fix possible buffer overflow in date

define %php73___phpize and %php73___phpconfig
author: Remi Collet <remi@remirepo.net> 2023-06-20 16:07:47 +0200
committer: Remi Collet <remi@php.net> 2023-06-20 16:07:47 +0200
commit: df2e08bb800937d9cecafb95d8786e21040a84aa (patch)
tree: fb30e79fa732b1b680ca9fdc0105a89eae826aa3 /php.spec
parent: ad7980aa6e0f52d9a93ae2a989beb3c2ce937962 (diff)
1 files changed, 37 insertions, 33 deletions
diff --git a/php.spec b/php.spec
index 749328e..27fe918 100644
--- a/php.spec
+++ b/php.spec
@@ -126,7 +126,7 @@
 Summary: PHP scripting language for creating dynamic web sites
 Name:    %{?scl_prefix}php
 Version: %{upver}%{?rcver:~%{rcver}}
-Release: 9%{?dist}
+Release: 10%{?dist}
 # All files licensed under PHP version 3.01, except
 # Zend is licensed under Zend
 # TSRM is licensed under BSD
@@ -207,7 +207,7 @@ Patch205: php-bug81740.patch
 Patch206: php-bug81744.patch
 Patch207: php-bug81746.patch
 Patch208: php-cve-2023-0662.patch
-Patch209: php-ghsa-76gg-c692-v2mw.patch
+Patch209: php-cve-2023-3247.patch
 
 # Fixes for tests (300+)
 # Factory is droped from system tzdata
@@ -951,51 +951,51 @@ low-level PHP extension for the libsodium cryptographic library.
 %setup -q -n php-%{upver}%{?rcver}
 %endif
 
-%patch1 -p1 -b .mpmcheck
-%patch5 -p1 -b .includedir
-%patch6 -p1 -b .embed
-%patch7 -p1 -b .recode
-%patch8 -p1 -b .libdb
+%patch -P1 -p1 -b .mpmcheck
+%patch -P5 -p1 -b .includedir
+%patch -P6 -p1 -b .embed
+%patch -P7 -p1 -b .recode
+%patch -P8 -p1 -b .libdb
 %if 0%{?rhel}
-%patch9 -p1 -b .curltls
+%patch -P9 -p1 -b .curltls
 %endif
-%patch10 -p1 -b .nodes
+%patch -P10 -p1 -b .nodes
 
-%patch40 -p1 -b .dlopen
+%patch -P40 -p1 -b .dlopen
 %if 0%{?fedora} >= 28 || 0%{?rhel} >= 6
-%patch42 -p1 -b .systzdata
+%patch -P42 -p1 -b .systzdata
 %endif
-%patch43 -p1 -b .headers
+%patch -P43 -p1 -b .headers
 sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in
 %if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
-%patch45 -p1 -b .ldap_r
+%patch -P45 -p1 -b .ldap_r
 %endif
-%patch46 -p1 -b .fixheader
-%patch47 -p1 -b .phpinfo
-%patch48 -p1 -b .pdooci
-%patch49 -p1 -b .fpmsig
+%patch -P46 -p1 -b .fixheader
+%patch -P47 -p1 -b .phpinfo
+%patch -P48 -p1 -b .pdooci
+%patch -P49 -p1 -b .fpmsig
 
-%patch91 -p1 -b .remi-oci8
+%patch -P91 -p1 -b .remi-oci8
 
 # upstream patches
-%patch100 -p1 -b .bug80682
-%patch101 -p1 -b .bug80783
-%patch102 -p1 -b .pcre1038
+%patch -P100 -p1 -b .bug80682
+%patch -P101 -p1 -b .bug80783
+%patch -P102 -p1 -b .pcre1038
 
 # security patches
-%patch200 -p1 -b .bug81719
-%patch201 -p1 -b .bug81720
-%patch202 -p1 -b .bug81727
-%patch203 -p1 -b .bug81726
-%patch204 -p1 -b .bug81738
-%patch205 -p1 -b .bug81740
-%patch206 -p1 -b .bug81744
-%patch207 -p1 -b .bug81746
-%patch208 -p1 -b .cve0662
-%patch209 -p1 -b .ghsa-76gg-c692-v2mw
+%patch -P200 -p1 -b .bug81719
+%patch -P201 -p1 -b .bug81720
+%patch -P202 -p1 -b .bug81727
+%patch -P203 -p1 -b .bug81726
+%patch -P204 -p1 -b .bug81738
+%patch -P205 -p1 -b .bug81740
+%patch -P206 -p1 -b .bug81744
+%patch -P207 -p1 -b .bug81746
+%patch -P208 -p1 -b .cve0662
+%patch -P209 -p1 -b .cve3247
 
 # Fixes for tests
-%patch300 -p1 -b .datetests
+%patch -P300 -p1 -b .datetests
 
 # WIP patch
 
@@ -1952,10 +1952,14 @@ EOF
 
 
 %changelog
+* Tue Jun 20 2023 Remi Collet <remi@remirepo.net> - 7.3.33-10
+- fix possible buffer overflow in date
+- define %%php73___phpize and %%php73___phpconfig
+
 * Wed Jun  7 2023 Remi Collet <remi@remirepo.net> - 7.3.33-9
 - Fix Missing error check and insufficient random bytes in HTTP Digest
   authentication for SOAP
-  GHSA-76gg-c692-v2mw
+  GHSA-76gg-c692-v2mw  CVE-2023-3247
 - use oracle client library version 21.10
 
 * Tue Feb 14 2023 Remi Collet <remi@remirepo.net> - 7.3.33-8
author	Remi Collet <remi@remirepo.net>	2023-06-20 16:07:47 +0200
committer	Remi Collet <remi@php.net>	2023-06-20 16:07:47 +0200
commit	df2e08bb800937d9cecafb95d8786e21040a84aa (patch)
tree	fb30e79fa732b1b680ca9fdc0105a89eae826aa3 /php.spec
parent	ad7980aa6e0f52d9a93ae2a989beb3c2ce937962 (diff)