/[smeserver]/rpms/php/sme8/php.spec |
Parent Directory | Revision Log | Revision Graph
Links to HEAD: | (view) (download) (annotate) |
Sticky Tag: |
* Sat Nov 1 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-17.sme - Resync with upstream php53, which include (see [SME: 8633]) - fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710 - xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668 - core: fix integer overflow in unserialize() CVE-2014-3669 - exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670
* Sat Oct 18 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-16.sme - Resync with upstream php53, which include (see [SME: 8574]) - spl: fix use-after-free in ArrayIterator due to object change during sorting. CVE-2014-4698 - spl: fix use-after-free in SPL Iterators. CVE-2014-4670 - gd: fix NULL pointer dereference in gdImageCreateFromXpm. CVE-2014-2497 - fileinfo: fix incomplete fix for CVE-2012-1571 in cdf_read_property_info. CVE-2014-3587 - core: fix incomplete fix for CVE-2014-4049 DNS TXT record parsing. CVE-2014-3597
* Thu Aug 7 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-15.sme - Resync with upstream php53, which include (see [SME: 8515]) - core: type confusion issue in phpinfo(). CVE-2014-4721 - date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712 - core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049 - core: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw. CVE-2014-3515 - fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270 - fileinfo: unrestricted recursion in handling of indirect type rules. CVE-2014-1943 - fileinfo: out of bounds read in CDF parser. CVE-2012-1571 - fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479 - fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480 - fileinfo: cdf_unpack_summary_info() excessive looping DoS. CVE-2014-0237 - fileinfo: CDF property info parsing nelements infinite loop. CVE-2014-0238
Add bug reference in the changelog
Remove empty line in changelog
* Mon Dec 16 2013 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-14.sme - Resync with upstream php53, which include: - add security fix for CVE-2013-6420 - add security fix for CVE-2013-4248 - add upstream reproducer for error_handler (#951075) - add security fixes for CVE-2006-7243 - add security fixes for CVE-2012-2688, CVE-2012-0831, CVE-2011-1398, CVE-2013-1643 - fix segfault in error_handler with allow_call_time_pass_reference = Off (#951075) - fix double free when destroy_zend_class fails (#951076) - fix possible buffer overflow in pdo_odbc (#869694) - php script hangs when it exceeds max_execution_time when inside an ODBC call (#864954) - fix zend garbage collector (#892695) - fix transposed memset arguments in libzip (#953818) - fix possible segfault in pdo_mysql (#869693) - fix imap_open DISABLE_AUTHENTICATOR param ignores array (#859369) - fix stream support in fileinfo (#869697) - fix setDate when DateTime created from timestamp (#869691) - fix permission on source files (#869688) - add php(language) and missing provides (#837044) - - fix copy doesn't report failure on partial copy (#951413)
* Mon Jul 15 2013 Shad L. Lords <slords@mail.com> - 5.3.3-13.sme.2 - Add php53-* provides to provide compatibility - Obsolete php-domxml and php-dom [SME: 6733] - Update Obsoletes and Conflicts [SME: 6436]
Upstream update
* Wed Aug 22 2012 Shad L. Lords <slords@mail.com> - 5.3.3-13.sme.1 - Add php53-* provides to provide compatibility
* Fri Jun 29 2012 Shad L. Lords <slords@mail.com> - 5.3.3-13.sme - Obsolete php-domxml and php-dom [SME: 6733] - Update Obsoletes and Conflicts [SME: 6436]
Upstream import
* Fri Feb 3 2012 Shad L. Lords <slords@mail.com> - 5.3.3-1.6.sme - Obsolete php-domxml and php-dom [SME: 6733] - Update Obsoletes and Conflicts [SME: 6436]
Upstream import
Fix date
* Thu Nov 2 2011 Shad L. Lords <slords@mail.com> - 5.3.3-1.3.sme - Obsolete php-domxml and php-dom [SME: 6733] - Update Obsoletes and Conflicts [SME: 6436]
Upstream renamed
* Wed Sep 28 2011 Jonathan Martens <smeserver-contribs@snetram.nl> - 5.3.3-1.1.1 - Obsolete php-domxml and php-dom [SME: 6733]
* Tue Sep 13 2011 Shad L. Lords <slords@mail.com> - 5.3.3-1.1.0 - Update Obsoletes and Conflicts [SME: 6436]
Import upstream sources
Fix headers
Initial import
This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, select a symbolic revision name using the selection box, or choose 'Use Text Field' and enter a numeric revision.
admin@koozali.org | ViewVC Help |
Powered by ViewVC 1.2.1 |