Commit Graph

110 Commits

Author SHA1 Message Date
Gustavo Zacarias
e054764917 php: add opcache option
Add a Zend OPcache option and tweak the build system into being
cross-compile friendly.
The OPcache extension allows for a neat intermediate bytecode cache in
memory to avoid reinterpreting/recompiling php scripts on multiple runs.
Make it an option since this takes up valuable RAM.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-08 21:24:46 +02:00
Gustavo Zacarias
4959dabe7d php: cleanup patches
Convert patches from pure configure ones to *.m4/configure.in cleanness.
This allows us to AUTORECONF (well, not quite, but close).
Even though upstream will probably not accept them it's the right way.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-08 21:23:52 +02:00
Gustavo Zacarias
a48bc40e2d php: bump to version 5.6.7
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-08 21:23:03 +02:00
Bernd Kuhls
c6ae88084c package/php: add unixodbc support
[Thomas: fix indentation.]

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-05 16:05:46 +02:00
Gustavo Zacarias
f4716f79a0 packages: remove (non-)lfs dependencies and tweaks
Now that largefile is mandatory removes package dependencies and
conditionals.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-04-01 22:47:22 +02:00
Jerzy Grzegorek
bd8c733fb4 packages: indentation cleanup
This commit doesn't touch infra packages.

Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-31 13:57:41 +02:00
Gustavo Zacarias
2c88be8ef7 php: security bump to version 5.5.23
Fixes:
CVE-2015-0231 - Use After Free Vulnerability in unserialize()
CVE-2015-2305 - heap overflow vulnerability in regcomp.c
CVE-2015-2331 - ZIP Integer Overflow leads to writing past heap boundary

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-20 14:02:40 +01:00
Mauro Condarelli
d92f9c6832 Added support for PHP/SQLite3 (non PDO).
Signed-off-by: Mauro Condarelli <mc5686@mclink.it>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-09 14:08:29 +01:00
Gustavo Zacarias
f08a9db47e php: security bump to version 5.5.22
Fixes:
CVE-2015-0273 - Use after free vulnerability in unserialize() with
DateTimeZone.
CVE-2015-0235 - Mitigation for GHOST: glibc gethostbyname buffer
overflow.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-02-19 21:27:31 +01:00
Gustavo Zacarias
626030fb1b php: security bump to version 5.5.21
Fixes:
CVE-2015-0231 - Use After Free Vulnerability in PHP's unserialize()
CVE-2014-9427 - Out of bounds read crashes php-cgi
CVE-2015-0232 - Free called on unitialized pointer

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-01-23 16:44:27 +01:00
Jerzy Grzegorek
38f09d6873 package: indentation cleanup
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-12-24 11:41:05 +01:00
Gustavo Zacarias
d64599ccb7 php: security bump to version 5.5.20
Fixes:
CVE-2014-8142 - Use after free vulnerability in unserialize()

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-12-18 22:54:04 +01:00
Thomas Petazzoni
665e13c85e Rename BR2_PREFER_STATIC_LIB to BR2_STATIC_LIBS
Since a while, the semantic of BR2_PREFER_STATIC_LIB has been changed
from "prefer static libraries when possible" to "use only static
libraries". The former semantic didn't make much sense, since the user
had absolutely no control/idea of which package would use static
libraries, and which packages would not. Therefore, for quite some
time, we have been starting to enforce that BR2_PREFER_STATIC_LIB
should really build everything with static libraries.

As a consequence, this patch renames BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS, and adjust the Config.in option accordingly.

This also helps preparing the addition of other options to select
shared, shared+static or just static.

Note that we have verified that this commit can be reproduced by
simply doing a global rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS plus adding BR2_PREFER_STATIC_LIB to Config.in.legacy.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
2014-12-11 22:48:13 +01:00
Thomas Petazzoni
e07c97adcb php: install configuration file unconditionally
As discussed, users should use a rootfs overlay or a post-build script
instead of a custom skeleton to override files installed by Buildroot,
so there is no point in having conditions when installing init scripts
or configuration files.

[Peter: use install -D]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-12-02 00:40:22 +01:00
Gustavo Zacarias
9a5261544f php: security bump to version 5.5.19
Fixes:
CVE-2014-3710 - fileinfo: out-of-bounds read in elf note headers.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-11-14 13:17:45 +01:00
Bernd Kuhls
e74d197cbd package/php: Add support for mbstring module
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-26 22:31:20 +01:00
Bernd Kuhls
7ca97b357f package/php: Add support for mcrypt module
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-26 22:31:08 +01:00
Bernd Kuhls
e29d47e550 package/php: Add support for GD module
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-26 22:31:00 +01:00
Jörg Krause
ffa33dc552 package/.mk files: remove --localstatedir=/var from autotools packages
Remove --localstatedir=/var from all autotools packages where it is no longer
needed.

Also remove --localstatedir=/var/lib/dhcp from package dhcp. localstatedir is
used by dhcp to set the default directory for the leases files. This can also
be done by setting --with-*-lease-file=/var/lib/dhcp/*, which is done in
dhcp.mk.

A custom --localstatedir is left in:
* proftpd.mk
* mysql.mk

This is safe to do:
One of the good thing with autoconf is that if you pass:
        --localstatedir=/var ... --localstatedir=/var/something
Then /var/something will be used. So, we can set --localstatedir=/var
by default in the infrastructure, and still have certain packages doing
weird things override it. [Thanks to Thomas Petazzoni]

Signed-off-by: Jörg Krause <jkrause@posteo.de>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-18 19:27:42 +02:00
Gustavo Zacarias
f8abb0b3d9 php: security bump to version 5.5.18
Fixes:
CVE-2014-3669 - Integer overflow in unserialize() (32-bits only)
CVE-2014-3670 - Heap corruption in exif_thumbnail()
CVE-2014-3668 - Global buffer overflow in mkgmtime() function

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-17 11:23:24 +02:00
Thomas De Schampheleire
f268f7131b .mk files: bulk aligment and whitespace cleanup of assignments
The Buildroot coding style defines one space around make assignments and
does not align the assignment symbols.

This patch does a bulk fix of offending packages. The package
infrastructures (or more in general assignments to calculated variable
names, like $(2)_FOO) are not touched.

Alignment of line continuation characters (\) is kept as-is.

The sed command used to do this replacement is:
find * -name "*.mk" | xargs sed -i \
    -e 's#^\([A-Z0-9a-z_]\+\)\s*\([?:+]\?=\)\s*$#\1 \2#'
    -e 's#^\([A-Z0-9a-z_]\+\)\s*\([?:+]\?=\)\s*\([^\\]\+\)$#\1 \2 \3#'
    -e 's#^\([A-Z0-9a-z_]\+\)\s*\([?:+]\?=\)\s*\([^\\ \t]\+\s*\\\)\s*$#\1 \2 \3#'
    -e 's#^\([A-Z0-9a-z_]\+\)\s*\([?:+]\?=\)\(\s*\\\)#\1 \2\3#'

Brief explanation of this command:
    ^\([A-Z0-9a-z_]\+\)     a regular variable at the beginning of the line
    \([?:+]\?=\)            any assignment character =, :=, ?=, +=
    \([^\\]\+\)             any string not containing a line continuation
    \([^\\ \t]\+\s*\\\)     string, optional whitespace, followed by a
                            line continuation character
    \(\s*\\\)               optional whitespace, followed by a line
                            continuation character

Hence, the first subexpression handles empty assignments, the second
handles regular assignments, the third handles regular assignments with
line continuation, and the fourth empty assignments with line
continuation.

This expression was tested on following test text: (initial tab not
included)

	FOO     = spaces before
	FOO     =   spaces before and after
	FOO	= tab before
	FOO	  = tab and spaces before
	FOO =	tab after
	FOO =	   tab and spaces after
	FOO =   	spaces and tab after
	FOO =    \
	FOO = bar \
	FOO = bar space    \
	FOO   =		   \
	GENIMAGE_DEPENDENCIES   = host-pkgconf libconfuse
	FOO     += spaces before
	FOO     ?=   spaces before and after
	FOO     :=
	FOO     =
	FOO	=
	FOO	  =
	FOO =
	   $(MAKE1) CROSS_COMPILE=$(TARGET_CROSS) -C
	AT91BOOTSTRAP3_DEFCONFIG = \
	AXEL_DISABLE_I18N=--i18n=0

After this bulk change, following manual fixups were done:
- fix line continuation alignment in cegui06 and spice (the sed
  expression leaves the number of whitespace between the value and line
  continuation character intact, but the whitespace before that could have
  changed, causing misalignment.
- qt5base was reverted, as this package uses extensive alignment which
  actually makes the code more readable.

Finally, the end result was manually reviewed.

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Cc: Yann E. Morin <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-10-07 15:00:28 +02:00
Thomas De Schampheleire
aaffd209fa packages: rename FOO_CONF_OPT into FOO_CONF_OPTS
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.

Sed command used:
   find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-04 18:54:16 +02:00
Thomas De Schampheleire
d6c32da881 packages: rename FOO_INSTALL_STAGING_OPT into FOO_INSTALL_STAGING_OPTS
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_INSTALL_STAGING_OPT.

Sed command used:
   find * -type f | xargs sed -i 's#_INSTALL_STAGING_OPT\>#&S#g'

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-04 18:49:36 +02:00
Thomas De Schampheleire
57f2b8d255 packages: rename FOO_INSTALL_TARGET_OPT into FOO_INSTALL_TARGET_OPTS
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_INSTALL_TARGET_OPT.

Sed command used:
   find * -type f | xargs sed -i 's#_INSTALL_TARGET_OPT\>#&S#g'

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-04 18:48:33 +02:00
Gustavo Zacarias
3b423f3b02 php: bump to version 5.5.17
Add hash and switch to xz download for space savings.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-09-19 16:18:56 +02:00
Peter Korsgaard
5aedb8be68 Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-09-01 15:22:07 +02:00
Gustavo Zacarias
374adc17a0 php: security bump to version 5.5.16
Fixes:
CVE-2014-3538 - Extensive backtracking in rule regular expression
CVE-2014-3587 - Segfault in cdf.c
CVE-2014-2497 - php-gd 'c_color' NULL pointer dereference
CVE-2014-5120 - Null byte injection possible with imagexxx functions
CVE-2014-3597 - segfault in dns_get_record

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-08-25 19:50:30 +02:00
Floris Bos
742f8efa08 php: add pdo_pgsql extension
Adds support for the PDO PostgreSQL extension to the PHP package.

[Thomas: slightly adjust Config.in comment to indicate that's it's the
"Postgresql driver" that needs (e)glibc and not just "Postgresql".]

Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-08-17 21:19:50 +02:00
Gustavo Zacarias
b54b2d4f13 php: security bump to version 5.5.15
Fixes:
CVE-2014-4670 (SPL Iterators use-after-free)

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-26 09:16:21 +02:00
Jordi Llonch
c54de0884f php: add FPM support
[Thomas: adjust commit title, as suggested by Gustavo.]

Signed-off-by: Jordi Llonch <jordi.llonch@rochsystems.com>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-15 21:10:55 +02:00
Gustavo Zacarias
1d3696bd17 php: add option for phar builtin extension
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-07-08 13:56:52 +02:00
Gustavo Zacarias
67aaef1cb2 php: security bump to version 5.5.14
Fixes:

CVE-2014-3981 - insecure temporary file use in the configure script.
CVE-2014-0207 - cdf_read_short_sector insufficient boundary check.
CVE-2014-3478 - mconvert incorrect handling of truncated pascal string
size.
CVE-2014-3479 - cdf_check_stream_offset insufficient boundary check.
CVE-2014-3480 - cdf_count_chain insufficient boundary check.
CVE-2014-3487 - cdf_read_property_info insufficient boundary check.
CVE-2014-4049 - Fix potential segfault in dns_get_record().
CVE-2014-3515 - unserialize() SPL ArrayObject / SPLObjectStorage Type
Confusion.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-06-29 10:41:19 +02:00
Bernd Kuhls
41b2e1a74c package/php: Bump version to 5.5.13
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-06-01 21:51:17 +02:00
Gustavo Zacarias
14efd3faed php: bump to version 5.5.12
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-05-04 20:59:27 +02:00
Max Filippov
611ce96b3d Revert "php: fix build for xtensa"
This reverts commit 410c3cf7eb.
Now that -mtext-section-literals is specified in the xtensa ABI this fix
is no longer needed.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-04-03 21:36:49 +02:00
Bernd Kuhls
be82bb7d90 php: version bump 5.5.11
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-04-03 21:26:16 +02:00
Gustavo Zacarias
54198de1c9 php: security bump to version 5.5.10
Fixes CVE-2014-1943, CVE-2014-2270 and CVE-2013-7327.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-03-10 14:14:40 +01:00
Samuel Martin
6ff1538579 php: fix typo
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-03-01 17:13:30 +01:00
Gustavo Zacarias
b553ffe8dc php: bump to version 5.5.9
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-02-26 09:52:27 +01:00
Gustavo Zacarias
3f8b513384 php: fix for external extensions
Adjust phpize and php-config to make them work for cross-compiled
external extensions.
While at it also fix dl* issues that prevent said extensions from
loading.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-02-12 15:56:31 +01:00
Gustavo Zacarias
d8fd2b3ed6 php: security bump to version 5.5.8
Fixes CVE-2013-6712.
Note that there's no xz format tarball for 5.5.8.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-01-28 22:46:22 +01:00
Peter Korsgaard
99fd373bf5 package: fixup dependencies after mysql_client -> mysql rename
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-01-22 07:24:35 +01:00
Baruch Siach
410c3cf7eb php: fix build for xtensa
The php package generates a binary that is too large for the xtensa default
placement of literals in a dedicated section. Use -mtext-section-literal to
place literals in the text section.

Fixes
http://autobuild.buildroot.net/results/a9a/a9a1063104402ec28e01560ec7c8f8a5b6d43dd5/.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2013-12-31 11:57:48 +01:00
Gustavo Zacarias
76ad808a50 php: bump to version 5.5.7
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-16 16:19:13 +01:00
Thomas De Schampheleire
eb7bd9ef61 packages: remove uninstall commands
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-06 09:40:40 +01:00
Peter Korsgaard
21a4a9003e php: fix runtime error on big endian
Fixes #6566

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-10-24 00:44:13 +02:00
Jerzy Grzegorek
62146ea3ad change package tarball compression to xz whenever possible
[Peter: leave change xz tarball format to not end up with circular deps]
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-09-08 22:44:23 +02:00
Gustavo Zacarias
bef0f4c818 php: security bump to version 5.3.27
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-07-12 13:31:32 +02:00
Thomas Petazzoni
381616e77a Introduce BR2_TOOLCHAIN_USES_{UCLIBC, GLIBC}
Currently, when we need to do a conditional on the type of C library
used, we need to take into account the three toolchain backends. As we
are going to add eglibc support to the Buildroot toolchain backend, it
would become even uglier, so this patch introduces two new hidden
options: BR2_TOOLCHAIN_USES_UCLIBC and BR2_TOOLCHAIN_USES_GLIBC, that
exist regardless of the toolchain backend. The entire Buildroot code
base is converted to use those options.

Note that we have intentionally created only one option
(BR2_TOOLCHAIN_USES_GLIBC) for both glibc and eglibc, since they are
essentially the same, as far as Buildroot is concerned.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-07-04 09:08:42 +02:00
Gustavo Zacarias
ec6bd7cdee php: security bump to version 5.3.26
Fixes CVE-2013-2110.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-10 14:09:27 +02:00