From dbe18c2a9ae26829557412f4529577b9527bca5d Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Wed, 6 Mar 2019 08:34:54 +0100 Subject: Update to 7.1.27 - http://www.php.net/releases/7_1_27.php add upstream patch for OpenSSL 1.1.1b --- failed.txt | 14 ++++++++++---- php-openssl111.patch | 29 +++++++++++++++++++++++++++++ php.spec | 11 ++++++++--- 3 files changed, 47 insertions(+), 7 deletions(-) create mode 100644 php-openssl111.patch diff --git a/failed.txt b/failed.txt index 884cb57..9aeb964 100644 --- a/failed.txt +++ b/failed.txt @@ -1,15 +1,21 @@ -===== 7.1.26 (2019-01-10) +===== 7.1.27 (2019-03-07) $ grep -r 'Tests failed' /var/lib/mock/scl71*/build.log /var/lib/mock/scl71el6x/build.log:Tests failed : 0 /var/lib/mock/scl71el7x/build.log:Tests failed : 0 -/var/lib/mock/scl71fc26x/build.log:Tests failed : 0 +/var/lib/mock/scl71el8x/build.log:Tests failed : 53 /var/lib/mock/scl71fc27x/build.log:Tests failed : 0 -/var/lib/mock/scl71fc28x/build.log:Tests failed : 0 -/var/lib/mock/scl71fc29x/build.log:Tests failed : 0 +/var/lib/mock/scl71fc28x/build.log:Tests failed : 3 +/var/lib/mock/scl71fc29x/build.log:Tests failed : 4 +fc28x, fc29x: + Bug #33414 [1] (Comprehensive list of incorrect days returned after strotime() / date() tests) [ext/date/tests/bug33414-1.phpt] + Bug #33415 [2] (Possibly invalid non-one-hour DST or timezone shifts) [ext/date/tests/bug33415-2.phpt] + date_modify() function [1] [ext/date/tests/date_modify-1.phpt] +fc29x: + TLS server rate-limits client-initiated renegotiation [ext/openssl/tests/stream_server_reneg_limit.phpt] 1 proc_open give erratic test results :( diff --git a/php-openssl111.patch b/php-openssl111.patch new file mode 100644 index 0000000..ea43711 --- /dev/null +++ b/php-openssl111.patch @@ -0,0 +1,29 @@ +From 19a44ffb7be91344550fa700830b8e62a73031ba Mon Sep 17 00:00:00 2001 +From: Anatol Belski +Date: Thu, 28 Feb 2019 12:48:47 +0100 +Subject: [PATCH] Sync with behavior change in OpenSSL 1.1.1b + +A behavior change in revealed by some openssl_decrypt() based test, +where an encrypt API is used with a decrypt context. The EVP_Cipher* +functions will automatically choose the right operation depending on the +context passed. +--- + ext/openssl/openssl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c +index 871a30c..7df5072 100644 +--- a/ext/openssl/openssl.c ++++ b/ext/openssl/openssl.c +@@ -6494,7 +6494,7 @@ static int php_openssl_cipher_update(const EVP_CIPHER *cipher_type, + { + int i = 0; + +- if (mode->is_single_run_aead && !EVP_EncryptUpdate(cipher_ctx, NULL, &i, NULL, (int)data_len)) { ++ if (mode->is_single_run_aead && !EVP_CipherUpdate(cipher_ctx, NULL, &i, NULL, (int)data_len)) { + php_openssl_store_errors(); + php_error_docref(NULL, E_WARNING, "Setting of data length failed"); + return FAILURE; +-- +2.1.4 + diff --git a/php.spec b/php.spec index 04114a2..f83600e 100644 --- a/php.spec +++ b/php.spec @@ -125,13 +125,12 @@ %global db_devel libdb-devel %endif -%global upver 7.1.26 -#global rcver RC1 +%global upver 7.1.27 Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: %{upver}%{?rcver:~%{rcver}} -Release: 2%{?dist} +Release: 1%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -190,6 +189,7 @@ Patch49: php-7.1.24-getallheaders.patch Patch91: php-5.6.3-oci8conf.patch # Upstream fixes (100+) +Patch100: php-openssl111.patch # Security fixes (200+) @@ -912,6 +912,7 @@ support for JavaScript Object Notation (JSON) to PHP. %patch91 -p1 -b .remi-oci8 # upstream patches +%patch100 -p1 -b .up # security patches @@ -1854,6 +1855,10 @@ fi %changelog +* Wed Mar 6 2019 Remi Collet - 7.1.27-1 +- Update to 7.1.27 - http://www.php.net/releases/7_1_27.php +- add upstream patch for OpenSSL 1.1.1b + * Fri Jan 18 2019 Remi Collet - 7.1.26-2 - cleanup for EL-8 -- cgit