--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_2/php-sapi/patches/b0_php_20804363.patch	Tue Jun 23 13:44:01 2015 -0700
@@ -0,0 +1,35 @@
+CVE-2015-2331
+Community BUG:
+https://bugs.php.net/bug.php?id=69253
+Community CODE:
+http://git.php.net/?p=php-src.git;a=commit;h=ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5
+Below is the community patch.
+
+
+From ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5 Mon Sep 17 00:00:00 2001
+From: Stanislav Malyshev <[email protected]>
+Date: Tue, 17 Mar 2015 21:59:56 -0700
+Subject: [PATCH] Fix bug #69253 - ZIP Integer Overflow leads to writing past
+ heap boundary
+
+---
+ NEWS                     | 4 ++++
+ ext/zip/lib/zip_dirent.c | 2 +-
+ 2 files changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/ext/zip/lib/zip_dirent.c b/ext/zip/lib/zip_dirent.c
+index b9dac5c..0090801 100644
+--- a/ext/zip/lib/zip_dirent.c
++++ b/ext/zip/lib/zip_dirent.c
+@@ -101,7 +101,7 @@ _zip_cdir_new(int nentry, struct zip_error *error)
+ 	return NULL;
+     }
+ 
+-    if ((cd->entry=(struct zip_dirent *)malloc(sizeof(*(cd->entry))*nentry))
++    if ( nentry > ((size_t)-1)/sizeof(*(cd->entry)) || (cd->entry=(struct zip_dirent *)malloc(sizeof(*(cd->entry))*(size_t)nentry))
+ 	== NULL) {
+ 	_zip_error_set(error, ZIP_ER_MEMORY, 0);
+ 	free(cd);
+-- 
+2.1.4
+