diff options
author | Remi Collet <remi@remirepo.net> | 2022-09-27 20:37:14 +0200 |
---|---|---|
committer | Remi Collet <remi@php.net> | 2022-09-27 20:37:14 +0200 |
commit | bc8ed5c45a99129a8d77f53054bf47553c37db48 (patch) | |
tree | daddee96f8901a95eb0b6a9583fbaf978b3535e7 /php.spec | |
parent | ba09fa0473cc2f090fda511c1a78adee8a3fab66 (diff) |
phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628
core: fix #81727 Don't mangle HTTP variable names that clash with ones
that have a specific semantic meaning. CVE-2022-31629
use oracle client library version 21.7
Diffstat (limited to 'php.spec')
-rw-r--r-- | php.spec | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -127,7 +127,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: %{upver}%{?rcver:~%{rcver}} -Release: 34%{?dist} +Release: 35%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -2009,7 +2009,7 @@ EOF %changelog -* Tue Sep 27 2022 Remi Collet <remi@remirepo.net> - 7.0.33-34 +* Tue Sep 27 2022 Remi Collet <remi@remirepo.net> - 7.0.33-35 - phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628 - core: fix #81727 Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. CVE-2022-31629 |