[pkgsrc/pkgsrc-2016Q2]: pkgsrc/lang Pullup ticket #5067 - requested by taca

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/pkgsrc-2016Q2]: pkgsrc/lang Pullup ticket #5067 - requested by taca
From: spz <spz%pkgsrc.org@localhost>
Date: Wed, 15 Jan 2020 12:53:34 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/20612c3ad8ed
branches:  pkgsrc-2016Q2
changeset: 408858:20612c3ad8ed
user:      spz <spz%pkgsrc.org@localhost>
date:      Thu Jul 28 14:49:19 2016 +0000

description:
Pullup ticket #5067 - requested by taca
lang/php55: security update
lang/php: subsequent adjustment

Revisions pulled up:
- lang/php/phpversion.mk                                        1.142
- lang/php55/distinfo                                           1.55

-------------------------------------------------------------------
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sun Jul 24 02:15:16 UTC 2016

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php55: distinfo

   Log Message:
   Update php55 to 5.5.38 (PHP 5.5.38).

   Quote from release note:

   Note that according to our release schedule, PHP 5.5.38 is the last release
   of the PHP 5.5 branch. There may be additional release if we discover
   important security issues that warrant it, otherwise this release will be
   the final one in the PHP 5.5 branch. If your PHP installation is based on
   PHP 5.5, it may be a good time to start making the plans for the upgrade to
   PHP 5.6 or PHP 7.0.

   21 Jul 2016, PHP 5.5.38

   - BZip2:
      . Fixed bug #72613 (Inadequate error handling in bzread()). (Stas)

   - Core:
      . Fixed bug #70480 (php_url_parse_ex() buffer overflow read). (Stas)
      . Fixed bug #72513 (Stack-based buffer overflow vulnerability in
        virtual_file_ex). (loianhtuan at gmail dot com)
      . Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session
        Deserialization). (taoguangchen at icloud dot com)
      . Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and
        applications). (CVE-2016-5385) (Stas)

   - EXIF:
      . Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).
        (Stas)
      . Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).
        (Stas)

   - GD:
      . Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read
        access). (Pierre)
      . Fixed bug #72519 (imagegif/output out-of-bounds access). (Pierre)
      . Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).
        (CVE-2016-6207) (Pierre)

   - Intl:
      . Fixed bug #72533 (locale_accept_from_http out-of-bounds access). (Stas)

   - ODBC:
      . Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns)

   - SNMP:
      . Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and
        unserialize()). (taoguangchen at icloud dot com)

   - Xmlrpc:
      . Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c).
        (Stas)

   - Zip:
      . Fixed bug #72520 (Stack-based buffer overflow vulnerability in
        php_stream_zip_opener). (loianhtuan at gmail dot com)


   To generate a diff of this commit:
   cvs rdiff -u -r1.141 -r1.142 pkgsrc/lang/php/phpversion.mk
   cvs rdiff -u -r1.54 -r1.55 pkgsrc/lang/php55/distinfo

diffstat:

 lang/php/phpversion.mk |   6 +++---
 lang/php55/distinfo    |  10 +++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)

diffs (38 lines):

diff -r 9ed8457c350e -r 20612c3ad8ed lang/php/phpversion.mk
--- a/lang/php/phpversion.mk    Thu Jul 28 14:09:14 2016 +0000
+++ b/lang/php/phpversion.mk    Thu Jul 28 14:49:19 2016 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.141 2016/06/24 15:27:57 taca Exp $
+# $NetBSD: phpversion.mk,v 1.141.2.1 2016/07/28 14:49:19 spz Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -81,8 +81,8 @@
 PHPVERSION_MK= defined
 
 # Define each PHP's version.
-PHP55_VERSION= 5.5.37
-PHP56_VERSION= 5.6.23
+PHP55_VERSION= 5.5.38
+PHP56_VERSION= 5.6.24
 PHP70_VERSION= 7.0.8
 
 # Define initial release of major version.
diff -r 9ed8457c350e -r 20612c3ad8ed lang/php55/distinfo
--- a/lang/php55/distinfo       Thu Jul 28 14:09:14 2016 +0000
+++ b/lang/php55/distinfo       Thu Jul 28 14:49:19 2016 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.54 2016/06/24 15:23:00 taca Exp $
+$NetBSD: distinfo,v 1.54.2.1 2016/07/28 14:49:19 spz Exp $
 
-SHA1 (php-5.5.37.tar.bz2) = f999bf46a6b3a1adee8239c40e13e8ce06fd470a
-RMD160 (php-5.5.37.tar.bz2) = 349fbe9ea88423a2f6b0b8b47468401c3537ff8c
-SHA512 (php-5.5.37.tar.bz2) = d2da921f3efd858e1cb8004873e377ca9c5821d5269d5b8e7c9be830b183f4d18f737b14653f65a43c0957bdca994e09a476d77e3a29a11e357abc24618c4c0f
-Size (php-5.5.37.tar.bz2) = 13699851 bytes
+SHA1 (php-5.5.38.tar.bz2) = ac79d48510e4bfe8f376d009e3ecb5b734bbc3a1
+RMD160 (php-5.5.38.tar.bz2) = 2f1f0ff08c963975c6a624ecc83432cf48be3b39
+SHA512 (php-5.5.38.tar.bz2) = dd9e578013023cc8e9ab86ef129bf414682bca318c83816ff2f15be5f81863475737b48508d78542d4fe9dc7e31418bd9c0188b2d72745f069322f3ca4da9560
+Size (php-5.5.38.tar.bz2) = 13701262 bytes
 SHA1 (patch-acinclude.m4) = 9e9c433e4cb96e469f7cf14b2064a0f41fc4568a
 SHA1 (patch-aclocal.m4) = 46f192351e541453b1e32299acd1b4cfefc93cb2
 SHA1 (patch-build_libtool.m4) = 3811edd697fd21eadc4f65cba35c6297141e8ff2

Prev by Date: [pkgsrc/pkgsrc-2016Q2]: pkgsrc/sysutils/xenkernel42 Pullup ticket #5071 - req...
Next by Date: [pkgsrc/pkgsrc-2016Q2]: pkgsrc/net/samba4 Pullup ticket #5060 - requested by ...
Previous by Thread: [pkgsrc/pkgsrc-2016Q2]: pkgsrc/sysutils/xenkernel42 Pullup ticket #5071 - req...
Next by Thread: [pkgsrc/pkgsrc-2016Q2]: pkgsrc/net/samba4 Pullup ticket #5060 - requested by ...
Indexes:

Home | Main Index | Thread Index | Old Index