CVS commit: [pkgsrc-2023Q2] pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2023Q2] pkgsrc/lang
From: "Benny Siegert" <bsiegert%netbsd.org@localhost>
Date: Tue, 15 Aug 2023 18:42:54 +0000

Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Tue Aug 15 18:42:54 UTC 2023

Modified Files:
        pkgsrc/lang/php [pkgsrc-2023Q2]: phpversion.mk
        pkgsrc/lang/php81 [pkgsrc-2023Q2]: distinfo
        pkgsrc/lang/php81/patches [pkgsrc-2023Q2]: patch-configure
Removed Files:
        pkgsrc/lang/php81/patches [pkgsrc-2023Q2]: patch-build_libtool.m4

Log Message:
Pullup ticket #6786 - requested by taca
lang/php81: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.403-1.404
- lang/php81/distinfo                                           1.25-1.26
- lang/php81/patches/patch-build_libtool.m4                     deleted
- lang/php81/patches/patch-configure                            1.2

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Fri Jul  7 12:51:19 UTC 2023

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php81: distinfo

   Log Message:
   lang/php81: update to 8.1.21

   PHP 8.1.21 (2023-07-06)

   - CLI:
     . Fixed bug GH-11246 (cli/get_set_process_title fails on MacOS).
       (James Lucas)

   - Core:
     . Fixed build for the riscv64 architecture/GCC 12. (Daniil Gentili)

   - Curl:
     . Fixed bug GH-11433 (Unable to set CURLOPT_ACCEPT_ENCODING to NULL).
       (nielsdos)

   - DOM:
     . Fixed bugs GH-11288 and GH-11289 and GH-11290 and GH-9142 (DOMExceptions
       and segfaults with replaceWith). (nielsdos)
     . Fixed bug GH-10234 (Setting DOMAttr::textContent results in an empty
       attribute value). (nielsdos)
     . Fix return value in stub file for DOMNodeList::item. (divinity76)
     . Fix spec compliance error with '*' namespace for
       DOMDocument::getElementsByTagNameNS. (nielsdos)
     . Fix DOMElement::append() and DOMElement::prepend() hierarchy checks.
       (nielsdos)
     . Fixed bug GH-11347 (Memory leak when calling a static method inside an
       xpath query). (nielsdos)
     . Fixed bug #67440 (append_node of a DOMDocumentFragment does not reconcile
       namespaces). (nielsdos)
     . Fixed bug #81642 (DOMChildNode::replaceWith() bug when replacing a node
       with itself). (nielsdos)
     . Fixed bug #77686 (Removed elements are still returned by getElementById).
       (nielsdos)
     . Fixed bug #70359 (print_r() on DOMAttr causes Segfault in
       php_libxml_node_free_list()). (nielsdos)
     . Fixed bug #78577 (Crash in DOMNameSpace debug info handlers). (nielsdos)
     . Fix lifetime issue with getAttributeNodeNS(). (nielsdos)
     . Fix "invalid state error" with cloned namespace declarations. (nielsdos)
     . Fixed bug #55294 and #47530 and #47847 (various namespace reconciliation
       issues). (nielsdos)
     . Fixed bug #80332 (Completely broken array access functionality with
       DOMNamedNodeMap). (nielsdos)

   - Opcache:
     . Fix allocation loop in zend_shared_alloc_startup(). (nielsdos)
     . Access violation on smm_shared_globals with ALLOC_FALLBACK. (KoudelkaB)
     . Fixed bug GH-11336 (php still tries to unlock the shared memory ZendSem
       with opcache.file_cache_only=1 but it was never locked). (nielsdos)

   - OpenSSL:
     . Fixed bug GH-9356 Incomplete validation of IPv6 Address fields in
       subjectAltNames (James Lucas, Jakub Zelenka).

   - PGSQL:
     . Fixed intermittent segfault with pg_trace. (David Carlier)

   - Phar:
     . Fix cross-compilation check in phar generation for FreeBSD. (peter279k)

   - SPL:
     . Fixed bug GH-11338 (SplFileInfo empty getBasename with more than one
       slash). (nielsdos)

   - Standard:
     . Fix access on NULL pointer in array_merge_recursive(). (ilutov)
     . Fix exception handling in array_multisort(). (ilutov)

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Aug  5 08:43:16 UTC 2023

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php81: distinfo
        pkgsrc/lang/php81/patches: patch-configure
   Removed Files:
        pkgsrc/lang/php81/patches: patch-build_libtool.m4

   Log Message:
   lang/php81: update to 8.1.22

   03 Aug 2023, PHP 8.1.22

   - Build:
     . Fixed bug GH-11522 (PHP version check fails with '-' separator).
       (SVGAnimate)

   - CLI:
     . Fix interrupted CLI output causing the process to exit. (nielsdos)

   - Core:
     . Fixed oss-fuzz #60011 (Mis-compilation of by-reference nullsafe operator).
       (ilutov)
     . Fixed use-of-uninitialized-value with ??= on assert. (ilutov)
     . Fixed build for FreeBSD before the 11.0 releases. (David Carlier)

   - Curl:
     . Fix crash when an invalid callback function is passed to
       CURLMOPT_PUSHFUNCTION. (nielsdos)

   - Date:
     . Fixed bug GH-11368 (Date modify returns invalid datetime). (Derick)

   - DOM:
     . Fixed bug GH-11625 (DOMElement::replaceWith() doesn't replace node with
       DOMDocumentFragment but just deletes node or causes wrapping <></>
       depending on libxml2 version). (nielsdos)

   - Fileinfo:
     . Fixed bug GH-11298 (finfo returns wrong mime type for xz files). (Anatol)

   - FTP:
     . Fix context option check for "overwrite". (JonasQuinten)
     . Fixed bug GH-10562 (Memory leak and invalid state with consecutive
       ftp_nb_fget). (nielsdos)

   - GD:
     . Fix most of the external libgd test failures. (Michael Orlitzky)

   - Hash:
     . Fix use-of-uninitialized-value in hash_pbkdf2(), fix missing $options
       parameter in signature. (ilutov)

   - Intl:
     . Fix memory leak in MessageFormatter::format() on failure. (Girgias)

   - Libxml:
     . Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading
       in XML without enabling it). (CVE-2023-3823) (nielsdos, ilutov)

   - MBString:
     . Fix GH-11300 (license issue: restricted unicode license headers).
       (nielsdos)

   - Opcache:
     . Fixed bug GH-10914 (OPCache with Enum and Callback functions results in
       segmentation fault). (nielsdos)
     . Prevent potential deadlock if accelerated globals cannot be allocated.
       (nielsdos)

   - PCNTL:
     . Fixed bug GH-11498 (SIGCHLD is not always returned from proc_open).
       (nielsdos)

   - PCRE:
     . Mangle PCRE regex cache key with JIT option. (mvorisek)

   - PDO:
     . Fix GH-11587 (After php8.1, when PDO::ATTR_EMULATE_PREPARES is true
       and PDO::ATTR_STRINGIFY_FETCHES is true, decimal zeros are no longer
       filled). (SakiTakamachi)

   - PDO SQLite:
     . Fix GH-11492 (Make test failure: ext/pdo_sqlite/tests/bug_42589.phpt).
       (KapitanOczywisty, CViniciusSDias)

   - Phar:
     . Add missing check on EVP_VerifyUpdate() in phar util. (nielsdos)
     . Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read()).
       (CVE-2023-3824) (nielsdos)

   - PHPDBG:
     . Fixed bug GH-9669 (phpdbg -h options doesn't list the -z option). (adsr)

   - Session:
     . Removed broken url support for transferring session ID. (ilutov)

   - Standard:
     . Fix serialization of RC1 objects appearing in object graph twice. (ilutov)

   - SQLite3:
     . Fix replaced error handling in SQLite3Stmt::__construct. (nielsdos)


To generate a diff of this commit:
cvs rdiff -u -r1.401.2.1 -r1.401.2.2 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.24 -r1.24.2.1 pkgsrc/lang/php81/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php81/patches/patch-build_libtool.m4
cvs rdiff -u -r1.1 -r1.1.14.1 pkgsrc/lang/php81/patches/patch-configure

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/php/phpversion.mk
diff -u pkgsrc/lang/php/phpversion.mk:1.401.2.1 pkgsrc/lang/php/phpversion.mk:1.401.2.2
--- pkgsrc/lang/php/phpversion.mk:1.401.2.1     Tue Aug 15 18:32:22 2023
+++ pkgsrc/lang/php/phpversion.mk       Tue Aug 15 18:42:53 2023
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.401.2.1 2023/08/15 18:32:22 bsiegert Exp $
+# $NetBSD: phpversion.mk,v 1.401.2.2 2023/08/15 18:42:53 bsiegert Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -90,7 +90,7 @@ PHPVERSION_MK=        defined
 PHP56_VERSION= 5.6.40
 PHP74_VERSION= 7.4.33
 PHP80_VERSION= 8.0.30
-PHP81_VERSION= 8.1.20
+PHP81_VERSION= 8.1.22
 PHP82_VERSION= 8.2.7
 
 # Define API version or initial release of major version.

Index: pkgsrc/lang/php81/distinfo
diff -u pkgsrc/lang/php81/distinfo:1.24 pkgsrc/lang/php81/distinfo:1.24.2.1
--- pkgsrc/lang/php81/distinfo:1.24     Fri Jun  9 13:18:55 2023
+++ pkgsrc/lang/php81/distinfo  Tue Aug 15 18:42:53 2023
@@ -1,10 +1,9 @@
-$NetBSD: distinfo,v 1.24 2023/06/09 13:18:55 taca Exp $
+$NetBSD: distinfo,v 1.24.2.1 2023/08/15 18:42:53 bsiegert Exp $
 
-BLAKE2s (php-8.1.20.tar.xz) = fff1e7a2784caad39e2ceadf63d792014db24dc0533555646422733e407da9b5
-SHA512 (php-8.1.20.tar.xz) = d93767c6ff4d305c209e1a0fcb17f19b1d417fa872b002413ebe7883e93900c210e8f122410ac54da373b9d10dd2f522ea2bafc9b66214fb466314d64907a558
-Size (php-8.1.20.tar.xz) = 11793228 bytes
-SHA1 (patch-build_libtool.m4) = e58a2bcebe9e9d7dc7255354fd9fe57878e3f8a6
-SHA1 (patch-configure) = e91e22267a9b7ebcc16a586ba6f325c772adb13c
+BLAKE2s (php-8.1.22.tar.xz) = bedc63f43971576a55baaffa7faaafd720c4cee88913201f90d45fb93fa21a25
+SHA512 (php-8.1.22.tar.xz) = d5848f4174f47499207451ae7a8d7c254c1f06a9b500c907f9bff3c790e4a6a417d49cabb23b6e5f370d4f515c1ca9920ef2b3584be8979413dd4085549d9a8a
+Size (php-8.1.22.tar.xz) = 11809048 bytes
+SHA1 (patch-configure) = bf9d652aa5b5509b08ce7cdb6168936ca7b80584
 SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640
 SHA1 (patch-ext_enchant_enchant.c) = 7924acc5fdadea89b3a385cf744ef982795bf89d
 SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd

Index: pkgsrc/lang/php81/patches/patch-configure
diff -u pkgsrc/lang/php81/patches/patch-configure:1.1 pkgsrc/lang/php81/patches/patch-configure:1.1.14.1
--- pkgsrc/lang/php81/patches/patch-configure:1.1       Sat Nov 27 07:24:43 2021
+++ pkgsrc/lang/php81/patches/patch-configure   Tue Aug 15 18:42:53 2023
@@ -1,13 +1,13 @@
-$NetBSD: patch-configure,v 1.1 2021/11/27 07:24:43 taca Exp $
+$NetBSD: patch-configure,v 1.1.14.1 2023/08/15 18:42:53 bsiegert Exp $
 
 * Do not include "PKG_CONFIG*" in CONFIGURE_OPTIONS.
 * Don't automatically add libgcc on SunOS. Reported upstream as #75941.
 * Don't autodetect maintainer-zts.
 * The meta_ccld removal reported upstream as #75940.
 
---- configure.orig     2021-10-27 00:20:44.000000000 +0000
+--- configure.orig     2023-08-01 16:16:09.000000000 +0000
 +++ configure
-@@ -4319,6 +4319,10 @@ EOF
+@@ -4324,6 +4324,10 @@ EOF
     else
      break
     fi
@@ -15,10 +15,10 @@ $NetBSD: patch-configure,v 1.1 2021/11/2
 +       \'PKG_CONFIG\=*)       CURRENT_ARG="'PKG_CONFIG=@TOOLS_PATH.pkg-config@'";;
 +       \'PKG_CONFIG_LIBDIR\=*)        CURRENT_ARG="'PKG_CONFIG_LIBDIR=@PHP_PKGCONFIG_PATH@'";;
 +   esac
-    $as_echo "$CURRENT_ARG \\" >>config.nice
+    printf "%s\n" "$CURRENT_ARG \\" >>config.nice
     CONFIGURE_OPTIONS="$CONFIGURE_OPTIONS $CURRENT_ARG"
    done
-@@ -7540,30 +7544,6 @@ EOF
+@@ -7548,30 +7552,6 @@ EOF
      ;;
    esac
  
@@ -49,7 +49,7 @@ $NetBSD: patch-configure,v 1.1 2021/11/2
    PHP_VAR_SUBST="$PHP_VAR_SUBST APXS"
  
  else
-@@ -79589,7 +79569,7 @@ printf "%s\n" "#define HAVE_TIDYBUFFIO_H
+@@ -80278,7 +80258,7 @@ printf "%s\n" "#define HAVE_TIDYBUFFIO_H
    fi
  
    TIDY_LIBDIR=$TIDY_DIR/$PHP_LIBDIR

Prev by Date: CVS commit: pkgsrc/www/ap2-python
Next by Date: CVS commit: [pkgsrc-2023Q2] pkgsrc/lang
Previous by Thread: CVS commit: pkgsrc/www/ap2-python
Next by Thread: CVS commit: [pkgsrc-2023Q2] pkgsrc/lang
Indexes:

Home | Main Index | Thread Index | Old Index