File php-5.4.20-CVE-2014-0185.patch of Package php5.openSUSE_13.1_Update

From 1875b4648f138df77abcb513149a3340ade69a4c Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Tue, 15 Apr 2014 10:43:24 -0700
Subject: [PATCH] Fix bug #67060: use default mode of 660

---
 sapi/fpm/fpm/fpm_unix.c  | 2 +-
 sapi/fpm/php-fpm.conf.in | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

--- sapi/fpm/fpm/fpm_unix.c
+++ sapi/fpm/fpm/fpm_unix.c
@@ -35,7 +35,7 @@ int fpm_unix_resolve_socket_premissions(struct fpm_worker_pool_s *wp) /* {{{ */
 	/* uninitialized */
 	wp->socket_uid = -1;
 	wp->socket_gid = -1;
-	wp->socket_mode = 0666;
+	wp->socket_mode = 0660;
 
 	if (!c) {
 		return 0;
--- sapi/fpm/php-fpm.conf.in
+++ sapi/fpm/php-fpm.conf.in
@@ -166,10 +166,10 @@ listen = 127.0.0.1:9000
 ; permissions must be set in order to allow connections from a web server. Many
 ; BSD-derived systems allow connections regardless of permissions. 
 ; Default Values: user and group are set as the running user
-;                 mode is set to 0666
+;                 mode is set to 0660
 ;listen.owner = @php_fpm_user@
 ;listen.group = @php_fpm_group@
-;listen.mode = 0666
+;listen.mode = 0660
  
 ; List of ipv4 addresses of FastCGI clients which are allowed to connect.
 ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
-- 
1.8.4