From a4201fe247b1230830bcf7f8b89db5b699f7ca99 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Tue, 22 Oct 2019 14:33:24 +0200 Subject: Fix CVE-2019-11043 env_path_info underflow in fpm_main.c --- php55.spec | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'php55.spec') diff --git a/php55.spec b/php55.spec index 980de13..8701fd7 100644 --- a/php55.spec +++ b/php55.spec @@ -141,7 +141,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: php Version: 5.5.38 -Release: 11%{?dist} +Release: 12%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -265,6 +265,7 @@ Patch159: bug77020.patch Patch160: bug77231.patch Patch161: bug77242.patch Patch162: bug77380.patch +Patch163: bug78599.patch # Security fixes (200+) @@ -1093,6 +1094,7 @@ rm -rf ext/json %patch160 -p1 -b .bug77231 %patch161 -p1 -b .bug77242 %patch162 -p1 -b .bug77380 +%patch163 -p1 -b .bug78599 # Fixes for tests %patch300 -p1 -b .datetests @@ -2117,6 +2119,10 @@ EOF %changelog +* Tue Oct 22 2019 Remi Collet - 5.5.38-12 +- FPM: + Fix CVE-2019-11043 env_path_info underflow in fpm_main.c + * Fri Jan 11 2019 Remi Collet - 5.5.38-11 - Fix #77242 heap out of bounds read in xmlrpc_decode - Fix #77380 Global out of bounds read in xmlrpc base64 code -- cgit