diff options
author | Remi Collet <remi@remirepo.net> | 2020-01-21 10:15:12 +0100 |
---|---|---|
committer | Remi Collet <remi@remirepo.net> | 2020-01-21 10:15:12 +0100 |
commit | 0f719845b87cb975effba75cf49b2c84cf5f28a1 (patch) | |
tree | 90779ec988fc5224bddabc45d69b3a291aaa8b3c /php.spec | |
parent | 9d0e088bae4b092768b2779b9f82cac349cb80e2 (diff) |
mbstring:
Fix #79037 global buffer-overflow in mbfl_filt_conv_big5_wchar
CVE-2020-7060
session:
Fix #79091 heap use-after-free in session_create_id
standard:
Fix #79099 OOB read in php_strip_tags_ex
CVE-2020-7059
Diffstat (limited to 'php.spec')
-rw-r--r-- | php.spec | 18 |
1 files changed, 17 insertions, 1 deletions
@@ -140,7 +140,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: %{upver}%{?rcver:~%{rcver}} -Release: 2%{?dist} +Release: 3%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -206,6 +206,9 @@ Patch202: php-bug78862.patch Patch203: php-bug78863.patch Patch204: php-bug78793.patch Patch205: php-bug78910.patch +Patch206: php-bug79091.patch +Patch207: php-bug79099.patch +Patch208: php-bug79037.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -940,6 +943,9 @@ sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in %patch203 -p1 -b .bug78863 %patch204 -p1 -b .bug78793 %patch205 -p1 -b .bug78910 +%patch206 -p1 -b .bug79091 +%patch207 -p1 -b .bug79099 +%patch208 -p1 -b .bug79037 # Fixes for tests %patch300 -p1 -b .datetests @@ -1894,6 +1900,16 @@ EOF %changelog +* Tue Jan 21 2020 Remi Collet <remi@remirepo.net> - 7.1.33-3 +- mbstring: + Fix #79037 global buffer-overflow in mbfl_filt_conv_big5_wchar + CVE-2020-7060 +- session: + Fix #79091 heap use-after-free in session_create_id +- standard: + Fix #79099 OOB read in php_strip_tags_ex + CVE-2020-7059 + * Tue Dec 17 2019 Remi Collet <remi@remirepo.net> - 7.1.33-2 - bcmath: Fix #78878 Buffer underflow in bc_shift_addsub |