diff options
author | Remi Collet <fedora@famillecollet.com> | 2016-10-15 10:17:16 +0200 |
---|---|---|
committer | Remi Collet <fedora@famillecollet.com> | 2016-10-15 10:17:16 +0200 |
commit | bec6bca2de5aaf1a1b186722901dc75ec1529fea (patch) | |
tree | 1c6c37099f22c30b3999754d8adbe0bfba02ba8c /php.spec | |
parent | b52e0db9c0cf11f6eda1e00f2d5292a0ac78424c (diff) |
PHP 5.5.38 with 15 security fix from 5.6.27
Diffstat (limited to 'php.spec')
-rw-r--r-- | php.spec | 55 |
1 files changed, 54 insertions, 1 deletions
@@ -140,7 +140,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: 5.5.38 -Release: 3%{?dist} +Release: 4%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -221,6 +221,22 @@ Patch125: bug73029.patch Patch126: bug73052.patch Patch127: bug73035.patch Patch128: bug73065.patch +Patch129: bug72581.patch +Patch130: bug73189.patch +Patch131: bug73147.patch +Patch132: bug73190.patch +Patch133: bug73150.patch +Patch134: bug73284.patch +Patch135: bug73073.patch +Patch136: bug73218.patch +Patch137: bug73208.patch +Patch138: bug73082.patch +Patch139: bug73174.patch +Patch140: bug73275.patch +Patch141: bug73276.patch +Patch142: bug73293.patch +Patch143: bug73240.patch +Patch144: bug73017.patch # Security fixes (200+) @@ -898,7 +914,9 @@ support for using the enchant library to PHP. %patch21 -p1 -b .odbctimer %patch40 -p1 -b .dlopen +%if 0%{?fedora} >= 23 || 0%{?rhel} >= 5 %patch42 -p1 -b .systzdata +%endif %patch43 -p1 -b .headers %if 0%{?fedora} >= 18 || 0%{?rhel} >= 7 %patch45 -p1 -b .ldap_r @@ -940,6 +958,23 @@ support for using the enchant library to PHP. %patch126 -p1 -b .bug73052 %patch127 -p1 -b .bug73035 %patch128 -p1 -b .bug73065 +%patch129 -p1 -b .bug73581 +%patch130 -p1 -b .bug73189 +%patch131 -p1 -b .bug73147 +%patch132 -p1 -b .bug73190 +%patch133 -p1 -b .bug73150 +%patch134 -p1 -b .bug73284 +%patch135 -p1 -b .bug73073 +%patch136 -p1 -b .bug73218 +%patch137 -p1 -b .bug73208 +%patch138 -p1 -b .bug73082 +%patch139 -p1 -b .bug73174 +%patch140 -p1 -b .bug73275 +%patch141 -p1 -b .bug73276 +%patch142 -p1 -b .bug73293 +%patch143 -p1 -b .bug73240 +%patch144 -p1 -b .bug73017 +: ------------------------ # Fixes for tests %patch300 -p1 -b .datetests @@ -1844,6 +1879,24 @@ EOF %changelog +* Sat Oct 15 2016 Remi Collet <remi@remirepo.net> 5.5.38-4 +- fix #73189: Memcpy negative size parameter php_resolve_path +- fix #72581: previous property undefined in Exception after deserialization +- fix #73147: Use After Free in unserialize +- fix #73190: memcpy negative parameter _bc_new_num_ex +- fix #73150: missing NULL check in dom_document_save_html +- fix #73284: heap overflow in php_ereg_replace function +- fix #73073: CachingIterator null dereference when convert to string +- fix #73218: add mitigation for ICU int overflow +- fix #73208: integer overflow in imap_8bit caused heap corruption +- fix #73082: string length overflow in mb_encode_* function +- fix #73174: heap overflow in php_pcre_replace_impl +- fix #73275: crash in openssl_encrypt function +- fix #73275: crash in openssl_encrypt function +- fix #73293: NULL pointer dereference in SimpleXMLElement::asXML +- fix #73240: Write out of bounds at number_format +- fix #73017: memory corruption in wordwrap function + * Mon Sep 19 2016 Remi Collet <remi@remirepo.net> 5.5.38-3 - fix #72910: Out of bounds heap read in mbc_to_code() - fix #72926: Uninitialized Thumbail Data Leads To Memory Leakage |