CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,209 Commits 63 Branches 0 Tags 91 MiB
BitBake 71.9%
C++ 6.9%
Shell 6.5%
C 3.2%
Roff 2.3%
Other 9%
3ee3d05ce3
Go to file
Armin Kuster 3ee3d05ce3 php5: update to later minor version 5.4.36 
Dizzy is missing several CVE's and upgrading to a later version within the same
series seems reasonable since most changes are bugfixes or Security releated.

if you are ok with this approach, please Ack and I will stage this with the next series of updates I am working on.

- armin

18-Dec-2014
Core:
    Upgraded crypt_blowfish to version 1.3.
    Fixed bug #68545 (NULL pointer dereference in unserialize.c).
    Fixed bug #68594 (Use after free vulnerability in unserialize()). (CVE-2014-8142)

Mcrypt:
    Fixed possible read after end of buffer and use after free.

13 Nov 2014
Core:
    Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in zend_hash_copy).
Fileinfo:
    Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers). (CVE-2014-3710)
GMP:
    Fixed bug #63595 (GMP memory management conflicts with other libraries using GMP).
PDO_pgsql:
    Fixed bug #66584 (Segmentation fault on statement deallocation).

16 Oct 2014
Fileinfo:
    Fixed bug #66242 (libmagic: don't assume char is signed).
Core:
    Fixed bug #67985 (Incorrect last used array index copied to new array after unset).
    Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669)
cURL:
    Fixed bug #68089 (NULL byte injection - cURL lib).
EXIF:
    Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
OpenSSL:
    Reverted fixes for bug #41631, due to regressions.
XMLRPC:
    Fixed bug #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2015-01-12 15:39:21 +01:00
contrib contrib/tesseract-langs.sh: add script to generate recipes for tesseract languages 2014-06-10 12:16:23 +02:00
meta-efl update maintainer info in README's for dizzy 2014-10-30 09:07:58 +01:00
meta-filesystems PNBLACKLIST: use weak assignments 2014-12-26 18:04:33 -08:00
meta-gnome PNBLACKLIST: use weak assignments 2014-12-26 18:04:33 -08:00
meta-gpe update maintainer info in README's for dizzy 2014-10-30 09:07:58 +01:00
meta-initramfs update maintainer info in README's for dizzy 2014-10-30 09:07:58 +01:00
meta-multimedia PNBLACKLIST: use weak assignments 2014-12-26 18:04:33 -08:00
meta-networking ntp: fix several security issues 2014-12-29 10:12:51 +01:00
meta-oe php5: update to later minor version 5.4.36 2015-01-12 15:39:21 +01:00
meta-perl libnet-ssleay-perl: avoid host contamination 2014-12-26 17:56:55 -08:00
meta-python update maintainer info in README's for dizzy 2014-10-30 09:07:58 +01:00
meta-ruby update maintainer info in README's for dizzy 2014-10-30 09:07:58 +01:00
meta-systemd update maintainer info in README's for dizzy 2014-10-30 09:07:58 +01:00
meta-webserver PNBLACKLIST: use weak assignments 2014-12-26 18:04:33 -08:00
meta-xfce xfce4-weather-plugin: make work properly after met.no API change 2014-12-01 14:24:52 +01:00
toolchain-layer update maintainer info in README's for dizzy 2014-10-30 09:07:58 +01:00
.gitignore gitignore: Ignore Edit backup files, patches, .rej, .orig, .swp 2013-11-24 15:19:27 +01:00
COPYING.MIT add README and license for this layer 2011-02-13 16:47:32 +01:00
README README: add top level readme, update meta-oe one 2011-10-17 09:27:01 +02:00

README 

Collection of layers for the OE-core universe

Please see the respective READMEs in the layer subdirectories