diff options
| author | Remi Collet <remi@remirepo.net> | 2021-11-15 11:39:00 +0100 |
|---|---|---|
| committer | Remi Collet <remi@php.net> | 2021-11-15 11:39:00 +0100 |
| commit | ceaa1bfd91d55fba01fa48988aacb90e032ec3d0 (patch) | |
| tree | 2e9d19bdd18a02ac5da5f687a105883b1ce221e7 /php.spec | |
| parent | 4213fa38690bc1420e437d295ac577993aa3dc7b (diff) | |
Fix #79971 special character is breaking the path in xml function
CVE-2021-21707
Diffstat (limited to 'php.spec')
| -rw-r--r-- | php.spec | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -127,7 +127,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: %{upver}%{?rcver:~%{rcver}} -Release: 31%{?dist} +Release: 32%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -247,6 +247,7 @@ Patch250: php-bug81122.patch Patch251: php-bug76450.patch Patch252: php-bug81211.patch Patch253: php-bug81026.patch +Patch254: php-bug79971.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -1046,6 +1047,7 @@ sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in %patch251 -p1 -b .bug76450 %patch252 -p1 -b .bug81211 %patch253 -p1 -b .bug81026 +%patch254 -p1 -b .bug79971 : --------------------------- #exit 1 @@ -2003,6 +2005,10 @@ EOF %changelog +* Mon Nov 15 2021 Remi Collet <remi@remirepo.net> - 7.0.33-32 +- Fix #79971 special character is breaking the path in xml function + CVE-2021-21707 + * Wed Oct 20 2021 Remi Collet <remi@remirepo.net> - 7.0.33-31 - fix PHP-FPM oob R/W in root process leading to priv escalation CVE-2021-21703 |