summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--php-cve-2026-14355.patch (renamed from php-gh22187.patch)0
-rw-r--r--php.spec4
2 files changed, 3 insertions, 1 deletions
diff --git a/php-gh22187.patch b/php-cve-2026-14355.patch
index 5e6850a..5e6850a 100644
--- a/php-gh22187.patch
+++ b/php-cve-2026-14355.patch
diff --git a/php.spec b/php.spec
index 6182c4a..a4e3251 100644
--- a/php.spec
+++ b/php.spec
@@ -226,7 +226,8 @@ Patch233: php-cve-2026-7262.patch
Patch234: php-cve-2026-6735.patch
Patch235: php-cve-2026-7568.patch
Patch236: php-cve-2026-7258.patch
-Patch237: php-gh22187.patch
+# from 8.2.32
+Patch237: php-cve-2026-14355.patch
# Fixes for tests (300+)
# Factory is droped from system tzdata
@@ -1961,6 +1962,7 @@ EOF
%changelog
* Wed Jul 1 2026 Remi Collet <remi@remirepo.net> - 7.4.33-27
- Fix Memory corruption (zend_mm_heap corrupted) in openssl_encrypt with AES-WRAP-PAD
+ CVE-2026-14355
* Tue May 12 2026 Remi Collet <remi@remirepo.net> - 7.4.33-26
- Fix XSS within status endpoint