From 2558e840ebdd473f885f8ac6cd13cd787ea90448 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Mon, 10 Dec 2018 16:21:59 +0100
Subject: Fix #77231 Segfault when using convert.quoted-printable-encode filter
 Fix #77020 null pointer dereference in imap_mail CVE-2018-19935 Fix #77153
 imap_open allows to run arbitrary shell commands via mailbox parameter
 CVE-2018-19158

---
 php.spec | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/php.spec b/php.spec
index 7deb454..0922a65 100644
--- a/php.spec
+++ b/php.spec
@@ -55,7 +55,8 @@
 
 %global mysql_sock %(mysql_config --socket  2>/dev/null || echo /var/lib/mysql/mysql.sock)
 
-%global oraclever 12.1
+%global oraclever 12.2
+%global oraclemax 13
 
 # Build for LiteSpeed Web Server (LSAPI)
 %global with_lsws     1
@@ -119,7 +120,7 @@
 Summary: PHP scripting language for creating dynamic web sites
 Name: %{?scl_prefix}php
 Version: 5.4.45
-Release: 15%{?dist}
+Release: 16%{?dist}
 # All files licensed under PHP version 3.01, except
 # Zend is licensed under Zend
 # TSRM is licensed under BSD
@@ -252,6 +253,9 @@ Patch268: bug74435.patch
 Patch269: bug75571.patch
 Patch270: bug75981.patch
 Patch271: bug76582.patch
+Patch272: bug77153.patch
+Patch273: bug77020.patch
+Patch274: bug77231.patch
 
 # Fixes for tests (300+)
 # Backported from 5.5
@@ -628,6 +632,9 @@ Summary:        A module for PHP applications that use OCI8 databases
 Group:          Development/Languages
 # All files licensed under PHP version 3.01
 License:        PHP
+BuildRequires:  oracle-instantclient-basic <  %{oraclemax}
+BuildRequires:  oracle-instantclient-basic >= %{oraclever}
+BuildRequires:  oracle-instantclient-devel <  %{oraclemax}
 BuildRequires:  oracle-instantclient-devel >= %{oraclever}
 Requires:       %{?scl_prefix}php-pdo%{?_isa} = %{version}-%{release}
 Provides:       %{?scl_prefix}php_database
@@ -961,6 +968,9 @@ support for using the enchant library to PHP.
 %patch269 -p1 -b .bug75571
 %patch270 -p1 -b .bug75981
 %patch271 -p1 -b .bug76582
+%patch272 -p1 -b .bug77153
+%patch273 -p1 -b .bug77020
+%patch274 -p1 -b .bug77231
 : ------------------------
 #exit 1
 
@@ -1798,8 +1808,17 @@ EOF
 
 
 %changelog
+* Mon Dec 10 2018 Remi Collet <remi@remirepo.net> - 5.4.45-16
+- Fix #77231 Segfault when using convert.quoted-printable-encode filter
+- Fix #77020 null pointer dereference in imap_mail
+  CVE-2018-19935
+- Fix #77153 imap_open allows to run arbitrary shell commands via
+  mailbox parameter
+  CVE-2018-19158
+
 * Fri Sep 14 2018 Remi Collet <remi@remirepo.net> - 5.4.45-15
 - fix #76582: XSS due to the header Transfer-Encoding: chunked
+  CVE-2018-17082
 
 * Thu Mar  1 2018 Remi Collet <remi@remirepo.net> - 5.4.45-14
 - fix #73549: Use after free when stream is passed to imagepng
-- 
cgit