CVS commit: pkgsrc/lang/php5

[Adrian Portelli <adrianp%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   adrianp
Date:           Wed Dec 10 19:37:01 UTC 2008

Modified Files:
        pkgsrc/lang/php5: Makefile Makefile.common PLIST distinfo

Log Message:
Update to 5.2.8.

Security Enhancements and Fixes in PHP 5.2.7:

Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371)
Fixed missing initialization of BG(page_uid) and BG(page_gid), reported by 
Maksymilian Arciemowicz.
Fixed incorrect php_value order for Apache configuration, reported by 
Maksymilian Arciemowicz.
Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658).
Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659).
Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666.
Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).(Fixes 
CVE-2008-3660)
Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer overflow). 
(Fixes CVE-2008-2829)
Key enhancements in PHP 5.2.7 include:

Fixed several memory leaks inside the readline and sqlite extensions
A number of corrections relating to date parsing inside the date extension
Fixed bugs relating to data retrieval in the PDO extension
A series of crashes in various areas of code were resolved
Several corrections were made to the strip_tags() function in terms of < and 
<?XML handling
A number of bugs were fixed in extract() function when EXTR_REFS flag is being 
used
Added the ability to log PHP errors to the SAPI (Ex. Apache log) logging 
facility
Over 170 bug fixes.

5.2.8
Reverted bug fix Fixed bug #42718 that broke magic_quotes_gpc (Scott)


To generate a diff of this commit:
cvs rdiff -r1.68 -r1.69 pkgsrc/lang/php5/Makefile
cvs rdiff -r1.32 -r1.33 pkgsrc/lang/php5/Makefile.common
cvs rdiff -r1.18 -r1.19 pkgsrc/lang/php5/PLIST
cvs rdiff -r1.55 -r1.56 pkgsrc/lang/php5/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.