All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH] php: security bump to version 5.5.18
@ 2014-10-16 17:48 Gustavo Zacarias
  2014-10-17  4:36 ` Bernd Kuhls
  2014-10-17  9:24 ` Thomas Petazzoni
  0 siblings, 2 replies; 3+ messages in thread
From: Gustavo Zacarias @ 2014-10-16 17:48 UTC (permalink / raw)
  To: buildroot

Fixes:
CVE-2014-3669 - Integer overflow in unserialize() (32-bits only)
CVE-2014-3670 - Heap corruption in exif_thumbnail()
CVE-2014-3668 - Global buffer overflow in mkgmtime() function

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
 package/php/php.hash | 2 +-
 package/php/php.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/php/php.hash b/package/php/php.hash
index bee8cff..6bb0d1c 100644
--- a/package/php/php.hash
+++ b/package/php/php.hash
@@ -1,2 +1,2 @@
 # From http://php.net/downloads.php
-md5	e5f25dae73004658533ee7701a527bd0	php-5.5.17.tar.xz
+md5	3984f32985842afebe5795457e26931f	php-5.5.18.tar.xz
diff --git a/package/php/php.mk b/package/php/php.mk
index bca4f3a..26ec67d 100644
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-PHP_VERSION = 5.5.17
+PHP_VERSION = 5.5.18
 PHP_SITE = http://www.php.net/distributions
 PHP_SOURCE = php-$(PHP_VERSION).tar.xz
 PHP_INSTALL_STAGING = YES
-- 
2.0.4

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] php: security bump to version 5.5.18
  2014-10-16 17:48 [Buildroot] [PATCH] php: security bump to version 5.5.18 Gustavo Zacarias
@ 2014-10-17  4:36 ` Bernd Kuhls
  2014-10-17  9:24 ` Thomas Petazzoni
  1 sibling, 0 replies; 3+ messages in thread
From: Bernd Kuhls @ 2014-10-17  4:36 UTC (permalink / raw)
  To: buildroot

Gustavo Zacarias <gustavo@zacarias.com.ar> wrote in 
news:1413481717-9541-1-git-send-email-gustavo at zacarias.com.ar:

> -PHP_VERSION = 5.5.17
> +PHP_VERSION = 5.5.18

Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] php: security bump to version 5.5.18
  2014-10-16 17:48 [Buildroot] [PATCH] php: security bump to version 5.5.18 Gustavo Zacarias
  2014-10-17  4:36 ` Bernd Kuhls
@ 2014-10-17  9:24 ` Thomas Petazzoni
  1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni @ 2014-10-17  9:24 UTC (permalink / raw)
  To: buildroot

Dear Gustavo Zacarias,

On Thu, 16 Oct 2014 14:48:37 -0300, Gustavo Zacarias wrote:
> Fixes:
> CVE-2014-3669 - Integer overflow in unserialize() (32-bits only)
> CVE-2014-3670 - Heap corruption in exif_thumbnail()
> CVE-2014-3668 - Global buffer overflow in mkgmtime() function
> 
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
>  package/php/php.hash | 2 +-
>  package/php/php.mk   | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)

Applied, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-10-17  9:24 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-10-16 17:48 [Buildroot] [PATCH] php: security bump to version 5.5.18 Gustavo Zacarias
2014-10-17  4:36 ` Bernd Kuhls
2014-10-17  9:24 ` Thomas Petazzoni

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.