Narcissus/shredos.x86_64
2
0
Fork 0
mirror of https://github.com/PartialVolume/shredos.x86_64.git synced 2026-02-23 19:12:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
181ef8a1d01ddfa2be0b59ea85eb8902b0ce12c0
shredos.x86_64/package/php/php.hash

6 lines
223 B
Plaintext
Raw Normal View History

php: bump to version 5.5.17 Add hash and switch to xz download for space savings. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-09-19 09:31:19 -03:00
# From http://php.net/downloads.php
package/php: security bump to version 7.2.3 Fixes CVE 2018-7584: https://bugs.php.net/bug.php?id=75981 For details see release notes: http://www.php.net/archive/2018.php#id2018-03-01-2 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-02 07:16:46 +01:00
sha256 b3a94f1b562f413c0b96f54bc309706d83b29ac65d9b172bc7ed9fb40a5e651f php-7.2.3.tar.xz
php: security bump to version 7.1.7 Fixes the following security issues: CVE-2017-7890 - Buffer over-read into uninitialized memory. The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c (which can be reached with a call to the imagecreatefromstring() function) uses constant-sized color tables of size 3 * 256, but does not zero-out these arrays before use. CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229 - Out-of-bonds access in oniguruma regexp library. CVE-2017-11144 - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission. CVE-2017-11145 - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, lack of a bounds check in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to an ext/date/lib/parse_date.c out-of-bounds read affecting the php_parse_date function. CVE-2017-11146 - In PHP through 5.6.31, 7.x through 7.0.21, and 7.1.x through 7.1.7, lack of bounds checks in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11145. While we're at it, add a hash for the license file. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-07-11 11:02:20 +02:00
# License file
php: bump version to 7.2.2 Additional changes: - Fix ordering of patches. - Update patches to apply cleanly against 7.2.2 - Updates License sha256sum Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-02-02 07:50:39 -05:00
sha256 00e567a8d50359d93ee1f9afdd9511277660c1e70a0cbf3229f84403aa9aebb1 LICENSE
Reference in New Issue Copy Permalink