[pkgsrc/trunk]: pkgsrc/lang/php5 The PHP development team would like to annou...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/lang/php5 The PHP development team would like to annou...
From: adrianp <adrianp%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 07:24:13 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/9e27a01d8194
branches:  trunk
changeset: 555473:9e27a01d8194
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Mon Mar 02 22:52:17 2009 +0000

description:
The PHP development team would like to announce the immediate availability of PHP 5.2.9. This release focuses on improving the stability of the PHP 5.2.x branch with over 50 bug fixes, several of 
which are security related. All users of PHP are encouraged to upgrade to this release.

Security Enhancements and Fixes in PHP 5.2.9:

    * Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. Reported by Hamid Ebadi, APA Laboratory (Fixes CVE-2008-5498). (Scott)
    * Fixed a crash on extract in zip when files or directories entry names contain a relative path. (Pierre)
    * Fixed explode() behavior with empty string to respect negative limit. (Shire)
    * Fixed a segfault when malformed string is passed to json_decode(). (Scott)

Key enhancements in PHP 5.2.9 include:

    * Added optional sorting type flag parameter to array_unique(). Default is SORT_REGULAR. (Andrei)
    * Fixed bug #45996 (libxml2 2.7 causes breakage with character data in xml_parse()). (Rob)
    * A number of fixes in the mbstring extension (Moriyoshi)
    * Fixed bug #44336 (Improve pcre UTF-8 string matching performance). (frode at coretrek dot com, Nuno)
    * Fixed bug #46699 (xml_parse crash when parser is namespace aware). (Rob)
    * Fixed bug #46748 (Segfault when an SSL error has more than one error). (Scott)
    * Fixed bug #46889 (Memory leak in strtotime()). (Derick)
    * Fixed bug #47049 (SoapClient::__soapCall causes a segmentation fault). (Dmitry)
    * Fixed bug #47165 (Possible memory corruption when passing return value by reference). (Dmitry)
    * Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email addresses as invalid). (Ilia)
    * Fixed bug #47422 (modulus operator returns incorrect results on 64 bit linux). (Matt)
    * Over 50 bug fixes.

diffstat:

 lang/php5/Makefile         |   3 +--
 lang/php5/Makefile.common  |  13 +++++++++++--
 lang/php5/Makefile.php     |  12 ++++++++++--
 lang/php5/PLIST            |   3 +--
 lang/php5/distinfo         |  12 ++++--------
 lang/php5/patches/patch-as |  27 ---------------------------
 6 files changed, 27 insertions(+), 43 deletions(-)

diffs (145 lines):

diff -r 6ed2aafe79e3 -r 9e27a01d8194 lang/php5/Makefile
--- a/lang/php5/Makefile        Mon Mar 02 22:39:11 2009 +0000
+++ b/lang/php5/Makefile        Mon Mar 02 22:52:17 2009 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.70 2009/02/07 18:03:00 adrianp Exp $
+# $NetBSD: Makefile,v 1.71 2009/03/02 22:52:17 adrianp Exp $
 
 PKGNAME=               php-${PHP_BASE_VERS}
-PKGREVISION=           1
 CATEGORIES=            lang
 HOMEPAGE=              http://www.php.net/
 COMMENT=               PHP Hypertext Preprocessor version 5
diff -r 6ed2aafe79e3 -r 9e27a01d8194 lang/php5/Makefile.common
--- a/lang/php5/Makefile.common Mon Mar 02 22:39:11 2009 +0000
+++ b/lang/php5/Makefile.common Mon Mar 02 22:52:17 2009 +0000
@@ -1,7 +1,16 @@
-# $NetBSD: Makefile.common,v 1.34 2009/02/25 16:16:33 tnn Exp $
+# $NetBSD: Makefile.common,v 1.35 2009/03/02 22:52:17 adrianp Exp $
 # used by lang/php5/Makefile.php
 # used by lang/php/ext.mk
 
+#
+# NOTE:
+# The suhosin option includes a patch from http://www.hardened-php.net/
+# Which tracks with the exact version number of PHP.  There may be a delay
+# in the patch which can leave the option broken until an updated patch
+# is released.  When updating PHP please don't forget to update the
+# distnfo with the details of the suhosin patch as well.
+#
+
 .if !defined(DISTNAME)
 DISTNAME=              php-${PHP_BASE_VERS}
 DIST_SUBDIR=           ${DISTNAME}
@@ -17,7 +26,7 @@
 MAINTAINER?=           jdolecek%NetBSD.org@localhost
 HOMEPAGE?=             http://www.php.net/
 
-PHP_BASE_VERS=         5.2.8
+PHP_BASE_VERS=         5.2.9
 
 PHP_EXTENSION_DIR=     lib/php/20040412
 PLIST_SUBST+=          PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR:Q}
diff -r 6ed2aafe79e3 -r 9e27a01d8194 lang/php5/Makefile.php
--- a/lang/php5/Makefile.php    Mon Mar 02 22:39:11 2009 +0000
+++ b/lang/php5/Makefile.php    Mon Mar 02 22:52:17 2009 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.php,v 1.32 2009/02/22 23:38:46 adrianp Exp $
+# $NetBSD: Makefile.php,v 1.33 2009/03/02 22:52:17 adrianp Exp $
 #
 
 .include "../../lang/php5/Makefile.common"
@@ -55,12 +55,20 @@
 .include "../../mk/bsd.options.mk"
 
 .if !empty(PKG_OPTIONS:Msuhosin)
+SUHOSIN_PHPVER=                5.2.8
+. if ${SUHOSIN_PHPVER} != ${PHP_BASE_VERS}
+PKG_FAIL_REASON+=      "The suhosin patch is currently not available for"
+PKG_FAIL_REASON+=      "this version of PHP.  You may have to wait until"
+PKG_FAIL_REASON+=      "an updated patch is released or temporarily"
+PKG_FAIL_REASON+=      "build this package without the suhosin option."
+. else
 PATCH_SITES=           http://download.suhosin.org/
-PATCHFILES+=           suhosin-patch-5.2.8-0.9.6.3.patch.gz
+PATCHFILES+=           suhosin-patch-${SUHOSIN_PHPVER}-0.9.6.3.patch.gz
 PATCH_DIST_STRIP=      -p1
 PLIST.suhosin=         yes
 MESSAGE_SRC=           ${.CURDIR}/../../lang/php5/MESSAGE
 MESSAGE_SRC+=          ${.CURDIR}/../../lang/php5/MESSAGE.suhosin
+. endif
 .endif
 
 .if !empty(PKG_OPTIONS:Minet6)
diff -r 6ed2aafe79e3 -r 9e27a01d8194 lang/php5/PLIST
--- a/lang/php5/PLIST   Mon Mar 02 22:39:11 2009 +0000
+++ b/lang/php5/PLIST   Mon Mar 02 22:52:17 2009 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.20 2009/02/17 23:18:55 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.21 2009/03/02 22:52:17 adrianp Exp $
 bin/php
 bin/php-config
 bin/phpize
@@ -87,7 +87,6 @@
 include/php/ext/pcre/pcrelib/pcre_internal.h
 include/php/ext/pcre/pcrelib/pcreposix.h
 include/php/ext/pcre/pcrelib/ucp.h
-include/php/ext/pcre/pcrelib/ucptable.h
 include/php/ext/pcre/php_pcre.h
 include/php/ext/session/mod_files.h
 include/php/ext/session/mod_user.h
diff -r 6ed2aafe79e3 -r 9e27a01d8194 lang/php5/distinfo
--- a/lang/php5/distinfo        Mon Mar 02 22:39:11 2009 +0000
+++ b/lang/php5/distinfo        Mon Mar 02 22:52:17 2009 +0000
@@ -1,11 +1,8 @@
-$NetBSD: distinfo,v 1.60 2009/02/25 08:59:47 sborrill Exp $
+$NetBSD: distinfo,v 1.61 2009/03/02 22:52:17 adrianp Exp $
 
-SHA1 (php-5.2.8/php-5.2.8.tar.bz2) = d285636144e0a4aa61195793634807e763c63dc3
-RMD160 (php-5.2.8/php-5.2.8.tar.bz2) = d38fe5d918c335089a027600a93d950f417a7e98
-Size (php-5.2.8/php-5.2.8.tar.bz2) = 9827180 bytes
-SHA1 (php-5.2.8/suhosin-patch-5.2.8-0.9.6.3.patch.gz) = b1f12dd856778e734837819114d278adaa3cfe05
-RMD160 (php-5.2.8/suhosin-patch-5.2.8-0.9.6.3.patch.gz) = 9c8a0972e75e1ad887b940f57aec4d877e9364bd
-Size (php-5.2.8/suhosin-patch-5.2.8-0.9.6.3.patch.gz) = 23125 bytes
+SHA1 (php-5.2.9/php-5.2.9.tar.bz2) = 1c738dbd7e3f8d723b6ce2e0fbc90a69e249f5f0
+RMD160 (php-5.2.9/php-5.2.9.tar.bz2) = fc2b316ff05462667704027cf2a1a4ac0a238422
+Size (php-5.2.9/php-5.2.9.tar.bz2) = 10203122 bytes
 SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20
 SHA1 (patch-ad) = b324c33b1e70adee5b89dcecdd7690dcadcc18ec
 SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e
@@ -16,4 +13,3 @@
 SHA1 (patch-ap) = 5eb0e0e4244a993da93e36f8fcb5553454207fce
 SHA1 (patch-aq) = 0c9d48547da2fa80aa8357d23ad8505d1c0330df
 SHA1 (patch-ar) = 2d74ec926cc00bfbb67d16210af78c33ad9ac38d
-SHA1 (patch-as) = 7612bf91fe04d980a41dbb0ea652fd50d3b5cebb
diff -r 6ed2aafe79e3 -r 9e27a01d8194 lang/php5/patches/patch-as
--- a/lang/php5/patches/patch-as        Mon Mar 02 22:39:11 2009 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,27 +0,0 @@
-$NetBSD: patch-as,v 1.4 2009/02/25 08:59:47 sborrill Exp $
-
-Fix memory leak and pullup bug fix for http://bugs.php.net/bug.php?id=46918
-
-Remove this patch when PHP >= 5.2.9 is released as it will contain these
-changes
-
---- ext/imap/php_imap.c.orig   2009-02-24 17:45:27.000000000 +0000
-+++ ext/imap/php_imap.c        2009-02-24 17:47:14.000000000 +0000
-@@ -2172,7 +2172,7 @@
- 
-       /* rfc822_parse_adrlist() modifies passed string. Copy it. */
-       str_copy = estrndup(Z_STRVAL_PP(str), Z_STRLEN_PP(str));
--      rfc822_parse_adrlist(&env->to, str_copy, defaulthost);
-+      rfc822_parse_adrlist(&env->to, str_copy, Z_STRVAL_PP(defaulthost));
-       efree(str_copy);
- 
-       array_init(return_value);
-@@ -2196,6 +2196,8 @@
-               }
-               add_next_index_object(return_value, tovals TSRMLS_CC);
-       } while ((addresstmp = addresstmp->next));
-+      
-+      mail_free_envelope(&env);
- }
- /* }}} */
-
Prev by Date: [pkgsrc/trunk]: pkgsrc/misc/screen Allow override of CURSES_DEFAULT using opt...
Next by Date: [pkgsrc/trunk]: pkgsrc/devel/uno Updated uno to 2.13.
Previous by Thread: [pkgsrc/trunk]: pkgsrc/misc/screen Allow override of CURSES_DEFAULT using opt...
Next by Thread: [pkgsrc/trunk]: pkgsrc/devel/uno Updated uno to 2.13.
Indexes:
Home | Main Index | Thread Index | Old Index