From 3ba80f05620ff05dc3835de45f7d22eba11cca67 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Fri, 11 Jan 2019 14:14:31 +0100 Subject: Backport xmlrpc security fix from 5.6.40 - Fix #77242 heap out of bounds read in xmlrpc_decode - Fix #77380 Global out of bounds read in xmlrpc base64 code --- php54.spec | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'php54.spec') diff --git a/php54.spec b/php54.spec index b0bb171..1e21033 100644 --- a/php54.spec +++ b/php54.spec @@ -99,7 +99,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: php Version: 5.4.45 -Release: 16%{?dist} +Release: 17%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -233,6 +233,8 @@ Patch271: bug76582.patch Patch272: bug77153.patch Patch273: bug77020.patch Patch274: bug77231.patch +Patch275: bug77242.patch +Patch276: bug77380.patch # Fixes for tests # no_NO issue @@ -1015,6 +1017,8 @@ rm -f ext/json/utf8_to_utf16.* %patch272 -p1 -b .bug77153 %patch273 -p1 -b .bug77020 %patch274 -p1 -b .bug77231 +%patch275 -p1 -b .bug77242 +%patch276 -p1 -b .bug77380 # Fixes for tests %patch301 -p1 -b .datetests2 @@ -1680,7 +1684,7 @@ cat << EOF backported from 5.5 or 5.6, The UPGRADE to a maintained version is very strongly RECOMMENDED. -%if %{?fedora}%{!?fedora:99} < 26 +%if %{?fedora}%{!?fedora:99} < 28 WARNING : Fedora %{fedora} is now EOL : You should consider upgrading to a supported release %endif @@ -1901,6 +1905,10 @@ fi %changelog +* Fri Jan 11 2019 Remi Collet - 5.4.45-17 +- Fix #77242 heap out of bounds read in xmlrpc_decode +- Fix #77380 Global out of bounds read in xmlrpc base64 code + * Mon Dec 10 2018 Remi Collet - 5.4.45-16 - Fix #77231 Segfault when using convert.quoted-printable-encode filter - Fix #77020 null pointer dereference in imap_mail -- cgit