security patch from upstream for #660517 (CVE-2010-4409)
This commit is contained in:
parent
ad1c041018
commit
06b4784236
14
php-5.3.4-cve.patch
Normal file
14
php-5.3.4-cve.patch
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
--- php/php-src/branches/PHP_5_3/ext/intl/formatter/formatter_attr.c 2010/12/10 00:37:31 306153
|
||||||
|
+++ php/php-src/branches/PHP_5_3/ext/intl/formatter/formatter_attr.c 2010/12/10 00:47:51 306154
|
||||||
|
@@ -311,6 +311,11 @@
|
||||||
|
|
||||||
|
RETURN_FALSE;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ if (symbol >= UNUM_FORMAT_SYMBOL_COUNT || symbol < 0) {
|
||||||
|
+ intl_error_set( NULL, U_ILLEGAL_ARGUMENT_ERROR, "numfmt_set_symbol: invalid symbol value", 0 TSRMLS_CC );
|
||||||
|
+ RETURN_FALSE;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/* Fetch the object. */
|
||||||
|
FORMATTER_METHOD_FETCH_OBJECT;
|
11
php.spec
11
php.spec
@ -27,7 +27,7 @@
|
|||||||
Summary: PHP scripting language for creating dynamic web sites
|
Summary: PHP scripting language for creating dynamic web sites
|
||||||
Name: php
|
Name: php
|
||||||
Version: 5.3.4
|
Version: 5.3.4
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}.1
|
||||||
License: PHP
|
License: PHP
|
||||||
Group: Development/Languages
|
Group: Development/Languages
|
||||||
URL: http://www.php.net/
|
URL: http://www.php.net/
|
||||||
@ -62,6 +62,10 @@ Patch42: php-5.3.1-systzdata-v7.patch
|
|||||||
# See http://bugs.php.net/53436
|
# See http://bugs.php.net/53436
|
||||||
Patch43: php-5.3.4-phpize.patch
|
Patch43: php-5.3.4-phpize.patch
|
||||||
|
|
||||||
|
# Security patch from upstream SVN
|
||||||
|
# http://svn.php.net/viewvc?view=revision&revision=306154
|
||||||
|
Patch50: php-5.3.4-cve.patch
|
||||||
|
|
||||||
# Fixes for tests
|
# Fixes for tests
|
||||||
Patch61: php-5.0.4-tests-wddx.patch
|
Patch61: php-5.0.4-tests-wddx.patch
|
||||||
|
|
||||||
@ -480,6 +484,8 @@ support for using the enchant library to PHP.
|
|||||||
%patch42 -p1 -b .systzdata
|
%patch42 -p1 -b .systzdata
|
||||||
%patch43 -p0 -b .headers
|
%patch43 -p0 -b .headers
|
||||||
|
|
||||||
|
%patch50 -p4 -b .cve
|
||||||
|
|
||||||
%patch61 -p1 -b .tests-wddx
|
%patch61 -p1 -b .tests-wddx
|
||||||
|
|
||||||
# Prevent %%doc confusion over LICENSE files
|
# Prevent %%doc confusion over LICENSE files
|
||||||
@ -970,6 +976,9 @@ fi
|
|||||||
%files enchant -f files.enchant
|
%files enchant -f files.enchant
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Sun Dec 12 2010 Remi Collet <rpms@famillecollet.com> 5.3.4-1.1
|
||||||
|
- security patch from upstream for #660517
|
||||||
|
|
||||||
* Sat Dec 11 2010 Remi Collet <Fedora@famillecollet.com> 5.3.4-1
|
* Sat Dec 11 2010 Remi Collet <Fedora@famillecollet.com> 5.3.4-1
|
||||||
- update to 5.3.4
|
- update to 5.3.4
|
||||||
http://www.php.net/ChangeLog-5.php#5.3.4
|
http://www.php.net/ChangeLog-5.php#5.3.4
|
||||||
|
Loading…
Reference in New Issue
Block a user