summaryrefslogtreecommitdiffstats
path: root/php.spec
diff options
context:
space:
mode:
Diffstat (limited to 'php.spec')
-rw-r--r--php.spec22
1 files changed, 18 insertions, 4 deletions
diff --git a/php.spec b/php.spec
index 1d50c18..ab7fee8 100644
--- a/php.spec
+++ b/php.spec
@@ -140,7 +140,7 @@
Summary: PHP scripting language for creating dynamic web sites
Name: %{?scl_prefix}php
Version: 5.5.38
-Release: 7%{?dist}
+Release: 8%{?dist}
# All files licensed under PHP version 3.01, except
# Zend is licensed under Zend
# TSRM is licensed under BSD
@@ -247,6 +247,8 @@ Patch151: bug73764.patch
Patch152: bug73768.patch
Patch153: bug73773.patch
Patch154: bug69090.patch
+Patch155: bug73549.patch
+Patch156: bug75981.patch
# Security fixes (200+)
@@ -994,6 +996,8 @@ support for using the enchant library to PHP.
%patch152 -p1 -b .bug73768
%patch153 -p1 -b .bug73773
%patch154 -p1 -b .bug69090
+%patch155 -p1 -b .bug73549
+%patch156 -p1 -b .bug75981
: ------------------------
# Fixes for tests
@@ -1725,11 +1729,17 @@ fi
%posttrans common
cat << EOF
+==========================================================================
-WARNING : PHP 5.5 have reached its "End of Life" in July 2016.
-Even, if this package includes some security fix, backported from 5.6,
-The upgrade to a maintained version is very strongly recommended.
+ WARNING : PHP 5.5 have reached its "End of Life" in July 2016.
+ Even, if this package includes some security fix, backported from 5.6,
+ The UPGRADE to a maintained version is very strongly RECOMMENDED.
+%if %{?fedora}%{!?fedora:99} < 26
+ WARNING : Fedora %{fedora} is now EOL :
+ You should consider upgrading to a supported release
+%endif
+==========================================================================
EOF
@@ -1899,6 +1909,10 @@ EOF
%changelog
+* Thu Mar 1 2018 Remi Collet <remi@remirepo.net> - 5.5.38-8
+- fix #73549: Use after free when stream is passed to imagepng
+- fix #75981: stack-buffer-overflow while parsing HTTP response
+
* Sat Feb 18 2017 Remi Collet <remi@remirepo.net> - 5.5.38-7
- fix #73737: FPE when parsing a tag format
CVE-2016-10158