summaryrefslogtreecommitdiffstats
path: root/bug72771.patch
diff options
context:
space:
mode:
authorRemi Collet <fedora@famillecollet.com>2016-09-10 10:14:22 +0200
committerRemi Collet <fedora@famillecollet.com>2016-09-10 10:14:22 +0200
commit22b274864edbc4052b961c5d14beecf665b46c49 (patch)
tree51cade07b0ae4c8d112ceb52d0512f7f05e79d3c /bug72771.patch
parent7eeeb6e96a8354ae5c553662e96a1bfcf3bb9b65 (diff)
PHP 5.5.38 + security patches from 5.6.25
Diffstat (limited to 'bug72771.patch')
-rw-r--r--bug72771.patch26
1 files changed, 26 insertions, 0 deletions
diff --git a/bug72771.patch b/bug72771.patch
new file mode 100644
index 0000000..db77d0a
--- /dev/null
+++ b/bug72771.patch
@@ -0,0 +1,26 @@
+Backported from 5.6.25 by Remi.
+
+From 7d5ca3b28d3c8f8cae6cd874740f18fd3eb5100e Mon Sep 17 00:00:00 2001
+From: Stanislav Malyshev <stas@php.net>
+Date: Sun, 7 Aug 2016 16:17:54 -0700
+Subject: [PATCH] Fix bug #72771: ftps:// opendir wrapper is vulnerable to
+ protocol downgrade attack
+
+---
+ ext/standard/ftp_fopen_wrapper.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/ext/standard/ftp_fopen_wrapper.c b/ext/standard/ftp_fopen_wrapper.c
+index bfb1631..5bffa47 100644
+--- a/ext/standard/ftp_fopen_wrapper.c
++++ b/ext/standard/ftp_fopen_wrapper.c
+@@ -187,7 +187,8 @@ static php_stream *php_ftp_fopen_connect(php_stream_wrapper *wrapper, const char
+ /* get the response */
+ result = GET_FTP_RESULT(stream);
+ if (result != 334) {
+- use_ssl = 0;
++ php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "Server doesn't support FTPS.");
++ goto connect_errexit;
+ } else {
+ /* we must reuse the old SSL session id */
+ /* if we talk to an old ftpd-ssl */