OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2016.11 2016-10-14T07:26:35+00:00 2016-10-14T07:26:35+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-10-13T22:39:26+00:00 urn:sha1:384e00515ba9b9d133998c3943889fb31ce59c4e See http://www.php.net/ChangeLog-7.php#7.0.12 since there are no CVEs out yet. And drop upstream patch. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-09-17T12:05:41+00:00 Tatsuyuki Ishi ishitatsuyuki@gmail.com 2016-09-17T11:59:24+00:00 urn:sha1:82cc7ecf9f4626eb5458bc476cd3f0a1ae312e94 Signed-off-by: Tatsuyuki Ishi <ishitatsuyuki@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-07-21T11:55:57+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2016-07-21T11:23:07+00:00 urn:sha1:ac43e455fe37a872398fc6552d39aed3cd84009e Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-06-26T12:58:07+00:00 Bernd Kuhls bernd.kuhls@t-online.de 2016-06-25T22:48:37+00:00 urn:sha1:a342452641bc364634eae0b9b97bb12d2b6d4edd Changelog is available here: http://php.net/ChangeLog-7.php#7.0.8 Fixes CVE-2015-8874 http://bugs.php.net/66387 Fixes CVE-2016-5766 http://bugs.php.net/72339 Fixes CVE-2016-5767 http://bugs.php.net/72446 Fixes CVE-2016-5768 http://bugs.php.net/72402 Fixes CVE-2016-5769 http://bugs.php.net/72455 Fixes CVE-2016-5772 http://bugs.php.net/72340 Fixes CVE-2016-5773 http://bugs.php.net/72434 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-06-01T15:08:48+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2016-06-01T10:21:36+00:00 urn:sha1:b9a0903cfeec867b80bd646903af3f149eeefc4e Fixes CVE-2013-7456 https://bugs.php.net/bug.php?id=72227 Fixes CVE-2016-5093 https://bugs.php.net/bug.php?id=72241 Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-05-31T19:31:34+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2016-05-23T14:51:32+00:00 urn:sha1:6f6b4dc16b07dcf901fc986b6aa22f67e4280f13 Remove MySQL legacy extension. Remove incompatible external modules: - php-gnupg - php-memcached - php-ssh2 - php-yaml Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-04-29T06:49:22+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-04-29T00:19:56+00:00 urn:sha1:915576a01c9c758788ba42b7fe2b9fe0f6258abb Fixes (CVEs not assigned yet): bug #72094 - Out of bounds heap read access in exif header processing bug #71912 - libgd: signedness vulnerability bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset bug #71843 - null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER bug #71952 - Corruption inside imageaffinematrixget Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-04-02T14:51:22+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-04-01T12:02:19+00:00 urn:sha1:039db88c6b500bbc1863e11a1141f12b1842af82 Fixes (no CVEs yet): Buffer over-write in finfo_open with malformed magic file. Invalid memory write in phar on filename with \0 in name. Parsing of tar file with duplicate filenames causes memory leak. php_snmp_error() Format String Vulnerability. Integer Overflow in php_raw_url_encode. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-03-04T16:07:47+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-03-04T10:47:40+00:00 urn:sha1:e6d744e3071af563a270060c13f3cc2ae7ce3c5f Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-02-05T22:23:07+00:00 Bernd Kuhls bernd.kuhls@t-online.de 2016-02-04T21:16:08+00:00 urn:sha1:b420e0b55983d44e7bad854da5ca00907a77f868 Changelog: http://www.php.net/ChangeLog-5.php#5.6.18 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>