diff options
| author | Remi Collet <remi@remirepo.net> | 2026-05-13 16:16:02 +0200 |
|---|---|---|
| committer | Remi Collet <remi@php.net> | 2026-05-13 16:16:02 +0200 |
| commit | 9db8053269591f614b37c8782b4f3efb7c7f6628 (patch) | |
| tree | fb0a4d45dd6e791b2df2d0c1ee40a39b63b0bb50 /php.spec | |
| parent | e78fd22632c92dbb1c01dc16797eead09f2affd9 (diff) | |
CVE-2026-6735
Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map
CVE-2026-6722
Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION
CVE-2026-7261
Fix Broken Apache map value NULL check
CVE-2026-7262
Fix Signed integer overflow of char array offset
CVE-2026-7568
Diffstat (limited to 'php.spec')
| -rw-r--r-- | php.spec | 26 |
1 files changed, 24 insertions, 2 deletions
@@ -61,7 +61,7 @@ %global oraclelib 19.1 %global oracledir 19.24 %else -%global oraclever 23.6 +%global oraclever 23.26.2 %global oraclemax 24 %global oraclelib 23.1 %global oracledir 23 @@ -135,7 +135,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: %{upver}%{?rcver:~%{rcver}} -Release: 32%{?dist} +Release: 33%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -250,6 +250,11 @@ Patch248: php-cve-2024-11234.patch Patch249: php-cve-2024-8932.patch Patch250: php-cve-2024-11233.patch Patch251: php-ghsa-4w77-75f9-2c8w.patch +Patch252: php-cve-2026-6722.patch +Patch253: php-cve-2026-7261.patch +Patch254: php-cve-2026-7262.patch +Patch255: php-cve-2026-6735.patch +Patch256: php-cve-2026-7568.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -1037,6 +1042,11 @@ sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in %patch -P249 -p1 -b .cve8932 %patch -P250 -p1 -b .cve11233 %patch -P251 -p1 -b .ghsa4w77 +%patch -P252 -p1 -b .cve6722 +%patch -P253 -p1 -b .cve7261 +%patch -P254 -p1 -b .cve7262 +%patch -P255 -p1 -b .cve6735 +%patch -P256 -p1 -b .cve7268 # Fixes for tests %patch -P300 -p1 -b .datetests @@ -2000,6 +2010,18 @@ EOF %changelog +* Tue May 12 2026 Remi Collet <remi@remirepo.net> - 7.1.33-33 +- Fix XSS within status endpoint + CVE-2026-6735 +- Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map + CVE-2026-6722 +- Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION + CVE-2026-7261 +- Fix Broken Apache map value NULL check + CVE-2026-7262 +- Fix Signed integer overflow of char array offset + CVE-2026-7568 + * Tue Nov 26 2024 Remi Collet <remi@remirepo.net> - 7.1.33-32 - Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface GHSA-4w77-75f9-2c8w |