pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2016Q1]: pkgsrc/lang Pullup ticket #5036 - requested by taca
details: https://anonhg.NetBSD.org/pkgsrc/rev/c22b9b505834
branches: pkgsrc-2016Q1
changeset: 408911:c22b9b505834
user: bsiegert <bsiegert%pkgsrc.org@localhost>
date: Sat Jun 04 19:56:36 2016 +0000
description:
Pullup ticket #5036 - requested by taca
lang/php70: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.138
- lang/php70/distinfo 1.10-1.12
- lang/php70/patches/patch-sapi_cli_Makefile.frag 1.1-1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Fri May 27 13:29:58 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: distinfo
Log Message:
Update php70 to 7.0.7 (PHP 7.0.7), including security fix.
26 May 2016 PHP 7.0.7
- Core:
. Fixed bug #72162 (use-after-free - error_reporting). (Laruence)
. Add compiler option to disable special case function calls. (Joe)
. Fixed bug #72101 (crash on complex code). (Dmitry)
. Fixed bug #72100 (implode() inserts garbage into resulting string when
joins very big integer). (Mikhail Galanin)
. Fixed bug #72057 (PHP Hangs when using custom error handler and typehint).
(Nikita Nefedov)
. Fixed bug #72038 (Function calls with values to a by-ref parameter don't
always throw a notice). (Bob)
. Fixed bug #71737 (Memory leak in closure with parameter named $this).
(Nikita)
. Fixed bug #72059 (?? is not allowed on constant expressions). (Bob, Marcio)
. Fixed bug #72159 (Imported Class Overrides Local Class Name). (Nikita)
- Curl:
. Fixed bug #68658 (Define CURLE_SSL_CACERT_BADFILE). (Pierrick)
- DBA:
. Fixed bug #72157 (use-after-free caused by dba_open). (Shm, Laruence)
- GD:
. Fixed bug #72227 (imagescale out-of-bounds read). (Stas)
- Intl:
. Fixed #72241 (get_icu_value_internal out-of-bounds read). (Stas)
- JSON:
. Fixed bug #72069 (Behavior \JsonSerializable different from json_encode).
(Laruence)
- Mbstring:
. Fixed bug #72164 (Null Pointer Dereference - mb_ereg_replace). (Laruence)
- OCI8:
. Fixed bug #71600 (oci_fetch_all segfaults when selecting more than eight
columns). (Tian Yang)
- Opcache:
. Fixed bug #72014 (Including a file with anonymous classes multiple times
leads to fatal error). (Laruence)
- OpenSSL:
. Fixed bug #72165 (Null pointer dereference - openssl_csr_new). (Anatol)
- PCNTL:
. Fixed bug #72154 (pcntl_wait/pcntl_waitpid array internal structure
overwrite). (Laruence)
- POSIX:
. Fixed bug #72133 (php_posix_group_to_array crashes if gr_passwd is NULL).
(esminis at esminis dot lt)
- Postgres:
. Fixed bug #72028 (pg_query_params(): NULL converts to empty string).
(Laruence)
. Fixed bug #71062 (pg_convert() doesn't accept ISO 8601 for datatype
timestamp). (denver at timothy dot io)
. Fixed bug #72151 (mysqli_fetch_object changed behaviour). (Anatol)
- Reflection:
. Fixed bug #72174 (ReflectionProperty#getValue() causes __isset call).
(Nikita)
- Session:
. Fixed bug #71972 (Cyclic references causing session_start(): Failed to
decode session object). (Laruence)
- Sockets:
. Added socket_export_stream() function for getting a stream compatible
resource from a socket resource. (Chris Wright, Bob)
- SPL:
. Fixed bug #72051 (The reference in CallbackFilterIterator doesn't work as
expected). (Laruence)
- SQLite3:
. Fixed bug #68849 (bindValue is not using the right data type). (Anatol)
- Standard:
. Fixed bug #72075 (Referencing socket resources breaks stream_select).
(Laruence)
. Fixed bug #72031 (array_column() against an array of objects discards all
values matching null). (Nikita)
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat May 28 08:02:26 UTC 2016
Modified Files:
pkgsrc/lang/php70: distinfo
Added Files:
pkgsrc/lang/php70/patches: patch-sapi_cli_Makefile.frag
Log Message:
Mark php binary with paxctl +m because of JIT code.
Needed on NetBSD-current with PaX MPROTECT.
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat May 28 08:13:15 UTC 2016
Modified Files:
pkgsrc/lang/php70: distinfo
pkgsrc/lang/php70/patches: patch-sapi_cli_Makefile.frag
Log Message:
Add upstream bug report URL.
diffstat:
lang/php/phpversion.mk | 4 ++--
lang/php70/distinfo | 11 ++++++-----
lang/php70/patches/patch-sapi_cli_Makefile.frag | 19 +++++++++++++++++++
3 files changed, 27 insertions(+), 7 deletions(-)
diffs (66 lines):
diff -r 1d524d405db9 -r c22b9b505834 lang/php/phpversion.mk
--- a/lang/php/phpversion.mk Sat Jun 04 19:50:02 2016 +0000
+++ b/lang/php/phpversion.mk Sat Jun 04 19:56:36 2016 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.131.2.5 2016/06/04 19:50:02 bsiegert Exp $
+# $NetBSD: phpversion.mk,v 1.131.2.6 2016/06/04 19:56:36 bsiegert Exp $
#
# This file selects a PHP version, based on the user's preferences and
# the installed packages. It does not add a dependency on the PHP
@@ -83,7 +83,7 @@
# Define each PHP's version.
PHP55_VERSION= 5.5.36
PHP56_VERSION= 5.6.22
-PHP70_VERSION= 7.0.6
+PHP70_VERSION= 7.0.7
# Define initial release of major version.
PHP55_RELDATE= 20130620
diff -r 1d524d405db9 -r c22b9b505834 lang/php70/distinfo
--- a/lang/php70/distinfo Sat Jun 04 19:50:02 2016 +0000
+++ b/lang/php70/distinfo Sat Jun 04 19:56:36 2016 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.8.2.1 2016/05/08 14:27:23 bsiegert Exp $
+$NetBSD: distinfo,v 1.8.2.2 2016/06/04 19:56:36 bsiegert Exp $
-SHA1 (php-7.0.6.tar.bz2) = c7fb6b98124f5d367b18893e34aebb184d4fa715
-RMD160 (php-7.0.6.tar.bz2) = b81bea4b3c6ecfc125b71d1c9407b4c1e854aa75
-SHA512 (php-7.0.6.tar.bz2) = 7f44cc5df3b9bb4394ac39069fdc2993086dd8e159e97275bf5fa4dd399d416e9ea1b057cdf855bae1c0f9c2129af1914495d9d2512ce90a7dd3ce4206aa9286
-Size (php-7.0.6.tar.bz2) = 14102594 bytes
+SHA1 (php-7.0.7.tar.bz2) = 7d1d718288e34edce686bd834de5313d199cebd3
+RMD160 (php-7.0.7.tar.bz2) = d894c6897095736b5a278ee5a91b9a4cd80b6bac
+SHA512 (php-7.0.7.tar.bz2) = e6d5ce0eb665aa9beb13f5a3e6fa074ff92ccdd5112c4f2a7dfb1220f55624f2284a0bcfec45b92572762905ab2ac7890e98803860378fdb06752e22f363dbcf
+Size (php-7.0.7.tar.bz2) = 14106181 bytes
SHA1 (patch-acinclude.m4) = b682280fd89950c082c2226bdb7364b0dc475bad
SHA1 (patch-configure) = a129e19ef87338f6e53ccc967c40ddcde7c7357c
SHA1 (patch-ext_gd_config.m4) = a7ec1bd0d876657d4b5e597b9aa1e97c2d2801e3
@@ -21,5 +21,6 @@
SHA1 (patch-php.ini-production) = ae61dffedf574b688fe576b0b2af748b7a28cd89
SHA1 (patch-run-tests.php) = 86c4d3f03eb8e31b5a35820f426533c9478571fb
SHA1 (patch-sapi_cgi_Makefile.frag) = 18769900f588ff81cc34474542afa1d65c070e65
+SHA1 (patch-sapi_cli_Makefile.frag) = 4ad9e9ad951ac02314b4c262a0a61e9fd275456e
SHA1 (patch-sapi_fpm_fpm_events_port.c) = 0f10fdb32fb7cab58e2abda49fb1fc658c410150
SHA1 (patch-sapi_fpm_php-fpm.conf.in) = b3c4fd499cbfd2dffd9176abb54e298ea542a5d7
diff -r 1d524d405db9 -r c22b9b505834 lang/php70/patches/patch-sapi_cli_Makefile.frag
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php70/patches/patch-sapi_cli_Makefile.frag Sat Jun 04 19:56:36 2016 +0000
@@ -0,0 +1,19 @@
+$NetBSD: patch-sapi_cli_Makefile.frag,v 1.2.2.2 2016/06/04 19:56:36 bsiegert Exp $
+
+Needed on NetBSD with PaX MPROTEXT, otherwise core dump with:
+#1 0x00000000004d0d87 in _pcre_jit_exec ()
+#2 0x00000000004a53f1 in php_pcre_exec ()
+https://bugs.php.net/bug.php?id=72281
+
+--- sapi/cli/Makefile.frag.orig 2016-04-28 18:12:27.000000000 +0000
++++ sapi/cli/Makefile.frag
+@@ -2,6 +2,9 @@ cli: $(SAPI_CLI_PATH)
+
+ $(SAPI_CLI_PATH): $(PHP_GLOBAL_OBJS) $(PHP_BINARY_OBJS) $(PHP_CLI_OBJS)
+ $(BUILD_CLI)
++ @if test -f /usr/sbin/paxctl; then \
++ paxctl +m $(SAPI_CLI_PATH); \
++ fi
+
+ install-cli: $(SAPI_CLI_PATH)
+ @echo "Installing PHP CLI binary: $(INSTALL_ROOT)$(bindir)/"
Home |
Main Index |
Thread Index |
Old Index