| 20 |
Summary: PHP scripting language for creating dynamic web sites |
Summary: PHP scripting language for creating dynamic web sites |
| 21 |
Name: php |
Name: php |
| 22 |
Version: 5.3.3 |
Version: 5.3.3 |
| 23 |
Release: 15%{?dist} |
Release: 17%{?dist} |
| 24 |
License: PHP and LGPLv2 and LGPLv2+ |
License: PHP and LGPLv2 and LGPLv2+ |
| 25 |
Group: Development/Languages |
Group: Development/Languages |
| 26 |
URL: http://www.php.net/ |
URL: http://www.php.net/ |
| 115 |
Patch244: php-5.3.3-CVE-2013-6712.patch |
Patch244: php-5.3.3-CVE-2013-6712.patch |
| 116 |
Patch245: php-5.3.3-CVE-2014-4049.patch |
Patch245: php-5.3.3-CVE-2014-4049.patch |
| 117 |
Patch246: php-5.3.3-CVE-2014-3515.patch |
Patch246: php-5.3.3-CVE-2014-3515.patch |
| 118 |
|
Patch247: php-5.3.3-CVE-2014-2497.patch |
| 119 |
|
Patch248: php-5.3.3-CVE-2014-3587.patch |
| 120 |
|
Patch249: php-5.3.3-CVE-2014-3597.patch |
| 121 |
|
Patch250: php-5.3.3-CVE-2014-4698.patch |
| 122 |
|
Patch251: php-5.3.3-CVE-2014-4670.patch |
| 123 |
|
Patch252: php-5.3.3-CVE-2014-3668.patch |
| 124 |
|
Patch253: php-5.3.3-CVE-2014-3669.patch |
| 125 |
|
Patch254: php-5.3.3-CVE-2014-3670.patch |
| 126 |
|
Patch255: php-5.3.3-CVE-2014-3710.patch |
| 127 |
|
|
| 128 |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
| 129 |
|
|
| 494 |
%patch244 -p1 -b .cve6712 |
%patch244 -p1 -b .cve6712 |
| 495 |
%patch245 -p1 -b .cve4049 |
%patch245 -p1 -b .cve4049 |
| 496 |
%patch246 -p1 -b .cve3515 |
%patch246 -p1 -b .cve3515 |
| 497 |
|
%patch247 -p1 -b .cve2497 |
| 498 |
|
%patch248 -p1 -b .cve3587 |
| 499 |
|
%patch249 -p1 -b .cve3597 |
| 500 |
|
%patch250 -p1 -b .cve4698 |
| 501 |
|
%patch251 -p1 -b .cve4670 |
| 502 |
|
%patch252 -p1 -b .cve3668 |
| 503 |
|
%patch253 -p1 -b .cve3669 |
| 504 |
|
%patch254 -p1 -b .cve3670 |
| 505 |
|
%patch255 -p1 -b .cve3710 |
| 506 |
|
|
| 507 |
# Prevent %%doc confusion over LICENSE files |
# Prevent %%doc confusion over LICENSE files |
| 508 |
cp -p Zend/LICENSE Zend/ZEND_LICENSE |
cp -p Zend/LICENSE Zend/ZEND_LICENSE |
| 882 |
%files process -f files.process |
%files process -f files.process |
| 883 |
|
|
| 884 |
%changelog |
%changelog |
| 885 |
|
* Sat Nov 1 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-17.sme |
| 886 |
|
- Resync with upstream php53, which include (see [SME: 8633]) |
| 887 |
|
- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710 |
| 888 |
|
- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668 |
| 889 |
|
- core: fix integer overflow in unserialize() CVE-2014-3669 |
| 890 |
|
- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670 |
| 891 |
|
|
| 892 |
|
* Sat Oct 18 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-16.sme |
| 893 |
|
- Resync with upstream php53, which include (see [SME: 8574]) |
| 894 |
|
- spl: fix use-after-free in ArrayIterator due to object |
| 895 |
|
change during sorting. CVE-2014-4698 |
| 896 |
|
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670 |
| 897 |
|
- gd: fix NULL pointer dereference in gdImageCreateFromXpm. |
| 898 |
|
CVE-2014-2497 |
| 899 |
|
- fileinfo: fix incomplete fix for CVE-2012-1571 in |
| 900 |
|
cdf_read_property_info. CVE-2014-3587 |
| 901 |
|
- core: fix incomplete fix for CVE-2014-4049 DNS TXT |
| 902 |
|
record parsing. CVE-2014-3597 |
| 903 |
|
|
| 904 |
* Thu Aug 7 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-15.sme |
* Thu Aug 7 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-15.sme |
| 905 |
- Resync with upstream php53, which include (see [SME: 8515]) |
- Resync with upstream php53, which include (see [SME: 8515]) |
| 906 |
- core: type confusion issue in phpinfo(). CVE-2014-4721 |
- core: type confusion issue in phpinfo(). CVE-2014-4721 |
Parent Directory
| 
Revision Log
| 
Revision Graph
| 
Patch
