1 files changed, 40 insertions, 0 deletions

diff --git a/php-5.5.6-CVE-2013-6712.patch b/php-5.5.6-CVE-2013-6712.patch
new file mode 100644
index 0000000..553f708
--- /dev/null
+++ b/php-5.5.6-CVE-2013-6712.patch
@@ -0,0 +1,40 @@
+From 12fe4e90be7bfa2a763197079f68f5568a14e071 Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi@php.net>
+Date: Wed, 27 Nov 2013 11:13:16 +0100
+Subject: [PATCH] Fixed bug #66060 (Heap buffer over-read in DateInterval)
+
+---
+ NEWS                                | 3 +++
+ ext/date/lib/parse_iso_intervals.c  | 4 ++--
+ ext/date/lib/parse_iso_intervals.re | 2 +-
+ 3 files changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/ext/date/lib/parse_iso_intervals.c b/ext/date/lib/parse_iso_intervals.c
+index bd1ad05..480ea38 100644
+--- a/ext/date/lib/parse_iso_intervals.c
++++ b/ext/date/lib/parse_iso_intervals.c
+@@ -380,7 +380,7 @@ yy6:
+ 					break;
+ 			}
+ 			ptr++;
+-		} while (*ptr);
++		} while (!s->errors->error_count && *ptr);
+ 		s->have_period = 1;
+ 		TIMELIB_DEINIT;
+ 		return TIMELIB_PERIOD;
+diff --git a/ext/date/lib/parse_iso_intervals.re b/ext/date/lib/parse_iso_intervals.re
+index 56aa34d..c5e9f67 100644
+--- a/ext/date/lib/parse_iso_intervals.re
++++ b/ext/date/lib/parse_iso_intervals.re
+@@ -348,7 +348,7 @@ isoweek          = year4 "-"? "W" weekofyear;
+ 					break;
+ 			}
+ 			ptr++;
+-		} while (*ptr);
++		} while (!s->errors->error_count && *ptr);
+ 		s->have_period = 1;
+ 		TIMELIB_DEINIT;
+ 		return TIMELIB_PERIOD;
+-- 
+1.8.4.3
+