diff options
author | Remi Collet <remi@remirepo.net> | 2021-02-03 09:52:34 +0100 |
---|---|---|
committer | Remi Collet <remi@remirepo.net> | 2021-02-03 09:52:34 +0100 |
commit | 9777b6f7c823fb6c868d004abe85655fa91831d1 (patch) | |
tree | 84eac696e8fdcdecfaa820d573536cd44f8d72f7 /php.spec | |
parent | 986f60d859ab5c31fa877c302bbbb2056c20c1ea (diff) |
Fix #80672 Null Dereference in SoapClient
CVE-2021-21702
better fix for #77423
Diffstat (limited to 'php.spec')
-rw-r--r-- | php.spec | 22 |
1 files changed, 21 insertions, 1 deletions
@@ -140,7 +140,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: %{upver}%{?rcver:~%{rcver}} -Release: 2%{?dist} +Release: 3%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -204,6 +204,7 @@ Patch91: php-7.2.0-oci8conf.patch # Security fixes (200+) Patch200: php-bug77423.patch +Patch201: php-bug80672.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -966,6 +967,7 @@ sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in # security patches %patch200 -p1 -b .bug77423 +%patch201 -p1 -b .bug80672 # Fixes for tests %patch300 -p1 -b .datetests @@ -1749,6 +1751,19 @@ fi %endif +%posttrans common +cat << EOF +===================================================================== + + WARNING : PHP 7.2 have reached its "End of Life" in + November 2020. Even, if this package includes some of + the important security fix, backported from 7.3, the + UPGRADE to a maintained version is very strongly RECOMMENDED. + +===================================================================== +EOF + + %{!?_licensedir:%global license %%doc} %files @@ -1924,6 +1939,11 @@ fi %changelog +* Wed Feb 3 2021 Remi Collet <remi@remirepo.net> - 7.2.34-3 +- Fix #80672 Null Dereference in SoapClient + CVE-2021-21702 +- better fix for #77423 + * Mon Jan 4 2021 Remi Collet <remi@remirepo.net> - 7.2.34-2 - Fix #77423 FILTER_VALIDATE_URL accepts URLs with invalid userinfo CVE-2020-7071 |