php: security bump to version 5.2.16

* Fixed extract() to do not overwrite $GLOBALS and $this when using
  EXTR_OVERWRITE.

* Fixed crash in zip extract method (possible CWE-170).

* Fixed a possible double free in imap extension.

* Fixed possible flaw in open_basedir (CVE-2010-3436).

* Fixed NULL pointer dereference in ZipArchive::getArchiveComment.
  (CVE-2010-3709).

* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL
  with large amount of data).

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>

diff --git a/package/php/php.mk b/package/php/php.mk
index af4fa292aa869aed61e63f8186d085ee7781d9ac..4db2b84c418590ca1e77ed12a22a3b45ea084d37 100644 (file)
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
 #
 #############################################################
 
-PHP_VERSION = 5.2.14
+PHP_VERSION = 5.2.16
 PHP_SOURCE = php-$(PHP_VERSION).tar.bz2
 PHP_SITE = http://www.php.net/distributions
 PHP_INSTALL_STAGING = YES