summaryrefslogtreecommitdiffstats
path: root/php.spec
diff options
context:
space:
mode:
Diffstat (limited to 'php.spec')
-rw-r--r--php.spec14
1 files changed, 12 insertions, 2 deletions
diff --git a/php.spec b/php.spec
index 47ad4dc..e549d67 100644
--- a/php.spec
+++ b/php.spec
@@ -70,7 +70,7 @@
%bcond_with zip
# Optional extensions; to disable: pass "--without xxx" etc to rpmbuild/mock.
%bcond_without imap
-%if 0%{?rhel} == 10
+%if 0%{?rhel} > 10
%bcond_with firebird
%else
%bcond_without firebird
@@ -133,7 +133,7 @@
Summary: PHP scripting language for creating dynamic web sites
Name: %{?scl_prefix}php
Version: %{upver}%{?rcver:~%{rcver}}%{?gh_date:.%{gh_date}}
-Release: 2%{?dist}
+Release: 3%{?dist}
# All files licensed under PHP version 3.01, except
# Zend is licensed under Zend
# TSRM is licensed under BSD
@@ -206,6 +206,7 @@ Patch204: php-cve-2026-6735.patch
Patch205: php-cve-2026-7259.patch
Patch206: php-cve-2026-7568.patch
Patch207: php-cve-2026-7258.patch
+Patch208: php-gh22187.patch
# Fixes for tests (300+)
# Factory is droped from system tzdata
@@ -998,6 +999,7 @@ sed -e 's/php-devel/%{?scl_prefix}php-devel/' -i scripts/phpize.in
%patch -P205 -p1 -b .cve7259
%patch -P206 -p1 -b .cve7268
%patch -P207 -p1 -b .cve7258
+%patch -P208 -p1 -b .gh22187
# Fixes for tests
%patch -P300 -p1 -b .datetests
@@ -1049,6 +1051,11 @@ rm ext/zlib/tests/004-mb.phpt
# failed when systemd is enabled
rm sapi/fpm/tests/gh8885-stderr-fd-reload-usr1.phpt
rm sapi/fpm/tests/gh8885-stderr-fd-reload-usr2.phpt
+# Outdated cert
+rm ext/openssl/tests/openssl_x509_parse_basic.phpt
+rm ext/openssl/tests/bug74341.phpt
+rm ext/openssl/tests/sni_server.phpt
+rm ext/openssl/tests/sni_server_key_cert.phpt
# Safety check for API version change.
pver=$(sed -n '/#define PHP_VERSION /{s/.* "//;s/".*$//;p}' main/php_version.h)
@@ -1893,6 +1900,9 @@ EOF
%changelog
+* Wed Jul 1 2026 Remi Collet <remi@remirepo.net> - 8.1.34-3
+- Fix Memory corruption (zend_mm_heap corrupted) in openssl_encrypt with AES-WRAP-PAD
+
* Thu May 7 2026 Remi Collet <remi@remirepo.net> - 8.1.34-2
- Fix XSS within status endpoint
CVE-2026-6735