package/php: security bump to version 7.4.25

Fixes the following security issue:

- CVE-2021-21703: n PHP versions 7.3.x up to and including 7.3.31, 7.4.x
  below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main
  FPM daemon process running as root and child worker processes running as
  lower-privileged users, it is possible for the child processes to access
  memory shared with the main process and write to it, modifying it in a way
  that would cause the root process to conduct invalid memory reads and
  writes, which can be used to escalate privileges from local unprivileged
  user to the root user.

  For more details, see https://www.ambionics.io/blog/php-fpm-local-root

https://www.php.net/ChangeLog-7.php#7.4.25

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/php/php.hash

@@ -1,5 +1,5 @@
 # From https://www.php.net/downloads.php
-sha256  ff7658ee2f6d8af05b48c21146af5f502e121def4e76e862df5ec9fa06e98734  php-7.4.24.tar.xz
+sha256  12a758f1d7fee544387a28d3cf73226f47e3a52fb3049f07fcc37d156d393c0a  php-7.4.25.tar.xz
 
 # License file
 sha256  a188db807d711536f71e27b7d36879d63480f7994dc18adc08e624b3c5430fff  LICENSE

package/php/php.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-PHP_VERSION = 7.4.24
+PHP_VERSION = 7.4.25
 PHP_SITE = http://www.php.net/distributions
 PHP_SOURCE = php-$(PHP_VERSION).tar.xz
 PHP_INSTALL_STAGING = YES