diff options
author | Remi Collet <remi@remirepo.net> | 2023-06-21 10:36:07 +0200 |
---|---|---|
committer | Remi Collet <remi@php.net> | 2023-06-21 10:36:07 +0200 |
commit | d7703b357f346c2a65dc3e3f5adcd7a20ca73d46 (patch) | |
tree | b7907b02b0a012b33f770b9a17c914a61c1d3b42 /php71.spec | |
parent | 5c6189c60bf3cb2105b08a73c45a02d578f3eac7 (diff) |
fix possible buffer overflow in date
Diffstat (limited to 'php71.spec')
-rw-r--r-- | php71.spec | 121 |
1 files changed, 62 insertions, 59 deletions
@@ -109,7 +109,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: php Version: %{upver}%{?rcver:~%{rcver}} -Release: 25%{?dist} +Release: 26%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -207,7 +207,7 @@ Patch234: php-bug81740.patch Patch235: php-bug81744.patch Patch236: php-bug81746.patch Patch237: php-cve-2023-0662.patch -Patch238: php-ghsa-76gg-c692-v2mw.patch +Patch238: php-cve-2023-3247.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -1034,84 +1034,84 @@ support for JavaScript Object Notation (JSON) to PHP. %setup -q -n php-%{upver}%{?rcver} -%patch1 -p1 -b .mpmcheck -%patch2 -p1 -b .true -%patch5 -p1 -b .includedir -%patch6 -p1 -b .embed -%patch7 -p1 -b .recode -%patch8 -p1 -b .libdb +%patch -P1 -p1 -b .mpmcheck +%patch -P2 -p1 -b .true +%patch -P5 -p1 -b .includedir +%patch -P6 -p1 -b .embed +%patch -P7 -p1 -b .recode +%patch -P8 -p1 -b .libdb %if 0%{?rhel} -%patch9 -p1 -b .curltls +%patch -P9 -p1 -b .curltls %endif -%patch40 -p1 -b .dlopen +%patch -P40 -p1 -b .dlopen %if 0%{?fedora} >= 25 || 0%{?rhel} >= 6 -%patch42 -p1 -b .systzdata +%patch -P42 -p1 -b .systzdata %endif -%patch43 -p1 -b .headers +%patch -P43 -p1 -b .headers %if 0%{?fedora} >= 18 || 0%{?rhel} >= 7 -%patch45 -p1 -b .ldap_r +%patch -P45 -p1 -b .ldap_r %endif -%patch47 -p1 -b .phpinfo -%patch48 -p1 -b .loadconf -%patch49 -p1 -b .getallheaders +%patch -P47 -p1 -b .phpinfo +%patch -P48 -p1 -b .loadconf +%patch -P49 -p1 -b .getallheaders -%patch91 -p1 -b .remi-oci8 +%patch -P91 -p1 -b .remi-oci8 # upstream patches # security patches -%patch201 -p1 -b .bug78878 -%patch202 -p1 -b .bug78862 -%patch203 -p1 -b .bug78863 -%patch204 -p1 -b .bug78793 -%patch205 -p1 -b .bug78910 -%patch206 -p1 -b .bug79091 -%patch207 -p1 -b .bug79099 -%patch208 -p1 -b .bug79037 -%patch209 -p1 -b .bug77569 -%patch210 -p1 -b .bug79221 -%patch211 -p1 -b .bug79082 -%patch212 -p1 -b .bug79282 -%patch213 -p1 -b .bug79329 -%patch214 -p1 -b .bug79330 -%patch215 -p1 -b .bug79465 -%patch216 -p1 -b .bug78875 -%patch217 -p1 -b .bug78876 -%patch218 -p1 -b .bug79797 -%patch219 -p1 -b .bug79877 -%patch220 -p1 -b .bug79601 -%patch221 -p1 -b .bug79699 -%patch222 -p1 -b .bug77423 -%patch223 -p1 -b .bug80672 -%patch224 -p1 -b .bug80710 -%patch225 -p1 -b .bug81122 -%patch226 -p1 -b .bug76450 -%patch227 -p1 -b .bug81211 -%patch228 -p1 -b .bug81026 -%patch229 -p1 -b .bug79971 -%patch230 -p1 -b .bug81719 -%patch231 -p1 -b .bug81720 -%patch232 -p1 -b .bug81727 -%patch233 -p1 -b .bug81726 -%patch234 -p1 -b .bug81740 -%patch235 -p1 -b .bug81744 -%patch236 -p1 -b .bug81746 -%patch237 -p1 -b .cve0662 -%patch238 -p1 -b .ghsa-76gg-c692-v2mw +%patch -P201 -p1 -b .bug78878 +%patch -P202 -p1 -b .bug78862 +%patch -P203 -p1 -b .bug78863 +%patch -P204 -p1 -b .bug78793 +%patch -P205 -p1 -b .bug78910 +%patch -P206 -p1 -b .bug79091 +%patch -P207 -p1 -b .bug79099 +%patch -P208 -p1 -b .bug79037 +%patch -P209 -p1 -b .bug77569 +%patch -P210 -p1 -b .bug79221 +%patch -P211 -p1 -b .bug79082 +%patch -P212 -p1 -b .bug79282 +%patch -P213 -p1 -b .bug79329 +%patch -P214 -p1 -b .bug79330 +%patch -P215 -p1 -b .bug79465 +%patch -P216 -p1 -b .bug78875 +%patch -P217 -p1 -b .bug78876 +%patch -P218 -p1 -b .bug79797 +%patch -P219 -p1 -b .bug79877 +%patch -P220 -p1 -b .bug79601 +%patch -P221 -p1 -b .bug79699 +%patch -P222 -p1 -b .bug77423 +%patch -P223 -p1 -b .bug80672 +%patch -P224 -p1 -b .bug80710 +%patch -P225 -p1 -b .bug81122 +%patch -P226 -p1 -b .bug76450 +%patch -P227 -p1 -b .bug81211 +%patch -P228 -p1 -b .bug81026 +%patch -P229 -p1 -b .bug79971 +%patch -P230 -p1 -b .bug81719 +%patch -P231 -p1 -b .bug81720 +%patch -P232 -p1 -b .bug81727 +%patch -P233 -p1 -b .bug81726 +%patch -P234 -p1 -b .bug81740 +%patch -P235 -p1 -b .bug81744 +%patch -P236 -p1 -b .bug81746 +%patch -P237 -p1 -b .cve0662 +%patch -P238 -p1 -b .cve3247 # Fixes for tests %if 0%{?fedora} >= 25 || 0%{?rhel} >= 6 -%patch300 -p1 -b .datetests +%patch -P300 -p1 -b .datetests %endif %if %{with_libpcre} if ! pkg-config libpcre --atleast-version 8.34 ; then # Only apply when system libpcre < 8.34 -%patch301 -p1 -b .pcre834 +%patch -P301 -p1 -b .pcre834 fi %endif # New openssl certs -%patch302 -p1 -b .renewcert +%patch -P302 -p1 -b .renewcert rm ext/openssl/tests/bug65538_003.phpt # WIP patch @@ -2173,10 +2173,13 @@ EOF %changelog +* Wed Jun 21 2023 Remi Collet <remi@remirepo.net> - 7.1.33-26 +- fix possible buffer overflow in date + * Wed Jun 7 2023 Remi Collet <remi@remirepo.net> - 7.1.33-25 - Fix Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP - GHSA-76gg-c692-v2mw + GHSA-76gg-c692-v2mw CVE-2023-3247 - use oracle client library version 21.10 - define __phpize and __phpconfig |