pkgsrc-changes: CVS commit: [pkgsrc-2006Q2] pkgsrc/www/php4

Subject: CVS commit: [pkgsrc-2006Q2] pkgsrc/www/php4
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 08/16/2006 07:17:41
Module Name:	pkgsrc
Committed By:	salo
Date:		Wed Aug 16 07:17:41 UTC 2006

Modified Files:
	pkgsrc/www/php4 [pkgsrc-2006Q2]: Makefile Makefile.common distinfo
	pkgsrc/www/php4/files [pkgsrc-2006Q2]: pear.sh
	pkgsrc/www/php4/patches [pkgsrc-2006Q2]: patch-ao
Added Files:
	pkgsrc/www/php4/patches [pkgsrc-2006Q2]: patch-aw
Removed Files:
	pkgsrc/www/php4/patches [pkgsrc-2006Q2]: patch-aq patch-ar patch-as
	    patch-au patch-av

Log Message:
Pullup ticket 1790 - requested by adrianp
security update for php4

Revisions pulled up:
- pkgsrc/www/php4/Makefile			1.70
- pkgsrc/www/php4/Makefile.common		1.53
- pkgsrc/www/php4/distinfo			1.56
- pkgsrc/www/php4/files/pear.sh			1.3
- pkgsrc/www/php4/patches/patch-ao		1.3
- pkgsrc/www/php4/patches/patch-aq		removed
- pkgsrc/www/php4/patches/patch-ar		removed
- pkgsrc/www/php4/patches/patch-as		removed
- pkgsrc/www/php4/patches/patch-au		removed
- pkgsrc/www/php4/patches/patch-av		removed
- pkgsrc/www/php4/patches/patch-aw		1.1

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Thu Aug 10 23:01:40 UTC 2006

   Modified Files:
   	pkgsrc/www/php4: Makefile Makefile.common distinfo
   	pkgsrc/www/php4/files: pear.sh
   	pkgsrc/www/php4/patches: patch-ao
   Added Files:
   	pkgsrc/www/php4/patches: patch-aw
   Removed Files:
   	pkgsrc/www/php4/patches: patch-aq patch-ar patch-as patch-au patch-av

   Log Message:
   Update to 4.4.3

   All PHP 4.x users are encouraged to upgrade to this release as soon as possible.

   The security issues resolved include the following:

   * Disallow certain characters in session names.
   * Fixed a buffer overflow inside the wordwrap() function.
   * Prevent jumps to parent directory via the 2nd parameter of the tempnam()
     function.
   * Improved safe_mode check for the error_log() function.
   * Fixed cross-site scripting inside the phpinfo() function.

   The release also includes about 20 bug fixes and an upgraded PCRE library
   (version 6.6).

   For a full list of changes in PHP 4.4.3, see the ChangeLog:
   http://www.php.net/ChangeLog-4.php#4.4.3

   This also contains a fix for CVE-2006-4020 (SA21403)


To generate a diff of this commit:
cvs rdiff -r1.66.2.1 -r1.66.2.2 pkgsrc/www/php4/Makefile
cvs rdiff -r1.52 -r1.52.4.1 pkgsrc/www/php4/Makefile.common
cvs rdiff -r1.54.2.1 -r1.54.2.2 pkgsrc/www/php4/distinfo
cvs rdiff -r1.2.2.1 -r1.2.2.2 pkgsrc/www/php4/files/pear.sh
cvs rdiff -r1.2 -r1.2.6.1 pkgsrc/www/php4/patches/patch-ao
cvs rdiff -r1.1 -r0 pkgsrc/www/php4/patches/patch-aq \
    pkgsrc/www/php4/patches/patch-ar pkgsrc/www/php4/patches/patch-as
cvs rdiff -r1.1.2.1 -r0 pkgsrc/www/php4/patches/patch-au \
    pkgsrc/www/php4/patches/patch-av
cvs rdiff -r0 -r1.1.2.1 pkgsrc/www/php4/patches/patch-aw

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.