--- rpms/php/sme8/php.spec	2013/07/15 13:51:22	1.11
+++ rpms/php/sme8/php.spec	2013/12/16 10:46:47	1.12
@@ -15,10 +15,12 @@
 # heuristic used by bindir/mysql_config.
 %define mysql_config %{_libdir}/mysql/mysql_config
 
+%define _default_patch_fuzz 2
+
 Summary: PHP scripting language for creating dynamic web sites
 Name: php
 Version: 5.3.3
-Release: 13%{?dist}.2
+Release: 14%{?dist}
 License: PHP and LGPLv2 and LGPLv2+
 Group: Development/Languages
 URL: http://www.php.net/
@@ -38,6 +40,12 @@ Patch8: php-5.3.3-aconf26x.patch
 
 # Fixes for extensions
 Patch20: php-4.3.11-shutdown.patch
+Patch21: php-5.3.3-zipmemset.patch
+Patch22: php-5.3.3-pdo-overflow.patch
+Patch23: php-5.3.3-pdo-53551.patch
+Patch24: php-5.3.3-fileinfo.patch
+Patch25: php-5.3.3-imap.patch
+Patch26: php-5.3.3-odbc.patch
 
 # Functional changes
 Patch40: php-5.0.4-dlopen.patch
@@ -49,38 +57,53 @@ Patch61: php-5.0.4-tests-wddx.patch
 Patch62: php-5.3.2-testfail.patch
 
 # Bug fixes
-Patch100: php-5.3.2-r305570.patch
-Patch101: php-5.3.3-r305043.patch
-Patch102: php-5.3.3-varnegidx.patch
+Patch100: php-5.3.3-extrglob.patch
+Patch101: php-5.3.3-varnegidx.patch
+Patch102: php-5.3.3-setdate.patch
+# 103 not needed (no php-fpm)
+Patch104: php-5.3.3-zendgc.patch
+Patch105: php-5.3.3-r305043.patch
+Patch106: php-5.3.3-copy.patch
+Patch107: php-5.3.3-errorhandler.patch
+Patch108: php-5.3.3-bug54268.patch
 
 # Fixes for security bugs
-Patch207: php-5.3.2-CVE-2010-3709.patch
-Patch208: php-5.3.2-CVE-2010-3870.patch
-Patch209: php-5.3.2-CVE-2010-4645.patch
-Patch210: php-5.3.3-CVE-2010-3710.patch
-Patch211: php-5.3.3-CVE-2010-4156.patch
-Patch212: php-5.3.3-CVE-2011-0708.patch
-Patch213: php-5.3.3-CVE-2011-1148.patch
-Patch214: php-5.3.3-CVE-2011-1466.patch
-Patch215: php-5.3.3-CVE-2011-1468.patch
-Patch216: php-5.3.3-CVE-2011-1469.patch
-Patch218: php-5.3.3-CVE-2011-1471.patch
-Patch219: php-5.3.3-CVE-2011-1938.patch
-Patch220: php-5.3.3-CVE-2011-2202.patch
-Patch221: php-5.3.3-CVE-2011-2483.patch
-Patch222: php-5.3.3-CVE-2011-4885.patch
-Patch223: php-5.3.3-CVE-2011-4566.patch
-Patch224: php-5.3.3-CVE-2012-0830.patch
-Patch225: php-5.3.3-CVE-2012-1823.patch
-Patch226: php-5.3.3-CVE-2012-2336.patch
-Patch230: php-5.3.3-CVE-2011-4153.patch
-Patch232: php-5.3.3-CVE-2012-1172.patch
-Patch233: php-5.3.3-CVE-2012-2143.patch
-Patch234: php-5.3.3-CVE-2012-2386.patch
-Patch235: php-5.3.3-CVE-2012-0057.patch
-Patch236: php-5.3.3-CVE-2012-0789.patch
-Patch237: php-5.3.3-CVE-2010-2950.patch
-Patch238: php-5.3.3-CVE-2013-4113.patch
+Patch200: php-5.3.2-CVE-2010-3709.patch
+Patch201: php-5.3.2-CVE-2010-3870.patch
+Patch202: php-5.3.3-CVE-2010-3710.patch
+Patch203: php-5.3.2-CVE-2010-4645.patch
+Patch204: php-5.3.3-CVE-2010-4156.patch
+Patch205: php-5.3.3-CVE-2011-0708.patch
+Patch206: php-5.3.3-CVE-2011-1148.patch
+Patch207: php-5.3.3-CVE-2011-1466.patch
+Patch208: php-5.3.3-CVE-2011-1468.patch
+Patch209: php-5.3.3-CVE-2011-1469.patch
+# 210 not needed (not affected)
+Patch211: php-5.3.3-CVE-2011-1471.patch
+Patch212: php-5.3.3-CVE-2011-1938.patch
+Patch213: php-5.3.3-CVE-2011-2202.patch
+Patch214: php-5.3.3-CVE-2011-2483.patch
+Patch215: php-5.3.3-CVE-2011-4885.patch
+Patch216: php-5.3.3-CVE-2011-4566.patch
+Patch217: php-5.3.3-CVE-2012-0830.patch
+Patch218: php-5.3.3-CVE-2012-1823.patch
+Patch219: php-5.3.3-CVE-2012-2336.patch
+Patch220: php-5.3.3-CVE-2011-4153.patch
+# 221 not needed (no php-tidy)
+Patch222: php-5.3.3-CVE-2012-1172.patch
+Patch223: php-5.3.3-CVE-2012-2143.patch
+Patch224: php-5.3.3-CVE-2012-2386.patch
+Patch225: php-5.3.3-CVE-2012-0057.patch
+Patch226: php-5.3.3-CVE-2012-0789.patch
+Patch227: php-5.3.3-CVE-2010-2950.patch
+Patch228: php-5.3.3-CVE-2012-2688.patch
+Patch229: php-5.3.3-CVE-2012-0831.patch
+Patch230: php-5.3.3-CVE-2011-1398.patch
+Patch231: php-5.3.3-CVE-2013-1643.patch
+Patch232: php-5.3.3-CVE-2006-7243.patch
+Patch233: php-5.3.3-CVE-2013-4113.patch
+Patch234: php-5.3.3-CVE-2013-4248.patch
+Patch235: php-5.3.3-CVE-2013-6420.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -125,13 +148,16 @@ Group: Development/Languages
 Summary: Common files for PHP
 Provides: php-api = %{apiver}, php-zend-abi = %{zendver}
 Provides: php(api) = %{apiver}, php(zend-abi) = %{zendver}
+Provides: php(language) = %{version}
 # Provides for all builtin modules:
 Provides: php-bz2, php-calendar, php-ctype, php-curl, php-date, php-exif
 Provides: php-ftp, php-gettext, php-gmp, php-hash, php-iconv, php-libxml
 Provides: php-reflection, php-session, php-shmop, php-simplexml, php-sockets
 Provides: php-spl, php-tokenizer, php-openssl, php-pcre
 Provides: php-zlib, php-json, php-zip, php-fileinfo
+Provides: php-core, php-ereg, php-filter, php-phar, php-standard
 Provides: php53-common = %{version}-%{release}, config(php53-common) = %{version}-%{release}
+Obsoletes: php-pecl-json, php-pecl-zip, php-pecl-phar, php-pecl-Fileinfo
 Obsoletes: php-openssl, php-json
 # For obsoleted pecl extension
 Provides: php-pecl-json = %{jsonver}, php-pecl(json) = %{jsonver}
@@ -378,6 +404,12 @@ support for using the ICU library to PHP
 %patch8 -p1 -b .aconf26x
 
 %patch20 -p1 -b .shutdown
+%patch21 -p1 -b .zipmemset
+%patch22 -p1 -b .pdooverflow
+%patch23 -p1 -b .pdo53551
+%patch24 -p1 -b .streams
+%patch25 -p1 -b .imapauth
+%patch26 -p1 -b .pdoodbc
 
 %patch40 -p1 -b .dlopen
 %patch41 -p1 -b .easter
@@ -386,38 +418,51 @@ support for using the ICU library to PHP
 %patch61 -p1 -b .tests-wddx
 %patch62 -p1 -b .testfail
 
-%patch100 -p1 -b .r305570
-%patch101 -p1 -b .r305043
-%patch102 -p1 -b .varnegidx
-
-%patch207 -p1 -b .cve3709
-%patch208 -p1 -b .cve3870
-%patch209 -p1 -b .cve4645
-%patch210 -p1 -b .cve3710
-%patch211 -p1 -b .cve4156
-%patch212 -p1 -b .cve0708
-%patch213 -p1 -b .cve1148
-%patch214 -p1 -b .cve1466
-%patch215 -p1 -b .cve1468
-%patch216 -p1 -b .cve1469
-%patch218 -p1 -b .cve1471
-%patch219 -p1 -b .cve1938
-%patch220 -p1 -b .cve2202
-%patch221 -p1 -b .cve2483
-%patch222 -p1 -b .cve4885
-%patch223 -p1 -b .cve4566
-%patch224 -p1 -b .cve0830
-%patch225 -p1 -b .cve1823
-%patch226 -p1 -b .cve2336
-
-%patch230 -p1 -b .cve4153
-%patch232 -p1 -b .cve1172
-%patch233 -p1 -b .cve2143
-%patch234 -p1 -b .cve2386
-%patch235 -p1 -b .cve0057
-%patch236 -p1 -b .cve0789
-%patch237 -p1 -b .cve2950
-%patch238 -p1 -b .cve4113
+%patch100 -p1 -b .extrglob
+%patch101 -p1 -b .varnegidx
+%patch102 -p1 -b .setdate
+
+%patch104 -p1 -b .zendgc
+%patch105 -p1 -b .r305043
+%patch106 -p1 -b .copy
+%patch107 -p1 -b .errorhandler
+%patch108 -p1 -b .bug54268
+
+%patch200 -p1 -b .cve3709
+%patch201 -p1 -b .cve3870
+%patch202 -p1 -b .cve4645
+%patch203 -p1 -b .cve3710
+%patch204 -p1 -b .cve4156
+%patch205 -p1 -b .cve0708
+%patch206 -p1 -b .cve1148
+%patch207 -p1 -b .cve1466
+%patch208 -p1 -b .cve1468
+%patch209 -p1 -b .cve1469
+%patch211 -p1 -b .cve1471
+%patch212 -p1 -b .cve1938
+%patch213 -p1 -b .cve2202
+%patch214 -p1 -b .cve2483
+%patch215 -p1 -b .cve4885
+%patch216 -p1 -b .cve4566
+%patch217 -p1 -b .cve0830
+%patch218 -p1 -b .cve1823
+%patch219 -p1 -b .cve2336
+
+%patch220 -p1 -b .cve4153
+%patch222 -p1 -b .cve1172
+%patch223 -p1 -b .cve2143
+%patch224 -p1 -b .cve2386
+%patch225 -p1 -b .cve0057
+%patch226 -p1 -b .cve0789
+%patch227 -p1 -b .cve2950
+%patch228 -p1 -b .cve2688
+%patch229 -p1 -b .cve0831
+%patch230 -p1 -b .cve1398
+%patch231 -p1 -b .cve1643
+%patch232 -p1 -b .cve7243
+%patch233 -p1 -b .cve4113
+%patch234 -p1 -b .cve4248
+%patch235 -p1 -b .cve6420
 
 # Prevent %%doc confusion over LICENSE files
 cp -p Zend/LICENSE Zend/ZEND_LICENSE
@@ -493,6 +538,7 @@ fi
 
 # Fix some bogus permissions
 find . -name \*.[ch] -exec chmod 644 {} \;
+find . -name \*.cpp  -exec chmod 644 {} \;
 chmod 644 README.*
 
 %build
@@ -714,6 +760,7 @@ cat files.json files.zip files.curl file
 install -d $RPM_BUILD_ROOT%{_sysconfdir}/rpm
 # %{SOURCE3} used here -> 
 sed -e "s/@PHP_APIVER@/%{apiver}/;s/@PHP_ZENDVER@/%{zendver}/;s/@PHP_PDOVER@/%{pdover}/" \
+    -e "s/@PHP_VERSION@/%{version}/" \
     < $RPM_SOURCE_DIR/macros.php > macros.php
 install -m 644 -c macros.php \
            $RPM_BUILD_ROOT%{_sysconfdir}/rpm/macros.php
@@ -795,6 +842,31 @@ rm files.* macros.php
 %files process -f files.process
 
 %changelog
+* Mon Dec 16 2013 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-14.sme
+- Resync with upstream php53, which include:
+- add security fix for CVE-2013-6420
+- add security fix for CVE-2013-4248
+- add upstream reproducer for error_handler (#951075)
+- add security fixes for CVE-2006-7243
+- add security fixes for CVE-2012-2688, CVE-2012-0831,
+  CVE-2011-1398, CVE-2013-1643
+- fix segfault in error_handler with
+  allow_call_time_pass_reference = Off (#951075)
+- fix double free when destroy_zend_class fails (#951076)
+- fix possible buffer overflow in pdo_odbc (#869694)
+- php script hangs when it exceeds max_execution_time
+  when inside an ODBC call (#864954)
+- fix zend garbage collector (#892695)
+- fix transposed memset arguments in libzip (#953818)
+- fix possible segfault in pdo_mysql (#869693)
+- fix imap_open DISABLE_AUTHENTICATOR param ignores array (#859369)
+- fix stream support in fileinfo (#869697)
+- fix setDate when DateTime created from timestamp (#869691)
+- fix permission on source files (#869688)
+- add php(language) and missing provides (#837044)
+- 
+- fix copy doesn't report failure on partial copy (#951413)
+
 * Mon Jul 15 2013 Shad L. Lords <slords@mail.com> - 5.3.3-13.sme.2
 - Add php53-* provides to provide compatibility
 - Obsolete php-domxml and php-dom [SME: 6733]