/[smeserver]/rpms/php/sme8/php.spec
ViewVC logotype

Diff of /rpms/php/sme8/php.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.15 by vip-ire, Thu Aug 7 07:05:52 2014 UTC Revision 1.17 by vip-ire, Sat Nov 1 13:01:52 2014 UTC
# Line 20  Line 20 
20  Summary: PHP scripting language for creating dynamic web sites  Summary: PHP scripting language for creating dynamic web sites
21  Name: php  Name: php
22  Version: 5.3.3  Version: 5.3.3
23  Release: 15%{?dist}  Release: 17%{?dist}
24  License: PHP and LGPLv2 and LGPLv2+  License: PHP and LGPLv2 and LGPLv2+
25  Group: Development/Languages  Group: Development/Languages
26  URL: http://www.php.net/  URL: http://www.php.net/
# Line 115  Patch243: php-5.3.3-CVE-2014-4721.patch Line 115  Patch243: php-5.3.3-CVE-2014-4721.patch
115  Patch244: php-5.3.3-CVE-2013-6712.patch  Patch244: php-5.3.3-CVE-2013-6712.patch
116  Patch245: php-5.3.3-CVE-2014-4049.patch  Patch245: php-5.3.3-CVE-2014-4049.patch
117  Patch246: php-5.3.3-CVE-2014-3515.patch  Patch246: php-5.3.3-CVE-2014-3515.patch
118    Patch247: php-5.3.3-CVE-2014-2497.patch
119    Patch248: php-5.3.3-CVE-2014-3587.patch
120    Patch249: php-5.3.3-CVE-2014-3597.patch
121    Patch250: php-5.3.3-CVE-2014-4698.patch
122    Patch251: php-5.3.3-CVE-2014-4670.patch
123    Patch252: php-5.3.3-CVE-2014-3668.patch
124    Patch253: php-5.3.3-CVE-2014-3669.patch
125    Patch254: php-5.3.3-CVE-2014-3670.patch
126    Patch255: php-5.3.3-CVE-2014-3710.patch
127    
128  BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)  BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
129    
# Line 485  support for using the ICU library to PHP Line 494  support for using the ICU library to PHP
494  %patch244 -p1 -b .cve6712  %patch244 -p1 -b .cve6712
495  %patch245 -p1 -b .cve4049  %patch245 -p1 -b .cve4049
496  %patch246 -p1 -b .cve3515  %patch246 -p1 -b .cve3515
497    %patch247 -p1 -b .cve2497
498    %patch248 -p1 -b .cve3587
499    %patch249 -p1 -b .cve3597
500    %patch250 -p1 -b .cve4698
501    %patch251 -p1 -b .cve4670
502    %patch252 -p1 -b .cve3668
503    %patch253 -p1 -b .cve3669
504    %patch254 -p1 -b .cve3670
505    %patch255 -p1 -b .cve3710
506    
507  # Prevent %%doc confusion over LICENSE files  # Prevent %%doc confusion over LICENSE files
508  cp -p Zend/LICENSE Zend/ZEND_LICENSE  cp -p Zend/LICENSE Zend/ZEND_LICENSE
# Line 864  rm files.* macros.php Line 882  rm files.* macros.php
882  %files process -f files.process  %files process -f files.process
883    
884  %changelog  %changelog
885    * Sat Nov 1 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-17.sme
886    - Resync with upstream php53, which include (see [SME: 8633])
887    - fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710
888    - xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668
889    - core: fix integer overflow in unserialize() CVE-2014-3669
890    - exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670
891    
892    * Sat Oct 18 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-16.sme
893    - Resync with upstream php53, which include (see [SME: 8574])
894    - spl: fix use-after-free in ArrayIterator due to object
895      change during sorting. CVE-2014-4698
896    - spl: fix use-after-free in SPL Iterators. CVE-2014-4670
897    - gd: fix NULL pointer dereference in gdImageCreateFromXpm.
898      CVE-2014-2497
899    - fileinfo: fix incomplete fix for CVE-2012-1571 in
900      cdf_read_property_info. CVE-2014-3587
901    - core: fix incomplete fix for CVE-2014-4049 DNS TXT
902      record parsing. CVE-2014-3597
903    
904  * Thu Aug 7 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-15.sme  * Thu Aug 7 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-15.sme
905  - Resync with upstream php53, which include (see [SME: 8515])  - Resync with upstream php53, which include (see [SME: 8515])
906  - core: type confusion issue in phpinfo(). CVE-2014-4721  - core: type confusion issue in phpinfo(). CVE-2014-4721


Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed