diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-02-07 22:28:19 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2019-02-08 08:59:46 +0100 |
commit | 32db72ebc80486a754eb929a237ff38abcd5705a (patch) | |
tree | 743ebe9822dbddb2ce204ccad1badbdd484d35e6 /ChangeLog.txt | |
parent | f33950cf4b295a6cae71dc336544d9810fcae87a (diff) | |
download | current-32db72ebc80486a754eb929a237ff38abcd5705a.tar.gz |
Thu Feb 7 22:28:19 UTC 201920190207222819
n/php-7.2.15-x86_64-1.txz: Upgraded.
xap/network-manager-applet-1.8.20-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-3.4.5-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
Reenabled libsmbclient support.
extra/pure-alsa-system/gst-plugins-good-1.14.4-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
extra/pure-alsa-system/xine-lib-1.2.9-x86_64-4_alsa.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
pasture/php-5.6.40-x86_64-1.txz: Upgraded.
Several security bugs have been fixed in this release:
GD:
Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads
to use-after-free).
Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap).
Mbstring:
Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token).
Fixed bug #77371 (heap buffer overflow in mb regex functions -
compile_string_node).
Fixed bug #77381 (heap buffer overflow in multibyte match_at).
Fixed bug #77382 (heap buffer overflow due to incorrect length in
expand_case_fold_string).
Fixed bug #77385 (buffer overflow in fetch_token).
Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode).
Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code).
Phar:
Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext).
Xmlrpc:
Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()).
Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code).
For more information, see:
https://php.net/ChangeLog-5.php#5.6.40
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 20725e05..5f217951 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,38 @@ +Thu Feb 7 22:28:19 UTC 2019 +n/php-7.2.15-x86_64-1.txz: Upgraded. +xap/network-manager-applet-1.8.20-x86_64-1.txz: Upgraded. +extra/pure-alsa-system/ffmpeg-3.4.5-x86_64-2_alsa.txz: Rebuilt. + Recompiled against libvpx-1.8.0. + Reenabled libsmbclient support. +extra/pure-alsa-system/gst-plugins-good-1.14.4-x86_64-2_alsa.txz: Rebuilt. + Recompiled against libvpx-1.8.0. +extra/pure-alsa-system/xine-lib-1.2.9-x86_64-4_alsa.txz: Rebuilt. + Recompiled against libvpx-1.8.0. +pasture/php-5.6.40-x86_64-1.txz: Upgraded. + Several security bugs have been fixed in this release: + GD: + Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads + to use-after-free). + Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). + Mbstring: + Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). + Fixed bug #77371 (heap buffer overflow in mb regex functions - + compile_string_node). + Fixed bug #77381 (heap buffer overflow in multibyte match_at). + Fixed bug #77382 (heap buffer overflow due to incorrect length in + expand_case_fold_string). + Fixed bug #77385 (buffer overflow in fetch_token). + Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). + Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). + Phar: + Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). + Xmlrpc: + Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). + Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). + For more information, see: + https://php.net/ChangeLog-5.php#5.6.40 + (* Security fix *) ++--------------------------+ Wed Feb 6 22:44:32 UTC 2019 a/hwdata-0.320-noarch-1.txz: Upgraded. a/kernel-generic-4.19.20-x86_64-1.txz: Upgraded. |