CVS commit: [pkgsrc-2014Q2] pkgsrc/lang

["Matthias Scheler" <tron%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   tron
Date:           Mon Aug 25 15:59:27 UTC 2014

Modified Files:
        pkgsrc/lang/php [pkgsrc-2014Q2]: phpversion.mk
        pkgsrc/lang/php54 [pkgsrc-2014Q2]: Makefile distinfo
        pkgsrc/lang/php54/patches [pkgsrc-2014Q2]: patch-aclocal.m4
            patch-build_libtool.m4 patch-configure
Removed Files:
        pkgsrc/lang/php54/patches [pkgsrc-2014Q2]: patch-ext_gd_libgd_gdxpm.c
            patch-ext_spl_spl__array.c patch-ext_spl_spl__dllist.c

Log Message:
Pullup ticket #4486 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        patch
- lang/php54/Makefile                                           1.25
- lang/php54/distinfo                                           1.45-1.46
- lang/php54/patches/patch-aclocal.m4                           1.2
- lang/php54/patches/patch-build_libtool.m4                     1.2
- lang/php54/patches/patch-configure                            1.9
- lang/php54/patches/patch-ext_gd_libgd_gdxpm.c                 deleted
- lang/php54/patches/patch-ext_spl_spl__array.c                 deleted
- lang/php54/patches/patch-ext_spl_spl__dllist.c                deleted

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Jul 26 00:12:54 UTC 2014

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php54: Makefile distinfo
        pkgsrc/lang/php54/patches: patch-aclocal.m4 patch-build_libtool.m4
            patch-configure

   Log Message:
   Update php54 to 5.4.31.

   24 Jul 2014, PHP 5.4.31

   - Core:
     . Fixed bug #67428 (header('Location: foo') will override a 308-399 
response
       code). (Adam)
     . Fixed bug #67436 (Autoloader isn't called if two method definitions don't
       match). (Bob)
     . Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 
10.0).
       (Ferenc)
     . Fixed bug #67151 (strtr with empty array crashes). (Nikita)
     . Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server
       2012). (Christian Wenz)

   - CLI server:
     . Implemented FR #67429 (CLI server is missing some new HTTP response 
codes).
       (Adam)
     . Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
       (Adam)

   - FPM:
     . Fixed bug #67530 (error_log=syslog ignored). (Remi)
     . Fixed bug #67531 (syslog cannot be set in pool configuration). (Remi)

   - Intl:
     . Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).
       (Stas)

   - pgsql:
     . Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 
756),
       which affected builds against libpq < 7.3. (Adam)

   - Phar:
     . Fixed bug #67587 (Redirection loop on nginx with FPM). (Christian Weiske)

   - Streams:
     . Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects). (Adam)

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Aug 23 16:07:24 UTC 2014

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php54: distinfo
   Removed Files:
        pkgsrc/lang/php54/patches: patch-ext_gd_libgd_gdxpm.c
            patch-ext_spl_spl__array.c patch-ext_spl_spl__dllist.c

   Log Message:
   Update php54 to 5.4.32 (PHP 5.4.32).

   07 Aug 2014, PHP 5.4.32

   - Core:
     . Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597) (Remi)

   - COM:
     . Fixed missing type checks in com_event_sink. (Yussuf Khalil, Stas)

   - Fileinfo:
     . Fixed bug #67705 (extensive backtracking in rule regular expression).
       (CVE-2014-3538) (Remi)
     . Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587) (Remi)

   - GD:
     . Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference).
       (CVE-2014-2497) (Remi)
     . Fixed bug #67730 (Null byte injection possible with imagexxx functions).
       (CVE-2014-5120) (Ryan Mauger)

   - Milter:
     . Fixed bug #67715 (php-milter does not build and crashes randomly). (Mike)

   - OpenSSL:
     . Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).

   - Readline:
     . Fixed bug #55496 (Interactive mode doesn't force a newline before the
       prompt). (Bob, Johannes)
     . Fixed bug #67496 (Save command history when exiting interactive shell
       with control-c). (Dmitry Saprykin, Johannes)

   - Sessions:
     . Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).

   - SPL:
     . Fixed bug #67539 (ArrayIterator use-after-free due to object change 
during
       sorting). (research at insighti dot org, Laruence)
     . Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670) 
(Laruence)

   - Core:
     . Fixed bug #67693 (incorrect push to the empty array) (Tjerk)

   - ODBC:
     . Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte
       char fields). (Keyur)

   - Zlib:
     . Fixed bug #67724 (chained zlib filters silently fail with large amounts 
of
       data). (Mike)


To generate a diff of this commit:
cvs rdiff -u -r1.66.2.1 -r1.66.2.2 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.23.2.1 -r1.23.2.2 pkgsrc/lang/php54/Makefile
cvs rdiff -u -r1.43.2.1 -r1.43.2.2 pkgsrc/lang/php54/distinfo
cvs rdiff -u -r1.1 -r1.1.4.1 pkgsrc/lang/php54/patches/patch-aclocal.m4 \
    pkgsrc/lang/php54/patches/patch-build_libtool.m4
cvs rdiff -u -r1.8 -r1.8.2.1 pkgsrc/lang/php54/patches/patch-configure
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php54/patches/patch-ext_gd_libgd_gdxpm.c
cvs rdiff -u -r1.1.2.2 -r0 \
    pkgsrc/lang/php54/patches/patch-ext_spl_spl__array.c \
    pkgsrc/lang/php54/patches/patch-ext_spl_spl__dllist.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.