From fbac12fc1aadeee2391c8b4089dd599a04e18c35 Mon Sep 17 00:00:00 2001
From: remi <fedora@famillecollet.com>
Date: Dec 12 2010 15:15:05 +0000
Subject: security patch from upstream for #660517 (CVE-2010-4409)


---

diff --git a/php-5.3.4-cve.patch b/php-5.3.4-cve.patch
new file mode 100644
index 0000000..70643b0
--- /dev/null
+++ b/php-5.3.4-cve.patch
@@ -0,0 +1,14 @@
+--- php/php-src/branches/PHP_5_3/ext/intl/formatter/formatter_attr.c	2010/12/10 00:37:31	306153
++++ php/php-src/branches/PHP_5_3/ext/intl/formatter/formatter_attr.c	2010/12/10 00:47:51	306154
+@@ -311,6 +311,11 @@
+ 
+ 		RETURN_FALSE;
+ 	}
++	
++	if (symbol >= UNUM_FORMAT_SYMBOL_COUNT || symbol < 0) {
++		intl_error_set( NULL, U_ILLEGAL_ARGUMENT_ERROR,	"numfmt_set_symbol: invalid symbol value", 0 TSRMLS_CC );
++		RETURN_FALSE;
++	}
+ 
+ 	/* Fetch the object. */
+ 	FORMATTER_METHOD_FETCH_OBJECT;
diff --git a/php.spec b/php.spec
index a5bf91c..cc0cd9f 100644
--- a/php.spec
+++ b/php.spec
@@ -17,7 +17,7 @@
 Summary: PHP scripting language for creating dynamic web sites
 Name: php
 Version: 5.3.4
-Release: 1%{?dist}
+Release: 1%{?dist}.1
 License: PHP
 Group: Development/Languages
 URL: http://www.php.net/
@@ -48,6 +48,10 @@ Patch42: php-5.3.1-systzdata-v7.patch
 # See http://bugs.php.net/53436
 Patch43: php-5.3.4-phpize.patch
 
+# Security patch from upstream SVN
+# http://svn.php.net/viewvc?view=revision&revision=306154
+Patch50: php-5.3.4-cve.patch
+
 # Fixes for tests
 Patch61: php-5.0.4-tests-wddx.patch
 
@@ -445,6 +449,8 @@ support for using the enchant library to PHP.
 %patch42 -p1 -b .systzdata
 %patch43 -p0 -b .headers
 
+%patch50 -p4 -b .cve
+
 %patch61 -p1 -b .tests-wddx
 
 # Prevent %%doc confusion over LICENSE files
@@ -872,6 +878,9 @@ rm files.* macros.php
 %files enchant -f files.enchant
 
 %changelog
+* Sun Dec 12 2010 Remi Collet <rpms@famillecollet.com> 5.3.4-1.1
+- security patch from upstream for #660517
+
 * Sat Dec 11 2010 Remi Collet <Fedora@famillecollet.com> 5.3.4-1
 - update to 5.3.4
   http://www.php.net/ChangeLog-5.php#5.3.4