From c3b8116310d709f282bae9f56602b3a868d3bc64 Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Wed, 2 Mar 2016 16:38:54 +0100
Subject: PHP 5.4.45 with security patches from 5.5.33

---
 php.spec | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'php.spec')

diff --git a/php.spec b/php.spec
index f461b9f..394cdc7 100644
--- a/php.spec
+++ b/php.spec
@@ -119,7 +119,7 @@
 Summary: PHP scripting language for creating dynamic web sites
 Name: %{?scl_prefix}php
 Version: 5.4.45
-Release: 4%{?dist}
+Release: 5%{?dist}
 # All files licensed under PHP version 3.01, except
 # Zend is licensed under Zend
 # TSRM is licensed under BSD
@@ -193,6 +193,8 @@ Patch210: bug71459.patch
 Patch211: bug71039.patch
 Patch212: bug71488.patch
 Patch213: pcre838.patch
+Patch214: bug71498.patch
+Patch215: bug71587.patch
 
 # Fixes for tests (300+)
 # Backported from 5.5
@@ -844,6 +846,8 @@ support for using the enchant library to PHP.
 %patch211 -p1 -b .bug71039
 %patch212 -p1 -b .bug71488
 %patch213 -p1 -b .pcre838
+%patch214 -p1 -b .bug71498
+%patch215 -p1 -b .bug71587
 
 # Fixes for tests
 %patch300 -p1 -b .datetests1
@@ -1658,6 +1662,10 @@ EOF
 
 
 %changelog
+* Wed Mar  2 2016 Remi Collet <remi@remirepo.net> 5.4.45-5
+- Fix #71498: Out-of-Bound Read in phar_parse_zipfile()
+- Fix #71587: Use-After-Free / Double-Free in WDDX Deserialize
+
 * Tue Feb 16 2016 Remi Collet <remi@remirepo.net> 5.4.45-4
 - Fix #71354: phar, remove UMR when size is 0
 - Fix #71335: type confusion in WDDX packet deserialization
-- 
cgit