* [Buildroot] [PATCH] php: security bump to version 5.5.18
@ 2014-10-16 17:48 Gustavo Zacarias
2014-10-17 4:36 ` Bernd Kuhls
2014-10-17 9:24 ` Thomas Petazzoni
0 siblings, 2 replies; 3+ messages in thread
From: Gustavo Zacarias @ 2014-10-16 17:48 UTC (permalink / raw)
To: buildroot
Fixes:
CVE-2014-3669 - Integer overflow in unserialize() (32-bits only)
CVE-2014-3670 - Heap corruption in exif_thumbnail()
CVE-2014-3668 - Global buffer overflow in mkgmtime() function
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/php/php.hash | 2 +-
package/php/php.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/php/php.hash b/package/php/php.hash
index bee8cff..6bb0d1c 100644
--- a/package/php/php.hash
+++ b/package/php/php.hash
@@ -1,2 +1,2 @@
# From http://php.net/downloads.php
-md5 e5f25dae73004658533ee7701a527bd0 php-5.5.17.tar.xz
+md5 3984f32985842afebe5795457e26931f php-5.5.18.tar.xz
diff --git a/package/php/php.mk b/package/php/php.mk
index bca4f3a..26ec67d 100644
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
#
################################################################################
-PHP_VERSION = 5.5.17
+PHP_VERSION = 5.5.18
PHP_SITE = http://www.php.net/distributions
PHP_SOURCE = php-$(PHP_VERSION).tar.xz
PHP_INSTALL_STAGING = YES
--
2.0.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] php: security bump to version 5.5.18
2014-10-16 17:48 [Buildroot] [PATCH] php: security bump to version 5.5.18 Gustavo Zacarias
@ 2014-10-17 4:36 ` Bernd Kuhls
2014-10-17 9:24 ` Thomas Petazzoni
1 sibling, 0 replies; 3+ messages in thread
From: Bernd Kuhls @ 2014-10-17 4:36 UTC (permalink / raw)
To: buildroot
Gustavo Zacarias <gustavo@zacarias.com.ar> wrote in
news:1413481717-9541-1-git-send-email-gustavo at zacarias.com.ar:
> -PHP_VERSION = 5.5.17
> +PHP_VERSION = 5.5.18
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] php: security bump to version 5.5.18
2014-10-16 17:48 [Buildroot] [PATCH] php: security bump to version 5.5.18 Gustavo Zacarias
2014-10-17 4:36 ` Bernd Kuhls
@ 2014-10-17 9:24 ` Thomas Petazzoni
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni @ 2014-10-17 9:24 UTC (permalink / raw)
To: buildroot
Dear Gustavo Zacarias,
On Thu, 16 Oct 2014 14:48:37 -0300, Gustavo Zacarias wrote:
> Fixes:
> CVE-2014-3669 - Integer overflow in unserialize() (32-bits only)
> CVE-2014-3670 - Heap corruption in exif_thumbnail()
> CVE-2014-3668 - Global buffer overflow in mkgmtime() function
>
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
> package/php/php.hash | 2 +-
> package/php/php.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
Applied, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-10-17 9:24 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-10-16 17:48 [Buildroot] [PATCH] php: security bump to version 5.5.18 Gustavo Zacarias
2014-10-17 4:36 ` Bernd Kuhls
2014-10-17 9:24 ` Thomas Petazzoni
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.