/[smeserver]/rpms/php/sme8/php.spec

Diff of /rpms/php/sme8/php.spec

Parent Directory | Revision Log | View Revision Graph Revision Graph | View Patch Patch

-Revision 1.11 by slords,
Mon Jul 15 13:51:22 2013 UTC
+Revision 1.17 by vip-ire,
Sat Nov  1 13:01:52 2014 UTC
 Line 15
  # heuristic used by bindir/mysql_config.
  %define mysql_config %{_libdir}/mysql/mysql_config
+ %define _default_patch_fuzz 2
  Summary: PHP scripting language for creating dynamic web sites
  Name: php
  Version: 5.3.3
- Release: 13%{?dist}.2
+ Release: 17%{?dist}
  License: PHP and LGPLv2 and LGPLv2+
  Group: Development/Languages
  URL: http://www.php.net/
-Line 38 
 Patch8: php-5.3.3-aconf26x.patch
+Line 40 
 Patch8: php-5.3.3-aconf26x.patch
  # Fixes for extensions
  Patch20: php-4.3.11-shutdown.patch
+ Patch21: php-5.3.3-zipmemset.patch
+ Patch22: php-5.3.3-pdo-overflow.patch
+ Patch23: php-5.3.3-pdo-53551.patch
+ Patch24: php-5.3.3-fileinfo.patch
+ Patch25: php-5.3.3-imap.patch
+ Patch26: php-5.3.3-odbc.patch
  # Functional changes
  Patch40: php-5.0.4-dlopen.patch
-Line 49 
 Patch61: php-5.0.4-tests-wddx.patch
+Line 57 
 Patch61: php-5.0.4-tests-wddx.patch
  Patch62: php-5.3.2-testfail.patch
  # Bug fixes
- Patch100: php-5.3.2-r305570.patch
+ Patch100: php-5.3.3-extrglob.patch
- Patch101: php-5.3.3-r305043.patch
+ Patch101: php-5.3.3-varnegidx.patch
- Patch102: php-5.3.3-varnegidx.patch
+ Patch102: php-5.3.3-setdate.patch
+ # 103 not needed (no php-fpm)
+ Patch104: php-5.3.3-zendgc.patch
+ Patch105: php-5.3.3-r305043.patch
+ Patch106: php-5.3.3-copy.patch
+ Patch107: php-5.3.3-errorhandler.patch
+ Patch108: php-5.3.3-bug54268.patch
  # Fixes for security bugs
- Patch207: php-5.3.2-CVE-2010-3709.patch
+ Patch200: php-5.3.2-CVE-2010-3709.patch
- Patch208: php-5.3.2-CVE-2010-3870.patch
+ Patch201: php-5.3.2-CVE-2010-3870.patch
- Patch209: php-5.3.2-CVE-2010-4645.patch
+ Patch202: php-5.3.3-CVE-2010-3710.patch
- Patch210: php-5.3.3-CVE-2010-3710.patch
+ Patch203: php-5.3.2-CVE-2010-4645.patch
- Patch211: php-5.3.3-CVE-2010-4156.patch
+ Patch204: php-5.3.3-CVE-2010-4156.patch
- Patch212: php-5.3.3-CVE-2011-0708.patch
+ Patch205: php-5.3.3-CVE-2011-0708.patch
- Patch213: php-5.3.3-CVE-2011-1148.patch
+ Patch206: php-5.3.3-CVE-2011-1148.patch
- Patch214: php-5.3.3-CVE-2011-1466.patch
+ Patch207: php-5.3.3-CVE-2011-1466.patch
- Patch215: php-5.3.3-CVE-2011-1468.patch
+ Patch208: php-5.3.3-CVE-2011-1468.patch
- Patch216: php-5.3.3-CVE-2011-1469.patch
+ Patch209: php-5.3.3-CVE-2011-1469.patch
- Patch218: php-5.3.3-CVE-2011-1471.patch
+ # 210 not needed (not affected)
- Patch219: php-5.3.3-CVE-2011-1938.patch
+ Patch211: php-5.3.3-CVE-2011-1471.patch
- Patch220: php-5.3.3-CVE-2011-2202.patch
+ Patch212: php-5.3.3-CVE-2011-1938.patch
- Patch221: php-5.3.3-CVE-2011-2483.patch
+ Patch213: php-5.3.3-CVE-2011-2202.patch
- Patch222: php-5.3.3-CVE-2011-4885.patch
+ Patch214: php-5.3.3-CVE-2011-2483.patch
- Patch223: php-5.3.3-CVE-2011-4566.patch
+ Patch215: php-5.3.3-CVE-2011-4885.patch
- Patch224: php-5.3.3-CVE-2012-0830.patch
+ Patch216: php-5.3.3-CVE-2011-4566.patch
- Patch225: php-5.3.3-CVE-2012-1823.patch
+ Patch217: php-5.3.3-CVE-2012-0830.patch
- Patch226: php-5.3.3-CVE-2012-2336.patch
+ Patch218: php-5.3.3-CVE-2012-1823.patch
- Patch230: php-5.3.3-CVE-2011-4153.patch
+ Patch219: php-5.3.3-CVE-2012-2336.patch
- Patch232: php-5.3.3-CVE-2012-1172.patch
+ Patch220: php-5.3.3-CVE-2011-4153.patch
- Patch233: php-5.3.3-CVE-2012-2143.patch
+ # 221 not needed (no php-tidy)
- Patch234: php-5.3.3-CVE-2012-2386.patch
+ Patch222: php-5.3.3-CVE-2012-1172.patch
- Patch235: php-5.3.3-CVE-2012-0057.patch
+ Patch223: php-5.3.3-CVE-2012-2143.patch
- Patch236: php-5.3.3-CVE-2012-0789.patch
+ Patch224: php-5.3.3-CVE-2012-2386.patch
- Patch237: php-5.3.3-CVE-2010-2950.patch
+ Patch225: php-5.3.3-CVE-2012-0057.patch
- Patch238: php-5.3.3-CVE-2013-4113.patch
+ Patch226: php-5.3.3-CVE-2012-0789.patch
+ Patch227: php-5.3.3-CVE-2010-2950.patch
+ Patch228: php-5.3.3-CVE-2012-2688.patch
+ Patch229: php-5.3.3-CVE-2012-0831.patch
+ Patch230: php-5.3.3-CVE-2011-1398.patch
+ Patch231: php-5.3.3-CVE-2013-1643.patch
+ Patch232: php-5.3.3-CVE-2006-7243.patch
+ Patch233: php-5.3.3-CVE-2013-4113.patch
+ Patch234: php-5.3.3-CVE-2013-4248.patch
+ Patch235: php-5.3.3-CVE-2013-6420.patch
+ Patch236: php-5.3.3-CVE-2014-0237.patch
+ Patch237: php-5.3.3-CVE-2014-0238.patch
+ Patch238: php-5.3.3-CVE-2014-2270.patch
+ Patch239: php-5.3.3-CVE-2014-1943.patch
+ Patch240: php-5.3.3-CVE-2014-3479.patch
+ Patch241: php-5.3.3-CVE-2012-1571.patch
+ Patch242: php-5.3.3-CVE-2014-3480.patch
+ Patch243: php-5.3.3-CVE-2014-4721.patch
+ Patch244: php-5.3.3-CVE-2013-6712.patch
+ Patch245: php-5.3.3-CVE-2014-4049.patch
+ Patch246: php-5.3.3-CVE-2014-3515.patch
+ Patch247: php-5.3.3-CVE-2014-2497.patch
+ Patch248: php-5.3.3-CVE-2014-3587.patch
+ Patch249: php-5.3.3-CVE-2014-3597.patch
+ Patch250: php-5.3.3-CVE-2014-4698.patch
+ Patch251: php-5.3.3-CVE-2014-4670.patch
+ Patch252: php-5.3.3-CVE-2014-3668.patch
+ Patch253: php-5.3.3-CVE-2014-3669.patch
+ Patch254: php-5.3.3-CVE-2014-3670.patch
+ Patch255: php-5.3.3-CVE-2014-3710.patch
  BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-Line 125 
 Group: Development/Languages
+Line 168 
 Group: Development/Languages
  Summary: Common files for PHP
  Provides: php-api = %{apiver}, php-zend-abi = %{zendver}
  Provides: php(api) = %{apiver}, php(zend-abi) = %{zendver}
+ Provides: php(language) = %{version}
  # Provides for all builtin modules:
  Provides: php-bz2, php-calendar, php-ctype, php-curl, php-date, php-exif
  Provides: php-ftp, php-gettext, php-gmp, php-hash, php-iconv, php-libxml
  Provides: php-reflection, php-session, php-shmop, php-simplexml, php-sockets
  Provides: php-spl, php-tokenizer, php-openssl, php-pcre
  Provides: php-zlib, php-json, php-zip, php-fileinfo
+ Provides: php-core, php-ereg, php-filter, php-phar, php-standard
  Provides: php53-common = %{version}-%{release}, config(php53-common) = %{version}-%{release}
+ Obsoletes: php-pecl-json, php-pecl-zip, php-pecl-phar, php-pecl-Fileinfo
  Obsoletes: php-openssl, php-json
  # For obsoleted pecl extension
  Provides: php-pecl-json = %{jsonver}, php-pecl(json) = %{jsonver}
-Line 378 
 support for using the ICU library to PHP
+Line 424 
 support for using the ICU library to PHP
  %patch8 -p1 -b .aconf26x
  %patch20 -p1 -b .shutdown
+ %patch21 -p1 -b .zipmemset
+ %patch22 -p1 -b .pdooverflow
+ %patch23 -p1 -b .pdo53551
+ %patch24 -p1 -b .streams
+ %patch25 -p1 -b .imapauth
+ %patch26 -p1 -b .pdoodbc
  %patch40 -p1 -b .dlopen
  %patch41 -p1 -b .easter
-Line 386 
 support for using the ICU library to PHP
+Line 438 
 support for using the ICU library to PHP
  %patch61 -p1 -b .tests-wddx
  %patch62 -p1 -b .testfail
- %patch100 -p1 -b .r305570
+ %patch100 -p1 -b .extrglob
- %patch101 -p1 -b .r305043
+ %patch101 -p1 -b .varnegidx
- %patch102 -p1 -b .varnegidx
+ %patch102 -p1 -b .setdate
- %patch207 -p1 -b .cve3709
+ %patch104 -p1 -b .zendgc
- %patch208 -p1 -b .cve3870
+ %patch105 -p1 -b .r305043
- %patch209 -p1 -b .cve4645
+ %patch106 -p1 -b .copy
- %patch210 -p1 -b .cve3710
+ %patch107 -p1 -b .errorhandler
- %patch211 -p1 -b .cve4156
+ %patch108 -p1 -b .bug54268
- %patch212 -p1 -b .cve0708
- %patch213 -p1 -b .cve1148
+ %patch200 -p1 -b .cve3709
- %patch214 -p1 -b .cve1466
+ %patch201 -p1 -b .cve3870
- %patch215 -p1 -b .cve1468
+ %patch202 -p1 -b .cve4645
- %patch216 -p1 -b .cve1469
+ %patch203 -p1 -b .cve3710
- %patch218 -p1 -b .cve1471
+ %patch204 -p1 -b .cve4156
- %patch219 -p1 -b .cve1938
+ %patch205 -p1 -b .cve0708
- %patch220 -p1 -b .cve2202
+ %patch206 -p1 -b .cve1148
- %patch221 -p1 -b .cve2483
+ %patch207 -p1 -b .cve1466
- %patch222 -p1 -b .cve4885
+ %patch208 -p1 -b .cve1468
- %patch223 -p1 -b .cve4566
+ %patch209 -p1 -b .cve1469
- %patch224 -p1 -b .cve0830
+ %patch211 -p1 -b .cve1471
- %patch225 -p1 -b .cve1823
+ %patch212 -p1 -b .cve1938
- %patch226 -p1 -b .cve2336
+ %patch213 -p1 -b .cve2202
+ %patch214 -p1 -b .cve2483
- %patch230 -p1 -b .cve4153
+ %patch215 -p1 -b .cve4885
- %patch232 -p1 -b .cve1172
+ %patch216 -p1 -b .cve4566
- %patch233 -p1 -b .cve2143
+ %patch217 -p1 -b .cve0830
- %patch234 -p1 -b .cve2386
+ %patch218 -p1 -b .cve1823
- %patch235 -p1 -b .cve0057
+ %patch219 -p1 -b .cve2336
- %patch236 -p1 -b .cve0789
- %patch237 -p1 -b .cve2950
+ %patch220 -p1 -b .cve4153
- %patch238 -p1 -b .cve4113
+ %patch222 -p1 -b .cve1172
+ %patch223 -p1 -b .cve2143
+ %patch224 -p1 -b .cve2386
+ %patch225 -p1 -b .cve0057
+ %patch226 -p1 -b .cve0789
+ %patch227 -p1 -b .cve2950
+ %patch228 -p1 -b .cve2688
+ %patch229 -p1 -b .cve0831
+ %patch230 -p1 -b .cve1398
+ %patch231 -p1 -b .cve1643
+ %patch232 -p1 -b .cve7243
+ %patch233 -p1 -b .cve4113
+ %patch234 -p1 -b .cve4248
+ %patch235 -p1 -b .cve6420
+ %patch236 -p1 -b .cve0237
+ %patch237 -p1 -b .cve0238
+ %patch238 -p1 -b .cve2270
+ %patch239 -p1 -b .cve1943
+ %patch240 -p1 -b .cve3479
+ %patch241 -p1 -b .cve1571
+ %patch242 -p1 -b .cve3480
+ %patch243 -p1 -b .cve4721
+ %patch244 -p1 -b .cve6712
+ %patch245 -p1 -b .cve4049
+ %patch246 -p1 -b .cve3515
+ %patch247 -p1 -b .cve2497
+ %patch248 -p1 -b .cve3587
+ %patch249 -p1 -b .cve3597
+ %patch250 -p1 -b .cve4698
+ %patch251 -p1 -b .cve4670
+ %patch252 -p1 -b .cve3668
+ %patch253 -p1 -b .cve3669
+ %patch254 -p1 -b .cve3670
+ %patch255 -p1 -b .cve3710
  # Prevent %%doc confusion over LICENSE files
  cp -p Zend/LICENSE Zend/ZEND_LICENSE
-Line 493 
 fi
+Line 578 
 fi
  # Fix some bogus permissions
  find . -name \*.[ch] -exec chmod 644 {} \;
+ find . -name \*.cpp  -exec chmod 644 {} \;
  chmod 644 README.*
  %build
-Line 714 
 cat files.json files.zip files.curl file
+Line 800 
 cat files.json files.zip files.curl file
  install -d $RPM_BUILD_ROOT%{_sysconfdir}/rpm
  # %{SOURCE3} used here ->
  sed -e "s/@PHP_APIVER@/%{apiver}/;s/@PHP_ZENDVER@/%{zendver}/;s/@PHP_PDOVER@/%{pdover}/" \
+     -e "s/@PHP_VERSION@/%{version}/" \
      < $RPM_SOURCE_DIR/macros.php > macros.php
  install -m 644 -c macros.php \
             $RPM_BUILD_ROOT%{_sysconfdir}/rpm/macros.php
-Line 795 
 rm files.* macros.php
+Line 882 
 rm files.* macros.php
  %files process -f files.process
  %changelog
+ * Sat Nov 1 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-17.sme
+ - Resync with upstream php53, which include (see [SME: 8633])
+ - fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710
+ - xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668
+ - core: fix integer overflow in unserialize() CVE-2014-3669
+ - exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670
+ * Sat Oct 18 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-16.sme
+ - Resync with upstream php53, which include (see [SME: 8574])
+ - spl: fix use-after-free in ArrayIterator due to object
+   change during sorting. CVE-2014-4698
+ - spl: fix use-after-free in SPL Iterators. CVE-2014-4670
+ - gd: fix NULL pointer dereference in gdImageCreateFromXpm.
+   CVE-2014-2497
+ - fileinfo: fix incomplete fix for CVE-2012-1571 in
+   cdf_read_property_info. CVE-2014-3587
+ - core: fix incomplete fix for CVE-2014-4049 DNS TXT
+   record parsing. CVE-2014-3597
+ * Thu Aug 7 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-15.sme
+ - Resync with upstream php53, which include (see [SME: 8515])
+ - core: type confusion issue in phpinfo(). CVE-2014-4721
+ - date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712
+ - core: fix heap-based buffer overflow in DNS TXT record parsing.
+   CVE-2014-4049
+ - core: unserialize() SPL ArrayObject / SPLObjectStorage type
+   confusion flaw. CVE-2014-3515
+ - fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270
+ - fileinfo: unrestricted recursion in handling of indirect type
+   rules. CVE-2014-1943
+ - fileinfo: out of bounds read in CDF parser. CVE-2012-1571
+ - fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479
+ - fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480
+ - fileinfo: cdf_unpack_summary_info() excessive looping
+   DoS. CVE-2014-0237
+ - fileinfo: CDF property info parsing nelements infinite
+   loop. CVE-2014-0238
+ * Mon Dec 16 2013 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-14.sme
+ - Resync with upstream php53, which include (see [SME: 8064])
+ - add security fix for CVE-2013-6420
+ - add security fix for CVE-2013-4248
+ - add upstream reproducer for error_handler (#951075)
+ - add security fixes for CVE-2006-7243
+ - add security fixes for CVE-2012-2688, CVE-2012-0831,
+   CVE-2011-1398, CVE-2013-1643
+ - fix segfault in error_handler with
+   allow_call_time_pass_reference = Off (#951075)
+ - fix double free when destroy_zend_class fails (#951076)
+ - fix possible buffer overflow in pdo_odbc (#869694)
+ - php script hangs when it exceeds max_execution_time
+   when inside an ODBC call (#864954)
+ - fix zend garbage collector (#892695)
+ - fix transposed memset arguments in libzip (#953818)
+ - fix possible segfault in pdo_mysql (#869693)
+ - fix imap_open DISABLE_AUTHENTICATOR param ignores array (#859369)
+ - fix stream support in fileinfo (#869697)
+ - fix setDate when DateTime created from timestamp (#869691)
+ - fix permission on source files (#869688)
+ - add php(language) and missing provides (#837044)
+ - fix copy doesn't report failure on partial copy (#951413)
  * Mon Jul 15 2013 Shad L. Lords <slords@mail.com> - 5.3.3-13.sme.2
  - Add php53-* provides to provide compatibility
  - Obsolete php-domxml and php-dom [SME: 6733]

 Legend:



Removed lines/characters
 


Changed lines/characters


 
Added lines/characters
 Legend:



Removed lines/characters
 


Changed lines/characters


 
Added lines/characters
-Removed lines/characters
+Added lines/characters

admin@koozali.org	ViewVC Help
Powered by ViewVC 1.2.1