Backport xmlrpc security fix from 5.6.40

- Fix #77242 heap out of bounds read in xmlrpc_decode
- Fix #77380 Global out of bounds read in xmlrpc base64 code

1 files changed, 9 insertions, 1 deletions

diff --git a/php55.spec b/php55.spec
index 272b1d6..980de13 100644
--- a/php55.spec
+++ b/php55.spec
@@ -141,7 +141,7 @@
 Summary: PHP scripting language for creating dynamic web sites
 Name: php
 Version: 5.5.38
-Release: 10%{?dist}
+Release: 11%{?dist}
 # All files licensed under PHP version 3.01, except
 # Zend is licensed under Zend
 # TSRM is licensed under BSD
@@ -263,6 +263,8 @@ Patch157: bug76582.patch
 Patch158: bug77153.patch
 Patch159: bug77020.patch
 Patch160: bug77231.patch
+Patch161: bug77242.patch
+Patch162: bug77380.patch
 
 # Security fixes (200+)
 
@@ -1089,6 +1091,8 @@ rm -rf ext/json
 %patch158 -p1 -b .bug77153
 %patch159 -p1 -b .bug77020
 %patch160 -p1 -b .bug77231
+%patch161 -p1 -b .bug77242
+%patch162 -p1 -b .bug77380
 
 # Fixes for tests
 %patch300 -p1 -b .datetests
@@ -2113,6 +2117,10 @@ EOF
 
 
 %changelog
+* Fri Jan 11 2019 Remi Collet <remi@remirepo.net> - 5.5.38-11
+- Fix #77242 heap out of bounds read in xmlrpc_decode
+- Fix #77380 Global out of bounds read in xmlrpc base64 code
+
 * Mon Dec 10 2018 Remi Collet <remi@remirepo.net> - 5.5.38-10
 - Fix #77231 Segfault when using convert.quoted-printable-encode filter
 - Fix #77020 null pointer dereference in imap_mail