From 85f8047c71047d93cf79a954142157f85079968d Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Wed, 21 Apr 2021 11:23:09 +0800 Subject: php: Upgrade to 7.4.16 License-Update: License updated (year updated) Fix some security issues such as CVE-2021-21702 and remove two cve patches which already included in the new version. Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit e418ee4657e084c8b4d42aabf76ff6df99253e91) [Bug fix only updates plus: CVE-2020-7071 ] Signed-off-by: Armin Kuster --- .../recipes-devtools/php/php/CVE-2020-7070.patch | 24 ---------------------- 1 file changed, 24 deletions(-) delete mode 100644 meta-oe/recipes-devtools/php/php/CVE-2020-7070.patch (limited to 'meta-oe/recipes-devtools/php/php/CVE-2020-7070.patch') diff --git a/meta-oe/recipes-devtools/php/php/CVE-2020-7070.patch b/meta-oe/recipes-devtools/php/php/CVE-2020-7070.patch deleted file mode 100644 index e5b527f989..0000000000 --- a/meta-oe/recipes-devtools/php/php/CVE-2020-7070.patch +++ /dev/null @@ -1,24 +0,0 @@ -Subject: Patch fix-urldecode for HTTP related Bug #79699 - ---- - main/php_variables.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/main/php_variables.c b/main/php_variables.c -index 1a40c2a1..cbdc7cf1 100644 ---- a/main/php_variables.c -+++ b/main/php_variables.c -@@ -514,7 +514,9 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data) - } - - val = estrndup(val, val_len); -- php_url_decode(var, strlen(var)); -+ if (arg != PARSE_COOKIE) { -+ php_url_decode(var, strlen(var)); -+ } - if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len)) { - php_register_variable_safe(var, val, new_val_len, &array); - } --- -2.25.1 - -- cgit 1.2.3-korg