PR/588 CVS commit: [pkgsrc-2014Q1] pkgsrc/lang

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,wolfgang%netbsd.wsrcc.com@localhost
Subject: PR/588 CVS commit: [pkgsrc-2014Q1] pkgsrc/lang
From: "Matthias Scheler" <tron%netbsd.org@localhost>
Date: Mon, 2 Jun 2014 15:55:01 +0000 (UTC)

The following reply was made to PR bin/588; it has been noted by GNATS.

From: "Matthias Scheler" <tron%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc: 
Subject: PR/588 CVS commit: [pkgsrc-2014Q1] pkgsrc/lang
Date: Mon, 2 Jun 2014 15:51:10 +0000

 Module Name:   pkgsrc
 Committed By:  tron
 Date:          Mon Jun  2 15:51:10 UTC 2014
 
 Modified Files:
        pkgsrc/lang/php [pkgsrc-2014Q1]: phpversion.mk
        pkgsrc/lang/php54 [pkgsrc-2014Q1]: Makefile.php distinfo
 
 Log Message:
 Pullup ticket #4428 - requested by taca
 lang/php54: security update
 
 Revisions pulled up:
 - lang/php/phpversion.mk                                        1.64
 - lang/php54/Makefile.php                                       1.8
 - lang/php54/distinfo                                           1.40
 
 ---
    Module Name:        pkgsrc
    Committed By:       taca
    Date:               Sat May 31 04:28:57 UTC 2014
 
    Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php54: Makefile.php distinfo
 
    Log Message:
    Update php54 to 5.4.29, contains fix for CVE-2014-0237 and CVE-2014-0238.
 
    29 May 2014, PHP 5.4.29
 
    - COM:
      . Fixed bug #66431 (Special Character via COM Interface (CP_UTF8)). 
(Anatol)
 
    - Core:
      . Fixed bug #65701 (copy() doesn't work when destination filename is 
created
        by tempnam()). (Boro Sitnikovski)
      . Fixed bug #67072 (Echoing unserialized "SplFileObject" crash). (Anatol)
      . Fixed bug #67245 (usage of memcpy() with overlapping src and dst in
        zend_exceptions.c). (Bob)
      . Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas)
      . Fixed bug #67249 (printf out-of-bounds read). (Stas)
      . Fixed bug #67250 (iptcparse out-of-bounds read). (Stas)
      . Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas)
 
    - Date:
      . Fixed bug #67118 (DateTime constructor crash with invalid data). 
(Anatol)
      . Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas)
      . Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). 
(Stas)
 
    - DOM:
      . Fixed bug #67081 (DOMDocumentType->internalSubset returns entire 
DOCTYPE tag,
        not only the subset). (Anatol)
 
     - Fileinfo:
       . Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol)
       . Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS).
         (CVE-2014-0238)
       . Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls 
resulting in
         performance degradation). (CVE-2014-0237)
 
    - FPM:
      . Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor).
        (Julio Pintos)
 
    - Phar:
      . Fix bug #64498 ($phar->buildFromDirectory can't compress file with an 
accent
        in its name). (PR #588)
 
 
 To generate a diff of this commit:
 cvs rdiff -u -r1.58.2.2 -r1.58.2.3 pkgsrc/lang/php/phpversion.mk
 cvs rdiff -u -r1.6.6.1 -r1.6.6.2 pkgsrc/lang/php54/Makefile.php
 cvs rdiff -u -r1.36.2.1 -r1.36.2.2 pkgsrc/lang/php54/distinfo
 
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

Prev by Date: PR/588 CVS commit: [pkgsrc-2014Q1] pkgsrc/lang
Next by Date: Re: port-alpha/48697 (Sysinst compute illegal disk geometry and newfs is bound to fail.)
Previous by Thread: PR/588 CVS commit: [pkgsrc-2014Q1] pkgsrc/lang
Indexes:

Home | Main Index | Thread Index | Old Index