From eae172852222d6ec6c72f93a205650dbf544321d Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Fri, 22 Nov 2024 12:00:06 +0100 Subject: Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface GHSA-4w77-75f9-2c8w Fix OOB access in ldap_escape CVE-2024-8932 Fix Integer overflow in the dblib/firebird quoter causing OOB writes CVE-2024-11236 Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 Fix Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 --- php74.spec | 44 +++++++++++++++++++++++++++++++++++++------- 1 file changed, 37 insertions(+), 7 deletions(-) (limited to 'php74.spec') diff --git a/php74.spec b/php74.spec index 58dbc96..d3d693e 100644 --- a/php74.spec +++ b/php74.spec @@ -58,7 +58,12 @@ %global with_libpcre 0 %endif -%global with_firebird 1 +# Build firebird extensions, you can disable using --without firebird +%if 0%{?rhel} == 10 +%bcond_with firebird +%else +%bcond_without firebird +%endif # Build ZTS extension or only NTS %ifarch x86_64 @@ -111,7 +116,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: php Version: %{upver}%{?rcver:~%{rcver}} -Release: 18%{?dist} +Release: 20%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -192,6 +197,11 @@ Patch210: php-cve-2024-8925.patch Patch211: php-cve-2024-8926.patch Patch212: php-cve-2024-8927.patch Patch213: php-cve-2024-9026.patch +Patch214: php-cve-2024-11236.patch +Patch215: php-cve-2024-11234.patch +Patch216: php-cve-2024-8932.patch +Patch217: php-cve-2024-11233.patch +Patch218: php-ghsa-4w77-75f9-2c8w.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -713,7 +723,7 @@ Obsoletes: php74-soap, php74w-soap The php-soap package contains a dynamic shared object that will add support to PHP for using the SOAP web services protocol. -%if %{with_firebird} +%if %{with firebird} %package pdo-firebird Summary: PDO driver for Interbase/Firebird databases Group: Development/Languages @@ -1217,6 +1227,11 @@ rm ext/openssl/tests/p12_with_extra_certs.p12 %patch -P211 -p1 -b .cve8926 %patch -P212 -p1 -b .cve8927 %patch -P213 -p1 -b .cve9026 +%patch -P214 -p1 -b .cve11236 +%patch -P215 -p1 -b .cve11234 +%patch -P216 -p1 -b .cve8932 +%patch -P217 -p1 -b .cve11233 +%patch -P218 -p1 -b .ghsa4w77 # Fixes for tests related to tzdata %patch -P300 -p1 -b .datetests @@ -1490,7 +1505,7 @@ build --libdir=%{_libdir}/php \ --with-oci8=shared,instantclient,%{_prefix}/lib/oracle/%{oracledir}/client64/lib,%{oraclever} \ --with-pdo-oci=shared,instantclient,%{_prefix}/lib/oracle/%{oracledir}/client64/lib,%{oraclever} \ %endif -%if %{with_firebird} +%if %{with firebird} --with-pdo-firebird=shared \ %endif --enable-dom=shared \ @@ -1629,7 +1644,7 @@ build --includedir=%{_includedir}/php-zts \ --with-oci8=shared,instantclient,%{_prefix}/lib/oracle/%{oracledir}/client64/lib,%{oraclever} \ --with-pdo-oci=shared,instantclient,%{_prefix}/lib/oracle/%{oracledir}/client64/lib,%{oraclever} \ %endif -%if %{with_firebird} +%if %{with firebird} --with-pdo-firebird=shared \ %endif --enable-dom=shared \ @@ -1878,7 +1893,7 @@ for mod in pgsql odbc ldap snmp json \ %if %{with_oci8} oci8 pdo_oci \ %endif -%if %{with_firebird} +%if %{with firebird} pdo_firebird \ %endif xmlrpc xmlreader xmlwriter @@ -2213,7 +2228,7 @@ EOF %files pspell -f files.pspell %files intl -f files.intl %files process -f files.process -%if %{with_firebird} +%if %{with firebird} %files pdo-firebird -f files.pdo_firebird %endif %files enchant -f files.enchant @@ -2236,6 +2251,21 @@ EOF %changelog +* Fri Nov 22 2024 Remi Collet - 7.4.33-20 +- Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface + GHSA-4w77-75f9-2c8w +- Fix OOB access in ldap_escape + CVE-2024-8932 +- Fix Integer overflow in the dblib/firebird quoter causing OOB writes + CVE-2024-11236 +- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs + CVE-2024-11234 +- Fix Single byte overread with convert.quoted-printable-decode filter + CVE-2024-11233 + +* Fri Nov 15 2024 Remi Collet - 7.4.33-19 +- disable firebird on EL-10 + * Thu Sep 26 2024 Remi Collet - 7.4.33-18 - Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI CVE-2024-4577 -- cgit