godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-01 13:49:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
2016.11.x
buildroot/package/php/php.hash
Vicente Olivert Riera cae567ffc5 php: security bump version to 7.1.1 
0006-Fix-php-fpm.service.in.patch already included:
  bb19125781

Fixes:

CVE-2016-10158

    Loading a TIFF or JPEG malicious file can lead to a Denial-of-Service
    attack when the EXIF header is being parsed.

CVE-2016-10159

    Loading a malicious phar archive can cause an extensive memory
    allocation, leading to a Denial-of-Service attack on 32 bit
    computers.

CVE-2016-10160

    An attacker might remotely execute arbitrary code using a malicious
    phar archive. This is the consequence of an off-by-one memory
    corruption.

CVE-2016-10161

    An attacker with control of the unserialize() function argument can
    cause an out-of-bounce read. This could lead to a Denial-of-Service
    attack or a remote code execution.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 34be501214)
2017-02-09 14:43:37 +01:00

3 lines
126 B
Plaintext
Raw Permalink Blame History

# From http://php.net/downloads.php
sha256 b3565b0c1441064eba204821608df1ec7367abff881286898d900c2c2a5ffe70 php-7.1.1.tar.xz
Reference in New Issue View Git Blame Copy Permalink