Age | Commit message (Collapse) | Author |
|
Included:
7.2.5
Fixed bug #76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value). (CVE-2018-10549)
Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on invalid sequence). (CVE-2018-10546)
Fixed bug #76248 (Malicious LDAP-Server Response causes Crash). (CVE-2018-10548)
Fixed bug #76129 (fix for CVE-2018-5712 may not be complete). (CVE-2018-10547)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 188097b4e9f458b3c2268ba10ac28d0938b4fd2e)
[Bug fix update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* For changes, see:
http://www.php.net/ChangeLog-7.php#7.2.4
* Remove patches as they've been upstreamed:
- 0001-Specify-tag-with-libtool.patch
- CVE-2017-16642.patch
- CVE-2018-5711.patch
* mcrypt module has been deprecated and as such dependency has been moved
from php.inc to php5 recipe.
* Refresh patches to avoid fuzz warnings.
* New patches to:
- Make sure libxml is detected using pkg-config instead of binconfig.
- Fix link time warnings (backport, see patch for details)
* Move the following patches to php5 from inc as they were getting applied
out of context:
- acinclude-xml2-config.patch
- 0001-acinclude-use-pkgconfig-for-libxml2-config.patch
License-Update: License is same, just a change in copyright year to 2018.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
One patch was a backport and can be dropped, add Upstream-status to the others.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
|