SPECS: php.spec - fix for two security issues: XSS in phpinfo() an...

adamg adamg at pld-linux.org
Wed Apr 19 18:43:09 CEST 2006


Author: adamg                        Date: Wed Apr 19 16:43:09 2006 GMT
Module: SPECS                         Tag: HEAD
---- Log message:
- fix for two security issues: XSS in phpinfo() and binary safeness in
  html_decode

---- Files affected:
SPECS:
   php.spec (1.568 -> 1.569) 

---- Diffs:

================================================================
Index: SPECS/php.spec
diff -u SPECS/php.spec:1.568 SPECS/php.spec:1.569
--- SPECS/php.spec:1.568	Sun Apr 16 02:47:36 2006
+++ SPECS/php.spec	Wed Apr 19 18:43:03 2006
@@ -132,6 +132,8 @@
 Patch35:	%{name}-openssl-huge-hack.patch
 Patch36:	%{name}-versioning.patch
 Patch37:	%{name}-linkflags-clean.patch
+Patch38:	%{name}-CVE-2006-0996.patch
+Patch39:	%{name}-CVE-2006-1490.patch
 URL:		http://www.php.net/
 %{?with_interbase:%{!?with_interbase_inst:BuildRequires:	Firebird-devel >= 1.0.2.908-2}}
 %{?with_pspell:BuildRequires:	aspell-devel >= 2:0.50.0}
@@ -1577,6 +1579,8 @@
 %patch34 -p1
 %patch35 -p1
 %{?with_versioning:%patch36 -p1}
+%patch38 -p1
+%patch39 -p1
 
 # conflict seems to be resolved by recode patches
 rm -f ext/recode/config9.m4
@@ -3054,6 +3058,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.569  2006/04/19 16:43:03  adamg
+- fix for two security issues: XSS in phpinfo() and binary safeness in
+  html_decode
+
 Revision 1.568  2006/04/16 00:47:36  glen
 - build cleanups, use permanent config.cache if configured
 - CFLAGS mungling unneccessary, all goes via apxs
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SPECS/php.spec?r1=1.568&r2=1.569&f=u



More information about the pld-cvs-commit mailing list