0001-001-libtool_fixes.patch
0002-002-static_openssl.patch
0003-004-ldap_fix.patch
0004-006-debian_quirks.patch
0005-libtool2.2.patch
0006-013-force_getaddrinfo.patch
0007-017-pread_pwrite_disable.patch
0008-019-z_off_t_as_long.patch
0009-033-we_WANT_libtool.patch
0010-034-apache2_umask_fix.patch
0011-036-fd_setsize_fix.patch
0012-043-recode_size_t.patch
0013-044-strtod_arm_fix.patch
0014-045-exif_nesting_level.patch
0015-047-zts_with_dl.patch
0016-052-phpinfo_no_configure.patch
0017-053-extension_api.patch
0018-057-no_apache_installed.patch
0019-100-recode_is_shared.patch
0020-108-64_bit_datetime.patch
0021-112-proc_open.patch
0022-113-php.ini_securitynotes.patch
0023-116-posixness_fix.patch
0024-libdb_is_-ldb.patch
0025-fix_broken_upstream_tests.patch
0026-use_embedded_timezonedb.patch
0027-force_libmysqlclient_r.patch
0028-sybase-alias.patch
0029-strcmp_null-OnUpdateErrorLog.patch
0030-fix_broken_5.3_tests.patch
0031-dont-gitclean-in-build.patch
0032-shtool_mkdir_-p_-race-condition.patch
0033-qdbm-is-usr_include_qdbm.patch
0034-zend_int_overflow.patch
0035-use_embedded_timezonedb_fixes.patch
0036-fix_broken_sha2_test.patch
0037-session_save_path.patch
0038-php-fpm-man-section-and-cleanup.patch
0039-fpm-config.patch
0040-fix_crash_in__php_mssql_get_column_content_without_t.patch
0041-php-fpm-sysconfdir.patch
0042-lp564920-fix-big-files.patch
0043-backport-upstream-lp592442.patch
0044-temporary-path-fixes-for-multiarch.patch
0045-hurd-noptrace.patch
0046-php-5.3.9-mysqlnd.patch
0047-php-5.3.9-gnusrc.patch
0048-php-5.3.3-macropen.patch
0049-php-5.2.4-norpath.patch
0050-php-fpm-listen-on-unix-socket.patch
0051-php-5.2.4-embed.patch
0052-php-5.4.0-dlopen.patch
0053-php-fpm-m68k.patch
0054-expose_all_built_and_installed_apis.patch
0055-gdIOCtx.patch
0056-Fix-for-bug-68087-ODBC-not-reading-DATE-columns-corr.patch
0057-ads_odbc_exec.patch
0058-check-libpq-lo_export-return-value.patch
0059-Merge-security-updates-from-PHP-5.5.30-into-PHP-5.4..patch

# LTS upload May 2016
CVE-2015-8865.patch
CVE-2015-8866.patch
CVE-2015-8878.patch
CVE-2015-8879.patch
#vulnerable code not present:  CVE-2016-1903
CVE-2016-4070.patch
CVE-2016-4071.patch
CVE-2016-4072.patch
CVE-2016-4073.patch
CVE-2016-4343.patch
CVE-2016-4537.patch
CVE-2016-4539.patch
CVE-2016-4540+4541.patch
CVE-2016-4542+4543+4544.patch

# LTS upload June 2016
CVE-2016-5093.patch
CVE-2016-5094.patch
CVE-2016-5095.patch
CVE-2016-5096.patch
CVE-2016-5144.patch
CVE-TEMP-bug-70661.patch
CVE-TEMP-bug-70728.patch
CVE-TEMP-bug-70741.patch
CVE-TEMP-bug-70480-raw.patch

#LTS upload July/August 2016
CVE-2016-5114.patch
CVE-2016-5768.patch
CVE-2016-5769.patch
CVE-2016-5771.patch
CVE-2016-5773.patch

CVE-2016-6297.patch
CVE-2016-6296.patch
CVE-2016-6295.patch
CVE-2016-6294.patch
CVE-2016-6292.patch
CVE-2016-6291.patch
CVE-2016-6289.patch

CVE-2016-6290.patch
CVE-2016-5772.patch

CVE-2016-5770.patch
CVE-2016-5399.patch
CVE-2016-4473.patch

BUG-70436.patch
BUG-72681.patch

# patch for CVE-2016-4538 is already done in patch for CVE-2016-4537.
# both CVEs are assigned to bug 72093
# CVE-2016-4538.patch


# LTS upload December 2016
#BUG 72681, which has been applied earlier, now got CVE-2016-7125
CVE-2016-5385.patch
CVE-2016-7124.patch
CVE-2016-7128.patch
CVE-2016-7129.patch
CVE-2016-7130.patch
CVE-2016-7131-7132.patch
CVE-2016-7411.patch
CVE-2016-7417.patch
CVE-2016-7414.patch
CVE-2016-7416.patch
CVE-2016-7412.patch
CVE-2016-7418.patch
CVE-2016-7413.patch

# 5.4.45-0+deb7u7
CVE-2016-2554.patch
CVE-2016-3141.patch
CVE-2016-3142.patch
CVE-2016-4342.patch
CVE-2016-9934.patch
CVE-2016-9935.patch
CVE-2016-10158.patch
CVE-2016-10159.patch
CVE-2016-10160.patch
CVE-2016-10161.patch
BUG-71323.patch
BUG-70979.patch
BUG-71039.patch
BUG-71459.patch
BUG-71391.patch
BUG-71335.patch

# 5.4.45-0+deb7u8
CVE-2016-7478.patch
CVE-2016-7479.patch
CVE-2017-7272.patch

# 5.4.45-0+deb7u9
CVE-2016-10397.patch
CVE-2017-11143.patch
CVE-2017-11144.patch
CVE-2017-11145.patch
CVE-2017-11147.patch

# 5.4.45-0+deb7u10
CVE-2017-11628.patch

# 5.4.45-0+deb7u11
CVE-2017-12933.patch

# 5.4.45-0+deb7u12
CVE-2018-5712.patch
CVE-2018-7584.patch
CVE-2018-10545.patch
CVE-2018-10547.patch
CVE-2018-10548.patch
CVE-2018-14883.patch
CVE-2018-14851.patch
CVE-2018-17802.patch
CVE-2018-19518.patch
CVE-2018-19935.patch

bug77242.patch
bug77370.patch
bug77380.patch
bug77418.patch
bug77247.patch
bug77371.patch
bug77381.patch

#phar file can not be patched directly -> debian/new-phar-files/* : CVE-2018-1000888.patch
CVE-2019-9022.patch
CVE-2018-20783.patch

CVE-2019-9637.patch
CVE-2019-9638_CVE-2019-9639.patch
CVE-2019-9640.patch
CVE-2019-9641.patch
CVE-2019-11034.patch
CVE-2019-11035.patch

CVE-2019-11036.patch
CVE-2019-11039.patch
CVE-2019-11040.patch
0005-Fix-bug-77967-Bypassing-open_basedir-restrictions-vi.patch
CVE-2019-11041.patch
CVE-2019-11042.patch
0001-Fix-77919-Potential-UAF-in-Phar-RSHUTDOWN.patch
CVE-2019-11043.patch

CVE-2019-11045.patch
CVE-2019-11046.patch
CVE-2019-11047.patch
CVE-2019-11050.patch

CVE-2020-7059.patch
CVE-2020-7060.patch

CVE-2020-7063.patch
CVE-2020-7062.patch

CVE-2020-7064.patch
CVE-2020-7067.patch
CVE-2020-7066.patch
CVE-2019-18218.patch

CVE-2019-11048-1.patch
CVE-2019-11048-2.patch

