CVS commit: [pkgsrc-2018Q4] pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2018Q4] pkgsrc/lang
From: "Benny Siegert" <bsiegert%netbsd.org@localhost>
Date: Sat, 19 Jan 2019 21:44:08 +0000

Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Sat Jan 19 21:44:08 UTC 2019

Modified Files:
        pkgsrc/lang/php [pkgsrc-2018Q4]: phpversion.mk
        pkgsrc/lang/php72 [pkgsrc-2018Q4]: Makefile distinfo

Log Message:
Pullup ticket #5897 - requested by taca
lang/php72: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.243
- lang/php72/Makefile                                           1.16
- lang/php72/distinfo                                           1.35

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Jan 12 14:59:03 UTC 2019

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php72: Makefile distinfo

   Log Message:
   lang/php72: update to 7.2.14

   10 Jan 2019, PHP 7.2.14

   - Core:
     . Fixed bug #77369 (memcpy with negative length via crafted DNS response). (Stas)
     . Fixed bug #71041 (zend_signal_startup() needs ZEND_API).
       (Valentin V. Bartenev)
     . Fixed bug #76046 (PHP generates "FE_FREE" opcode on the wrong line).
       (Nikita)

   - COM:
     . Fixed bug #77177 (Serializing or unserializing COM objects crashes). (cmb)

   - Date:
     . Fixed bug #77097 (DateTime::diff gives wrong diff when the actual diff is
       less than 1 second). (Derick)

   - Exif:
     . Fixed bug #77184 (Unsigned rational numbers are written out as signed
       rationals). (Colin Basnett)

   - GD:
     . Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to
       use-after-free). (cmb)
     . Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). (cmb)
     . Fixed bug #77195 (Incorrect error handling of imagecreatefromjpeg()). (cmb)
     . Fixed bug #77198 (auto cropping has insufficient precision). (cmb)
     . Fixed bug #77200 (imagecropauto(…, GD_CROP_SIDES) crops left but not right).
       (cmb)

   - IMAP:
     . Fixed bug #77020 (null pointer dereference in imap_mail). (cmb)

   - Mbstring:
     . Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). (Stas)
     . Fixed bug #77371 (heap buffer overflow in mb regex functions
       - compile_string_node). (Stas)
     . Fixed bug #77381 (heap buffer overflow in multibyte match_at). (Stas)
     . Fixed bug #77382 (heap buffer overflow due to incorrect length in
       expand_case_fold_string). (Stas)
     . Fixed bug #77385 (buffer overflow in fetch_token). (Stas)
     . Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). (Stas)
     . Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). (Stas)

   - OCI8:
     . Fixed bug #76804 (oci_pconnect with OCI_CRED_EXT not working). (KoenigsKind)
     . Added oci_set_call_timeout() for call timeouts.
     . Added oci_set_db_operation() for the DBOP end-to-end-tracing attribute.

   - Opcache:
     . Fixed bug #77215 (CFG assertion failure on multiple finalizing switch
       frees in one block). (Nikita)

   - PDO:
     . Handle invalid index passed to PDOStatement::fetchColumn() as error. (Sergei
       Morozov)

   - Phar:
     . Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). (Stas)

   - Sockets:
     . Fixed bug #77136 (Unsupported IPV6_RECVPKTINFO constants on macOS).
       (Mizunashi Mana)

   - SQLite3:
     . Fixed bug #77051 (Issue with re-binding on SQLite3). (BohwaZ)

   - Xmlrpc:
     . Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). (cmb)
     . Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). (Stas)


To generate a diff of this commit:
cvs rdiff -u -r1.241.2.1 -r1.241.2.2 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.15 -r1.15.2.1 pkgsrc/lang/php72/Makefile
cvs rdiff -u -r1.34 -r1.34.2.1 pkgsrc/lang/php72/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/php/phpversion.mk
diff -u pkgsrc/lang/php/phpversion.mk:1.241.2.1 pkgsrc/lang/php/phpversion.mk:1.241.2.2
--- pkgsrc/lang/php/phpversion.mk:1.241.2.1     Sat Jan 19 21:30:21 2019
+++ pkgsrc/lang/php/phpversion.mk       Sat Jan 19 21:44:08 2019
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.241.2.1 2019/01/19 21:30:21 bsiegert Exp $
+# $NetBSD: phpversion.mk,v 1.241.2.2 2019/01/19 21:44:08 bsiegert Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -90,7 +90,7 @@ PHPVERSION_MK=        defined
 PHP56_VERSION= 5.6.39
 PHP70_VERSION= 7.0.33
 PHP71_VERSION= 7.1.26
-PHP72_VERSION= 7.2.13
+PHP72_VERSION= 7.2.14
 PHP73_VERSION= 7.3.0
 
 # Define initial release of major version.

Index: pkgsrc/lang/php72/Makefile
diff -u pkgsrc/lang/php72/Makefile:1.15 pkgsrc/lang/php72/Makefile:1.15.2.1
--- pkgsrc/lang/php72/Makefile:1.15     Sun Dec  9 18:52:34 2018
+++ pkgsrc/lang/php72/Makefile  Sat Jan 19 21:44:08 2019
@@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.15 2018/12/09 18:52:34 adam Exp $
+# $NetBSD: Makefile,v 1.15.2.1 2019/01/19 21:44:08 bsiegert Exp $
 
 #
 # We can't omit PKGNAME here to handle PKG_OPTIONS.
 #
 PKGNAME=               php-${PHP_VERSION:S/RC/rc/}
-PKGREVISION=           2
 
 HOMEPAGE=              http://www.php.net/
 COMMENT=               PHP Hypertext Preprocessor version 7.2

Index: pkgsrc/lang/php72/distinfo
diff -u pkgsrc/lang/php72/distinfo:1.34 pkgsrc/lang/php72/distinfo:1.34.2.1
--- pkgsrc/lang/php72/distinfo:1.34     Fri Dec  7 17:12:48 2018
+++ pkgsrc/lang/php72/distinfo  Sat Jan 19 21:44:08 2019
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.34 2018/12/07 17:12:48 taca Exp $
+$NetBSD: distinfo,v 1.34.2.1 2019/01/19 21:44:08 bsiegert Exp $
 
-SHA1 (php-7.2.13.tar.bz2) = eb74e4b52013fef8a349b2193605d344ed425503
-RMD160 (php-7.2.13.tar.bz2) = 1f362e20ce739e34d7e5c3f282e1842f1873aa73
-SHA512 (php-7.2.13.tar.bz2) = 95b9d09fec4af7df38736fabd291af5635a2caab9611c82a9a4988a849888f9847052ed69192c0f0b0103cf9d2888d5dd763471e1419d6e8da33ab77c9f95dbd
-Size (php-7.2.13.tar.bz2) = 15051814 bytes
+SHA1 (php-7.2.14.tar.bz2) = 97d0bfc6f75d82e8ef9425189ca5c544866f927e
+RMD160 (php-7.2.14.tar.bz2) = 886704673d55837144946731f6137549d4f963ac
+SHA512 (php-7.2.14.tar.bz2) = 1a3db5937c826a1dea39db24fcf122b931ecda89c5c8ca96f337fb696c48c39f81c540bfae40e0cc8837b5d378288da4f91dfa07435801517d75202e5c925453
+Size (php-7.2.14.tar.bz2) = 15039077 bytes
 SHA1 (patch-configure) = 47f2ede97390cc7e46d04c2769dd97459b19450a
 SHA1 (patch-disable-filter-url) = e9e92d686ddd1d1a1ece10fe4feee4e368fe510c
 SHA1 (patch-ext_gd_config.m4) = eaecfb31b18700dd642c067ed82748d4f6be2335

Prev by Date: CVS commit: pkgsrc/graphics/MesaLib
Next by Date: CVS commit: [pkgsrc-2018Q4] pkgsrc/lang
Previous by Thread: CVS commit: pkgsrc/graphics/MesaLib
Next by Thread: CVS commit: [pkgsrc-2018Q4] pkgsrc/lang
Indexes:

Home | Main Index | Thread Index | Old Index