From 003b71973f17c66ab9544546f693f290dbfa300e Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Sun, 29 May 2016 09:34:18 +0200
Subject: PHP 5.4.45 + security fix from 5.5.36

---
 php54.spec | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

(limited to 'php54.spec')

diff --git a/php54.spec b/php54.spec
index 4e2fe94..d5982c5 100644
--- a/php54.spec
+++ b/php54.spec
@@ -98,7 +98,7 @@
 Summary: PHP scripting language for creating dynamic web sites
 Name: php
 Version: 5.4.45
-Release: 8%{?dist}
+Release: 9%{?dist}
 # All files licensed under PHP version 3.01, except
 # Zend is licensed under Zend
 # TSRM is licensed under BSD
@@ -183,6 +183,11 @@ Patch223: bug72061.patch
 Patch224: bug72093.patch
 Patch225: bug72094.patch
 Patch226: bug72099.patch
+Patch227: bug71331.patch
+Patch228: bug72114.patch
+Patch229: bugoverflow.patch
+Patch230: bug72135.patch
+Patch231: bug72241.patch
 
 # Fixes for tests
 # no_NO issue
@@ -917,6 +922,11 @@ rm -f ext/json/utf8_to_utf16.*
 %patch224 -p1 -b .bug72093
 %patch225 -p1 -b .bug72094
 %patch226 -p1 -b .bug72099
+%patch227 -p1 -b .bug71331
+%patch228 -p1 -b .bug72114
+%patch229 -p1 -b .bugoverflow
+%patch230 -p1 -b .bug72135
+%patch231 -p1 -b .bug72241
 
 # Fixes for tests
 %patch301 -p1 -b .datetests2
@@ -1806,6 +1816,17 @@ fi
 
 
 %changelog
+* Sun May 29 2016 Remi Collet <remi@fedoraproject.org> 5.4.45-9
+- Fix #71331: Uninitialized pointer in phar_make_dirstream
+  CVE-2016-4343
+- Fix #72114: int/size_t confusion in fread
+  CVE-2016-5096
+- Add check for string overflow to all string add operations
+- Fix #72135: don't create strings with lengths outside int range
+  CVE-2016-5094
+- Fix #72241: get_icu_value_internal out-of-bounds read
+  CVE-2016-5093
+
 * Tue Apr 26 2016 Remi Collet <remi@fedoraproject.org> 5.4.45-8
 - Fix #64938: libxml_disable_entity_loader setting is shared between threads
   CVE-2015-8866
-- 
cgit