diff options
Diffstat (limited to 'php.spec')
| -rw-r--r-- | php.spec | 20 |
1 files changed, 19 insertions, 1 deletions
@@ -119,7 +119,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: 5.4.45 -Release: 2%{?dist} +Release: 3%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -164,6 +164,8 @@ Patch46: php-5.4.9-fixheader.patch Patch47: php-5.4.9-phpinfo.patch # Allow multiple paths in ini_scan_dir Patch48: php-5.4.16-iniscan.patch +# Add CURL_SSLVERSION_* constant +Patch49: php-5.4.45-curltls.patch # RC Patch Patch91: php-5.3.7-oci8conf.patch @@ -179,6 +181,10 @@ Patch102: php-5.4.39-bug50444.patch # Security fixes (200+) Patch200: bug69720.patch Patch201: bug70433.patch +Patch202: bug70755.patch +Patch203: bug70728.patch +Patch204: bug70741.patch +Patch205: bug70661.patch # Fixes for tests (300+) # Backported from 5.5 @@ -806,6 +812,7 @@ support for using the enchant library to PHP. %patch46 -p1 -b .fixheader %patch47 -p1 -b .phpinfo %patch48 -p1 -b .iniscan +%patch49 -p1 -b .curltls %patch91 -p1 -b .remi-oci8 @@ -817,6 +824,10 @@ support for using the enchant library to PHP. # security patches %patch200 -p1 -b .bug69720 %patch201 -p1 -b .bug70433 +%patch202 -p1 -b .bug70755 +%patch203 -p1 -b .bug70728 +%patch204 -p1 -b .bug70741 +%patch205 -p1 -b .bug70661 # Fixes for tests %patch300 -p1 -b .datetests1 @@ -1631,6 +1642,13 @@ EOF %changelog +* Wed Jan 6 2016 Remi Collet <remi@fedoraproject.org> 5.4.45-3 +- Fix #70755: fpm_log.c memory leak and buffer overflow +- Fix #70728: Type Confusion Vulnerability in PHP_to_XMLRPC_worker +- Fix #70741: Session WDDX Packet Deserialization Type +- Fix #70661: Use After Free Vulnerability in WDDX Packet Deserialization +- curl: add CURL_SSLVERSION_TLSv1_x constants + * Wed Sep 30 2015 Remi Collet <remi@fedoraproject.org> 5.4.45-2 - Fix bug #70433 - Uninitialized pointer in phar_make_dirstream when zip entry filename is "/" |