15 |
# heuristic used by bindir/mysql_config. |
# heuristic used by bindir/mysql_config. |
16 |
%define mysql_config %{_libdir}/mysql/mysql_config |
%define mysql_config %{_libdir}/mysql/mysql_config |
17 |
|
|
18 |
|
%define _default_patch_fuzz 2 |
19 |
|
|
20 |
Summary: PHP scripting language for creating dynamic web sites |
Summary: PHP scripting language for creating dynamic web sites |
21 |
Name: php |
Name: php |
22 |
Version: 5.3.3 |
Version: 5.3.3 |
23 |
Release: 13%{?dist}.2 |
Release: 16%{?dist} |
24 |
License: PHP and LGPLv2 and LGPLv2+ |
License: PHP and LGPLv2 and LGPLv2+ |
25 |
Group: Development/Languages |
Group: Development/Languages |
26 |
URL: http://www.php.net/ |
URL: http://www.php.net/ |
40 |
|
|
41 |
# Fixes for extensions |
# Fixes for extensions |
42 |
Patch20: php-4.3.11-shutdown.patch |
Patch20: php-4.3.11-shutdown.patch |
43 |
|
Patch21: php-5.3.3-zipmemset.patch |
44 |
|
Patch22: php-5.3.3-pdo-overflow.patch |
45 |
|
Patch23: php-5.3.3-pdo-53551.patch |
46 |
|
Patch24: php-5.3.3-fileinfo.patch |
47 |
|
Patch25: php-5.3.3-imap.patch |
48 |
|
Patch26: php-5.3.3-odbc.patch |
49 |
|
|
50 |
# Functional changes |
# Functional changes |
51 |
Patch40: php-5.0.4-dlopen.patch |
Patch40: php-5.0.4-dlopen.patch |
57 |
Patch62: php-5.3.2-testfail.patch |
Patch62: php-5.3.2-testfail.patch |
58 |
|
|
59 |
# Bug fixes |
# Bug fixes |
60 |
Patch100: php-5.3.2-r305570.patch |
Patch100: php-5.3.3-extrglob.patch |
61 |
Patch101: php-5.3.3-r305043.patch |
Patch101: php-5.3.3-varnegidx.patch |
62 |
Patch102: php-5.3.3-varnegidx.patch |
Patch102: php-5.3.3-setdate.patch |
63 |
|
# 103 not needed (no php-fpm) |
64 |
|
Patch104: php-5.3.3-zendgc.patch |
65 |
|
Patch105: php-5.3.3-r305043.patch |
66 |
|
Patch106: php-5.3.3-copy.patch |
67 |
|
Patch107: php-5.3.3-errorhandler.patch |
68 |
|
Patch108: php-5.3.3-bug54268.patch |
69 |
|
|
70 |
# Fixes for security bugs |
# Fixes for security bugs |
71 |
Patch207: php-5.3.2-CVE-2010-3709.patch |
Patch200: php-5.3.2-CVE-2010-3709.patch |
72 |
Patch208: php-5.3.2-CVE-2010-3870.patch |
Patch201: php-5.3.2-CVE-2010-3870.patch |
73 |
Patch209: php-5.3.2-CVE-2010-4645.patch |
Patch202: php-5.3.3-CVE-2010-3710.patch |
74 |
Patch210: php-5.3.3-CVE-2010-3710.patch |
Patch203: php-5.3.2-CVE-2010-4645.patch |
75 |
Patch211: php-5.3.3-CVE-2010-4156.patch |
Patch204: php-5.3.3-CVE-2010-4156.patch |
76 |
Patch212: php-5.3.3-CVE-2011-0708.patch |
Patch205: php-5.3.3-CVE-2011-0708.patch |
77 |
Patch213: php-5.3.3-CVE-2011-1148.patch |
Patch206: php-5.3.3-CVE-2011-1148.patch |
78 |
Patch214: php-5.3.3-CVE-2011-1466.patch |
Patch207: php-5.3.3-CVE-2011-1466.patch |
79 |
Patch215: php-5.3.3-CVE-2011-1468.patch |
Patch208: php-5.3.3-CVE-2011-1468.patch |
80 |
Patch216: php-5.3.3-CVE-2011-1469.patch |
Patch209: php-5.3.3-CVE-2011-1469.patch |
81 |
Patch218: php-5.3.3-CVE-2011-1471.patch |
# 210 not needed (not affected) |
82 |
Patch219: php-5.3.3-CVE-2011-1938.patch |
Patch211: php-5.3.3-CVE-2011-1471.patch |
83 |
Patch220: php-5.3.3-CVE-2011-2202.patch |
Patch212: php-5.3.3-CVE-2011-1938.patch |
84 |
Patch221: php-5.3.3-CVE-2011-2483.patch |
Patch213: php-5.3.3-CVE-2011-2202.patch |
85 |
Patch222: php-5.3.3-CVE-2011-4885.patch |
Patch214: php-5.3.3-CVE-2011-2483.patch |
86 |
Patch223: php-5.3.3-CVE-2011-4566.patch |
Patch215: php-5.3.3-CVE-2011-4885.patch |
87 |
Patch224: php-5.3.3-CVE-2012-0830.patch |
Patch216: php-5.3.3-CVE-2011-4566.patch |
88 |
Patch225: php-5.3.3-CVE-2012-1823.patch |
Patch217: php-5.3.3-CVE-2012-0830.patch |
89 |
Patch226: php-5.3.3-CVE-2012-2336.patch |
Patch218: php-5.3.3-CVE-2012-1823.patch |
90 |
Patch230: php-5.3.3-CVE-2011-4153.patch |
Patch219: php-5.3.3-CVE-2012-2336.patch |
91 |
Patch232: php-5.3.3-CVE-2012-1172.patch |
Patch220: php-5.3.3-CVE-2011-4153.patch |
92 |
Patch233: php-5.3.3-CVE-2012-2143.patch |
# 221 not needed (no php-tidy) |
93 |
Patch234: php-5.3.3-CVE-2012-2386.patch |
Patch222: php-5.3.3-CVE-2012-1172.patch |
94 |
Patch235: php-5.3.3-CVE-2012-0057.patch |
Patch223: php-5.3.3-CVE-2012-2143.patch |
95 |
Patch236: php-5.3.3-CVE-2012-0789.patch |
Patch224: php-5.3.3-CVE-2012-2386.patch |
96 |
Patch237: php-5.3.3-CVE-2010-2950.patch |
Patch225: php-5.3.3-CVE-2012-0057.patch |
97 |
Patch238: php-5.3.3-CVE-2013-4113.patch |
Patch226: php-5.3.3-CVE-2012-0789.patch |
98 |
|
Patch227: php-5.3.3-CVE-2010-2950.patch |
99 |
|
Patch228: php-5.3.3-CVE-2012-2688.patch |
100 |
|
Patch229: php-5.3.3-CVE-2012-0831.patch |
101 |
|
Patch230: php-5.3.3-CVE-2011-1398.patch |
102 |
|
Patch231: php-5.3.3-CVE-2013-1643.patch |
103 |
|
Patch232: php-5.3.3-CVE-2006-7243.patch |
104 |
|
Patch233: php-5.3.3-CVE-2013-4113.patch |
105 |
|
Patch234: php-5.3.3-CVE-2013-4248.patch |
106 |
|
Patch235: php-5.3.3-CVE-2013-6420.patch |
107 |
|
Patch236: php-5.3.3-CVE-2014-0237.patch |
108 |
|
Patch237: php-5.3.3-CVE-2014-0238.patch |
109 |
|
Patch238: php-5.3.3-CVE-2014-2270.patch |
110 |
|
Patch239: php-5.3.3-CVE-2014-1943.patch |
111 |
|
Patch240: php-5.3.3-CVE-2014-3479.patch |
112 |
|
Patch241: php-5.3.3-CVE-2012-1571.patch |
113 |
|
Patch242: php-5.3.3-CVE-2014-3480.patch |
114 |
|
Patch243: php-5.3.3-CVE-2014-4721.patch |
115 |
|
Patch244: php-5.3.3-CVE-2013-6712.patch |
116 |
|
Patch245: php-5.3.3-CVE-2014-4049.patch |
117 |
|
Patch246: php-5.3.3-CVE-2014-3515.patch |
118 |
|
Patch247: php-5.3.3-CVE-2014-2497.patch |
119 |
|
Patch248: php-5.3.3-CVE-2014-3587.patch |
120 |
|
Patch249: php-5.3.3-CVE-2014-3597.patch |
121 |
|
Patch250: php-5.3.3-CVE-2014-4698.patch |
122 |
|
Patch251: php-5.3.3-CVE-2014-4670.patch |
123 |
|
|
124 |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
125 |
|
|
164 |
Summary: Common files for PHP |
Summary: Common files for PHP |
165 |
Provides: php-api = %{apiver}, php-zend-abi = %{zendver} |
Provides: php-api = %{apiver}, php-zend-abi = %{zendver} |
166 |
Provides: php(api) = %{apiver}, php(zend-abi) = %{zendver} |
Provides: php(api) = %{apiver}, php(zend-abi) = %{zendver} |
167 |
|
Provides: php(language) = %{version} |
168 |
# Provides for all builtin modules: |
# Provides for all builtin modules: |
169 |
Provides: php-bz2, php-calendar, php-ctype, php-curl, php-date, php-exif |
Provides: php-bz2, php-calendar, php-ctype, php-curl, php-date, php-exif |
170 |
Provides: php-ftp, php-gettext, php-gmp, php-hash, php-iconv, php-libxml |
Provides: php-ftp, php-gettext, php-gmp, php-hash, php-iconv, php-libxml |
171 |
Provides: php-reflection, php-session, php-shmop, php-simplexml, php-sockets |
Provides: php-reflection, php-session, php-shmop, php-simplexml, php-sockets |
172 |
Provides: php-spl, php-tokenizer, php-openssl, php-pcre |
Provides: php-spl, php-tokenizer, php-openssl, php-pcre |
173 |
Provides: php-zlib, php-json, php-zip, php-fileinfo |
Provides: php-zlib, php-json, php-zip, php-fileinfo |
174 |
|
Provides: php-core, php-ereg, php-filter, php-phar, php-standard |
175 |
Provides: php53-common = %{version}-%{release}, config(php53-common) = %{version}-%{release} |
Provides: php53-common = %{version}-%{release}, config(php53-common) = %{version}-%{release} |
176 |
|
Obsoletes: php-pecl-json, php-pecl-zip, php-pecl-phar, php-pecl-Fileinfo |
177 |
Obsoletes: php-openssl, php-json |
Obsoletes: php-openssl, php-json |
178 |
# For obsoleted pecl extension |
# For obsoleted pecl extension |
179 |
Provides: php-pecl-json = %{jsonver}, php-pecl(json) = %{jsonver} |
Provides: php-pecl-json = %{jsonver}, php-pecl(json) = %{jsonver} |
420 |
%patch8 -p1 -b .aconf26x |
%patch8 -p1 -b .aconf26x |
421 |
|
|
422 |
%patch20 -p1 -b .shutdown |
%patch20 -p1 -b .shutdown |
423 |
|
%patch21 -p1 -b .zipmemset |
424 |
|
%patch22 -p1 -b .pdooverflow |
425 |
|
%patch23 -p1 -b .pdo53551 |
426 |
|
%patch24 -p1 -b .streams |
427 |
|
%patch25 -p1 -b .imapauth |
428 |
|
%patch26 -p1 -b .pdoodbc |
429 |
|
|
430 |
%patch40 -p1 -b .dlopen |
%patch40 -p1 -b .dlopen |
431 |
%patch41 -p1 -b .easter |
%patch41 -p1 -b .easter |
434 |
%patch61 -p1 -b .tests-wddx |
%patch61 -p1 -b .tests-wddx |
435 |
%patch62 -p1 -b .testfail |
%patch62 -p1 -b .testfail |
436 |
|
|
437 |
%patch100 -p1 -b .r305570 |
%patch100 -p1 -b .extrglob |
438 |
%patch101 -p1 -b .r305043 |
%patch101 -p1 -b .varnegidx |
439 |
%patch102 -p1 -b .varnegidx |
%patch102 -p1 -b .setdate |
440 |
|
|
441 |
%patch207 -p1 -b .cve3709 |
%patch104 -p1 -b .zendgc |
442 |
%patch208 -p1 -b .cve3870 |
%patch105 -p1 -b .r305043 |
443 |
%patch209 -p1 -b .cve4645 |
%patch106 -p1 -b .copy |
444 |
%patch210 -p1 -b .cve3710 |
%patch107 -p1 -b .errorhandler |
445 |
%patch211 -p1 -b .cve4156 |
%patch108 -p1 -b .bug54268 |
446 |
%patch212 -p1 -b .cve0708 |
|
447 |
%patch213 -p1 -b .cve1148 |
%patch200 -p1 -b .cve3709 |
448 |
%patch214 -p1 -b .cve1466 |
%patch201 -p1 -b .cve3870 |
449 |
%patch215 -p1 -b .cve1468 |
%patch202 -p1 -b .cve4645 |
450 |
%patch216 -p1 -b .cve1469 |
%patch203 -p1 -b .cve3710 |
451 |
%patch218 -p1 -b .cve1471 |
%patch204 -p1 -b .cve4156 |
452 |
%patch219 -p1 -b .cve1938 |
%patch205 -p1 -b .cve0708 |
453 |
%patch220 -p1 -b .cve2202 |
%patch206 -p1 -b .cve1148 |
454 |
%patch221 -p1 -b .cve2483 |
%patch207 -p1 -b .cve1466 |
455 |
%patch222 -p1 -b .cve4885 |
%patch208 -p1 -b .cve1468 |
456 |
%patch223 -p1 -b .cve4566 |
%patch209 -p1 -b .cve1469 |
457 |
%patch224 -p1 -b .cve0830 |
%patch211 -p1 -b .cve1471 |
458 |
%patch225 -p1 -b .cve1823 |
%patch212 -p1 -b .cve1938 |
459 |
%patch226 -p1 -b .cve2336 |
%patch213 -p1 -b .cve2202 |
460 |
|
%patch214 -p1 -b .cve2483 |
461 |
%patch230 -p1 -b .cve4153 |
%patch215 -p1 -b .cve4885 |
462 |
%patch232 -p1 -b .cve1172 |
%patch216 -p1 -b .cve4566 |
463 |
%patch233 -p1 -b .cve2143 |
%patch217 -p1 -b .cve0830 |
464 |
%patch234 -p1 -b .cve2386 |
%patch218 -p1 -b .cve1823 |
465 |
%patch235 -p1 -b .cve0057 |
%patch219 -p1 -b .cve2336 |
466 |
%patch236 -p1 -b .cve0789 |
|
467 |
%patch237 -p1 -b .cve2950 |
%patch220 -p1 -b .cve4153 |
468 |
%patch238 -p1 -b .cve4113 |
%patch222 -p1 -b .cve1172 |
469 |
|
%patch223 -p1 -b .cve2143 |
470 |
|
%patch224 -p1 -b .cve2386 |
471 |
|
%patch225 -p1 -b .cve0057 |
472 |
|
%patch226 -p1 -b .cve0789 |
473 |
|
%patch227 -p1 -b .cve2950 |
474 |
|
%patch228 -p1 -b .cve2688 |
475 |
|
%patch229 -p1 -b .cve0831 |
476 |
|
%patch230 -p1 -b .cve1398 |
477 |
|
%patch231 -p1 -b .cve1643 |
478 |
|
%patch232 -p1 -b .cve7243 |
479 |
|
%patch233 -p1 -b .cve4113 |
480 |
|
%patch234 -p1 -b .cve4248 |
481 |
|
%patch235 -p1 -b .cve6420 |
482 |
|
%patch236 -p1 -b .cve0237 |
483 |
|
%patch237 -p1 -b .cve0238 |
484 |
|
%patch238 -p1 -b .cve2270 |
485 |
|
%patch239 -p1 -b .cve1943 |
486 |
|
%patch240 -p1 -b .cve3479 |
487 |
|
%patch241 -p1 -b .cve1571 |
488 |
|
%patch242 -p1 -b .cve3480 |
489 |
|
%patch243 -p1 -b .cve4721 |
490 |
|
%patch244 -p1 -b .cve6712 |
491 |
|
%patch245 -p1 -b .cve4049 |
492 |
|
%patch246 -p1 -b .cve3515 |
493 |
|
%patch247 -p1 -b .cve2497 |
494 |
|
%patch248 -p1 -b .cve3587 |
495 |
|
%patch249 -p1 -b .cve3597 |
496 |
|
%patch250 -p1 -b .cve4698 |
497 |
|
%patch251 -p1 -b .cve4670 |
498 |
|
|
499 |
# Prevent %%doc confusion over LICENSE files |
# Prevent %%doc confusion over LICENSE files |
500 |
cp -p Zend/LICENSE Zend/ZEND_LICENSE |
cp -p Zend/LICENSE Zend/ZEND_LICENSE |
570 |
|
|
571 |
# Fix some bogus permissions |
# Fix some bogus permissions |
572 |
find . -name \*.[ch] -exec chmod 644 {} \; |
find . -name \*.[ch] -exec chmod 644 {} \; |
573 |
|
find . -name \*.cpp -exec chmod 644 {} \; |
574 |
chmod 644 README.* |
chmod 644 README.* |
575 |
|
|
576 |
%build |
%build |
792 |
install -d $RPM_BUILD_ROOT%{_sysconfdir}/rpm |
install -d $RPM_BUILD_ROOT%{_sysconfdir}/rpm |
793 |
# %{SOURCE3} used here -> |
# %{SOURCE3} used here -> |
794 |
sed -e "s/@PHP_APIVER@/%{apiver}/;s/@PHP_ZENDVER@/%{zendver}/;s/@PHP_PDOVER@/%{pdover}/" \ |
sed -e "s/@PHP_APIVER@/%{apiver}/;s/@PHP_ZENDVER@/%{zendver}/;s/@PHP_PDOVER@/%{pdover}/" \ |
795 |
|
-e "s/@PHP_VERSION@/%{version}/" \ |
796 |
< $RPM_SOURCE_DIR/macros.php > macros.php |
< $RPM_SOURCE_DIR/macros.php > macros.php |
797 |
install -m 644 -c macros.php \ |
install -m 644 -c macros.php \ |
798 |
$RPM_BUILD_ROOT%{_sysconfdir}/rpm/macros.php |
$RPM_BUILD_ROOT%{_sysconfdir}/rpm/macros.php |
874 |
%files process -f files.process |
%files process -f files.process |
875 |
|
|
876 |
%changelog |
%changelog |
877 |
|
* Sat Oct 18 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-16.sme |
878 |
|
- Resync with upstream php53, which include (see [SME: 8574]) |
879 |
|
- spl: fix use-after-free in ArrayIterator due to object |
880 |
|
change during sorting. CVE-2014-4698 |
881 |
|
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670 |
882 |
|
- gd: fix NULL pointer dereference in gdImageCreateFromXpm. |
883 |
|
CVE-2014-2497 |
884 |
|
- fileinfo: fix incomplete fix for CVE-2012-1571 in |
885 |
|
cdf_read_property_info. CVE-2014-3587 |
886 |
|
- core: fix incomplete fix for CVE-2014-4049 DNS TXT |
887 |
|
record parsing. CVE-2014-3597 |
888 |
|
|
889 |
|
* Thu Aug 7 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-15.sme |
890 |
|
- Resync with upstream php53, which include (see [SME: 8515]) |
891 |
|
- core: type confusion issue in phpinfo(). CVE-2014-4721 |
892 |
|
- date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712 |
893 |
|
- core: fix heap-based buffer overflow in DNS TXT record parsing. |
894 |
|
CVE-2014-4049 |
895 |
|
- core: unserialize() SPL ArrayObject / SPLObjectStorage type |
896 |
|
confusion flaw. CVE-2014-3515 |
897 |
|
- fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270 |
898 |
|
- fileinfo: unrestricted recursion in handling of indirect type |
899 |
|
rules. CVE-2014-1943 |
900 |
|
- fileinfo: out of bounds read in CDF parser. CVE-2012-1571 |
901 |
|
- fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479 |
902 |
|
- fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480 |
903 |
|
- fileinfo: cdf_unpack_summary_info() excessive looping |
904 |
|
DoS. CVE-2014-0237 |
905 |
|
- fileinfo: CDF property info parsing nelements infinite |
906 |
|
loop. CVE-2014-0238 |
907 |
|
|
908 |
|
* Mon Dec 16 2013 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-14.sme |
909 |
|
- Resync with upstream php53, which include (see [SME: 8064]) |
910 |
|
- add security fix for CVE-2013-6420 |
911 |
|
- add security fix for CVE-2013-4248 |
912 |
|
- add upstream reproducer for error_handler (#951075) |
913 |
|
- add security fixes for CVE-2006-7243 |
914 |
|
- add security fixes for CVE-2012-2688, CVE-2012-0831, |
915 |
|
CVE-2011-1398, CVE-2013-1643 |
916 |
|
- fix segfault in error_handler with |
917 |
|
allow_call_time_pass_reference = Off (#951075) |
918 |
|
- fix double free when destroy_zend_class fails (#951076) |
919 |
|
- fix possible buffer overflow in pdo_odbc (#869694) |
920 |
|
- php script hangs when it exceeds max_execution_time |
921 |
|
when inside an ODBC call (#864954) |
922 |
|
- fix zend garbage collector (#892695) |
923 |
|
- fix transposed memset arguments in libzip (#953818) |
924 |
|
- fix possible segfault in pdo_mysql (#869693) |
925 |
|
- fix imap_open DISABLE_AUTHENTICATOR param ignores array (#859369) |
926 |
|
- fix stream support in fileinfo (#869697) |
927 |
|
- fix setDate when DateTime created from timestamp (#869691) |
928 |
|
- fix permission on source files (#869688) |
929 |
|
- add php(language) and missing provides (#837044) |
930 |
|
- fix copy doesn't report failure on partial copy (#951413) |
931 |
|
|
932 |
* Mon Jul 15 2013 Shad L. Lords <slords@mail.com> - 5.3.3-13.sme.2 |
* Mon Jul 15 2013 Shad L. Lords <slords@mail.com> - 5.3.3-13.sme.2 |
933 |
- Add php53-* provides to provide compatibility |
- Add php53-* provides to provide compatibility |
934 |
- Obsolete php-domxml and php-dom [SME: 6733] |
- Obsolete php-domxml and php-dom [SME: 6733] |