NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7b54d799cf
kumquat-buildroot/package/php/php.hash

6 lines
224 B
Plaintext
Raw Normal View History

php: bump to version 5.5.17 Add hash and switch to xz download for space savings. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-09-19 14:31:19 +02:00
# From http://php.net/downloads.php
package/php: bump version to 7.3.12 Release notes of this bugfix release: https://www.php.net/ChangeLog-7.php#7.3.12 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-11-21 22:37:33 +01:00
sha256 aafe5e9861ad828860c6af8c88cdc1488314785962328eb1783607c1fdd855df php-7.3.12.tar.xz
php: security bump to version 7.1.7 Fixes the following security issues: CVE-2017-7890 - Buffer over-read into uninitialized memory. The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c (which can be reached with a call to the imagecreatefromstring() function) uses constant-sized color tables of size 3 * 256, but does not zero-out these arrays before use. CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229 - Out-of-bonds access in oniguruma regexp library. CVE-2017-11144 - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission. CVE-2017-11145 - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, lack of a bounds check in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to an ext/date/lib/parse_date.c out-of-bounds read affecting the php_parse_date function. CVE-2017-11146 - In PHP through 5.6.31, 7.x through 7.0.21, and 7.1.x through 7.1.7, lack of bounds checks in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11145. While we're at it, add a hash for the license file. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-07-11 11:02:20 +02:00
# License file
package/php: bump version to 7.2.12 Changelog: http://www.php.net/ChangeLog-7.php#7.2.12 Rebased patch 0004 and updated license hash after white space removal: https://github.com/php/php-src/commit/902d39a3a79c6efe93c8879575fdd5a759cf03de Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-08 21:39:06 +01:00
sha256 f689b8fa63bea7950ce6a21bf52ed88ea0d77673ee76e6de12f51191174d91b8 LICENSE
Reference in New Issue Copy Permalink