summaryrefslogtreecommitdiffstats
path: root/php71.spec
diff options
context:
space:
mode:
authorRemi Collet <remi@remirepo.net>2019-12-17 17:57:09 +0100
committerRemi Collet <remi@remirepo.net>2019-12-17 17:57:09 +0100
commit0d443001c41652e457799d1134de2c2ab6420e08 (patch)
tree82649e9f534e050ea3ab512bcfac91ecaa30524a /php71.spec
parentd6128b53b1aa6b71cd4cae6113c821fddab7c464 (diff)
- bcmath:
Fix #78878 Buffer underflow in bc_shift_addsub CVE-2019-11046 - core: Fix #78862 link() silently truncates after a null byte on Windows CVE-2019-11044 Fix #78863 DirectoryIterator class silently truncates after a null byte CVE-2019-11045 - exif Fix #78793 Use-after-free in exif parsing under memory sanitizer CVE-2019-11050 Fix #78910 Heap-buffer-overflow READ in exif CVE-2019-11047 - use oracle client library version 19.5 (18.5 on EL-6)
Diffstat (limited to 'php71.spec')
-rw-r--r--php71.spec37
1 files changed, 35 insertions, 2 deletions
diff --git a/php71.spec b/php71.spec
index 2e79d65..bfc90b4 100644
--- a/php71.spec
+++ b/php71.spec
@@ -27,10 +27,14 @@
%global mysql_sock %(mysql_config --socket 2>/dev/null || echo /var/lib/mysql/mysql.sock)
%if 0%{?rhel} == 6
+%ifarch x86_64
+%global oraclever 18.5
+%else
%global oraclever 18.3
+%endif
%global oraclelib 18.1
%else
-%global oraclever 19.3
+%global oraclever 19.5
%global oraclelib 19.1
%endif
@@ -114,7 +118,7 @@
Summary: PHP scripting language for creating dynamic web sites
Name: php
Version: %{upver}%{?rcver:~%{rcver}}
-Release: 1%{?dist}
+Release: 2%{?dist}
# All files licensed under PHP version 3.01, except
# Zend is licensed under Zend
# TSRM is licensed under BSD
@@ -1909,6 +1913,19 @@ fi
%postun embedded -p /sbin/ldconfig
+%posttrans common
+cat << EOF
+=====================================================================
+
+ WARNING : PHP 7.1 have reached its "End of Life" in
+ December 2019. Even, if this package includes some of
+ the important security fix, backported from 7.2, the
+ UPGRADE to a maintained version is very strongly RECOMMENDED.
+
+=====================================================================
+EOF
+
+
%{!?_licensedir:%global license %%doc}
%files
@@ -2085,6 +2102,22 @@ fi
%changelog
+* Tue Dec 17 2019 Remi Collet <remi@remirepo.net> - 7.1.33-2
+- bcmath:
+ Fix #78878 Buffer underflow in bc_shift_addsub
+ CVE-2019-11046
+- core:
+ Fix #78862 link() silently truncates after a null byte on Windows
+ CVE-2019-11044
+ Fix #78863 DirectoryIterator class silently truncates after a null byte
+ CVE-2019-11045
+- exif
+ Fix #78793 Use-after-free in exif parsing under memory sanitizer
+ CVE-2019-11050
+ Fix #78910 Heap-buffer-overflow READ in exif
+ CVE-2019-11047
+- use oracle client library version 19.5 (18.5 on EL-6)
+
* Wed Oct 23 2019 Remi Collet <remi@remirepo.net> - 7.1.33-1
- Update to 7.1.33 - http://www.php.net/releases/7_1_33.php