpm 5.5.9+dfsg-1ubuntu4.29+esm5 php5-xmlrpc 5.5.9+dfsg-1ubuntu4.29+esm5 Ubuntu 12.04 ESM: libapache2-mod-php5 5.3.10-1ubuntu3.39 php5-cgi 5.3.10-1ubuntu3.39 php5-cli 5.3.10-1ubuntu3.39 php5-fpm 5.3.10-1ubuntu3.39 php5-xmlrpc 5.3.10-1ubuntu3.39 In general, a standard system update will make all the necessary changes. For the stable distribution (buster), these problems have been fixed in version 7.3.9-1~deb10u1. We recommend that you upgrade your php7.3 packages. For the detailed security status of php7.3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php7.3 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl2D6O0ACgkQEMKTtsN8 TjYx1g/+KDaoAK5IIW5Nb6yLZjUT7JsJsb9tSD+rYLOe1A6R/6envfkPp4LuK3Tv +VNA0JQ1js/9swccoNlDUBXpxHOqzp3KeB6kEsM61WQAX+oqh7VwGhh2JnPbau35 2GKZfRzc24fc3UBqxEBY4+GfV/Th0CnVahyaaAz33Gt5N7DZHaRY71UK7MHce2ir mOHMdoPp3N5t5UxefKfsju8raluOidNkiXJlIvILnWrz5mYDOBAi2xpEQw1JIjTO mgGkCtZNU8nWV6C4tugiOnrRa03Kb6SgCd77XZRty5zoYTjSTMc75HTyvbqAKThG 44lGJEdvQDK7aW40wgQ2YWnFYKxyQOrU6kbPPkvu+IqXBsQIfJ0alZ2e/GXHrPAf RkrbFgwFoNl8KPspVCtczuxAoihTsexJk5cVs/1GqD1mIhf2ftRi5qdJaq7Jr3RZ KJd9rqkf6Us7yWjJM7ajUtdx/HCQDunEYXIoCsyfCGZC8a3FGfhnPuAFT9CpVVFu y1nQnOGlSweWFd2nUMkS/k9+O/WlAMxnz30rHX9tBpEFy5amRXgRnd2EVVZvdpo9 PQRdTBB/H8Va01JhcSO79GXvdZCeKv8f3PIlJxz4CjMyCrG07Ij3i9NgSU9Vl/oa 5zXOTwbTO2ylLoZP+ac9E/Jwg7uGaC76lNwhzlbtOBl+jg6knRo=SH4w -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Critical: rh-php72-php security update Advisory ID: RHSA-2019:3299-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:3299 Issue date: 2019-11-01 CVE Names: CVE-2016-10166 CVE-2018-20783 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 CVE-2019-11041 CVE-2019-11042 CVE-2019-11043 ===================================================================== 1. Summary: An update for rh-php72-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php72-php (7.2.24). (BZ#1766603) Security Fix(es): * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) * gd: Unsigned integer underflow _gdContributionsAlloc() (CVE-2016-10166) * gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c (CVE-2019-6977) * php: Invalid memory access in function xmlrpc_decode() (CVE-2019-9020) * php: File rename across filesystems may allow unwanted access during processing (CVE-2019-9637) * php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9638) * php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9639) * php: Invalid read in exif_process_SOFn() (CVE-2019-9640) * php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() (CVE-2019-11039) * php: Buffer over-read in exif_read_data() (CVE-2019-11040) * php: Buffer over-read in PHAR reading functions (CVE-2018-20783) * php: Heap-based buffer over-read in PHAR reading functions (CVE-2019-9021) * php: memcpy with negative length via crafted DNS response (CVE-2019-9022) * php: Heap-based buffer over-read in mbstring regular expression functions (CVE-2019-9023) * php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024) * php: Heap buffer overflow in function exif_process_IFD_TAG() (CVE-2019-11034) * php: Heap buffer overflow in function exif_iif_add_value() (CVE-2019-11035) * php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure (CVE-2019-11036) * gd: Information disclosure in gdImageCreateFromXbm() (CVE-2019-11038) * php: heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041) * php: heap buffer over-read in exif_process_user_comment() (CVE-2019-11042) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1418983 - CVE-2016-10166 gd: Unsigned integer underflow _gdContributionsAlloc() 1672207 - CVE-2019-6977 gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c 1680545 - CVE-2018-20783 php: Buffer over-read in PHAR reading functions 1685123 - CVE-2019-9020 php: Invalid memory access in function xmlrpc_decode() 1685132 - CVE-2019-9021 php: Heap-based buffer over-read in PHAR reading functions 1685398 - CVE-2019-9023 php: Heap-based buffer over-read in mbstring regular expression functions 1685404 - CVE-2019-9024 php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c 1685412 - CVE-2019-9022 php: memcpy with negative length via crafted DNS response 1688897 - CVE-2019-9637 php: File rename across filesystems may allow unwanted access during processing 1688922 - CVE-2019-9638 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE 1688934 - CVE-2019-9639 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE 1688939 - CVE-2019-9640 php: Invalid read in exif_process_SOFn() 1702246 - CVE-2019-11035 php: Heap buffer overflow in function exif_iif_add_value() 1702256 - CVE-2019-11034 php: Heap buffer overflow in function exif_process_IFD_TAG() 1707299 - CVE-2019-11036 php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure 1724149 - CVE-2019-11038 gd: Information disclosure in gdImageCreateFromXbm() 1724152 - CVE-2019-11039 php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() 1724154 - CVE-2019-11040 php: Buffer over-read in exif_read_data() 1739459 - CVE-2019-11041 php: heap buffer over-read in exif_scan_thumbnail() 1739465 - CVE-2019-11042 php: heap buffer over-read in exif_process_user_comment() 1766378 - CVE-2019-11043 php: underflow in env_path_info in fpm_main.c 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-php72-php-7.2.24-1.el7.src.rpm aarch64: rh-php72-php-7.2.24-1.el7.aarch64.rpm rh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm rh-php72-php-cli-7.2.24-1.el7.aarch64.rpm rh-php72-php-common-7.2.24-1.el7.aarch64.rpm rh-php72-php-dba-7.2.24-1.el7.aarch64.rpm rh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm rh-php72-php-devel-7.2.24-1.el7.aarch64.rpm rh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm rh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm rh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm rh-php72-php-gd-7.2.24-1.el7.aarch64.rpm rh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-intl-7.2.24-1.el7.aarch64.rpm rh-php72-php-json-7.2.24-1.el7.aarch64.rpm rh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm rh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm rh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm rh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm rh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm rh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm rh-php72-php-process-7.2.24-1.el7.aarch64.rpm rh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm rh-php72-php-recode-7.2.24-1.el7.aarch64.rpm rh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-soap-7.2.24-1.el7.aarch64.rpm rh-php72-php-xml-7.2.24-1.el7.aarch64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm rh-php72-php-zip-7.2.24-1.el7.aarch64.rpm ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-php72-php-7.2.24-1.el7.src.rpm aarch64: rh-php72-php-7.2.24-1.el7.aarch64.rpm rh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm rh-php72-php-cli-7.2.24-1.el7.aarch64.rpm rh-php72-php-common-7.2.24-1.el7.aarch64.rpm rh-php72-php-dba-7.2.24-1.el7.aarch64.rpm rh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm rh-php72-php-devel-7.2.24-1.el7.aarch64.rpm rh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm rh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm rh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm rh-php72-php-gd-7.2.24-1.el7.aarch64.rpm rh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-intl-7.2.24-1.el7.aarch64.rpm rh-php72-php-json-7.2.24-1.el7.aarch64.rpm rh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm rh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm rh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm rh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm rh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm rh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm rh-php72-php-process-7.2.24-1.el7.aarch64.rpm rh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm rh-php72-php-recode-7.2.24-1.el7.aarch64.rpm rh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-soap-7.2.24-1.el7.aarch64.rpm rh-php72-php-xml-7.2.24-1.el7.aarch64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm rh-php72-php-zip-7.2.24-1.el7.aarch64.rpm ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-php72-php-7.2.24-1.el7.src.rpm ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-php72-php-7.2.24-1.el7.src.rpm ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7): Source: rh-php72-php-7.2.24-1.el7.src.rpm ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-php72-php-7.2.24-1.el7.src.rpm x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-10166 https://access.redhat.com/security/cve/CVE-2018-20783 https://access.redhat.com/security/cve/CVE-2019-6977 https://access.redhat.com/security/cve/CVE-2019-9020 https://access.redhat.com/security/cve/CVE-2019-9021 https://access.redhat.com/security/cve/CVE-2019-9022 https://access.redhat.com/security/cve/CVE-2019-9023 https://access.redhat.com/security/cve/CVE-2019-9024 https://access.redhat.com/security/cve/CVE-2019-9637 https://access.redhat.com/security/cve/CVE-2019-9638 https://access.redhat.com/security/cve/CVE-2019-9639 https://access.redhat.com/security/cve/CVE-2019-9640 https://access.redhat.com/security/cve/CVE-2019-11034 https://access.redhat.com/security/cve/CVE-2019-11035 https://access.redhat.com/security/cve/CVE-2019-11036 https://access.redhat.com/security/cve/CVE-2019-11038 https://access.redhat.com/security/cve/CVE-2019-11039 https://access.redhat.com/security/cve/CVE-2019-11040 https://access.redhat.com/security/cve/CVE-2019-11041 https://access.redhat.com/security/cve/CVE-2019-11042 https://access.redhat.com/security/cve/CVE-2019-11043 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXbwslNzjgjWX9erEAQgZrA//YpBwARJTytrbpWQquZ4hnjbScNEZK1d4 sOOT+oiQSrzvghsNKNCKwEO1CLbNA9XOT7bCchtpD/HguTc4XeGNk7dAf/qA6UVB tJCxmqNBVBKqoe9UafmxLUFcVSkv/PHRVD2h+/TvmqdB8Uf2Z8hIIaBt7UsW34sb yBMLJVhyG98c/7VzwqFXW6Vm+Ly6+/ViYtloe5/Ex4D8FvB72Cc9uRvCTWdLLOXu PlwQKdaEt5CtUrTmLFEX+9t6tybwhNBf/dZ96nazCaSRtQVnhZI9s+wjoE6vEOOB +bOldvJ9tu7LclzMIz7SbSqjhPBSLtEMGZKcO1havVGDwcfPAEc12TW9DtVFDlqA Xq+dFW5vviRCoMlSmNBmSqQZSWMF64LdzjvWfW2G/nBnNLOdhu/Wufs1sJUOc+cp V9PgQH0iWut0N89DaOzTH+4PQvvvTw12HuKHk+P+/O8bBBdcI9gpd5klce/5jquc QXqhy49koz6BturNpVnXfSWjdLPwQ1pwhGJOkv7vLsdx6HVeuY6BsSE+C28cHFl+ z/AOZL4eCa9xKlePdGKCbqzTjMmCiJQbeShoBOKt1DtSgVVgtE0Kc5EZQcqop0aw RG304k1HSbrgsSRFxx6s1RophOQaC3ASvWkw5OY/8ylNrO9AAMxLRjZNCve6V7Rq 86WRMpuQxpE= =winR -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section

Trust: 2.43

sources: NVD: CVE-2019-11041 // JVNDB: JVNDB-2019-007694 // VULHUB: VHN-142648 // VULMON: CVE-2019-11041 // PACKETSTORM: 154561 // PACKETSTORM: 159094 // PACKETSTORM: 154051 // PACKETSTORM: 154543 // PACKETSTORM: 154050 // PACKETSTORM: 155070 // PACKETSTORM: 157463

AFFECTED PRODUCTS

vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	12.04	Trust: 1.1
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.1
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.1
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.04	Trust: 1.1
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	19.04	Trust: 1.1
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.1
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.1
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.1
vendor:	opensuse	model:	leap	scope:	eq	version:	15.0	Trust: 1.1
vendor:	apple	model:	mac os x	scope:	lt	version:	10.15.1	Trust: 1.0
vendor:	php	model:	php	scope:	lt	version:	7.1.31	Trust: 1.0
vendor:	php	model:	php	scope:	lt	version:	7.2.21	Trust: 1.0
vendor:	php	model:	php	scope:	gte	version:	7.2.0	Trust: 1.0
vendor:	php	model:	php	scope:	lt	version:	7.3.8	Trust: 1.0
vendor:	redhat	model:	software collections	scope:	eq	version:	1.0	Trust: 1.0
vendor:	php	model:	php	scope:	gte	version:	7.1.0	Trust: 1.0
vendor:	tenable	model:	tenable.sc	scope:	lt	version:	5.19.0	Trust: 1.0
vendor:	php	model:	php	scope:	gte	version:	7.3.0	Trust: 1.0
vendor:	canonical	model:	ubuntu	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8
vendor:	the php group	model:	php	scope:	eq	version:	7.1.31 for up to 7.1.x	Trust: 0.8
vendor:	the php group	model:	php	scope:	eq	version:	7.2.21 for up to 7.2.x	Trust: 0.8
vendor:	the php group	model:	php	scope:	eq	version:	7.3.8 for up to 7.3.x	Trust: 0.8
vendor:	php	model:	php	scope:	eq	version:	7.1.0	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.1	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.2	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.3	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.4	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.5	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.6	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.7	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.8	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.9	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.10	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.11	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.12	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.13	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.14	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.15	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.16	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.17	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.18	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.19	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.20	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.21	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.22	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.23	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.24	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.25	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.26	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.27	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.28	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.29	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.1.30	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.0	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.1	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.2	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.3	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.4	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.5	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.6	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.7	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.8	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.9	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.10	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.11	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.12	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.13	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.14	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.15	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.16	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.17	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.18	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.19	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.2.20	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.3.0	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.3.1	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.3.2	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.3.3	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.3.4	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.3.5	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.3.6	Trust: 0.1
vendor:	php	model:	php	scope:	eq	version:	7.3.7	Trust: 0.1
vendor:	apple	model:	mac os x	scope:	eq	version:	10.15	Trust: 0.1

sources: VULMON: CVE-2019-11041 // JVNDB: JVNDB-2019-007694 // NVD: CVE-2019-11041

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-11041
value:	HIGH
Trust: 1.0
security@php.net:	CVE-2019-11041
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-11041
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201908-140
value:	HIGH
Trust: 0.6
VULHUB:	VHN-142648
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2019-11041
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-11041
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	CVE-2019-11041
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-142648
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-11041
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.2
version:	3.1
Trust: 1.0
security@php.net:	CVE-2019-11041
baseSeverity:	MEDIUM
baseScore:	4.8
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	2.2
impactScore:	2.5
version:	3.0
Trust: 1.0
NVD:	CVE-2019-11041
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-142648 // VULMON: CVE-2019-11041 // CNNVD: CNNVD-201908-140 // JVNDB: JVNDB-2019-007694 // NVD: CVE-2019-11041 // NVD: CVE-2019-11041

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.1
problemtype:	CWE-119	Trust: 0.9

sources: VULHUB: VHN-142648 // JVNDB: JVNDB-2019-007694 // NVD: CVE-2019-11041

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-140

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201908-140

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-007694

PATCH

title:	[SECURITY] [DLA 1878-1] php5 security update	url:	https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html	Trust: 0.8
title:	78222	url:	https://bugs.php.net/bug.php?id=78222	Trust: 0.8
title:	USN-4097-1	url:	https://usn.ubuntu.com/4097-1/	Trust: 0.8
title:	USN-4097-2	url:	https://usn.ubuntu.com/4097-2/	Trust: 0.8
title:	PHP Buffer error vulnerability fix	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=95902	Trust: 0.6
title:	Ubuntu Security Notice: php7.0, php7.2 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4097-1	Trust: 0.1
title:	Ubuntu Security Notice: php5 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4097-2	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2019-1284	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2019-1284	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2019-1283	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2019-1283	Trust: 0.1
title:	Debian Security Advisories: DSA-4527-1 php7.3 -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=877cb76e8aeddfa40b275ad142be1771	Trust: 0.1
title:	Red Hat: Moderate: php:7.2 security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20201624 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: rh-php72-php security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193299 - Security Advisory	Trust: 0.1
title:	Apple: macOS Catalina 10.15	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=aafc8ca42bce10e92a70604a0d265a55	Trust: 0.1
title:	Debian Security Advisories: DSA-4529-1 php7.0 -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=ee5cd1d3e8c521eee01300cbf544b2d7	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/apple-tackles-a-dozen-bugs-in-catalina/148988/	Trust: 0.1

sources: VULMON: CVE-2019-11041 // CNNVD: CNNVD-201908-140 // JVNDB: JVNDB-2019-007694

EXTERNAL IDS

db:	NVD	id:	CVE-2019-11041	Trust: 3.3
db:	TENABLE	id:	TNS-2021-14	Trust: 1.7
db:	PACKETSTORM	id:	159094	Trust: 0.8
db:	PACKETSTORM	id:	154051	Trust: 0.8
db:	JVNDB	id:	JVNDB-2019-007694	Trust: 0.8
db:	CNNVD	id:	CNNVD-201908-140	Trust: 0.7
db:	PACKETSTORM	id:	157463	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.3073	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3272	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2515	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0741	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.3072	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4296	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1500	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3111	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.6056	Trust: 0.6
db:	CS-HELP	id:	SB2021072292	Trust: 0.6
db:	PACKETSTORM	id:	154050	Trust: 0.2
db:	PACKETSTORM	id:	154768	Trust: 0.1
db:	VULHUB	id:	VHN-142648	Trust: 0.1
db:	VULMON	id:	CVE-2019-11041	Trust: 0.1
db:	PACKETSTORM	id:	154561	Trust: 0.1
db:	PACKETSTORM	id:	154543	Trust: 0.1
db:	PACKETSTORM	id:	155070	Trust: 0.1

sources: VULHUB: VHN-142648 // VULMON: CVE-2019-11041 // PACKETSTORM: 154561 // PACKETSTORM: 159094 // PACKETSTORM: 154051 // PACKETSTORM: 154543 // PACKETSTORM: 154050 // PACKETSTORM: 155070 // PACKETSTORM: 157463 // CNNVD: CNNVD-201908-140 // JVNDB: JVNDB-2019-007694 // NVD: CVE-2019-11041

REFERENCES

url:	https://access.redhat.com/errata/rhsa-2019:3299	Trust: 2.5
url:	https://usn.ubuntu.com/4097-1/	Trust: 2.5
url:	https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html	Trust: 2.4
url:	https://usn.ubuntu.com/4097-2/	Trust: 2.4
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11041	Trust: 2.1
url:	https://seclists.org/bugtraq/2019/sep/35	Trust: 1.8
url:	https://seclists.org/bugtraq/2019/sep/38	Trust: 1.8
url:	https://seclists.org/bugtraq/2019/oct/9	Trust: 1.8
url:	https://bugs.php.net/bug.php?id=78222	Trust: 1.8
url:	https://security.netapp.com/advisory/ntap-20190822-0003/	Trust: 1.8
url:	https://support.apple.com/kb/ht210634	Trust: 1.8
url:	https://www.debian.org/security/2019/dsa-4527	Trust: 1.8
url:	https://www.debian.org/security/2019/dsa-4529	Trust: 1.8
url:	http://seclists.org/fulldisclosure/2019/oct/15	Trust: 1.8
url:	http://seclists.org/fulldisclosure/2019/oct/55	Trust: 1.8
url:	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html	Trust: 1.8
url:	https://support.apple.com/kb/ht210722	Trust: 1.7
url:	https://www.tenable.com/security/tns-2021-14	Trust: 1.7
url:	https://access.redhat.com/security/cve/cve-2019-11041	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11041	Trust: 0.8
url:	https://access.redhat.com/errata/rhsa-2019:3300	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20192243-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1500/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3073/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3272/	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072292	Trust: 0.6
url:	https://packetstormsecurity.com/files/159094/red-hat-security-advisory-2020-3662-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2515	Trust: 0.6
url:	https://vigilance.fr/vulnerability/php-multiple-vulnerabilities-29928	Trust: 0.6
url:	https://packetstormsecurity.com/files/154051/ubuntu-security-notice-usn-4097-2.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0741/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4296/	Trust: 0.6
url:	https://support.apple.com/en-us/ht210722	Trust: 0.6
url:	https://support.apple.com/en-us/ht210634	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-api-connects-developer-portal-is-impacted-by-vulnerabilities-in-php/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.3072/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.6056	Trust: 0.6
url:	https://packetstormsecurity.com/files/157463/red-hat-security-advisory-2020-1624-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3111/	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11042	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11040	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11039	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11036	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11035	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11034	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2019-11040	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2019-11039	Trust: 0.3
url:	https://access.redhat.com/articles/11258	Trust: 0.3
url:	https://access.redhat.com/security/team/contact/	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2019-11042	Trust: 0.3
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.3
url:	https://bugzilla.redhat.com/):	Trust: 0.3
url:	https://access.redhat.com/security/team/key/	Trust: 0.3
url:	https://www.debian.org/security/faq	Trust: 0.2
url:	https://www.debian.org/security/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11038	Trust: 0.2
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.2
url:	https://usn.ubuntu.com/4097-1	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9022	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9640	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9024	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9638	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9637	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-11036	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-11035	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9638	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9024	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9639	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9023	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-20783	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9022	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9640	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9021	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9023	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9020	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20783	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9639	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9637	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-11034	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-9020	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9021	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/109468	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/php7.0	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7065	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11050	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11045	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-19203	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7062	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-7059	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11045	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11047	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-7066	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-7065	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11047	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13224	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19203	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-13225	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19204	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-7063	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7064	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-19246	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-16163	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20454	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2020:3662	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7066	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11048	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13225	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11048	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-13224	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-19204	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-7060	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-7064	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-16163	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19246	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7063	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-7062	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11050	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7059	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7060	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20454	Trust: 0.1
url:	https://usn.ubuntu.com/4097-2	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/php7.3	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/php7.2/7.2.19-0ubuntu0.18.04.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.6	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/php7.2/7.2.19-0ubuntu0.19.04.2	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-10166	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#critical	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11043	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11038	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-6977	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11043	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2016-10166	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6977	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2020:1624	Trust: 0.1

CREDITS

Ubuntu,Red Hat

Trust: 0.6

sources: CNNVD: CNNVD-201908-140

SOURCES

db:	VULHUB	id:	VHN-142648
db:	VULMON	id:	CVE-2019-11041
db:	PACKETSTORM	id:	154561
db:	PACKETSTORM	id:	159094
db:	PACKETSTORM	id:	154051
db:	PACKETSTORM	id:	154543
db:	PACKETSTORM	id:	154050
db:	PACKETSTORM	id:	155070
db:	PACKETSTORM	id:	157463
db:	CNNVD	id:	CNNVD-201908-140
db:	JVNDB	id:	JVNDB-2019-007694
db:	NVD	id:	CVE-2019-11041

LAST UPDATE DATE

2025-09-28T01:41:08.416000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-142648	date:	2023-02-28T00:00:00
db:	VULMON	id:	CVE-2019-11041	date:	2020-10-02T00:00:00
db:	CNNVD	id:	CNNVD-201908-140	date:	2023-03-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-007694	date:	2019-08-19T00:00:00
db:	NVD	id:	CVE-2019-11041	date:	2024-11-21T04:20:25.723

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-142648	date:	2019-08-09T00:00:00
db:	VULMON	id:	CVE-2019-11041	date:	2019-08-09T00:00:00
db:	PACKETSTORM	id:	154561	date:	2019-09-23T18:25:24
db:	PACKETSTORM	id:	159094	date:	2020-09-08T18:10:32
db:	PACKETSTORM	id:	154051	date:	2019-08-14T02:37:12
db:	PACKETSTORM	id:	154543	date:	2019-09-20T14:58:48
db:	PACKETSTORM	id:	154050	date:	2019-08-14T02:37:04
db:	PACKETSTORM	id:	155070	date:	2019-11-01T17:11:58
db:	PACKETSTORM	id:	157463	date:	2020-04-28T20:37:45
db:	CNNVD	id:	CNNVD-201908-140	date:	2019-08-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-007694	date:	2019-08-19T00:00:00
db:	NVD	id:	CVE-2019-11041	date:	2019-08-09T20:15:11.050