diff options
author | Armin Kuster <akuster808@gmail.com> | 2015-01-12 04:30:34 -0800 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2015-01-12 15:39:21 +0100 |
commit | 3ee3d05ce383c715d3d76062c87e5ff4aba328ef (patch) | |
tree | f5c682738cd061f06346acb3231d1337d1dd60c7 /meta-oe/recipes-devtools | |
parent | 200f6cafc878d4c26871fc56d21ecc8eaa9aa61b (diff) | |
download | meta-openembedded-3ee3d05ce383c715d3d76062c87e5ff4aba328ef.tar.gz |
php5: update to later minor version 5.4.36
Dizzy is missing several CVE's and upgrading to a later version within the same
series seems reasonable since most changes are bugfixes or Security releated.
if you are ok with this approach, please Ack and I will stage this with the next series of updates I am working on.
- armin
18-Dec-2014
Core:
Upgraded crypt_blowfish to version 1.3.
Fixed bug #68545 (NULL pointer dereference in unserialize.c).
Fixed bug #68594 (Use after free vulnerability in unserialize()). (CVE-2014-8142)
Mcrypt:
Fixed possible read after end of buffer and use after free.
13 Nov 2014
Core:
Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in zend_hash_copy).
Fileinfo:
Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers). (CVE-2014-3710)
GMP:
Fixed bug #63595 (GMP memory management conflicts with other libraries using GMP).
PDO_pgsql:
Fixed bug #66584 (Segmentation fault on statement deallocation).
16 Oct 2014
Fileinfo:
Fixed bug #66242 (libmagic: don't assume char is signed).
Core:
Fixed bug #67985 (Incorrect last used array index copied to new array after unset).
Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669)
cURL:
Fixed bug #68089 (NULL byte injection - cURL lib).
EXIF:
Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
OpenSSL:
Reverted fixes for bug #41631, due to regressions.
XMLRPC:
Fixed bug #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-oe/recipes-devtools')
-rw-r--r-- | meta-oe/recipes-devtools/php/php_5.4.36.bb (renamed from meta-oe/recipes-devtools/php/php_5.4.33.bb) | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/meta-oe/recipes-devtools/php/php_5.4.33.bb b/meta-oe/recipes-devtools/php/php_5.4.36.bb index 6fdfe0f07..43c7736e4 100644 --- a/meta-oe/recipes-devtools/php/php_5.4.33.bb +++ b/meta-oe/recipes-devtools/php/php_5.4.36.bb | |||
@@ -30,8 +30,8 @@ SRC_URI_append_class-target += " \ | |||
30 | file://php-fpm-apache.conf \ | 30 | file://php-fpm-apache.conf \ |
31 | " | 31 | " |
32 | 32 | ||
33 | SRC_URI[md5sum] = "c6878bb1cdb46bfc1e1a5cd67a024737" | 33 | SRC_URI[md5sum] = "70e223be4bb460e465b7a9d7cb5b9cac" |
34 | SRC_URI[sha256sum] = "1a75b2d0835e74b8886cd3980d9598a0e06691441bb7f91d19b74c2278e40bb5" | 34 | SRC_URI[sha256sum] = "b0951608c3e8afb978a624c7f79a889980210f5258f666c1d997bd6491e13241" |
35 | 35 | ||
36 | S = "${WORKDIR}/php-${PV}" | 36 | S = "${WORKDIR}/php-${PV}" |
37 | 37 | ||