php: security bump to version 5.2.16 · 1ecf423dfb - Gogs: Go Git Service russinger.at

php: security bump to version 5.2.16

* Fixed extract() to do not overwrite $GLOBALS and $this when using
  EXTR_OVERWRITE.

* Fixed crash in zip extract method (possible CWE-170).

* Fixed a possible double free in imap extension.

* Fixed possible flaw in open_basedir (CVE-2010-3436).

* Fixed NULL pointer dereference in ZipArchive::getArchiveComment.
  (CVE-2010-3709).

* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL
  with large amount of data).

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>

Gustavo Zacarias 14 年之前

父节点

4a54b10ba9

当前提交

1ecf423dfb

共有 1 个文件被更改，包括 1 次插入 和 1 次删除

分列视图显示文件统计

						
							+ 1
							
							- 1
						
package/php/php.mk
							 
								查看文件
							
				@@ -4,7 +4,7 @@
			
				 #
			
				 #############################################################
			
				-PHP_VERSION = 5.2.14
			
				+PHP_VERSION = 5.2.16
			
				 PHP_SOURCE = php-$(PHP_VERSION).tar.bz2
			
				 PHP_SITE = http://www.php.net/distributions
			
				 PHP_INSTALL_STAGING = YES