SPECS: php4.spec - fix for two security issues: XSS in phpinfo() a...

Wed Apr 19 19:51:04 CEST 2006

Author: adamg                        Date: Wed Apr 19 17:51:03 2006 GMT
Module: SPECS                         Tag: HEAD
---- Log message:
- fix for two security issues: XSS in phpinfo() and binary safeness in
  html_decode

---- Files affected:
SPECS:
   php4.spec (1.541 -> 1.542) 

---- Diffs:

================================================================
Index: SPECS/php4.spec
diff -u SPECS/php4.spec:1.541 SPECS/php4.spec:1.542

--- SPECS/php4.spec:1.541	Sun Apr 16 01:42:33 2006
+++ SPECS/php4.spec	Wed Apr 19 19:50:58 2006
@@ -138,6 +138,8 @@
 Patch40:	%{name}-openssl-huge-hack.patch
 Patch41:	%{name}-versioning.patch
 Patch42:	%{name}-linkflags-clean.patch
+Patch43:	%{name}-CVE-2006-0996.patch
+Patch44:	%{name}-CVE-2006-1490.patch
 URL:		http://www.php.net/
 %{?with_interbase:%{!?with_interbase_inst:BuildRequires:	Firebird-devel >= 1.0.2.908-2}}
 %{?with_pspell:BuildRequires:	aspell-devel >= 2:0.50.0}
@@ -1684,6 +1686,8 @@
 %patch39 -p1
 %patch40 -p1
 %{?with_versioning:%patch41 -p1}
+%patch43 -p1
+%patch44 -p1
 
 %if %{with hardening}
 zcat %{SOURCE8} | patch -p1
@@ -3223,6 +3227,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.542  2006/04/19 17:50:58  adamg
+- fix for two security issues: XSS in phpinfo() and binary safeness in
+  html_decode
+
 Revision 1.541  2006/04/15 23:42:33  glen
 - mssql and sybase/sybase-ct can't be loaded same time (or obsolete?)
 
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SPECS/php4.spec?r1=1.541&r2=1.542&f=u

