godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-01 13:49:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
35,390 Commits 28 Branches 277 Tags
67f4794de1d87f25a2fad13c854a330f286d08ba
Commit Graph

35 Commits

Author SHA1 Message Date
Vicente Olivert Riera
9f6357117b php: bump version to 7.1.4 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2017-04-18 17:39:20 +02:00
Vicente Olivert Riera
fca8df85c1 php: bump version to 7.1.3 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-03-16 22:11:44 +01:00
Peter Korsgaard
34d19a23ad php: bump to version 7.1.2 
7.1.2 is a bugfix release, fixing a number of issues:

http://www.php.net/ChangeLog-7.php#7.1.2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-03-10 17:19:02 +01:00
Vicente Olivert Riera
34be501214 php: bump version to 7.1.1 
0006-Fix-php-fpm.service.in.patch already included:
  bb19125781

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-01-23 20:43:56 +01:00
Vicente Olivert Riera
e470b3fde7 php: bump version to 7.1.0 (security) 
Fixed CVEs:
 - CVE-2016-9933 (imagefilltoborder stackoverflow on truecolor images)
   http://bugs.php.net/72696
 - CVE-2016-9934 (NULL Pointer Dereference in WDDX Packet
   Deserialization with PDORow)
   http://bugs.php.net/73331

Full ChangeLog:
  http://php.net/ChangeLog-7.php#7.1.0

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-01-10 21:02:52 +01:00
Gustavo Zacarias
2483170d32 php: security bump to version 7.0.14 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-12-09 18:12:37 +01:00
Vicente Olivert Riera
cd59cb6b38 php: bump version to 7.0.13 
Release notes: http://php.net/ChangeLog-7.php#7.0.13

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-11-11 21:29:21 +01:00
Gustavo Zacarias
384e00515b php: security bump to version 7.0.12 
See http://www.php.net/ChangeLog-7.php#7.0.12 since there are no CVEs
out yet.

And drop upstream patch.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-10-14 09:26:35 +02:00
Tatsuyuki Ishi
82cc7ecf9f php: bump to 7.0.11 
Signed-off-by: Tatsuyuki Ishi <ishitatsuyuki@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-09-17 14:05:41 +02:00
Vicente Olivert Riera
ac43e455fe php: bump version to 7.0.9 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-07-21 13:55:57 +02:00
Bernd Kuhls
a342452641 package/php: security bump version to 7.0.8 
Changelog is available here: http://php.net/ChangeLog-7.php#7.0.8

Fixes CVE-2015-8874 http://bugs.php.net/66387
Fixes CVE-2016-5766 http://bugs.php.net/72339
Fixes CVE-2016-5767 http://bugs.php.net/72446
Fixes CVE-2016-5768 http://bugs.php.net/72402
Fixes CVE-2016-5769 http://bugs.php.net/72455
Fixes CVE-2016-5772 http://bugs.php.net/72340
Fixes CVE-2016-5773 http://bugs.php.net/72434

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-06-26 14:58:07 +02:00
Vicente Olivert Riera
b9a0903cfe php: security bump version to 7.0.7 
Fixes CVE-2013-7456 https://bugs.php.net/bug.php?id=72227
Fixes CVE-2016-5093 https://bugs.php.net/bug.php?id=72241

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-06-01 17:08:48 +02:00
Vicente Olivert Riera
6f6b4dc16b php: bump version to 7.0.6 
Remove MySQL legacy extension.

Remove incompatible external modules:
 - php-gnupg
 - php-memcached
 - php-ssh2
 - php-yaml

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-05-31 21:31:34 +02:00
Gustavo Zacarias
915576a01c php: security bump to version 5.6.21 
Fixes (CVEs not assigned yet):
bug #72094 - Out of bounds heap read access in exif header processing
bug #71912 - libgd: signedness vulnerability
bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative offset
bug #71843 - null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER
bug #71952 - Corruption inside imageaffinematrixget

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-04-29 08:49:22 +02:00
Gustavo Zacarias
039db88c6b php: security bump to version 5.6.20 
Fixes (no CVEs yet):
Buffer over-write in finfo_open with malformed magic file.
Invalid memory write in phar on filename with \0 in name.
Parsing of tar file with duplicate filenames causes memory leak.
php_snmp_error() Format String Vulnerability.
Integer Overflow in php_raw_url_encode.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-04-02 16:51:22 +02:00
Gustavo Zacarias
e6d744e307 php: bump to version 5.6.19 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-03-04 17:07:47 +01:00
Bernd Kuhls
b420e0b559 package/php: security bump version to 5.6.18 
Changelog: http://www.php.net/ChangeLog-5.php#5.6.18
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-02-05 23:23:07 +01:00
Gustavo Zacarias
2f52641294 php: security bump to version 5.6.17 
Bug #70976 (Memory Read via gdImageRotateInterpolated Array Index Out of
Bounds).
Bug #70755 (fpm_log.c memory leak and buffer overflow).
Bug #70661 (Use After Free Vulnerability in WDDX Packet
Deserialization).
Bug #70741 (Session WDDX Packet Deserialization Type Confusion
Vulnerability).
Bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()).

No CVEs assigned yet.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-01-08 18:51:46 +01:00
Bernd Kuhls
f67ffb4375 package/php: bump version to 5.6.16 
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-11-28 14:32:10 +01:00
Gustavo Zacarias
567a7c3dfa php: bump to version 5.6.15 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-10-31 09:39:01 +01:00
Gustavo Zacarias
48518f428b php: bump to version 5.6.14 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-10-02 21:00:50 +02:00
Bernd Kuhls
59dda508e5 package/php: security bump to version 5.6.13 
Link to release announcement:
http://php.net/archive/2015.php#id2015-09-04-2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-09-06 10:48:22 +02:00
Bernd Kuhls
5ccc4c9cf5 package/php: security bump to version 5.6.12 
http://www.php.net/ChangeLog-5.php#5.6.12
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-08-10 15:43:17 +02:00
Gustavo Zacarias
3ddda416ac php: security bump to version 5.6.11 
Fixes:
CVE-2015-3152 - mysqlnd is vulnerable to BACKRONYM

And other security bugs with no CVE assigned yet:
Bug #69972 - Use-after-free vulnerability in
sqlite3SafetyCheckSickOrOk()
Bug # 69970 - Use-after-free vulnerability in
spl_recursive_it_move_forward_ex()

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-07-11 01:00:26 +02:00
Gustavo Zacarias
039bc77719 php: security bump to version 5.6.10 
Fixes:
CVE-2015-3414, CVE-2015-3415, CVE-2015-3416 (via bundled sqlite
upgrade).
CVE-2015-2325, CVE-2015-2326 (via bundled pcre upgrade).

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-06-12 21:28:33 +02:00
Floris Bos
50a34eeb1b php: bump version to 5.6.9 
Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-05-20 13:13:50 +02:00
Gustavo Zacarias
4e1f7ce9f9 php: security bump to version 5.6.8 
Fixes:
CVE-2015-1351 - OPCache: Use After Free
CVE-2015-1352 - Postgres: Null pointer dereference

And others with no CVE assigned yet.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-04-17 18:29:33 +02:00
Gustavo Zacarias
a48bc40e2d php: bump to version 5.6.7 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-04-08 21:23:03 +02:00
Gustavo Zacarias
2c88be8ef7 php: security bump to version 5.5.23 
Fixes:
CVE-2015-0231 - Use After Free Vulnerability in unserialize()
CVE-2015-2305 - heap overflow vulnerability in regcomp.c
CVE-2015-2331 - ZIP Integer Overflow leads to writing past heap boundary

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-03-20 14:02:40 +01:00
Gustavo Zacarias
f08a9db47e php: security bump to version 5.5.22 
Fixes:
CVE-2015-0273 - Use after free vulnerability in unserialize() with
DateTimeZone.
CVE-2015-0235 - Mitigation for GHOST: glibc gethostbyname buffer
overflow.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-02-19 21:27:31 +01:00
Gustavo Zacarias
626030fb1b php: security bump to version 5.5.21 
Fixes:
CVE-2015-0231 - Use After Free Vulnerability in PHP's unserialize()
CVE-2014-9427 - Out of bounds read crashes php-cgi
CVE-2015-0232 - Free called on unitialized pointer

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-01-23 16:44:27 +01:00
Gustavo Zacarias
d64599ccb7 php: security bump to version 5.5.20 
Fixes:
CVE-2014-8142 - Use after free vulnerability in unserialize()

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-12-18 22:54:04 +01:00
Gustavo Zacarias
9a5261544f php: security bump to version 5.5.19 
Fixes:
CVE-2014-3710 - fileinfo: out-of-bounds read in elf note headers.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-11-14 13:17:45 +01:00
Gustavo Zacarias
f8abb0b3d9 php: security bump to version 5.5.18 
Fixes:
CVE-2014-3669 - Integer overflow in unserialize() (32-bits only)
CVE-2014-3670 - Heap corruption in exif_thumbnail()
CVE-2014-3668 - Global buffer overflow in mkgmtime() function

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2014-10-17 11:23:24 +02:00
Gustavo Zacarias
3b423f3b02 php: bump to version 5.5.17 
Add hash and switch to xz download for space savings.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2014-09-19 16:18:56 +02:00