diff options
Diffstat (limited to 'php.spec')
-rw-r--r-- | php.spec | 386 |
1 files changed, 286 insertions, 100 deletions
@@ -30,7 +30,7 @@ %global oci8ver 2.0.12 # Use for first build of PHP (before pecl/zip and pecl/jsonc) -%global php_bootstrap 0 +%bcond_with bootstrap # Adds -z now to the linker flags %global _hardened_build 1 @@ -59,23 +59,21 @@ %global mysql_sock %(mysql_config --socket 2>/dev/null || echo /var/lib/mysql/mysql.sock) -%if 0%{?rhel} == 6 -%ifarch x86_64 -%global oraclever 18.5 -%else -%global oraclever 18.3 -%endif -%global oraclelib 18.1 -%else -%global oraclever 19.5 +%ifarch aarch64 +%global oraclever 19.19 %global oraclelib 19.1 +%global oracledir 19.19 +%else +%global oraclever 21.13 +%global oraclelib 21.1 +%global oracledir 21 %endif # Build for LiteSpeed Web Server (LSAPI) %global with_lsws 1 # Regression tests take a long time, you can skip 'em with this -%if %{php_bootstrap} +%if %{with bootstrap} %global runselftest 0 %else %{!?runselftest: %global runselftest 1} @@ -89,12 +87,7 @@ %global with_oci8 %{?_with_oci8:1}%{!?_with_oci8:0} %global with_imap 1 -# until firebird available in EPEL -%if 0%{?rhel} == 8 -%global with_interbase 0 -%else %global with_interbase 1 -%endif %global with_mcrypt 1 %global with_freetds 1 %global with_tidy 1 @@ -146,7 +139,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: 5.6.40 -Release: 18%{?dist} +Release: 40%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -185,6 +178,8 @@ Patch8: php-5.6.17-libdb.patch Patch9: php-5.5.30-curl.patch Patch10: php-5.6.37-icu62.patch Patch11: php-5.6.40-gcc10.patch +# backported from 8.0 +Patch12: php-net-snmp.patch # Functional changes Patch40: php-5.4.0-dlopen.patch @@ -237,6 +232,35 @@ Patch233: php-bug79099.patch Patch234: php-bug79037.patch Patch236: php-bug79221.patch Patch237: php-bug79082.patch +Patch238: php-bug79282.patch +Patch239: php-bug79329.patch +Patch240: php-bug79330.patch +Patch241: php-bug79465.patch +Patch242: php-bug78875.patch +Patch243: php-bug79797.patch +Patch244: php-bug79877.patch +Patch246: php-bug79699.patch +Patch247: php-bug77423.patch +Patch248: php-bug80672.patch +Patch249: php-bug80710.patch +Patch250: php-bug81122.patch +Patch251: php-bug76450.patch +Patch252: php-bug81211.patch +Patch253: php-bug81026.patch +Patch254: php-bug79971.patch +Patch255: php-bug81719.patch +Patch256: php-bug81720.patch +Patch257: php-bug81727.patch +Patch258: php-bug81726.patch +Patch259: php-bug81740.patch +Patch260: php-bug81744.patch +Patch261: php-bug81746.patch +Patch262: php-cve-2023-0662.patch +Patch263: php-cve-2023-3247.patch +Patch264: php-cve-2023-3823.patch +Patch265: php-cve-2023-3824.patch +Patch266: php-cve-2024-2756.patch +Patch267: php-cve-2024-3096.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -271,6 +295,7 @@ BuildRequires: bzip2 BuildRequires: perl BuildRequires: autoconf BuildRequires: automake +BuildRequires: make BuildRequires: gcc BuildRequires: gcc-c++ BuildRequires: libtool @@ -341,7 +366,9 @@ The %{?scl_prefix}php-dbg package contains the interactive PHP debugger. Group: Development/Languages Summary: PHP FastCGI Process Manager BuildRequires: libacl-devel +%if ! %{with_httpd2410} Requires(pre): %{_root_sbindir}/useradd +%endif Requires: %{?scl_prefix}php-common%{?_isa} = %{version}-%{release} %if %{with_systemd} BuildRequires: systemd-devel @@ -435,13 +462,13 @@ Provides: %{?scl_prefix}php-sockets, %{?scl_prefix}php-sockets%{?_isa} Provides: %{?scl_prefix}php-spl, %{?scl_prefix}php-spl%{?_isa} Provides: %{?scl_prefix}php-standard = %{version}, %{?scl_prefix}php-standard%{?_isa} = %{version} Provides: %{?scl_prefix}php-tokenizer, %{?scl_prefix}php-tokenizer%{?_isa} -%if ! %{php_bootstrap} +%if %{without bootstrap} Requires: %{?scl_prefix}php-pecl-jsonc%{?_isa} %endif %if %{with_zip} Provides: %{?scl_prefix}php-zip, %{?scl_prefix}php-zip%{?_isa} %else -%if ! %{php_bootstrap} +%if %{without bootstrap} Requires: %{?scl_prefix}php-pecl-zip%{?_isa} %endif %endif @@ -459,6 +486,7 @@ Requires: %{?scl_prefix}php-cli%{?_isa} = %{version}-%{release} # always needed to build extension Requires: autoconf Requires: automake +Requires: make Requires: gcc Requires: gcc-c++ Requires: libtool @@ -471,7 +499,7 @@ Requires: openssl-devel%{?_isa} Requires: pcre-devel%{?_isa} >= 8.20 %endif Requires: zlib-devel%{?_isa} -%if ! %{php_bootstrap} +%if %{without bootstrap} Requires: %{?scl_prefix}php-pecl-jsonc-devel%{?_isa} %endif @@ -668,15 +696,20 @@ Summary: A module for PHP applications that use OCI8 databases Group: Development/Languages # All files licensed under PHP version 3.01 License: PHP +%ifarch aarch64 +BuildRequires: oracle-instantclient%{oraclever}-devel +# Should requires libclntsh.so.19.1()(aarch-64), but it's not provided by Oracle RPM. +Requires: libclntsh.so.%{oraclelib} +AutoReq: 0 +%else BuildRequires: oracle-instantclient-devel >= %{oraclever} +%endif Requires: %{?scl_prefix}php-pdo%{?_isa} = %{version}-%{release} Provides: %{?scl_prefix}php_database Provides: %{?scl_prefix}php-pdo_oci, %{?scl_prefix}php-pdo_oci%{?_isa} Obsoletes: %{?scl_prefix}php-pecl-oci8 < %{oci8ver} Conflicts: %{?scl_prefix}php-pecl-oci8 >= %{oci8ver} Provides: %{?scl_prefix}php-pecl(oci8) = %{oci8ver}, %{?scl_prefix}php-pecl(oci8)%{?_isa} = %{oci8ver} -# Should requires libclntsh.so.12.1, but it's not provided by Oracle RPM. -AutoReq: 0 %description oci8 The %{?scl_prefix}php-oci8 packages provides the OCI8 extension version %{oci8ver} @@ -686,13 +719,9 @@ The extension is linked with Oracle client libraries %{oraclever} (Oracle Instant Client). For details, see Oracle's note "Oracle Client / Server Interoperability Support" (ID 207303.1). -You must install libclntsh.so.%{oraclelib} to use this package, provided -in the database installation, or in the free Oracle Instant Client -available from Oracle. - -Notice: -- %{?scl_prefix}php-oci8 provides oci8 and pdo_oci extensions from php sources. -- %{?scl_prefix}php-pecl-oci8 only provides oci8 extension. +You must install libclntsh.so.%{oraclelib} to use this package, +provided by Oracle Instant Client RPM available from Oracle on: +https://www.oracle.com/database/technologies/instant-client/downloads.html Documentation is at http://php.net/oci8 and http://php.net/pdo_oci %endif @@ -775,12 +804,7 @@ BuildRequires: libXpm-devel BuildRequires: t1lib-devel %endif %if %{with_libgd} -BuildRequires: gd-devel >= 2.1.1 -%if 0%{?fedora} <= 19 && 0%{?rhel} <= 7 -Requires: gd-last%{?_isa} >= 2.1.1 -%else -Requires: gd%{?_isa} >= 2.1.1 -%endif +BuildRequires: gd-devel >= 2.3.3 %else %if %{with_vpx} BuildRequires: libvpx-devel @@ -905,8 +929,8 @@ Group: System Environment/Libraries # All files licensed under PHP version 3.01 License: PHP Requires: %{?scl_prefix}php-common%{?_isa} = %{version}-%{release} -# Upstream requires 4.0, we require 50 to ensure use of libicu-last -BuildRequires: libicu-devel >= 50 +# Upstream requires 4.0, we require 69.1 to ensure use of libicu69 +BuildRequires: libicu-devel = 69.1 %description intl The %{?scl_prefix}php-intl package contains a dynamic shared object that will add @@ -928,93 +952,126 @@ support for using the enchant library to PHP. %prep +%if %{with bootstrap} +: BOOTSTRAP BUILD +%endif : Building %{name}-%{version}-%{release} with systemd=%{with_systemd} imap=%{with_imap} interbase=%{with_interbase} mcrypt=%{with_mcrypt} freetds=%{with_freetds} sqlite3=%{with_sqlite3} tidy=%{with_tidy} zip=%{with_zip} %setup -q -n php-%{version}%{?rcver} -%patch1 -p1 -b .mpmcheck -%patch2 -p1 -b .fb_config +%patch -P1 -p1 -b .mpmcheck +%patch -P2 -p1 -b .fb_config %if 0%{?fedora} >= 26 || 0%{?rhel} >= 8 -%patch3 -p1 -b .openssl11 +%patch -P3 -p1 -b .openssl11 %endif -%patch5 -p1 -b .includedir -%patch6 -p1 -b .embed -%patch7 -p1 -b .recode -%patch8 -p1 -b .libdb +%patch -P5 -p1 -b .includedir +%patch -P6 -p1 -b .embed +%patch -P7 -p1 -b .recode +%patch -P8 -p1 -b .libdb %if 0%{?rhel} -%patch9 -p1 -b .curltls +%patch -P9 -p1 -b .curltls %endif -%if 0%{?fedora} >= 29 || 0%{?rhel} >= 8 -%patch10 -p1 -b .icu62 +%if 0%{?fedora} >= 29 || 0%{?rhel} >= 7 +%patch -P10 -p1 -b .icu62 %endif -%patch11 -p1 -b .gcc10 +%patch -P11 -p1 -b .gcc10 +%patch -P12 -p1 -b .nodes -%patch40 -p1 -b .dlopen -%patch41 -p1 -b .dtrace +%patch -P40 -p1 -b .dlopen +%patch -P41 -p1 -b .dtrace %if 0%{?fedora} >= 28 || 0%{?rhel} >= 6 -%patch42 -p1 -b .systzdata +%patch -P42 -p1 -b .systzdata %endif -%patch43 -p1 -b .headers +%patch -P43 -p1 -b .headers sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in %if 0%{?fedora} >= 18 || 0%{?rhel} >= 7 -%patch45 -p1 -b .ldap_r +%patch -P45 -p1 -b .ldap_r %endif -%patch46 -p1 -b .fixheader -%patch47 -p1 -b .phpinfo +%patch -P46 -p1 -b .fixheader +%patch -P47 -p1 -b .phpinfo -%patch91 -p1 -b .remi-oci8 +%patch -P91 -p1 -b .remi-oci8 # upstream patches -%patch100 -p1 -b .pdo_oci -%patch103 -p1 -b .bug76846 +%patch -P100 -p1 -b .pdo_oci +%patch -P103 -p1 -b .bug76846 # security patches -%patch208 -p1 -b .bug77396 -%patch209 -p1 -b .bug77431 -%patch210 -p1 -b .bug77540 -%patch211 -p1 -b .bug77563 -%patch212 -p1 -b .bug77586 -%patch213 -p1 -b .bug77630 -%patch214 -p1 -b .backport -%patch215 -p1 -b .sqlite3.defensive -%patch216 -p1 -b .bug77753 -%patch217 -p1 -b .bug77831 -%patch218 -p1 -b .bug77950 -%patch219 -p1 -b .bug78069 -%patch220 -p1 -b .bug77988 -%patch221 -p1 -b .bug77967 -%patch222 -p1 -b .bug78222 -%patch223 -p1 -b .bug78256 -%patch224 -p1 -b .bug77919 -%patch225 -p1 -b .bug75457 -%patch226 -p1 -b .bug78380 -%patch227 -p1 -b .bug78599 -%patch228 -p1 -b .bug78878 -%patch229 -p1 -b .bug78862 -%patch230 -p1 -b .bug78863 -%patch231 -p1 -b .bug78793 -%patch232 -p1 -b .bug78910 -%patch233 -p1 -b .bug79099 -%patch234 -p1 -b .bug79037 -%patch236 -p1 -b .bug79221 -%patch237 -p1 -b .bug79082 +%patch -P208 -p1 -b .bug77396 +%patch -P209 -p1 -b .bug77431 +%patch -P210 -p1 -b .bug77540 +%patch -P211 -p1 -b .bug77563 +%patch -P212 -p1 -b .bug77586 +%patch -P213 -p1 -b .bug77630 +%patch -P214 -p1 -b .backport +%patch -P215 -p1 -b .sqlite3.defensive +%patch -P216 -p1 -b .bug77753 +%patch -P217 -p1 -b .bug77831 +%patch -P218 -p1 -b .bug77950 +%patch -P219 -p1 -b .bug78069 +%patch -P220 -p1 -b .bug77988 +%patch -P221 -p1 -b .bug77967 +%patch -P222 -p1 -b .bug78222 +%patch -P223 -p1 -b .bug78256 +%patch -P224 -p1 -b .bug77919 +%patch -P225 -p1 -b .bug75457 +%patch -P226 -p1 -b .bug78380 +%patch -P227 -p1 -b .bug78599 +%patch -P228 -p1 -b .bug78878 +%patch -P229 -p1 -b .bug78862 +%patch -P230 -p1 -b .bug78863 +%patch -P231 -p1 -b .bug78793 +%patch -P232 -p1 -b .bug78910 +%patch -P233 -p1 -b .bug79099 +%patch -P234 -p1 -b .bug79037 +%patch -P236 -p1 -b .bug79221 +%patch -P237 -p1 -b .bug79082 +%patch -P238 -p1 -b .bug79282 +%patch -P239 -p1 -b .bug79329 +%patch -P240 -p1 -b .bug79330 +%patch -P241 -p1 -b .bug79465 +%patch -P242 -p1 -b .bug78875 +%patch -P243 -p1 -b .bug79797 +%patch -P244 -p1 -b .bug79877 +%patch -P246 -p1 -b .bug79699 +%patch -P247 -p1 -b .bug77423 +%patch -P248 -p1 -b .bug80672 +%patch -P249 -p1 -b .bug80710 +%patch -P250 -p1 -b .bug81122 +%patch -P251 -p1 -b .bug76450 +%patch -P252 -p1 -b .bug81211 +%patch -P253 -p1 -b .bug81026 +%patch -P254 -p1 -b .bug79971 +%patch -P255 -p1 -b .bug81719 +%patch -P256 -p1 -b .bug81720 +%patch -P257 -p1 -b .bug81727 +%patch -P258 -p1 -b .bug81726 +%patch -P259 -p1 -b .bug81740 +%patch -P260 -p1 -b .bug81744 +%patch -P261 -p1 -b .bug81746 +%patch -P262 -p1 -b .cve0662 +%patch -P263 -p1 -b .cve3247 +%patch -P264 -p1 -b .cve3823 +%patch -P265 -p1 -b .cve3824 +%patch -P266 -p1 -b .cve2756 +%patch -P267 -p1 -b .cve3096 # Fixes for tests -%patch300 -p1 -b .datetests +%patch -P300 -p1 -b .datetests %if %{with_libpcre} if ! pkg-config libpcre --atleast-version 8.34 ; then # Only apply when system libpcre < 8.34 -%patch301 -p1 -b .pcre834 +%patch -P301 -p1 -b .pcre834 fi %endif # New openssl certs -%patch302 -p1 -b .renewcert +%patch -P302 -p1 -b .renewcert rm ext/openssl/tests/bug65538_003.phpt # WIP patch # Prevent %%doc confusion over LICENSE files -cp Zend/LICENSE Zend/ZEND_LICENSE +cp Zend/LICENSE ZEND_LICENSE cp TSRM/LICENSE TSRM_LICENSE cp ext/ereg/regex/COPYRIGHT regex_COPYRIGHT %if ! %{with_libgd} @@ -1141,6 +1198,12 @@ sed -e 's:%{_root_sysconfdir}:%{_sysconfdir}:' \ %build +# This package fails to build with LTO due to undefined symbols. LTO +# was disabled in OpenSuSE as well, but with no real explanation why +# beyond the undefined symbols. It really shold be investigated further. +# Disable LTO +%define _lto_cflags %{nil} + # aclocal workaround - to be improved cat `aclocal --print-ac-dir`/{libtool,ltoptions,ltsugar,ltversion,lt~obsolete}.m4 >>aclocal.m4 @@ -1264,7 +1327,7 @@ build --libdir=%{_libdir}/php \ --with-mysqli=shared,mysqlnd \ --with-mysql-sock=%{mysql_sock} \ %if %{with_oci8} - --with-oci8=shared,instantclient,%{_root_libdir}/oracle/%{oraclever}/client64/lib,%{oraclever} \ + --with-oci8=shared,instantclient,%{_root_prefix}/lib/oracle/%{oracledir}/client64/lib,%{oraclever} \ --with-pdo-oci=shared,instantclient,%{_root_prefix},%{oraclever} \ %endif %if %{with_interbase} @@ -1373,8 +1436,7 @@ popd %check %if %runselftest - -cd build-apache +cd build-fpm # Run tests, using the CLI SAPI export NO_INTERACTION=1 REPORT_EXIT_STATUS=1 MALLOC_CHECK_=2 @@ -1486,8 +1548,8 @@ mv $RPM_BUILD_ROOT%{_sysconfdir}/php-fpm.conf.default . %if %{with_systemd} install -Dm 644 %{SOURCE6} $RPM_BUILD_ROOT%{_unitdir}/%{?scl_prefix}php-fpm.service %if 0%{?fedora} >= 27 || 0%{?rhel} >= 8 -install -Dm 644 %{SOURCE12} $RPM_BUILD_ROOT%{_unitdir}/httpd.service.d/%{?scl_prefix}php-fpm.conf -install -Dm 644 %{SOURCE12} $RPM_BUILD_ROOT%{_unitdir}/nginx.service.d/%{?scl_prefix}php-fpm.conf +install -Dm 644 %{SOURCE12} $RPM_BUILD_ROOT%{_root_sysconfdir}/systemd/system/httpd.service.d/%{?scl_prefix}php-fpm.conf +install -Dm 644 %{SOURCE12} $RPM_BUILD_ROOT%{_root_sysconfdir}/systemd/system/nginx.service.d/%{?scl_prefix}php-fpm.conf %endif sed -e 's:/run:%{_localstatedir}/run:' \ -e 's:/etc/sysconfig:%{_sysconfdir}/sysconfig:' \ @@ -1765,7 +1827,7 @@ cat << EOF WARNING : PHP 5.6 have reached its "End of Life" in January 2019. Even, if this package includes some of - the important security fix, backported from 7.2, the + the important security fixes, backported from 8.1, the UPGRADE to a maintained version is very strongly RECOMMENDED. ===================================================================== @@ -1791,7 +1853,7 @@ EOF %files common -f files.common %doc CODING_STANDARDS CREDITS EXTENSIONS NEWS README* -%license LICENSE TSRM_LICENSE regex_COPYRIGHT +%license LICENSE TSRM_LICENSE ZEND_LICENSE regex_COPYRIGHT %license libmagic_LICENSE %license phar_LICENSE %license timelib_LICENSE @@ -1854,8 +1916,8 @@ EOF %if %{with_systemd} %{_unitdir}/%{?scl_prefix}php-fpm.service %if 0%{?fedora} >= 27 || 0%{?rhel} >= 8 -%{_unitdir}/httpd.service.d/%{?scl_prefix}php-fpm.conf -%{_unitdir}/nginx.service.d/%{?scl_prefix}php-fpm.conf +%config(noreplace) %{_root_sysconfdir}/systemd/system/httpd.service.d/%{?scl_prefix}php-fpm.conf +%config(noreplace) %{_root_sysconfdir}/systemd/system/nginx.service.d/%{?scl_prefix}php-fpm.conf %endif %dir %{_root_sysconfdir}/systemd/system/%{?scl_prefix}php-fpm.service.d %else @@ -1943,6 +2005,130 @@ EOF %changelog +* Wed Apr 10 2024 Remi Collet <remi@remirepo.net> - 5.6.40-40 +- use oracle client library version 21.13 +- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix + CVE-2024-2756 +- Fix password_verify can erroneously return true opening ATO risk + CVE-2024-3096 + +* Wed Aug 2 2023 Remi Collet <remi@remirepo.net> - 5.6.40-39 +- Fix Security issue with external entity loading in XML without enabling it + GHSA-3qrf-m4j2-pcrr CVE-2023-3823 +- Fix Buffer mismanagement in phar_dir_read() + GHSA-jqcx-ccgc-xwhv CVE-2023-3824 +- move httpd/nginx wants directive to config files in /etc + +* Wed Jun 21 2023 Remi Collet <remi@remirepo.net> - 5.6.40-38 +- fix possible buffer overflow in date +- define %%php56___phpize and %%php56___phpconfig + +* Wed Jun 7 2023 Remi Collet <remi@remirepo.net> - 5.6.40-37 +- Fix insufficient random bytes in HTTP Digest authentication for SOAP + GHSA-76gg-c692-v2mw CVE-2023-3247 +- use oracle client library version 21.10 + +* Tue Feb 14 2023 Remi Collet <remi@remirepo.net> - 5.6.40-36 +- fix #81744: Password_verify() always return true with some hash + CVE-2023-0567 +- fix #81746: 1-byte array overrun in common path resolve code + CVE-2023-0568 +- fix DOS vulnerability when parsing multipart request body + CVE-2023-0662 + +* Tue Dec 20 2022 Remi Collet <remi@remirepo.net> - 5.6.40-35 +- pdo: fix #81740: PDO::quote() may return unquoted string + CVE-2022-31631 +- use oracle client library version 21.8 + +* Tue Sep 27 2022 Remi Collet <remi@remirepo.net> - 5.6.40-34 +- phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628 +- core: fix #81727 Don't mangle HTTP variable names that clash with ones + that have a specific semantic meaning. CVE-2022-31629 +- use oracle client library version 21.7 + +* Tue Jun 7 2022 Remi Collet <remi@remirepo.net> - 5.6.40-33 +- use oracle client library version 21.6 +- mysqlnd: fix #81719: mysqlnd/pdo password buffer overflow. CVE-2022-31626 +- pgsql: fix #81720: Uninitialized array in pg_query_params(). CVE-2022-31625 + +* Mon Nov 15 2021 Remi Collet <remi@remirepo.net> - 5.6.40-32 +- Fix #79971 special character is breaking the path in xml function + CVE-2021-21707 + +* Wed Oct 20 2021 Remi Collet <remi@remirepo.net> - 5.6.40-31 +- fix PHP-FPM oob R/W in root process leading to priv escalation + CVE-2021-21703 +- use libicu version 69 +- use oracle client library version 21.3 + +* Tue Sep 7 2021 Remi Collet <remi@remirepo.net> - 5.6.40-30 +- fix intl build on F35 + +* Thu Aug 26 2021 Remi Collet <remi@remirepo.net> - 5.6.40-29 +- Fix #81211 Symlinks are followed when creating PHAR archive + +* Mon Jun 28 2021 Remi Collet <remi@remirepo.net> - 5.6.40-28 +- Fix #81122 SSRF bypass in FILTER_VALIDATE_URL + CVE-2021-21705 +- Fix #65689 PDO_Firebrid / exec() does not free allocated statement +- Fix #76488 Memory leak when fetching a BLOB field +- Fix #76448 Stack buffer overflow in firebird_info_cb +- Fix #76449 SIGSEGV in firebird_handle_doer +- Fix #76450 SIGSEGV in firebird_stmt_execute +- Fix #76452 Crash while parsing blob data in firebird_fetch_blob + CVE-2021-21704 + +* Thu May 27 2021 Remi Collet <remi@remirepo.net> - 5.6.40-27 +- fix snmp extension build with net-snmp without DES + +* Wed Apr 28 2021 Remi Collet <remi@remirepo.net> - 5.6.40-26 +- Fix #80710 imap_mail_compose() header injection +- use oracle client library version 21.1 + +* Wed Feb 3 2021 Remi Collet <remi@remirepo.net> - 5.6.40-25 +- Fix #80672 Null Dereference in SoapClient + CVE-2021-21702 +- better fix for #77423 + +* Mon Jan 4 2021 Remi Collet <remi@remirepo.net> - 5.6.40-24 +- Fix #77423 FILTER_VALIDATE_URL accepts URLs with invalid userinfo + CVE-2020-7071 + +* Tue Sep 29 2020 Remi Collet <remi@remirepo.net> - 5.6.40-23 +- Core: + Fix #79699 PHP parses encoded cookie names so malicious `__Host-` cookies can be sent + CVE-2020-7070 + +* Tue Aug 4 2020 Remi Collet <remi@remirepo.net> - 5.6.40-22 +- Core: + Fix #79877 getimagesize function silently truncates after a null byte +- Phar: + Fix #79797 use of freed hash key in the phar_parse_zipfile function + CVE-2020-7068 + +* Wed May 13 2020 Remi Collet <remi@remirepo.net> - 5.6.40-21 +- Core: + Fix #78875 Long filenames cause OOM and temp files are not cleaned + CVE-2019-11048 + Fix #78876 Long variables in multipart/form-data cause OOM and temp + files are not cleaned + +* Tue Apr 14 2020 Remi Collet <remi@remirepo.net> - 5.6.40-20 +- standard: + Fix #79330 shell_exec silently truncates after a null byte + Fix #79465 OOB Read in urldecode + CVE-2020-7067 + +* Tue Mar 17 2020 Remi Collet <remi@remirepo.net> - 5.6.40-19 +- standard: + Fix #79329 get_headers() silently truncates after a null byte + CVE-2020-7066 +- exif: + Fix #79282 Use-of-uninitialized-value in exif + CVE-2020-7064 +- use oracle client library version 19.6 (18.5 on EL-6) + * Wed Feb 19 2020 Remi Collet <remi@remirepo.net> - 5.6.40-18.fc32 - add fix for GCC 10 |