php: security bump to version 5.5.18
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Thu, 16 Oct 2014 17:48:37 +0000 (14:48 -0300)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fri, 17 Oct 2014 09:23:24 +0000 (11:23 +0200)
Fixes:
CVE-2014-3669 - Integer overflow in unserialize() (32-bits only)
CVE-2014-3670 - Heap corruption in exif_thumbnail()
CVE-2014-3668 - Global buffer overflow in mkgmtime() function

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/php/php.hash
package/php/php.mk

index bee8cff54c3a08eca7015ad41f6f47cf05fc1204..6bb0d1c0b84586ffbb16befd12d9448e89768749 100644 (file)
@@ -1,2 +1,2 @@
 # From http://php.net/downloads.php
-md5    e5f25dae73004658533ee7701a527bd0        php-5.5.17.tar.xz
+md5    3984f32985842afebe5795457e26931f        php-5.5.18.tar.xz
index bca4f3a9a24a2d1190d485302a18450552643793..26ec67d13eb16dad8a112f6bf5069e6564575f1f 100644 (file)
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-PHP_VERSION = 5.5.17
+PHP_VERSION = 5.5.18
 PHP_SITE = http://www.php.net/distributions
 PHP_SOURCE = php-$(PHP_VERSION).tar.xz
 PHP_INSTALL_STAGING = YES