projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1361563)
php: security bump to version 5.6.20
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Fri, 1 Apr 2016 12:02:19 +0000 (09:02 -0300)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Sat, 2 Apr 2016 14:51:22 +0000 (16:51 +0200)
Fixes (no CVEs yet):
Buffer over-write in finfo_open with malformed magic file.
Invalid memory write in phar on filename with \0 in name.
Parsing of tar file with duplicate filenames causes memory leak.
php_snmp_error() Format String Vulnerability.
Integer Overflow in php_raw_url_encode.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/php/php.hash patch | blob | history
package/php/php.mk patch | blob | history

diff --git a/package/php/php.hash b/package/php/php.hash
index 9cfbcad6556d4c2dda720b002c05c1950e143bef..e359bf7cd32d61a65e42428fb4b107fbd4e8edf8 100644 (file)
--- a/package/php/php.hash
+++ b/package/php/php.hash
@@ -1,2 +1,2 @@
 # From http://php.net/downloads.php
-sha256 bb32337f93a00b71789f116bddafa8848139120e7fb6f4f98a84f52dbcb8329f        php-5.6.19.tar.xz
+sha256 2b87d40213361112af49157a435e0d4cdfd334c9b7c731c8b844932b1f444e7a        php-5.6.20.tar.xz
diff --git a/package/php/php.mk b/package/php/php.mk
index 6d27c3086401989325f279af711ce158b696dfce..1c920607b1d2d1aa37372163857151da8e9f6a3c 100644 (file)
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-PHP_VERSION = 5.6.19
+PHP_VERSION = 5.6.20
 PHP_SITE = http://www.php.net/distributions
 PHP_SOURCE = php-$(PHP_VERSION).tar.xz
 PHP_INSTALL_STAGING = YES