summaryrefslogtreecommitdiffstats
path: root/package/php/php.hash
Commit message (Collapse)AuthorAgeFilesLines
* php: security bump to version 5.6.20Gustavo Zacarias2016-04-021-1/+1
| | | | | | | | | | | | Fixes (no CVEs yet): Buffer over-write in finfo_open with malformed magic file. Invalid memory write in phar on filename with \0 in name. Parsing of tar file with duplicate filenames causes memory leak. php_snmp_error() Format String Vulnerability. Integer Overflow in php_raw_url_encode. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: bump to version 5.6.19Gustavo Zacarias2016-03-041-1/+1
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/php: security bump version to 5.6.18Bernd Kuhls2016-02-051-1/+1
| | | | | | | Changelog: http://www.php.net/ChangeLog-5.php#5.6.18 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: security bump to version 5.6.17Gustavo Zacarias2016-01-081-1/+1
| | | | | | | | | | | | | | | | Bug #70976 (Memory Read via gdImageRotateInterpolated Array Index Out of Bounds). Bug #70755 (fpm_log.c memory leak and buffer overflow). Bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization). Bug #70741 (Session WDDX Packet Deserialization Type Confusion Vulnerability). Bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()). No CVEs assigned yet. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/php: bump version to 5.6.16Bernd Kuhls2015-11-281-1/+1
| | | | | Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: bump to version 5.6.15Gustavo Zacarias2015-10-311-1/+1
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* php: bump to version 5.6.14Gustavo Zacarias2015-10-021-1/+1
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/php: security bump to version 5.6.13Bernd Kuhls2015-09-061-1/+1
| | | | | | | | Link to release announcement: http://php.net/archive/2015.php#id2015-09-04-2 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/php: security bump to version 5.6.12Bernd Kuhls2015-08-101-1/+1
| | | | | | http://www.php.net/ChangeLog-5.php#5.6.12 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: security bump to version 5.6.11Gustavo Zacarias2015-07-111-1/+1
| | | | | | | | | | | | | | Fixes: CVE-2015-3152 - mysqlnd is vulnerable to BACKRONYM And other security bugs with no CVE assigned yet: Bug #69972 - Use-after-free vulnerability in sqlite3SafetyCheckSickOrOk() Bug # 69970 - Use-after-free vulnerability in spl_recursive_it_move_forward_ex() Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: security bump to version 5.6.10Gustavo Zacarias2015-06-121-1/+1
| | | | | | | | | | Fixes: CVE-2015-3414, CVE-2015-3415, CVE-2015-3416 (via bundled sqlite upgrade). CVE-2015-2325, CVE-2015-2326 (via bundled pcre upgrade). Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: bump version to 5.6.9Floris Bos2015-05-201-1/+1
| | | | | | Signed-off-by: Floris Bos <bos@je-eigen-domein.nl> Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* php: security bump to version 5.6.8Gustavo Zacarias2015-04-171-1/+1
| | | | | | | | | | | Fixes: CVE-2015-1351 - OPCache: Use After Free CVE-2015-1352 - Postgres: Null pointer dereference And others with no CVE assigned yet. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: bump to version 5.6.7Gustavo Zacarias2015-04-081-1/+1
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: security bump to version 5.5.23Gustavo Zacarias2015-03-201-1/+1
| | | | | | | | | | Fixes: CVE-2015-0231 - Use After Free Vulnerability in unserialize() CVE-2015-2305 - heap overflow vulnerability in regcomp.c CVE-2015-2331 - ZIP Integer Overflow leads to writing past heap boundary Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: security bump to version 5.5.22Gustavo Zacarias2015-02-191-1/+1
| | | | | | | | | | | Fixes: CVE-2015-0273 - Use after free vulnerability in unserialize() with DateTimeZone. CVE-2015-0235 - Mitigation for GHOST: glibc gethostbyname buffer overflow. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: security bump to version 5.5.21Gustavo Zacarias2015-01-231-1/+1
| | | | | | | | | | Fixes: CVE-2015-0231 - Use After Free Vulnerability in PHP's unserialize() CVE-2014-9427 - Out of bounds read crashes php-cgi CVE-2015-0232 - Free called on unitialized pointer Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* php: security bump to version 5.5.20Gustavo Zacarias2014-12-181-1/+1
| | | | | | | | Fixes: CVE-2014-8142 - Use after free vulnerability in unserialize() Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* php: security bump to version 5.5.19Gustavo Zacarias2014-11-141-1/+1
| | | | | | | | | | Fixes: CVE-2014-3710 - fileinfo: out-of-bounds read in elf note headers. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* php: security bump to version 5.5.18Gustavo Zacarias2014-10-171-1/+1
| | | | | | | | | | | Fixes: CVE-2014-3669 - Integer overflow in unserialize() (32-bits only) CVE-2014-3670 - Heap corruption in exif_thumbnail() CVE-2014-3668 - Global buffer overflow in mkgmtime() function Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* php: bump to version 5.5.17Gustavo Zacarias2014-09-191-0/+2
Add hash and switch to xz download for space savings. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
OpenPOWER on IntegriCloud