<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git/meta-oe/recipes-devtools/php, branch dunfell</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=dunfell</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=dunfell'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2023-12-17T20:36:42+00:00</updated>
<entry>
<title>php: CVE-2022-4900 fix potential buffer overflow</title>
<updated>2023-12-17T20:36:42+00:00</updated>
<author>
<name>Hitendra Prajapati</name>
<email>hprajapati@mvista.com</email>
</author>
<published>2023-11-21T05:07:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=db0a8862fc79aedab7046e978f5c7abb5157319f'/>
<id>urn:sha1:db0a8862fc79aedab7046e978f5c7abb5157319f</id>
<content type='text'>
Upstream-Status: Backport from https://github.com/php/php-src/commit/789a37f14405e2d1a05a76c9fb4ed2d49d4580d5

Signed-off-by: Hitendra Prajapati &lt;hprajapati@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>php: Fix CVE-2023-3824</title>
<updated>2023-09-30T12:55:03+00:00</updated>
<author>
<name>Siddharth Doshi</name>
<email>sdoshi@mvista.com</email>
</author>
<published>2023-09-27T06:57:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=0f10a0d394ddffeeb1db0ea94046d86792d704fe'/>
<id>urn:sha1:0f10a0d394ddffeeb1db0ea94046d86792d704fe</id>
<content type='text'>
Upstream-Status: Backport from [https://github.com/php/php-src/commit/80316123f3e9dcce8ac419bd9dd43546e2ccb5ef]
CVE: CVE-2023-3824
Signed-off-by: Siddharth Doshi &lt;sdoshi@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>php: Backport fix CVE-2023-3247</title>
<updated>2023-08-16T12:39:45+00:00</updated>
<author>
<name>Ashish Sharma</name>
<email>asharma@mvista.com</email>
</author>
<published>2023-08-14T06:30:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=1ff41cb9c6c49373e7a5598e2e444af68428ca46'/>
<id>urn:sha1:1ff41cb9c6c49373e7a5598e2e444af68428ca46</id>
<content type='text'>
Signed-off-by: Ashish Sharma &lt;asharma@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>php: update 7.4.28 -&gt; 7.4.33</title>
<updated>2023-01-19T12:49:31+00:00</updated>
<author>
<name>Valeria Petrov</name>
<email>valeria.petrov@spinetix.com</email>
</author>
<published>2023-01-10T16:38:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=09c3ac0da6577f57a03e1fbfb22b72e809b15f01'/>
<id>urn:sha1:09c3ac0da6577f57a03e1fbfb22b72e809b15f01</id>
<content type='text'>
    Update php from 7.4.28 to 7.4.33

    Fixes below CVEs:
    CVE-2021-21708
    CVE-2022-31626
    CVE-2022-31625
    CVE-2022-31628
    CVE-2022-31629
    CVE-2022-31630
    CVE-2022-37454

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>php: move to version v7.4.28</title>
<updated>2022-06-15T13:45:03+00:00</updated>
<author>
<name>Jeroen Hofstee</name>
<email>jhofstee@victronenergy.com</email>
</author>
<published>2022-04-05T19:58:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=d6795ab0eed599ef24421419f8a14f8c957f27da'/>
<id>urn:sha1:d6795ab0eed599ef24421419f8a14f8c957f27da</id>
<content type='text'>
CVE: CVE-2021-21703 CVE-2021-21706 CVE-2021-21707 CVE-2021-21708

Signed-off-by: Jeroen Hofstee &lt;jhofstee@victronenergy.com&gt;
[Didn't apply cleanly, corrected.]
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>php: move to version 7.4.21</title>
<updated>2021-08-14T20:54:01+00:00</updated>
<author>
<name>Joe Slater</name>
<email>joe.slater@windriver.com</email>
</author>
<published>2021-07-26T21:40:16+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=e4a74a0f0fae82d8ebb4e5233c391eee7c899318'/>
<id>urn:sha1:e4a74a0f0fae82d8ebb4e5233c391eee7c899318</id>
<content type='text'>
Lots of bug fixes.

CVE: CVE-2021-21704 CVE-2021-21705

Signed-off-by: Joe Slater &lt;joe.slater@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit 93045c3db744a9f1cd0a9b0ce992d44d9c44c309)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
(cherry picked from commit 69dcf5bac8adfd55f1a40cff1e989ed8806607cb)
[Stable bug fix only updates]
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>php: Upgrade to 7.4.16</title>
<updated>2021-07-26T23:05:08+00:00</updated>
<author>
<name>Mingli Yu</name>
<email>mingli.yu@windriver.com</email>
</author>
<published>2021-04-21T03:23:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=85f8047c71047d93cf79a954142157f85079968d'/>
<id>urn:sha1:85f8047c71047d93cf79a954142157f85079968d</id>
<content type='text'>
License-Update: License updated (year updated)

Fix some security issues such as CVE-2021-21702 and remove two
cve patches which already included in the new version.

Signed-off-by: Mingli Yu &lt;mingli.yu@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit e418ee4657e084c8b4d42aabf76ff6df99253e91)
[Bug fix only updates plus: CVE-2020-7071 ]
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>php: allow php as empty</title>
<updated>2021-07-26T23:04:47+00:00</updated>
<author>
<name>Changqing Li</name>
<email>changqing.li@windriver.com</email>
</author>
<published>2021-03-11T00:56:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=11c1cd6bf5855d458da94c6c7291bbe985ac653a'/>
<id>urn:sha1:11c1cd6bf5855d458da94c6c7291bbe985ac653a</id>
<content type='text'>
Since commit c4ffcaa2[php: split out phpdbg into a separate package],
package php is empty, we might met error:
nothing provides php needed by php-cli-7.4.9-r0.corei7_64

Signed-off-by: Changqing Li &lt;changqing.li@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit 9be6b4f5a2ec857475626c74457a94b8d9236fd5)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>php: split out phpdbg into a separate package</title>
<updated>2021-07-26T23:04:24+00:00</updated>
<author>
<name>Diego Santa Cruz</name>
<email>Diego.SantaCruz@spinetix.com</email>
</author>
<published>2021-02-25T21:20:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=9982d7f27714485dad9e81120bd7bf860be558d5'/>
<id>urn:sha1:9982d7f27714485dad9e81120bd7bf860be558d5</id>
<content type='text'>
Since PHP 7.0 the phpdbg debugger is built by default and gets shipped
in the main php package, increasing its size by several MB; split it
out into a php-phpdbg package, following Debian naming.

Signed-off-by: Diego Santa Cruz &lt;Diego.SantaCruz@spinetix.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit c4ffcaa2ab3fbdef1ce58c253b32d82a57a3e2a8)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>php: CVE-2020-7069</title>
<updated>2021-01-11T03:43:27+00:00</updated>
<author>
<name>Zheng Ruoqin</name>
<email>zhengrq.fnst@cn.fujitsu.com</email>
</author>
<published>2020-12-15T07:22:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=28a08b88ef17286cd163b8472561450a3ec04e48'/>
<id>urn:sha1:28a08b88ef17286cd163b8472561450a3ec04e48</id>
<content type='text'>
Security Advisory

References
https://nvd.nist.gov/vuln/detail/CVE-2020-7069
https://bugs.php.net/patch-display.php?bug_id=79601&amp;patch=openssl_aes_ccm_iv_fix&amp;revision=latest

Signed-off-by: Zheng Ruoqin &lt;zhengrq.fnst@cn.fujitsu.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
(cherry picked from commit fa80193468745a11bc12d5845f66412a0d62e0e2)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
(cherry picked from commit 992e09f09a40e7a8d03c7c4b5adf40f821ed3774)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
</feed>
