diff options
| author | Remi Collet <remi@remirepo.net> | 2026-05-13 13:18:55 +0200 |
|---|---|---|
| committer | Remi Collet <remi@php.net> | 2026-05-13 13:18:55 +0200 |
| commit | 75ef18decf533b8ab6f1abf740d8f2a48ca0e761 (patch) | |
| tree | 2e71a41059d382c773697e8dac574dadd29cafee /php72.spec | |
| parent | 5145912848dfacc957b649c7a44c159bb1f1edf4 (diff) | |
CVE-2026-6735
Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map
CVE-2026-6722
Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION
CVE-2026-7261
Fix Broken Apache map value NULL check
CVE-2026-7262
Fix Signed integer overflow of char array offset
CVE-2026-7568
Diffstat (limited to 'php72.spec')
| -rw-r--r-- | php72.spec | 24 |
1 files changed, 23 insertions, 1 deletions
@@ -116,7 +116,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: php Version: %{upver}%{?rcver:~%{rcver}} -Release: 26%{?dist} +Release: 27%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -215,6 +215,11 @@ Patch228: php-cve-2024-8932.patch Patch229: php-cve-2024-11233.patch Patch230: php-ghsa-4w77-75f9-2c8w.patch Patch231: php-cve-2025-14178.patch +Patch232: php-cve-2026-6722.patch +Patch233: php-cve-2026-7261.patch +Patch234: php-cve-2026-7262.patch +Patch235: php-cve-2026-6735.patch +Patch236: php-cve-2026-7568.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -1175,6 +1180,11 @@ low-level PHP extension for the libsodium cryptographic library. %patch -P229 -p1 -b .cve11233 %patch -P230 -p1 -b .ghsa4w77 %patch -P231 -p1 -b .cve14178 +%patch -P232 -p1 -b .cve6722 +%patch -P233 -p1 -b .cve7261 +%patch -P234 -p1 -b .cve7262 +%patch -P235 -p1 -b .cve6735 +%patch -P236 -p1 -b .cve7268 # Fixes for tests %if 0%{?fedora} >= 25 || 0%{?rhel} >= 6 @@ -2282,6 +2292,18 @@ EOF %changelog +* Tue May 12 2026 Remi Collet <remi@remirepo.net> - 7.2.34-27 +- Fix XSS within status endpoint + CVE-2026-6735 +- Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map + CVE-2026-6722 +- Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION + CVE-2026-7261 +- Fix Broken Apache map value NULL check + CVE-2026-7262 +- Fix Signed integer overflow of char array offset + CVE-2026-7568 + * Tue Feb 17 2026 Remi Collet <remi@remirepo.net> - 7.2.34-26 - Fix Heap buffer overflow in array_merge() CVE-2025-14178 |