Subject: CVS commit: pkgsrc/www/php4
To: None <pkgsrc-changes@NetBSD.org>
From: Quentin Garnier <cube@netbsd.org>
List: pkgsrc-changes
Date: 03/03/2006 07:11:34
Module Name: pkgsrc
Committed By: cube
Date: Fri Mar 3 07:11:34 UTC 2006
Modified Files:
pkgsrc/www/php4: Makefile Makefile.common PLIST distinfo
Added Files:
pkgsrc/www/php4/patches: patch-ao patch-ap
Removed Files:
pkgsrc/www/php4/patches: patch-ab patch-am patch-an
Log Message:
Update to version 4.4.2. Ok'd by jdolecek@.
This is a bug fix release, which addresses some security problems too.
The major points that this release corrects are:
* Prevent header injection by limiting each header to a single line.
* Possible XSS inside error reporting functionality.
* Missing safe_mode/open_basedir checks into cURL extension.
* Apache 2 regression with sub-request handling on non-Linux systems.
* key() and current() regression related to references.
This release also fixes about 30 other defects.
To generate a diff of this commit:
cvs rdiff -r1.61 -r1.62 pkgsrc/www/php4/Makefile
cvs rdiff -r1.51 -r1.52 pkgsrc/www/php4/Makefile.common
cvs rdiff -r1.14 -r1.15 pkgsrc/www/php4/PLIST
cvs rdiff -r1.49 -r1.50 pkgsrc/www/php4/distinfo
cvs rdiff -r1.20 -r0 pkgsrc/www/php4/patches/patch-ab
cvs rdiff -r1.3 -r0 pkgsrc/www/php4/patches/patch-am
cvs rdiff -r1.1 -r0 pkgsrc/www/php4/patches/patch-an
cvs rdiff -r0 -r1.1 pkgsrc/www/php4/patches/patch-ao \
pkgsrc/www/php4/patches/patch-ap
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.