diff options
Diffstat (limited to 'php74.spec')
-rw-r--r-- | php74.spec | 17 |
1 files changed, 16 insertions, 1 deletions
@@ -103,7 +103,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: php Version: %{upver}%{?rcver:~%{rcver}} -Release: 3%{?dist} +Release: 4%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -168,6 +168,9 @@ Patch91: php-7.2.0-oci8conf.patch # Security fixes (200+) Patch200: php-bug81740.patch +Patch201: php-bug81744.patch +Patch202: php-bug81746.patch +Patch203: php-cve-2023-0662.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -1171,6 +1174,9 @@ rm ext/openssl/tests/p12_with_extra_certs.p12 # security patches %patch200 -p1 -b .bug81740 +%patch201 -p1 -b .bug81744 +%patch202 -p1 -b .bug81746 +%patch203 -p1 -b .cve0662 # Fixes for tests related to tzdata %if 0%{?fedora} >= 29 || 0%{?rhel} >= 6 @@ -2200,8 +2206,17 @@ EOF %changelog +* Tue Feb 14 2023 Remi Collet <remi@remirepo.net> - 7.4.33-4 +- fix #81744: Password_verify() always return true with some hash + CVE-2023-0567 +- fix #81746: 1-byte array overrun in common path resolve code + CVE-2023-0568 +- fix DOS vulnerability when parsing multipart request body + CVE-2023-0662 + * Fri Feb 10 2023 Remi Collet <remi@remirepo.net> - 7.4.33-3 - F38: disable imap extension +- add dependency on pcre2 minimal version * Mon Dec 19 2022 Remi Collet <remi@remirepo.net> - 7.4.33-2 - pdo: fix #81740: PDO::quote() may return unquoted string |