|
|
@@ -38,7 +38,7 @@ Name: php%{majorver}
|
|
|
Summary: The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
|
|
|
Summary(ja): HTML 埋め込み型スクリプト言語 PHP
|
|
|
Version: 7.4.33
|
|
|
-Release: 5%{_dist_release}%{?with_systemd:.systemd}
|
|
|
+Release: 6%{_dist_release}%{?with_systemd:.systemd}
|
|
|
Group: programming
|
|
|
Vendor: Project Vine
|
|
|
Distribution: Vine Linux
|
|
|
@@ -66,6 +66,13 @@ Source33: php-fpm.tmpfiles
|
|
|
# https://github.com/php/php-src/commit/b3646440b1808abf0874b6f89027ce53ec5da03f
|
|
|
Patch1: php-gd2.3.3.patch
|
|
|
|
|
|
+#bugfix
|
|
|
+Patch7: php-7.4.33-libxml212.patch
|
|
|
+Patch8: php-7.2.0-libdb.patch
|
|
|
+Patch9: php-7.0.7-curl.patch
|
|
|
+Patch10: php-7.4.33-gcc14.patch
|
|
|
+Patch50: php-7.4.26-openssl3.patch
|
|
|
+
|
|
|
# Additional feature
|
|
|
Patch33: php-5.2.4-phpincludedir.patch
|
|
|
#Patch100: php55-htmlspecialchars-compat53.patch
|
|
|
@@ -81,10 +88,7 @@ Patch205: php-cve-2023-3823.patch
|
|
|
Patch206: php-cve-2023-3824.patch
|
|
|
Patch207: php-cve-2024-2756.patch
|
|
|
Patch208: php-cve-2024-3096.patch
|
|
|
-
|
|
|
-#bugfix
|
|
|
-#Patch2000: fix319823.patch
|
|
|
-Patch2000: php-openssl3.patch
|
|
|
+Patch209: php-cve-2024-5458.patch
|
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
|
BuildRequires: autoconf
|
|
|
@@ -119,7 +123,7 @@ BuildRequires: perl
|
|
|
BuildRequires: pkgconfig
|
|
|
BuildRequires: postfix
|
|
|
BuildRequires: sqlite3-devel
|
|
|
-BuildRequires: zlib-ng-compat-devel
|
|
|
+BuildRequires: pkgconfig(zlib)
|
|
|
BuildRequires: libicu-devel >= 3.6
|
|
|
BuildRequires: libXpm-devel
|
|
|
BuildRequires: libzip-devel
|
|
|
@@ -448,7 +452,11 @@ on each request.
|
|
|
|
|
|
%patch33 -p1 -b .phpincludedir
|
|
|
|
|
|
-%patch2000 -p1 -b .openssl3
|
|
|
+%patch7 -p1
|
|
|
+%patch8 -p1
|
|
|
+%patch9 -p1
|
|
|
+%patch10 -p1
|
|
|
+%patch50 -p1 -b .openssl3
|
|
|
|
|
|
# security patches
|
|
|
%patch -P200 -p1 -b .bug81740
|
|
|
@@ -458,6 +466,9 @@ on each request.
|
|
|
%patch -P204 -p1 -b .cve3247
|
|
|
%patch -P205 -p1 -b .cve3823
|
|
|
%patch -P206 -p1 -b .cve3824
|
|
|
+%patch -P207 -p1 -b .cve2756
|
|
|
+%patch -P208 -p1 -b .cve3096
|
|
|
+%patch -P209 -p1 -b .cve5458
|
|
|
|
|
|
# Prevent %%doc confusion over LICENSE files
|
|
|
cp Zend/LICENSE Zend/ZEND_LICENSE
|
|
|
@@ -476,6 +487,12 @@ mkdir build-cgi build-fpm build-apache2
|
|
|
|
|
|
#======================================================================
|
|
|
%build
|
|
|
+# This package fails to build with LTO due to undefined symbols. LTO
|
|
|
+# was disabled in OpenSuSE as well, but with no real explanation why
|
|
|
+# beyond the undefined symbols. It really shold be investigated further.
|
|
|
+# Disable LTO
|
|
|
+%define _lto_cflags %{nil}
|
|
|
+
|
|
|
# Regenerate configure scripts (patches change config.m4's)
|
|
|
# ./buildconf --force
|
|
|
|
|
|
@@ -946,6 +963,9 @@ rm -f files.*
|
|
|
|
|
|
#======================================================================
|
|
|
%changelog
|
|
|
+* Fri Aug 30 2024 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 7.4.33-6
|
|
|
+- imported security patches from remi.
|
|
|
+
|
|
|
* Fri Apr 12 2024 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 7.4.33-5
|
|
|
- imported security patches from remi.
|
|
|
|
