From 69bb2b7ce8c939bdd5cd9009bc5150506a16e2c7 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Tue, 17 Feb 2026 16:13:04 +0100
Subject: Fix Heap buffer overflow in array_merge()

  CVE-2025-14178
use oracle client library version 23.26 on x86_64 and aarch64
---
 php.spec | 25 +++++++++----------------
 1 file changed, 9 insertions(+), 16 deletions(-)

(limited to 'php.spec')

diff --git a/php.spec b/php.spec
index b14c56c..0aeb6af 100644
--- a/php.spec
+++ b/php.spec
@@ -55,17 +55,10 @@
 
 %global mysql_sock %(mysql_config --socket  2>/dev/null || echo /var/lib/mysql/mysql.sock)
 
-%ifarch aarch64
-%global oraclever 19.24
-%global oraclemax 20
-%global oraclelib 19.1
-%global oracledir 19.24
-%else
-%global oraclever 23.6
+%global oraclever 23.26.1
 %global oraclemax 24
 %global oraclelib 23.1
 %global oracledir 23
-%endif
 
 # Build for LiteSpeed Web Server (LSAPI)
 %global with_lsws     1
@@ -135,7 +128,7 @@
 Summary: PHP scripting language for creating dynamic web sites
 Name:    %{?scl_prefix}php
 Version: %{upver}%{?rcver:~%{rcver}}
-Release: 18%{?dist}
+Release: 19%{?dist}
 # All files licensed under PHP version 3.01, except
 # Zend is licensed under Zend
 # TSRM is licensed under BSD
@@ -231,6 +224,7 @@ Patch220: php-cve-2024-8932.patch
 Patch221: php-cve-2024-11233.patch
 Patch222: php-ghsa-4w77-75f9-2c8w.patch
 Patch223: php-cve-2024-8929.patch
+Patch224: php-cve-2025-14178.patch
 
 # Fixes for tests (300+)
 # Factory is droped from system tzdata
@@ -667,14 +661,7 @@ Summary:        A module for PHP applications that use OCI8 databases
 Group:          Development/Languages
 # All files licensed under PHP version 3.01
 License:        PHP
-%ifarch aarch64
-BuildRequires:  oracle-instantclient%{oraclever}-devel
-# Should requires libclntsh.so.19.1()(aarch-64), but it's not provided by Oracle RPM.
-Requires:       libclntsh.so.%{oraclelib}
-AutoReq:        0
-%else
 BuildRequires: (oracle-instantclient-devel >= %{oraclever} with oracle-instantclient-devel < %{oraclemax})
-%endif
 Requires:       %{?scl_prefix}php-pdo%{?_isa} = %{version}-%{release}
 Provides:       %{?scl_prefix}php_database
 Provides:       %{?scl_prefix}php-pdo_oci
@@ -1034,6 +1021,7 @@ sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in
 %patch -P221 -p1 -b .cve11233
 %patch -P222 -p1 -b .ghsa4w77
 %patch -P223 -p1 -b .cve8929
+%patch -P224 -p1 -b .cve14178
 
 # Fixes for tests
 %patch -P300 -p1 -b .datetests
@@ -1993,6 +1981,11 @@ EOF
 
 
 %changelog
+* Tue Feb 17 2026 Remi Collet <remi@remirepo.net> - 7.3.33-19
+- Fix Heap buffer overflow in array_merge()
+  CVE-2025-14178
+- use oracle client library version 23.26 on x86_64 and aarch64
+
 * Wed Nov 27 2024 Remi Collet <remi@remirepo.net> - 7.3.33-18
 - Fix Leak partial content of the heap through heap buffer over-read
   CVE-2024-8929
-- 
cgit