diff options
author | Remi Collet <remi@remirepo.net> | 2019-01-11 13:38:24 +0100 |
---|---|---|
committer | Remi Collet <remi@remirepo.net> | 2019-01-11 13:38:24 +0100 |
commit | d86fc6e7b23f6fe389b22746f775b93d5d80d0ca (patch) | |
tree | 21553e6c08b92b5ba9cb39d356e8ea9ce4b30cae /php.spec | |
parent | dc48891fbc3cd62ab4f340fa6b2fa06ee6cce75b (diff) |
Backport xmlrpc security fix from 5.6.40
- Fix #77242 heap out of bounds read in xmlrpc_decode
- Fix #77380 Global out of bounds read in xmlrpc base64 code
Diffstat (limited to 'php.spec')
-rw-r--r-- | php.spec | 10 |
1 files changed, 9 insertions, 1 deletions
@@ -121,7 +121,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: 5.4.45 -Release: 16%{?dist} +Release: 17%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -257,6 +257,8 @@ Patch271: bug76582.patch Patch272: bug77153.patch Patch273: bug77020.patch Patch274: bug77231.patch +Patch275: bug77242.patch +Patch276: bug77380.patch # Fixes for tests (300+) # Backported from 5.5 @@ -972,6 +974,8 @@ support for using the enchant library to PHP. %patch272 -p1 -b .bug77153 %patch273 -p1 -b .bug77020 %patch274 -p1 -b .bug77231 +%patch275 -p1 -b .bug77242 +%patch276 -p1 -b .bug77380 : ------------------------ #exit 1 @@ -1809,6 +1813,10 @@ EOF %changelog +* Fri Jan 11 2019 Remi Collet <remi@remirepo.net> - 5.4.45-17 +- Fix #77242 heap out of bounds read in xmlrpc_decode +- Fix #77380 Global out of bounds read in xmlrpc base64 code + * Mon Dec 10 2018 Remi Collet <remi@remirepo.net> - 5.4.45-16 - Fix #77231 Segfault when using convert.quoted-printable-encode filter - Fix #77020 null pointer dereference in imap_mail |