From c2cf26468e469d4c77805f2881229a0d33533be4 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Oct 30 2018 04:59:37 +0000 Subject: import php-5.4.16-46.el7 --- diff --git a/SOURCES/php-5.4.16-openssl-config.patch b/SOURCES/php-5.4.16-openssl-config.patch new file mode 100644 index 0000000..2703413 --- /dev/null +++ b/SOURCES/php-5.4.16-openssl-config.patch @@ -0,0 +1,25 @@ +Adapted for 5.4.16 from +https://github.com/php/php-src/commit/1f843a8fb50de77a3f53a6b892a46d9e0afdfdd7 + +See https://bugzilla.redhat.com/1408301 + + +diff -up ./ext/openssl/openssl.c.old ./ext/openssl/openssl.c +--- ./ext/openssl/openssl.c.old 2018-06-19 14:29:32.461412077 +0200 ++++ ./ext/openssl/openssl.c 2018-06-19 14:29:56.351152059 +0200 +@@ -1038,6 +1038,7 @@ PHP_MINIT_FUNCTION(openssl) + le_x509 = zend_register_list_destructors_ex(php_x509_free, NULL, "OpenSSL X.509", module_number); + le_csr = zend_register_list_destructors_ex(php_csr_free, NULL, "OpenSSL X.509 CSR", module_number); + ++ OPENSSL_config(NULL); + SSL_library_init(); + OpenSSL_add_all_ciphers(); + OpenSSL_add_all_digests(); +@@ -1178,6 +1179,7 @@ PHP_MINFO_FUNCTION(openssl) + PHP_MSHUTDOWN_FUNCTION(openssl) + { + EVP_cleanup(); ++ CONF_modules_free(); + + php_unregister_url_stream_wrapper("https" TSRMLS_CC); + php_unregister_url_stream_wrapper("ftps" TSRMLS_CC); diff --git a/SPECS/php.spec b/SPECS/php.spec index f8a1c37..8676d47 100644 --- a/SPECS/php.spec +++ b/SPECS/php.spec @@ -69,7 +69,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: php Version: 5.4.16 -Release: 45%{?dist} +Release: 46%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -149,6 +149,8 @@ Patch49: php-5.4.16-curltls.patch Patch50: php-5.4.16-fpmclearenv.patch # fix default_socket_timeout does not work with SSL Patch51: php-5.4.16-openssl-timeout.patch +# load openssl configuration file +Patch52: php-5.4.16-openssl-config.patch # Fixes for tests Patch60: php-5.4.16-pdotests.patch @@ -733,6 +735,7 @@ support for using the enchant library to PHP. %patch49 -p1 -b .curltls %patch50 -p1 -b .clearenv %patch51 -p1 -b .ssl_timeout +%patch52 -p1 -b .config %patch60 -p1 -b .pdotests @@ -1564,6 +1567,9 @@ fi %changelog +* Tue Jun 19 2018 Remi Collet - 5.4.16-46 +- load openssl configuration file on startup #1408301 + * Tue Jan 23 2018 Remi Collet - 5.4.16-45 - gd: fix buffer over-read into uninitialized memory CVE-2017-7890