[Buildroot] [PATCH] php: security bump to version 5.6.20

Thomas Petazzoni thomas.petazzoni at free-electrons.com
Sat Apr 2 14:51:38 UTC 2016


Hello,

On Fri,  1 Apr 2016 09:02:19 -0300, Gustavo Zacarias wrote:
> Fixes (no CVEs yet):
> Buffer over-write in finfo_open with malformed magic file.
> Invalid memory write in phar on filename with \0 in name.
> Parsing of tar file with duplicate filenames causes memory leak.
> php_snmp_error() Format String Vulnerability.
> Integer Overflow in php_raw_url_encode.
> 
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
> ---
>  package/php/php.hash | 2 +-
>  package/php/php.mk   | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com


More information about the buildroot mailing list