diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2020-04-14 22:26:11 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2020-04-15 08:59:52 +0200 |
commit | 4bb8e72194ac7157012e8fab88662688c811c295 (patch) | |
tree | c62b417250a6c7baf8e2c70dfa4ac40916e2541a /source/n/php/fetch-php.sh | |
parent | aafeea9fc46e31851c058896f86d9d5c88881dd8 (diff) | |
download | current-4bb8e72194ac7157012e8fab88662688c811c295.tar.gz |
Tue Apr 14 22:26:11 UTC 202020200414222611
a/gawk-5.1.0-x86_64-1.txz: Upgraded.
a/gettext-0.20.2-x86_64-1.txz: Upgraded.
d/gettext-tools-0.20.2-x86_64-1.txz: Upgraded.
d/git-2.26.1-x86_64-1.txz: Upgraded.
This update fixes a security issue:
With a crafted URL that contains a newline in it, the credential helper
machinery can be fooled to give credential information for a wrong host.
The attack has been made impossible by forbidding a newline character in
any value passed via the credential protocol. Credit for finding the
vulnerability goes to Felix Wilhelm of Google Project Zero.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5260
(* Security fix *)
l/glib-networking-2.64.2-x86_64-1.txz: Upgraded.
l/libsecret-0.20.3-x86_64-1.txz: Upgraded.
n/php-7.4.5-x86_64-1.txz: Upgraded.
x/xorgproto-2020.1-x86_64-1.txz: Upgraded.
xap/audacious-4.0.2-x86_64-1.txz: Upgraded.
xap/audacious-plugins-4.0.2-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/audacious-plugins-4.0.2-x86_64-1_alsa.txz: Upgraded.
Diffstat (limited to 'source/n/php/fetch-php.sh')
-rwxr-xr-x | source/n/php/fetch-php.sh | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/source/n/php/fetch-php.sh b/source/n/php/fetch-php.sh index afe2c0a8..b9958ca3 100755 --- a/source/n/php/fetch-php.sh +++ b/source/n/php/fetch-php.sh @@ -1,2 +1,2 @@ -lftpget http://us.php.net/distributions/php-7.4.4.tar.xz.asc -lftpget http://us.php.net/distributions/php-7.4.4.tar.xz +lftpget http://us.php.net/distributions/php-7.4.5.tar.xz.asc +lftpget http://us.php.net/distributions/php-7.4.5.tar.xz |