--- /dev/null
+commit ab061f95ca966731b1c84cf5b7b20155c0a1c06a
+Author: Jakub Zelenka <bukka@php.net>
+Date: Sat Oct 12 15:56:16 2019 +0100
+
+ Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
+
+diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c
+index 24a7e5d56a..50f92981f1 100644
+--- a/sapi/fpm/fpm/fpm_main.c
++++ b/sapi/fpm/fpm/fpm_main.c
+@@ -1209,8 +1209,8 @@ static void init_request_info(void)
+ path_info = script_path_translated + ptlen;
+ tflag = (slen != 0 && (!orig_path_info || strcmp(orig_path_info, path_info) != 0));
+ } else {
+- path_info = env_path_info ? env_path_info + pilen - slen : NULL;
+- tflag = (orig_path_info != path_info);
++ path_info = (env_path_info && pilen > slen) ? env_path_info + pilen - slen : NULL;
++ tflag = path_info && (orig_path_info != path_info);
+ }
+
+ if (tflag) {
+
%undefine with_filter
%endif
-%define rel 6
+%define rel 7
%define orgname php
%define ver_suffix 56
%define php_suffix %{!?with_default_php:%{ver_suffix}}
Patch65: system-libzip.patch
Patch66: php-db.patch
Patch67: mysql-lib-ver-mismatch.patch
-
+Patch68: CVE-2019-11043.patch
Patch69: fpm-conf-split.patch
Patch70: mysqlnd-ssl.patch
Patch72: phar-hash-shared.patch
%{?with_system_libzip:%patch65 -p1}
%patch66 -p1
%patch67 -p1
-
+%patch68 -p1
%patch70 -p1
%patch72 -p1
%patch73 -p1