From f0d343bd83b18992a47d09c40a21b6bd4193dae4 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Sat, 3 May 2014 08:15:48 +0200 Subject: [PATCH] - Update to 5.5.12 http://www.php.net/releases/5_5_12.php - php-fpm: change default unix socket permission CVE-2014-0185 --- .gitignore | 1 + php-fpm-www.conf | 4 ++-- php.spec | 9 +++++++-- sources | 2 +- 4 files changed, 11 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 948a4f2..c028b23 100644 --- a/.gitignore +++ b/.gitignore @@ -23,3 +23,4 @@ php-5.4.*.bz2 /php-5.5.9-strip.tar.xz /php-5.5.10-strip.tar.xz /php-5.5.11-strip.tar.xz +/php-5.5.12-strip.tar.xz diff --git a/php-fpm-www.conf b/php-fpm-www.conf index 502feff..e2f3dc8 100644 --- a/php-fpm-www.conf +++ b/php-fpm-www.conf @@ -27,10 +27,10 @@ listen.allowed_clients = 127.0.0.1 ; permissions must be set in order to allow connections from a web server. Many ; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user -; mode is set to 0666 +; mode is set to 0660 ;listen.owner = nobody ;listen.group = nobody -;listen.mode = 0666 +;listen.mode = 0660 ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group diff --git a/php.spec b/php.spec index 244b4c7..d53e990 100644 --- a/php.spec +++ b/php.spec @@ -68,8 +68,8 @@ Summary: PHP scripting language for creating dynamic web sites Name: php -Version: 5.5.11 -Release: 2%{?dist} +Version: 5.5.12 +Release: 1%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -1550,6 +1550,11 @@ exit 0 %changelog +* Sat May 3 2014 Remi Collet 5.5.12-1 +- Update to 5.5.12 + http://www.php.net/releases/5_5_12.php +- php-fpm: change default unix socket permission CVE-2014-0185 + * Wed Apr 23 2014 Remi Collet 5.5.11-2 - add numerical prefix to extension configuration files - prevent .user.ini files from being viewed by Web clients diff --git a/sources b/sources index 4b3fd8c..52d1afb 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -3bb5a5ed7a7ec43b2db2370d87cc9588 php-5.5.11-strip.tar.xz +660472b56f21ea37805b46c4508693f6 php-5.5.12-strip.tar.xz