From 9d0e088bae4b092768b2779b9f82cac349cb80e2 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Tue, 17 Dec 2019 16:21:44 +0100
Subject: - bcmath:   Fix #78878 Buffer underflow in bc_shift_addsub  
 CVE-2019-11046 - core:   Fix #78862 link() silently truncates after a null
 byte on Windows   CVE-2019-11044   Fix #78863 DirectoryIterator class
 silently truncates after a null byte   CVE-2019-11045 - exif   Fix #78793
 Use-after-free in exif parsing under memory sanitizer   CVE-2019-11050   Fix
 #78910 Heap-buffer-overflow READ in exif   CVE-2019-11047 - use oracle client
 library version 19.5 (18.5 on EL-6)

---
 php.spec | 47 +++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 45 insertions(+), 2 deletions(-)

(limited to 'php.spec')

diff --git a/php.spec b/php.spec
index 7ff5072..a81044e 100644
--- a/php.spec
+++ b/php.spec
@@ -56,10 +56,14 @@
 %global mysql_sock %(mysql_config --socket  2>/dev/null || echo /var/lib/mysql/mysql.sock)
 
 %if 0%{?rhel} == 6
+%ifarch x86_64
+%global oraclever 18.5
+%else
 %global oraclever 18.3
+%endif
 %global oraclelib 18.1
 %else
-%global oraclever 19.3
+%global oraclever 19.5
 %global oraclelib 19.1
 %endif
 
@@ -136,7 +140,7 @@
 Summary: PHP scripting language for creating dynamic web sites
 Name: %{?scl_prefix}php
 Version: %{upver}%{?rcver:~%{rcver}}
-Release: 1%{?dist}
+Release: 2%{?dist}
 # All files licensed under PHP version 3.01, except
 # Zend is licensed under Zend
 # TSRM is licensed under BSD
@@ -197,6 +201,11 @@ Patch91: php-5.6.3-oci8conf.patch
 # Upstream fixes (100+)
 
 # Security fixes (200+)
+Patch201: php-bug78878.patch
+Patch202: php-bug78862.patch
+Patch203: php-bug78863.patch
+Patch204: php-bug78793.patch
+Patch205: php-bug78910.patch
 
 # Fixes for tests (300+)
 # Factory is droped from system tzdata
@@ -926,6 +935,11 @@ sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in
 # upstream patches
 
 # security patches
+%patch201 -p1 -b .bug78878
+%patch202 -p1 -b .bug78862
+%patch203 -p1 -b .bug78863
+%patch204 -p1 -b .bug78793
+%patch205 -p1 -b .bug78910
 
 # Fixes for tests
 %patch300 -p1 -b .datetests
@@ -1690,6 +1704,19 @@ fi
 %endif
 
 
+%posttrans common
+cat << EOF
+=====================================================================
+
+  WARNING : PHP 7.1 have reached its "End of Life" in
+  December 2019. Even, if this package includes some of
+  the important security fix, backported from 7.2, the
+  UPGRADE to a maintained version is very strongly RECOMMENDED.
+
+=====================================================================
+EOF
+
+
 %{!?_licensedir:%global license %%doc}
 
 %files
@@ -1867,6 +1894,22 @@ fi
 
 
 %changelog
+* Tue Dec 17 2019 Remi Collet <remi@remirepo.net> - 7.1.33-2
+- bcmath:
+  Fix #78878 Buffer underflow in bc_shift_addsub
+  CVE-2019-11046
+- core:
+  Fix #78862 link() silently truncates after a null byte on Windows
+  CVE-2019-11044
+  Fix #78863 DirectoryIterator class silently truncates after a null byte
+  CVE-2019-11045
+- exif
+  Fix #78793 Use-after-free in exif parsing under memory sanitizer
+  CVE-2019-11050
+  Fix #78910 Heap-buffer-overflow READ in exif
+  CVE-2019-11047
+- use oracle client library version 19.5 (18.5 on EL-6)
+
 * Wed Oct 23 2019 Remi Collet <remi@remirepo.net> - 7.1.33-1
 - Update to 7.1.33 - http://www.php.net/releases/7_1_33.php
 
-- 
cgit