diff options
| author | Remi Collet <remi@remirepo.net> | 2026-05-12 09:21:23 +0200 |
|---|---|---|
| committer | Remi Collet <remi@php.net> | 2026-05-12 09:21:23 +0200 |
| commit | 88edb703ae6141870d45d0dee0e131aa55f807c4 (patch) | |
| tree | d5577e1c56291a69d55b5fbbcfa2896e0ec64505 /php.spec | |
| parent | 8321cc2ff79704c3b40f7cde20a5ced2c34f6274 (diff) | |
CVE-2026-6735
Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map
CVE-2026-6722
Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION
CVE-2026-7261
Fix Broken Apache map value NULL check
CVE-2026-7262
Fix Signed integer overflow of char array offset
CVE-2026-7568
Fix Consistently pass unsigned char to ctype.h functions
CVE-2026-7258
Diffstat (limited to 'php.spec')
| -rw-r--r-- | php.spec | 32 |
1 files changed, 29 insertions, 3 deletions
@@ -49,7 +49,7 @@ %global mysql_sock %(mysql_config --socket 2>/dev/null || echo /var/lib/mysql/mysql.sock) -%global oraclever 23.9 +%global oraclever 23.26.1 %global oraclemax 24 %global oraclelib 23.1 %global oracledir 23 @@ -118,7 +118,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: %{?scl_prefix}php Version: %{upver}%{?rcver:~%{rcver}}%{?gh_date:.%{gh_date}} -Release: 25%{?dist} +Release: 26%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -220,6 +220,12 @@ Patch227: php-cve-2025-1735.patch Patch228: php-cve-2025-14177.patch Patch229: php-cve-2025-14178.patch Patch230: php-ghsa-www2-q4fc-65wf.patch +Patch231: php-cve-2026-6722.patch +Patch232: php-cve-2026-7261.patch +Patch233: php-cve-2026-7262.patch +Patch234: php-cve-2026-6735.patch +Patch235: php-cve-2026-7568.patch +Patch236: php-cve-2026-7258.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -1040,6 +1046,12 @@ rm ext/openssl/tests/p12_with_extra_certs.p12 %patch -P228 -p1 -b .cve14177 %patch -P229 -p1 -b .cve14178 %patch -P230 -p1 -b .ghsawwww2 +%patch -P231 -p1 -b .cve6722 +%patch -P232 -p1 -b .cve7261 +%patch -P233 -p1 -b .cve7262 +%patch -P234 -p1 -b .cve6735 +%patch -P235 -p1 -b .cve7268 +%patch -P236 -p1 -b .cve7258 # Fixes for tests %patch -P300 -p1 -b .datetests @@ -1773,7 +1785,7 @@ cat << EOF WARNING : PHP 7.4 have reached its "End of Life" in November 2022. Even, if this package includes some of - the important security fixes, backported from 8.1, the + the important security fixes, backported from 8.2, the UPGRADE to a maintained version is very strongly RECOMMENDED. ===================================================================== @@ -1939,6 +1951,20 @@ EOF %changelog +* Tue May 12 2026 Remi Collet <remi@remirepo.net> - 7.4.33-26 +- Fix XSS within status endpoint + CVE-2026-6735 +- Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map + CVE-2026-6722 +- Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION + CVE-2026-7261 +- Fix Broken Apache map value NULL check + CVE-2026-7262 +- Fix Signed integer overflow of char array offset + CVE-2026-7568 +- Fix Consistently pass unsigned char to ctype.h functions + CVE-2026-7258 + * Thu Dec 18 2025 Remi Collet <remi@remirepo.net> - 7.4.33-25 - Fix Null byte termination in dns_get_record() GHSA-www2-q4fc-65wf |