php: security bump version to 7.1.1

0006-Fix-php-fpm.service.in.patch already included: bb19125781 Fixes: CVE-2016-10158 Loading a TIFF or JPEG malicious file can lead to a Denial-of-Service attack when the EXIF header is being parsed. CVE-2016-10159 Loading a malicious phar archive can cause an extensive memory allocation, leading to a Denial-of-Service attack on 32 bit computers. CVE-2016-10160 An attacker might remotely execute arbitrary code using a malicious phar archive. This is the consequence of an off-by-one memory corruption. CVE-2016-10161 An attacker with control of the unserialize() function argument can cause an out-of-bounce read. This could lead to a Denial-of-Service attack or a remote code execution. Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 34be501214)
2026-01-06 18:09:44 +03:00 · 2017-01-23 13:51:13 +00:00
parent ca84b0177e
commit cae567ffc5
3 changed files with 2 additions and 37 deletions
--- a/package/php/0006-Fix-php-fpm.service.in.patch
+++ b/package/php/0006-Fix-php-fpm.service.in.patch
@@ -1,35 +0,0 @@
-From 1a8714d0b56e06301b3c261eaef93d897ec5d834 Mon Sep 17 00:00:00 2001
-From: Floris Bos <bos@je-eigen-domein.nl>
-Date: Fri, 1 May 2015 15:28:55 +0200
-Subject: [PATCH] Fix php-fpm.service.in
-
- Expand file paths.
- Remove obsolete After=syslog.target. Syslog is socket activated nowadays.
-
-Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
---
- sapi/fpm/php-fpm.service.in | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/sapi/fpm/php-fpm.service.in b/sapi/fpm/php-fpm.service.in
-index a2df30e..c135f04 100644
--- a/sapi/fpm/php-fpm.service.in
-+++ b/sapi/fpm/php-fpm.service.in
-@@ -1,11 +1,11 @@
- [Unit]
- Description=The PHP FastCGI Process Manager
-After=syslog.target network.target
-+After=network.target
- 
- [Service]
- Type=@php_fpm_systemd@
-PIDFile=@localstatedir@/run/php-fpm.pid
-ExecStart=@sbindir@/php-fpm --nodaemonize --fpm-config @sysconfdir@/php-fpm.conf
-+PIDFile=@EXPANDED_LOCALSTATEDIR@/run/php-fpm.pid
-+ExecStart=@EXPANDED_SBINDIR@/php-fpm --nodaemonize --fpm-config @EXPANDED_SYSCONFDIR@/php-fpm.conf
- ExecReload=/bin/kill -USR2 $MAINPID
- 
- [Install]
-- 
-2.7.4
-
--- a/package/php/php.hash
+++ b/package/php/php.hash
@@ -1,2 +1,2 @@
 # From http://php.net/downloads.php
-sha256 a810b3f29c21407c24caa88f50649320d20ba6892ae1923132598b8a0ca145b6  php-7.1.0.tar.xz
+sha256 b3565b0c1441064eba204821608df1ec7367abff881286898d900c2c2a5ffe70  php-7.1.1.tar.xz
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################

-PHP_VERSION = 7.1.0
+PHP_VERSION = 7.1.1
 PHP_SITE = http://www.php.net/distributions
 PHP_SOURCE = php-$(PHP_VERSION).tar.xz
 PHP_INSTALL_STAGING = YES