From 32db72ebc80486a754eb929a237ff38abcd5705a Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Thu, 7 Feb 2019 22:28:19 +0000
Subject: Thu Feb  7 22:28:19 UTC 2019

n/php-7.2.15-x86_64-1.txz:  Upgraded.
xap/network-manager-applet-1.8.20-x86_64-1.txz:  Upgraded.
extra/pure-alsa-system/ffmpeg-3.4.5-x86_64-2_alsa.txz:  Rebuilt.
  Recompiled against libvpx-1.8.0.
  Reenabled libsmbclient support.
extra/pure-alsa-system/gst-plugins-good-1.14.4-x86_64-2_alsa.txz:  Rebuilt.
  Recompiled against libvpx-1.8.0.
extra/pure-alsa-system/xine-lib-1.2.9-x86_64-4_alsa.txz:  Rebuilt.
  Recompiled against libvpx-1.8.0.
pasture/php-5.6.40-x86_64-1.txz:  Upgraded.
  Several security bugs have been fixed in this release:
  GD:
  Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads
  to use-after-free).
  Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap).
  Mbstring:
  Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token).
  Fixed bug #77371 (heap buffer overflow in mb regex functions -
  compile_string_node).
  Fixed bug #77381 (heap buffer overflow in multibyte match_at).
  Fixed bug #77382 (heap buffer overflow due to incorrect length in
  expand_case_fold_string).
  Fixed bug #77385 (buffer overflow in fetch_token).
  Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode).
  Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code).
  Phar:
  Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext).
  Xmlrpc:
  Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()).
  Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code).
  For more information, see:
    https://php.net/ChangeLog-5.php#5.6.40
  (* Security fix *)
---
 pasture/source/php/fetch-php.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'pasture/source')

diff --git a/pasture/source/php/fetch-php.sh b/pasture/source/php/fetch-php.sh
index 9100e7f91..975c99af6 100755
--- a/pasture/source/php/fetch-php.sh
+++ b/pasture/source/php/fetch-php.sh
@@ -1,2 +1,2 @@
-lftpget http://us.php.net/distributions/php-5.6.39.tar.xz.asc
-lftpget http://us.php.net/distributions/php-5.6.39.tar.xz
+lftpget http://us.php.net/distributions/php-5.6.40.tar.xz.asc
+lftpget http://us.php.net/distributions/php-5.6.40.tar.xz
-- 
cgit v1.2.3