--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_3/php-sapi/patches/263_php_20936509.patch	Wed Jun 17 15:47:38 2015 -0700
@@ -0,0 +1,38 @@
+CVE-2014-9709
+Community BUG:
+https://bugs.php.net/bug.php?id=68601
+Community CODE:
+http://git.php.net/?p=php-src.git;a=commit;h=afbf725e7380dfb3ff43a993e43abd9759a66c2b
+Below is the community patch.
+
+
+diff --git a/ext/gd/libgd/gd_gif_in.c b/ext/gd/libgd/gd_gif_in.c
+index ee88a2f..491e942 100644
+--- a/ext/gd/libgd/gd_gif_in.c
++++ b/ext/gd/libgd/gd_gif_in.c
+@@ -72,8 +72,10 @@ static struct {
+ 
+ #define STACK_SIZE ((1<<(MAX_LWZ_BITS))*2)
+ 
++#define CSD_BUF_SIZE 280
++
+ typedef struct {
+-	unsigned char    buf[280];
++	unsigned char    buf[CSD_BUF_SIZE];
+ 	int              curbit, lastbit, done, last_byte;
+ } CODE_STATIC_DATA;
+ 
+@@ -400,7 +402,12 @@ GetCode_(gdIOCtx *fd, CODE_STATIC_DATA *scd, int code_size, int flag, int *ZeroD
+ 
+ 	ret = 0;
+ 	for (i = scd->curbit, j = 0; j < code_size; ++i, ++j)
+-		ret |= ((scd->buf[ i / 8 ] & (1 << (i % 8))) != 0) << j;
++		if (i < CSD_BUF_SIZE * 8) {
++			ret |= ((scd->buf[i / 8] & (1 << (i % 8))) != 0) << j;
++		} else {
++			ret = -1;
++			break;
++		}
+ 
+ 	scd->curbit += code_size;
+ 	return ret;