--- rpms/phpki/contribs9/phpki.spec	2018/09/08 20:59:10	1.2
+++ rpms/phpki/contribs9/phpki.spec	2018/10/08 07:35:31	1.3
@@ -1,10 +1,10 @@
-# $Id: phpki.spec,v 1.1 2013/11/11 17:01:19 vip-ire Exp $
+# $Id: phpki.spec,v 1.2 2018/09/08 20:59:10 jcrisp Exp $
 # Authority: vip-ire
 # Name: Daniel Berteaud
 
 %define 	name phpki
 %define 	version 0.82
-%define 	release 17
+%define 	release 18
 Summary: 	Phpki is a simple certificate management suite
 Name: 		%{name}
 Version: 	%{version}
@@ -32,6 +32,7 @@ Patch15:	phpki-0.82-update_crl_via_cron.
 Patch16:	phpki-0.82-use_sha1.patch
 Patch17:	phpki-0.82-ca_admin_users.patch
 Patch18:	phpki-0.82.bz10622.fixphpwarnings.patch
+Patch19:        phpki-0.82-potential_xss_php_self.patch
 
 BuildArch: 	noarch
 BuildRoot: 	/var/tmp/%{name}-%{version}
@@ -51,6 +52,9 @@ With it, you may create and centrally ma
 e-mail clients, SSL servers, and VPN applications.
 
 %changelog
+* Mon Oct 8 2018 Daniel B. <daniel@firewall-services.com> 0.82-18.sme
+- Fix potential XSS with unsafe use of PHP_SELF [SME: 10626]
+
 * Thu Sep 6 2018 brian r. <brianr@bjsystems.co.uk> 0.82-17.sme
 - Replace use of ereg by preg_replace as per deprecated in php 5.3 and removed in 7.0
 
@@ -134,6 +138,7 @@ e-mail clients, SSL servers, and VPN app
 %patch16 -p1
 %patch17 -p1
 %patch18 -p1
+%patch19 -p1
 
 %build
 %{__mkdir_p} root/opt/phpki/html