On 01/12/2015 06:40 AM, Martin Jansa wrote:
On Mon, Jan 12, 2015 at 04:30:34AM -0800, Armin Kuster wrote:
Dizzy is missing several CVE's and upgrading to a later version within the same
series seems reasonable since most changes are bugfixes or Security releated.
if you are ok with this approach, please Ack and I will stage this with the
next series of updates I am working on.
Looks good, except missing [ before "PATCH]" which breaks commit
subject when cherry-picking from patchwor.
k. thanks. I found a typo in the README, it is missing the "[" in the
patch submission example (cut&paste). I will send a fix the next time I
send patches.
kind regards,
Armin
- armin
18-Dec-2014
Core:
Upgraded crypt_blowfish to version 1.3.
Fixed bug #68545 (NULL pointer dereference in unserialize.c).
Fixed bug #68594 (Use after free vulnerability in unserialize()).
(CVE-2014-8142)
Mcrypt:
Fixed possible read after end of buffer and use after free.
13 Nov 2014
Core:
Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in
zend_hash_copy).
Fileinfo:
Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers).
(CVE-2014-3710)
GMP:
Fixed bug #63595 (GMP memory management conflicts with other libraries
using GMP).
PDO_pgsql:
Fixed bug #66584 (Segmentation fault on statement deallocation).
16 Oct 2014
Fileinfo:
Fixed bug #66242 (libmagic: don't assume char is signed).
Core:
Fixed bug #67985 (Incorrect last used array index copied to new array
after unset).
Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)).
(CVE-2014-3669)
cURL:
Fixed bug #68089 (NULL byte injection - cURL lib).
EXIF:
Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
OpenSSL:
Reverted fixes for bug #41631, due to regressions.
XMLRPC:
Fixed bug #68027 (Global buffer overflow in mkgmtime() function).
(CVE-2014-3668)
Signed-off-by: Armin Kuster <akuster...@gmail.com>
---
meta-oe/recipes-devtools/php/{php_5.4.33.bb => php_5.4.36.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta-oe/recipes-devtools/php/{php_5.4.33.bb => php_5.4.36.bb} (97%)
diff --git a/meta-oe/recipes-devtools/php/php_5.4.33.bb
b/meta-oe/recipes-devtools/php/php_5.4.36.bb
similarity index 97%
rename from meta-oe/recipes-devtools/php/php_5.4.33.bb
rename to meta-oe/recipes-devtools/php/php_5.4.36.bb
index 6fdfe0f..43c7736 100644
--- a/meta-oe/recipes-devtools/php/php_5.4.33.bb
+++ b/meta-oe/recipes-devtools/php/php_5.4.36.bb
@@ -30,8 +30,8 @@ SRC_URI_append_class-target += " \
file://php-fpm-apache.conf \
"
-SRC_URI[md5sum] = "c6878bb1cdb46bfc1e1a5cd67a024737"
-SRC_URI[sha256sum] =
"1a75b2d0835e74b8886cd3980d9598a0e06691441bb7f91d19b74c2278e40bb5"
+SRC_URI[md5sum] = "70e223be4bb460e465b7a9d7cb5b9cac"
+SRC_URI[sha256sum] =
"b0951608c3e8afb978a624c7f79a889980210f5258f666c1d997bd6491e13241"
S = "${WORKDIR}/php-${PV}"
--
1.9.1
--
_______________________________________________
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel
--
_______________________________________________
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel
