diff options
Diffstat (limited to 'php54.spec')
-rw-r--r-- | php54.spec | 23 |
1 files changed, 22 insertions, 1 deletions
@@ -98,7 +98,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: php Version: 5.4.45 -Release: 8%{?dist} +Release: 9%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -183,6 +183,11 @@ Patch223: bug72061.patch Patch224: bug72093.patch Patch225: bug72094.patch Patch226: bug72099.patch +Patch227: bug71331.patch +Patch228: bug72114.patch +Patch229: bugoverflow.patch +Patch230: bug72135.patch +Patch231: bug72241.patch # Fixes for tests # no_NO issue @@ -917,6 +922,11 @@ rm -f ext/json/utf8_to_utf16.* %patch224 -p1 -b .bug72093 %patch225 -p1 -b .bug72094 %patch226 -p1 -b .bug72099 +%patch227 -p1 -b .bug71331 +%patch228 -p1 -b .bug72114 +%patch229 -p1 -b .bugoverflow +%patch230 -p1 -b .bug72135 +%patch231 -p1 -b .bug72241 # Fixes for tests %patch301 -p1 -b .datetests2 @@ -1806,6 +1816,17 @@ fi %changelog +* Sun May 29 2016 Remi Collet <remi@fedoraproject.org> 5.4.45-9 +- Fix #71331: Uninitialized pointer in phar_make_dirstream + CVE-2016-4343 +- Fix #72114: int/size_t confusion in fread + CVE-2016-5096 +- Add check for string overflow to all string add operations +- Fix #72135: don't create strings with lengths outside int range + CVE-2016-5094 +- Fix #72241: get_icu_value_internal out-of-bounds read + CVE-2016-5093 + * Tue Apr 26 2016 Remi Collet <remi@fedoraproject.org> 5.4.45-8 - Fix #64938: libxml_disable_entity_loader setting is shared between threads CVE-2015-8866 |