php: security bump to 7.3.1

Fixes the following security issue:

- CVE-2018-19935: Allows remote attackers to cause a denial of service
  (NULL pointer dereference and application crash) via an empty string in the
  message argument to the imap_mail function.
https://www.cvedetails.com/cve/CVE-2018-19935/

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff --git a/package/php/php.hash b/package/php/php.hash
index c1c6e8c3e97237a8aa008b67c4a37c7fdefd133a..2cb89e0366b623da0c7333ea93aa55d4d8c0541b 100644 (file)
--- a/package/php/php.hash
+++ b/package/php/php.hash
@@ -1,5 +1,5 @@
 # From http://php.net/downloads.php
-sha256 7d195cad55af8b288c3919c67023a14ff870a73e3acc2165a6d17a4850a560b5  php-7.3.0.tar.xz
+sha256 cfe93e40be0350cd53c4a579f52fe5d8faf9c6db047f650a4566a2276bf33362  php-7.3.1.tar.xz
 
 # License file
 sha256 f689b8fa63bea7950ce6a21bf52ed88ea0d77673ee76e6de12f51191174d91b8  LICENSE

diff --git a/package/php/php.mk b/package/php/php.mk
index b6b17a1562f30cb543048102dc47a92e085739f4..be7e9b3c8983bce8609f1f3fd1020c909ba4072f 100644 (file)
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-PHP_VERSION = 7.3.0
+PHP_VERSION = 7.3.1
 PHP_SITE = http://www.php.net/distributions
 PHP_SOURCE = php-$(PHP_VERSION).tar.xz
 PHP_INSTALL_STAGING = YES