diff options
Diffstat (limited to 'php.spec')
| -rw-r--r-- | php.spec | 20 |
1 files changed, 17 insertions, 3 deletions
@@ -65,7 +65,7 @@ %global oraclelib 19.1 %global oracledir 19.24 %else -%global oraclever 23.6 +%global oraclever 23.26.2 %global oraclemax 24 %global oraclelib 23.1 %global oracledir 23 @@ -141,7 +141,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: 5.6.40 -Release: 45%{?dist} +Release: 46%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -272,6 +272,9 @@ Patch273: php-cve-2024-11234.patch Patch274: php-cve-2024-8932.patch Patch275: php-cve-2024-11233.patch Patch276: php-ghsa-4w77-75f9-2c8w.patch +Patch277: php-cve-2026-7261.patch +Patch278: php-cve-2026-7262.patch +Patch279: php-cve-2026-6735.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -1079,6 +1082,9 @@ sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in %patch -P274 -p1 -b .cve8932 %patch -P275 -p1 -b .cve11233 %patch -P276 -p1 -b .ghsa4w77 +%patch -P277 -p1 -b .cve7261 +%patch -P278 -p1 -b .cve7262 +%patch -P279 -p1 -b .cve6735 # Fixes for tests %patch -P300 -p1 -b .datetests @@ -1851,7 +1857,7 @@ cat << EOF WARNING : PHP 5.6 have reached its "End of Life" in January 2019. Even, if this package includes some of - the important security fixes, backported from 8.1, the + the important security fixes, backported from 8.2, the UPGRADE to a maintained version is very strongly RECOMMENDED. ===================================================================== @@ -2029,6 +2035,14 @@ EOF %changelog +* Tue May 12 2026 Remi Collet <remi@remirepo.net> - 5.6.40-46 +- Fix XSS within status endpoint + CVE-2026-6735 +- Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION + CVE-2026-7261 +- Fix Broken Apache map value NULL check + CVE-2026-7262 + * Fri Dec 6 2024 Remi Collet <remi@remirepo.net> - 5.6.40-45 - Add support for MySQL 8's Unicode types (utf8mb4) https://github.com/remicollet/remirepo/issues/280 |