php: Security fix CVE-2016-1903

CVE-2016-1903 php: Out-of-bounds memory read via gdImageRotateInterpolated

Signed-off-by: Armin Kuster <akuster@mvista.com>

meta-oe/recipes-devtools/php/php/CVE-2016-1903.patch

@@ -0,0 +1,28 @@
+From aa8d3a8cc612ba87c0497275f58a2317a90fb1c4 Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi@php.net>
+Date: Tue, 12 Jan 2016 13:52:27 +0100
+Subject: [PATCH] fix the fix for bug #70976 (imagerotate)
+
+Upstream-Status: Backport
+https://github.com/php/php-src/commit/aa8d3a8cc612ba87c0497275f58a2317a90fb1c4
+
+CVE: CVE-2016-1903
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ ext/gd/libgd/gd_interpolation.c | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+Index: php-5.5.21/ext/gd/libgd/gd_interpolation.c
+===================================================================
+--- php-5.5.21.orig/ext/gd/libgd/gd_interpolation.c
++++ php-5.5.21/ext/gd/libgd/gd_interpolation.c
+@@ -2162,7 +2162,7 @@ gdImagePtr gdImageRotateInterpolated(con
+ 	   images can be done at a later point.
+ 	*/
+ 	if (src->trueColor == 0) {
+-		if (bgcolor >= 0) {
++		if (bgcolor < gdMaxColors) {
+ 			bgcolor =  gdTrueColorAlpha(src->red[bgcolor], src->green[bgcolor], src->blue[bgcolor], src->alpha[bgcolor]);
+ 		}
+ 		gdImagePaletteToTrueColor(src);

meta-oe/recipes-devtools/php/php_5.5.21.bb

@@ -16,6 +16,7 @@ SRC_URI = "http://php.net/distributions/php-${PV}.tar.bz2 \
            file://0001-acinclude-use-pkgconfig-for-libxml2-config.patch \
            file://CVE-2015-7803.patch \
            file://CVE-2015-7804.patch \
+           file://CVE-2016-1903.patch \
           "
 
 SRC_URI_append_class-target += " \