automatic import of phpopeneuler23.09

1 files changed, 8 insertions, 4 deletions

diff --git a/php.spec b/php.spec
index 135911a..ad88fa5 100644
--- a/php.spec
+++ b/php.spec
@@ -43,7 +43,7 @@
 
 Name:          php
 Version:       %{upver}
-Release:       1.3
+Release:       1.4
 Summary:       PHP scripting language for creating dynamic web sites
 License:       PHP and Zend and BSD and MIT and ASL 1.0 and NCSA LGPL-2.1+ and Apache-2.0 and Artistic-1.0-Perl
 URL:           http://www.php.net/
@@ -105,6 +105,7 @@ Patch205: php-cve-2023-3823.patch
 Patch206: php-cve-2023-3824.patch
 Patch207: php-cve-2024-2756.patch
 Patch208: php-cve-2024-3096.patch
+Patch209: php-cve-2024-5458.patch
 
 # Fixes for tests (300+)
 # Factory is droped from system tzdata
@@ -1233,14 +1234,17 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
 
 
 %changelog
-* Thu Apr 11 2024 Fund Wang <fundawang@yeah.net> - 7.4.33-1.2
+* Fri Jun 07 2024 Funda Wang <fundawang@yeah.net> - 7.4.33-1.4
+- Fix filter bypass in filter_var FILTER_VALIDATE_URL
+  CVE-2024-5458
+
+* Thu Apr 11 2024 Funda Wang <fundawang@yeah.net> - 7.4.33-1.2
 - Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
   CVE-2024-2756
 - Fix password_verify can erroneously return true opening ATO risk
   CVE-2024-3096
 
-
-* Fri Aug 18 2023 Fund Wang <fundawang@yeah.net> - 7.4.33-1
+* Fri Aug 18 2023 Funda Wang <fundawang@yeah.net> - 7.4.33-1
 - New version 7.4.33
 
 * Sun Dec 11 2022 Funda Wang <fundawang@yeah.net> - 7.2.34-2