--- a/components/php-5_3/php-sapi/patches/273_php_20192108.patch Fri Oct 16 07:42:27 2015 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,126 +0,0 @@
-CVE-2014-3668
-Community BUG:
-https://bugs.php.net/bug.php?id=68027
-Community CODE:
-http://git.php.net/?p=php-src.git;a=commit;h=88412772d295ebf7dd34409534507dc9bcac726e
-Below is the community patch.
-
-
-From 88412772d295ebf7dd34409534507dc9bcac726e Mon Sep 17 00:00:00 2001
-From: Stanislav Malyshev <[email protected]>
-Date: Sun, 28 Sep 2014 17:33:44 -0700
-Subject: [PATCH] Fix bug #68027 - fix date parsing in XMLRPC lib
-
----
- NEWS | 5 ++++-
- ext/xmlrpc/libxmlrpc/xmlrpc.c | 13 ++++++++-----
- ext/xmlrpc/tests/bug68027.phpt | 44 ++++++++++++++++++++++++++++++++++++++++++
- 3 files changed, 56 insertions(+), 6 deletions(-)
- create mode 100644 ext/xmlrpc/tests/bug68027.phpt
-
-diff --git a/ext/xmlrpc/libxmlrpc/xmlrpc.c b/ext/xmlrpc/libxmlrpc/xmlrpc.c
-index ce70c2a..b766a54 100644
---- a/ext/xmlrpc/libxmlrpc/xmlrpc.c
-+++ b/ext/xmlrpc/libxmlrpc/xmlrpc.c
-@@ -219,16 +219,19 @@ static int date_from_ISO8601 (const char *text, time_t * value) {
- n = 10;
- tm.tm_mon = 0;
- for(i = 0; i < 2; i++) {
-- XMLRPC_IS_NUMBER(text[i])
-+ XMLRPC_IS_NUMBER(text[i+4])
- tm.tm_mon += (text[i+4]-'0')*n;
- n /= 10;
- }
- tm.tm_mon --;
-+ if(tm.tm_mon < 0 || tm.tm_mon > 11) {
-+ return -1;
-+ }
-
- n = 10;
- tm.tm_mday = 0;
- for(i = 0; i < 2; i++) {
-- XMLRPC_IS_NUMBER(text[i])
-+ XMLRPC_IS_NUMBER(text[i+6])
- tm.tm_mday += (text[i+6]-'0')*n;
- n /= 10;
- }
-@@ -236,7 +239,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) {
- n = 10;
- tm.tm_hour = 0;
- for(i = 0; i < 2; i++) {
-- XMLRPC_IS_NUMBER(text[i])
-+ XMLRPC_IS_NUMBER(text[i+9])
- tm.tm_hour += (text[i+9]-'0')*n;
- n /= 10;
- }
-@@ -244,7 +247,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) {
- n = 10;
- tm.tm_min = 0;
- for(i = 0; i < 2; i++) {
-- XMLRPC_IS_NUMBER(text[i])
-+ XMLRPC_IS_NUMBER(text[i+12])
- tm.tm_min += (text[i+12]-'0')*n;
- n /= 10;
- }
-@@ -252,7 +255,7 @@ static int date_from_ISO8601 (const char *text, time_t * value) {
- n = 10;
- tm.tm_sec = 0;
- for(i = 0; i < 2; i++) {
-- XMLRPC_IS_NUMBER(text[i])
-+ XMLRPC_IS_NUMBER(text[i+15])
- tm.tm_sec += (text[i+15]-'0')*n;
- n /= 10;
- }
-diff --git a/ext/xmlrpc/tests/bug68027.phpt b/ext/xmlrpc/tests/bug68027.phpt
-new file mode 100644
-index 0000000..a5c96f1
---- /dev/null
-+++ b/ext/xmlrpc/tests/bug68027.phpt
-@@ -0,0 +1,44 @@
-+--TEST--
-+Bug #68027 (buffer overflow in mkgmtime() function)
-+--SKIPIF--
-+<?php
-+if (!extension_loaded("xmlrpc")) print "skip";
-+?>
-+--FILE--
-+<?php
-+
-+$d = '6-01-01 20:00:00';
-+xmlrpc_set_type($d, 'datetime');
-+var_dump($d);
-+$datetime = "2001-0-08T21:46:40-0400";
-+$obj = xmlrpc_decode("<?xml version=\"1.0\"?><methodResponse><params><param><value><dateTime.iso8601>$datetime</dateTime.iso8601></value></param></params></methodResponse>");
-+print_r($obj);
-+
-+$datetime = "34770-0-08T21:46:40-0400";
-+$obj = xmlrpc_decode("<?xml version=\"1.0\"?><methodResponse><params><param><value><dateTime.iso8601>$datetime</dateTime.iso8601></value></param></params></methodResponse>");
-+print_r($obj);
-+
-+echo "Done\n";
-+?>
-+--EXPECTF--
-+object(stdClass)#1 (3) {
-+ ["scalar"]=>
-+ string(16) "6-01-01 20:00:00"
-+ ["xmlrpc_type"]=>
-+ string(8) "datetime"
-+ ["timestamp"]=>
-+ int(%d)
-+}
-+stdClass Object
-+(
-+ [scalar] => 2001-0-08T21:46:40-0400
-+ [xmlrpc_type] => datetime
-+ [timestamp] => %s
-+)
-+stdClass Object
-+(
-+ [scalar] => 34770-0-08T21:46:40-0400
-+ [xmlrpc_type] => datetime
-+ [timestamp] => %d
-+)
-+Done
---
-2.1.4
-