* [Buildroot] [PATCH 1/1] package/php: security bump version to 7.4.3
@ 2020-02-20 22:33 Bernd Kuhls
2020-02-21 8:42 ` Peter Korsgaard
2020-03-14 14:13 ` Peter Korsgaard
0 siblings, 2 replies; 5+ messages in thread
From: Bernd Kuhls @ 2020-02-20 22:33 UTC (permalink / raw)
To: buildroot
Changelog: https://www.php.net/ChangeLog-7.php#7.4.3
Fixes CVE-2020-7061, CVE-2020-7062 & CVE-2020-7063.
Removed patch applied upstream:
https://github.com/php/php-src/commit/f0f5c415a6e0abc40514f97113deb52a343174ee
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
...ation-failure-due-to-size_t-typecast.patch | 46 -------------------
package/php/php.hash | 2 +-
package/php/php.mk | 2 +-
3 files changed, 2 insertions(+), 48 deletions(-)
delete mode 100644 package/php/0005-fix-cross-compilation-failure-due-to-size_t-typecast.patch
diff --git a/package/php/0005-fix-cross-compilation-failure-due-to-size_t-typecast.patch b/package/php/0005-fix-cross-compilation-failure-due-to-size_t-typecast.patch
deleted file mode 100644
index 342a210179..0000000000
--- a/package/php/0005-fix-cross-compilation-failure-due-to-size_t-typecast.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From f0f5c415a6e0abc40514f97113deb52a343174ee Mon Sep 17 00:00:00 2001
-From: Pascal de Bruijn <pmjdebruijn@pcode.nl>
-Date: Thu, 30 Jan 2020 13:48:44 +0100
-Subject: [PATCH] fix cross compilation failure due to size_t typecast in
- define
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The following commit introduces a cross-compilation failure:
-
- 93c728b77cfb47f5cfdd1863f8982ea59d344205
- "Try to control ZEND_MM_ALIGNED_SIZE type"
-
-br-arm-full/build/php-7.4.2/Zend/zend_alloc.h:30:38:
-error: missing binary operator before token "8"
- ^
-br-arm-full/build/php-7.4.2/ext/opcache/ZendAccelerator.c:1380:7:
-note: in expansion of macro ?ZEND_MM_ALIGNMENT?
-
-Closes GH-5128.
-
-Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
----
- Zend/zend_alloc.h | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/Zend/zend_alloc.h b/Zend/zend_alloc.h
-index c5838f2ac684..8bb854328dbd 100644
---- a/Zend/zend_alloc.h
-+++ b/Zend/zend_alloc.h
-@@ -27,12 +27,12 @@
- #include "zend.h"
-
- #ifndef ZEND_MM_ALIGNMENT
--# define ZEND_MM_ALIGNMENT ((size_t) 8)
-+# define ZEND_MM_ALIGNMENT Z_UL(8)
- # define ZEND_MM_ALIGNMENT_LOG2 Z_L(3)
- #elif ZEND_MM_ALIGNMENT < 4
- # undef ZEND_MM_ALIGNMENT
- # undef ZEND_MM_ALIGNMENT_LOG2
--# define ZEND_MM_ALIGNMENT ((size_t) 4)
-+# define ZEND_MM_ALIGNMENT Z_UL(4)
- # define ZEND_MM_ALIGNMENT_LOG2 Z_L(2)
- #endif
-
diff --git a/package/php/php.hash b/package/php/php.hash
index 69bc1cb6a5..a01e936016 100644
--- a/package/php/php.hash
+++ b/package/php/php.hash
@@ -1,5 +1,5 @@
# From https://www.php.net/downloads.php
-sha256 98284deac017da0d426117ecae7599a1f1bf62ae3911e8bc16c4403a8f4bdf13 php-7.4.2.tar.xz
+sha256 cf1f856d877c268124ded1ede40c9fb6142b125fdaafdc54f855120b8bc6982a php-7.4.3.tar.xz
# License file
sha256 0967ad6cf4b7fe81d38709d7aaef3fecb3bd685be7eebb37b864aa34c991baa7 LICENSE
diff --git a/package/php/php.mk b/package/php/php.mk
index a0eb9d136b..d4829645e8 100644
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
#
################################################################################
-PHP_VERSION = 7.4.2
+PHP_VERSION = 7.4.3
PHP_SITE = http://www.php.net/distributions
PHP_SOURCE = php-$(PHP_VERSION).tar.xz
PHP_INSTALL_STAGING = YES
--
2.20.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/1] package/php: security bump version to 7.4.3
2020-02-20 22:33 [Buildroot] [PATCH 1/1] package/php: security bump version to 7.4.3 Bernd Kuhls
@ 2020-02-21 8:42 ` Peter Korsgaard
2020-03-14 14:13 ` Peter Korsgaard
1 sibling, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2020-02-21 8:42 UTC (permalink / raw)
To: buildroot
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes:
> Changelog: https://www.php.net/ChangeLog-7.php#7.4.3
> Fixes CVE-2020-7061, CVE-2020-7062 & CVE-2020-7063.
> Removed patch applied upstream:
> https://github.com/php/php-src/commit/f0f5c415a6e0abc40514f97113deb52a343174ee
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Committed, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/1] package/php: security bump version to 7.4.3
2020-02-20 22:33 [Buildroot] [PATCH 1/1] package/php: security bump version to 7.4.3 Bernd Kuhls
2020-02-21 8:42 ` Peter Korsgaard
@ 2020-03-14 14:13 ` Peter Korsgaard
2020-03-14 20:09 ` Baruch Siach
1 sibling, 1 reply; 5+ messages in thread
From: Peter Korsgaard @ 2020-03-14 14:13 UTC (permalink / raw)
To: buildroot
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes:
> Changelog: https://www.php.net/ChangeLog-7.php#7.4.3
> Fixes CVE-2020-7061, CVE-2020-7062 & CVE-2020-7063.
> Removed patch applied upstream:
> https://github.com/php/php-src/commit/f0f5c415a6e0abc40514f97113deb52a343174ee
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
For 2019.02.x and 2019.11.x I have instead bumped to 7.3.15, which
contains the same fixes.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/1] package/php: security bump version to 7.4.3
2020-03-14 14:13 ` Peter Korsgaard
@ 2020-03-14 20:09 ` Baruch Siach
2020-03-15 11:03 ` Peter Korsgaard
0 siblings, 1 reply; 5+ messages in thread
From: Baruch Siach @ 2020-03-14 20:09 UTC (permalink / raw)
To: buildroot
Hi Peter,
On Sat, Mar 14 2020, Peter Korsgaard wrote:
>>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes:
>
> > Changelog: https://www.php.net/ChangeLog-7.php#7.4.3
> > Fixes CVE-2020-7061, CVE-2020-7062 & CVE-2020-7063.
>
> > Removed patch applied upstream:
> > https://github.com/php/php-src/commit/f0f5c415a6e0abc40514f97113deb52a343174ee
>
> > Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
>
> For 2019.02.x and 2019.11.x I have instead bumped to 7.3.15, which
> contains the same fixes.
php is still 7.3.14 in 2019.02.x as of commit a8cf4afce17f.
baruch
--
http://baruch.siach.name/blog/ ~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- baruch at tkos.co.il - tel: +972.52.368.4656, http://www.tkos.co.il -
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/1] package/php: security bump version to 7.4.3
2020-03-14 20:09 ` Baruch Siach
@ 2020-03-15 11:03 ` Peter Korsgaard
0 siblings, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2020-03-15 11:03 UTC (permalink / raw)
To: buildroot
>>>>> "Baruch" == Baruch Siach <baruch@tkos.co.il> writes:
> Hi Peter,
> On Sat, Mar 14 2020, Peter Korsgaard wrote:
>>>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes:
>>
>> > Changelog: https://www.php.net/ChangeLog-7.php#7.4.3
>> > Fixes CVE-2020-7061, CVE-2020-7062 & CVE-2020-7063.
>>
>> > Removed patch applied upstream:
>> > https://github.com/php/php-src/commit/f0f5c415a6e0abc40514f97113deb52a343174ee
>>
>> > Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
>>
>> For 2019.02.x and 2019.11.x I have instead bumped to 7.3.15, which
>> contains the same fixes.
> php is still 7.3.14 in 2019.02.x as of commit a8cf4afce17f.
Ups, indeed - Fixed. Thanks!
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-03-15 11:03 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-20 22:33 [Buildroot] [PATCH 1/1] package/php: security bump version to 7.4.3 Bernd Kuhls
2020-02-21 8:42 ` Peter Korsgaard
2020-03-14 14:13 ` Peter Korsgaard
2020-03-14 20:09 ` Baruch Siach
2020-03-15 11:03 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.