summaryrefslogtreecommitdiffstats
path: root/php56.spec
diff options
context:
space:
mode:
authorRemi Collet <remi@remirepo.net>2019-04-30 11:53:32 +0200
committerRemi Collet <remi@remirepo.net>2019-04-30 11:53:32 +0200
commit042c60b6bf4f1cca95cc7e6f95738f0f5e510b06 (patch)
treece9d7e108653232ee54a17b5a0637e168a3e03f8 /php56.spec
parentda77c08e873f7152d3fac2f1b905504415ec3324 (diff)
- exif:
Fix #77950 Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG CVE-2019-11036
Diffstat (limited to 'php56.spec')
-rw-r--r--php56.spec11
1 files changed, 10 insertions, 1 deletions
diff --git a/php56.spec b/php56.spec
index 02e3e88..6032383 100644
--- a/php56.spec
+++ b/php56.spec
@@ -142,7 +142,7 @@
Summary: PHP scripting language for creating dynamic web sites
Name: php
Version: 5.6.40
-Release: 7%{?dist}
+Release: 8%{?dist}
# All files licensed under PHP version 3.01, except
# Zend is licensed under Zend
# TSRM is licensed under BSD
@@ -215,6 +215,7 @@ Patch214: php-news.patch
Patch215: php-sqlite3-defensive.patch
Patch216: php-bug77753.patch
Patch217: php-bug77831.patch
+Patch218: php-bug77950.patch
# Fixes for tests (300+)
# Factory is droped from system tzdata
@@ -991,6 +992,7 @@ echo CIBLE = %{name}-%{version}-%{release} oci8=%{with_oci8} libzip=%{with_libzi
%patch215 -p1 -b .sqlite3.defensive
%patch216 -p1 -b .bug77753
%patch217 -p1 -b .bug77831
+%patch218 -p1 -b .bug77950
# Fixes for tests
%patch300 -p1 -b .datetests
@@ -2027,10 +2029,17 @@ EOF
%changelog
+* Tue Apr 30 2019 Remi Collet <remi@remirepo.net> - 5.6.40-8
+- exif:
+ Fix #77950 Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG
+ CVE-2019-11036
+
* Tue Apr 2 2019 Remi Collet <remi@remirepo.net> - 5.6.40-7
- exif:
Fix #77753 Heap-buffer-overflow in php_ifd_get32s
+ CVE-2019-11034
Fix #77831 Heap-buffer-overflow in exif_iif_add_value
+ CVE-2019-11035
- sqlite3:
Added sqlite3.defensive INI directive