From: Elan Ruusamäe Date: Fri, 17 Jun 2016 21:27:32 +0000 (+0300) Subject: up to 5.5.36; fixes for CVE-2016-5096, CVE-2016-5094, CVE-2013-7456, CVE-2016-5093... X-Git-Tag: auto/th/php55-5.5.36-1 X-Git-Url: http://git.pld-linux.org/?a=commitdiff_plain;h=0142dd066549d54d3d9f7d4b26685d55ad1649b0;p=packages%2Fphp.git up to 5.5.36; fixes for CVE-2016-5096, CVE-2016-5094, CVE-2013-7456, CVE-2016-5093, CVE-2016-4343 - Fixed bug #72114 (Integer underflow / arbitrary null write in fread/gzread). (CVE-2016-5096) - Fixed bug #72135 (Integer Overflow in php_html_entities). (CVE-2016-5094) - Fixed bug #72227 (imagescale out-of-bounds read). (CVE-2013-7456) - Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (CVE-2016-5093) - Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()). (CVE-2016-4343) --- diff --git a/php.spec b/php.spec index 736d7bd..0ba9feb 100644 --- a/php.spec +++ b/php.spec @@ -126,7 +126,7 @@ ERROR: You need to select at least one Apache SAPI to build shared modules. %undefine with_filter %endif -%define rel 4 +%define rel 1 %define orgname php %define ver_suffix 55 %define php_suffix %{!?with_default_php:%{ver_suffix}} @@ -137,7 +137,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 5.5.35 +Version: 5.5.36 Release: %{rel}%{?with_type_hints:.th} Epoch: 4 # All files licensed under PHP version 3.01, except @@ -146,7 +146,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://www.php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: 5b4af75b14f7e7d4941cafa1c6d26a33 +# Source0-md5: 1db93aa3a3cfd7cfe0f41f3697db35a4 Source2: %{orgname}-mod_%{orgname}.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini