From d2460ef96b6c333aa8d0a11150e8be3323ac9c3e Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Sat, 18 Feb 2017 16:14:07 +0100 Subject: PHP 5.4.45-13 (security fix from 5.6.30) --- php.spec | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'php.spec') diff --git a/php.spec b/php.spec index 37b9d4f..b32962f 100644 --- a/php.spec +++ b/php.spec @@ -119,7 +119,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: 5.4.45 -Release: 12%{?dist} +Release: 13%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -241,6 +241,10 @@ Patch257: bug72627.patch Patch258: bug72926.patch Patch259: bug73035.patch Patch260: bug72928.patch +Patch261: bug73737.patch +Patch262: bug73764.patch +Patch263: bug73768.patch +Patch264: bug73773.patch # Fixes for tests (300+) # Backported from 5.5 @@ -939,6 +943,10 @@ support for using the enchant library to PHP. %patch258 -p1 -b .bug72926 %patch259 -p1 -b .bug73035 %patch260 -p1 -b .bug72928 +%patch261 -p1 -b .bug73737 +%patch262 -p1 -b .bug73764 +%patch263 -p1 -b .bug73768 +%patch264 -p1 -b .bug73773 : ------------------------ #exit 1 @@ -1608,6 +1616,10 @@ cat << EOF backported from 5.5 or 5.6, The UPGRADE to a maintained version is very strongly RECOMMENDED. +%if %{?fedora}%{!?fedora:99} < 24 + WARNING : Fedora %{fedora} is now EOL : + You should consider upgrading to a supported release +%endif ===================================================================== EOF @@ -1772,6 +1784,14 @@ EOF %changelog +* Sat Feb 18 2017 Remi Collet - 5.4.45-13 +- fix #73737: FPE when parsing a tag format + CVE-2016-10158 +- fix #73764: int overflows in phar + CVE-2016-10159 +- fix #73768: Memory corruption when loading hostile phar + CVE-2016-10160 + * Mon Sep 19 2016 Remi Collet 5.4.45-12 - fix #72627: Memory Leakage In exif_process_IFD_in_TIFF CVE-2016-7128 -- cgit