--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_3/php-sapi/patches/370_php_20803826.patch Thu Jul 09 21:54:40 2015 -0700
@@ -0,0 +1,32 @@
+CVE-2013-6501
+Community has no fix.
+This patch was developed internally.
+Will be offered upstream.
+
+
+--- php-5.3.29/ext/soap/php_sdl.c_orig 2015-07-06 14:07:57.231116620 -0700
++++ php-5.3.29/ext/soap/php_sdl.c 2015-07-06 14:10:38.341928952 -0700
+@@ -1544,6 +1544,7 @@
+ int f;
+ struct stat st;
+ char *in, *buf;
++ uid_t euid;
+
+ f = open(fn, O_RDONLY|O_BINARY);
+ if (f < 0) {
+@@ -1553,6 +1554,15 @@
+ close(f);
+ return NULL;
+ }
++ /*
++ * If I'm not the owner of this file then someone might be
++ * trying to spoof me.
++ */
++ euid = geteuid();
++ if (st.st_uid != euid) {
++ close(f);
++ return NULL;
++ }
+ buf = in = emalloc(st.st_size);
+ if (read(f, in, st.st_size) != st.st_size) {
+ close(f);
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_3/php-sapi/patches/380_php_21296988.patch Thu Jul 09 21:54:40 2015 -0700
@@ -0,0 +1,38 @@
+Community BUG:
+https://bugs.php.net/bug.php?id=69364
+Patch from another source:
+https://github.com/80vul/phpcodz/blob/master/research/cve-2015-4024.patch.diff
+
+
+### fix CVE-2015-4024 patch for PHP 5.2/5.3 series @chtg
+
+--- php-5.3.29/main/rfc1867.c_orig
++++ php-5.3.29/main/rfc1867.c
+@@ -464,6 +464,8 @@ static int multipart_buffer_headers(multipart_buffer *self, zend_llist *header T
+ char *line;
+ mime_header_entry prev_entry, entry;
+ int prev_len, cur_len;
++ int newlines = 0;
++ long upload_max_newlines = 100;
+
+ /* didn't find boundary, abort */
+ if (!find_boundary(self, self->boundary TSRMLS_CC)) {
+@@ -489,6 +491,7 @@ static int multipart_buffer_headers(multipart_buffer *self, zend_llist *header T
+
+ entry.value = estrdup(value);
+ entry.key = estrdup(key);
++ newlines = 0;
+
+ } else if (zend_llist_count(header)) { /* If no ':' on the line, add to previous line */
+
+@@ -501,6 +504,10 @@ static int multipart_buffer_headers(multipart_buffer *self, zend_llist *header T
+ entry.value[cur_len + prev_len] = '\0';
+
+ entry.key = estrdup(prev_entry.key);
++ newlines++;
++ if (newlines > upload_max_newlines) {
++ return 0;
++ }
+
+ zend_llist_remove_tail(header);
+ } else {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php/php56/patches/CVE-2013-6501.patch Thu Jul 09 21:54:40 2015 -0700
@@ -0,0 +1,32 @@
+CVE-2013-6501
+Community has no fix.
+This patch was developed internally.
+Will be offered upstream.
+
+
+--- php-5.6.8/ext/soap/php_sdl.c_orig 2015-07-06 20:50:10.103937460 -0700
++++ php-5.6.8/ext/soap/php_sdl.c 2015-07-06 20:52:57.479973793 -0700
+@@ -1544,6 +1544,7 @@
+ int f;
+ struct stat st;
+ char *in, *buf;
++ uid_t euid;
+
+ f = open(fn, O_RDONLY|O_BINARY);
+ if (f < 0) {
+@@ -1553,6 +1554,15 @@
+ close(f);
+ return NULL;
+ }
++ /*
++ * If I'm not the owner of this file then someone might be
++ * trying to spoof me.
++ */
++ euid = geteuid();
++ if (st.st_uid != euid) {
++ close(f);
++ return NULL;
++ }
+ buf = in = emalloc(st.st_size);
+ if (read(f, in, st.st_size) != st.st_size) {
+ close(f);