automatic import of php

1 files changed, 17 insertions, 1 deletions

diff --git a/php.spec b/php.spec
index d9164af..edfda6f 100644
--- a/php.spec
+++ b/php.spec
@@ -43,7 +43,7 @@
 
 Name:          php
 Version:       %{upver}
-Release:       1.5
+Release:       1.6
 Summary:       PHP scripting language for creating dynamic web sites
 License:       PHP and Zend and BSD and MIT and ASL 1.0 and NCSA LGPL-2.1+ and Apache-2.0 and Artistic-1.0-Perl
 URL:           http://www.php.net/
@@ -106,6 +106,10 @@ Patch206: php-cve-2023-3824.patch
 Patch207: php-cve-2024-2756.patch
 Patch208: php-cve-2024-3096.patch
 Patch209: php-cve-2024-5458.patch
+Patch210: php-cve-2024-8925.patch
+Patch211: php-cve-2024-8926.patch
+Patch212: php-cve-2024-8927.patch
+Patch213: php-cve-2024-9026.patch
 
 # Fixes for tests (300+)
 # Factory is droped from system tzdata
@@ -1234,6 +1238,18 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
 
 
 %changelog
+* Fri Sep 27 2024 Funda Wang <fundawang@yeah.net> - 7.4.33-1.6
+- Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
+  CVE-2024-4577
+- Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
+  CVE-2024-8926
+- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
+  CVE-2024-8927
+- Fix Logs from childrens may be altered
+  CVE-2024-9026
+- Fix Erroneous parsing of multipart form data
+  CVE-2024-8925
+
 * Fri Jun 07 2024 Funda Wang <fundawang@yeah.net> - 7.4.33-1.4
 - Fix filter bypass in filter_var FILTER_VALIDATE_URL
   CVE-2024-5458