aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Peter Korsgaard <peter@korsgaard.com>2019-01-29 17:25:26 +0100
committerGravatar Peter Korsgaard <peter@korsgaard.com>2019-01-29 17:27:57 +0100
commit6a1cb96e52fb7f3beb49854a5a3bd98b50362075 (patch)
tree030f1ec85b4b122bd2cf85ed0b9602981d7bdfc7
parent8a27bb7320399c8f70d72d100d45fa6eaa919096 (diff)
downloadbuildroot-6a1cb96e52fb7f3beb49854a5a3bd98b50362075.tar.gz
buildroot-6a1cb96e52fb7f3beb49854a5a3bd98b50362075.tar.bz2
package/php: security bump to 7.2.14
Fixes the following security issue: - CVE-2018-19935: Allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function. https://www.cvedetails.com/cve/CVE-2018-19935/ Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r--package/php/php.hash2
-rw-r--r--package/php/php.mk2
2 files changed, 2 insertions, 2 deletions
diff --git a/package/php/php.hash b/package/php/php.hash
index 094977c548..acbe499536 100644
--- a/package/php/php.hash
+++ b/package/php/php.hash
@@ -1,5 +1,5 @@
# From http://php.net/downloads.php
-sha256 14b0429abdb46b65c843e5882c9a8c46b31dfbf279c747293b8ab950c2644a4b php-7.2.13.tar.xz
+sha256 ee3f1cc102b073578a3c53ba4420a76da3d9f0c981c02b1664ae741ca65af84f php-7.2.14.tar.xz
# License file
sha256 f689b8fa63bea7950ce6a21bf52ed88ea0d77673ee76e6de12f51191174d91b8 LICENSE
diff --git a/package/php/php.mk b/package/php/php.mk
index b11ee4cf4a..d140565322 100644
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -4,7 +4,7 @@
#
################################################################################
-PHP_VERSION = 7.2.13
+PHP_VERSION = 7.2.14
PHP_SITE = http://www.php.net/distributions
PHP_SOURCE = php-$(PHP_VERSION).tar.xz
PHP_INSTALL_STAGING = YES