[pkgsrc/pkgsrc-2022Q4]: pkgsrc/lang Pullup ticket #6717 - requested by taca

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/pkgsrc-2022Q4]: pkgsrc/lang Pullup ticket #6717 - requested by taca
From: bsiegert <bsiegert%pkgsrc.org@localhost>
Date: Sun, 08 Jan 2023 18:26:50 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/8c070c577e6f
branches:  pkgsrc-2022Q4
changeset: 391364:8c070c577e6f
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Sun Jan 08 16:15:56 2023 +0000

description:
Pullup ticket #6717 - requested by taca
lang/php81: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.384
- lang/php81/distinfo                                           1.16
- lang/php81/patches/patch-sapi_fpm_fpm_events_port.c           deleted

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Jan  7 07:40:47 UTC 2023

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php81: distinfo
   Removed Files:
        pkgsrc/lang/php81/patches: patch-sapi_fpm_fpm_events_port.c

   Log Message:
   lang/php81: update to 8.1.14

   PHP 8.1.14 (2023-01-05)

   - Core:
     . Fixed bug GH-9905 (constant() behaves inconsistent when class is undefined).
       (cmb)
     . Fixed bug GH-9918 (License information for xxHash is not included in
       README.REDIST.BINS file). (Akama Hitoshi)
     . Fixed bug GH-9650 (Can't initialize heap: [0x000001e7]). (Michael Vo=F8=ED=B9ek)
     . Fixed potentially undefined behavior in Windows ftok(3) emulation. (cmb)

   - Date:
     . Fixed bug GH-9699 (DateTimeImmutable::diff differences in 8.1.10 onwards -
       timezone related). (Derick)
     . Fixed bug GH-9700 (DateTime::createFromFormat: Parsing TZID string is too
       greedy). (Derick)
     . Fixed bug GH-9866 (Time zone bug with \DateTimeInterface::diff()). (Derick)
     . Fixed bug GH-9880 (DateTime diff returns wrong sign on day count when using
       a timezone). (Derick)

   - FPM:
     . Fixed bug GH-9959 (Solaris port event mechanism is still broken after bug
       #66694). (Petr Sumbera)
     . Fixed bug #68207 (Setting fastcgi.error_header can result in a WARNING).
       (Jakub Zelenka)
     . Fixed bug GH-8517 (Random crash of FPM master process in
       fpm_stdio_child_said). (Jakub Zelenka)

   - MBString:
     . Fixed bug GH-9535 (The behavior of mb_strcut in mbstring has been changed in
       PHP8.1). (Nathan Freeman)

   - Opcache:
     . Fixed bug GH-9968 (Segmentation Fault during OPCache Preload).
       (Arnaud, michdingpayc)

   - OpenSSL:
     . Fixed bug GH-9064 (PHP fails to build if openssl was built with --no-ec).
       (Jakub Zelenka)
     . Fixed bug GH-10000 (OpenSSL test failures when OpenSSL compiled with
       no-dsa). (Jakub Zelenka)

   - Pcntl:
     . Fixed bug GH-9298 (Signal handler called after rshutdown leads to crash).
       (Erki Aring)

   - PDO_Firebird:
     . Fixed bug GH-9971 (Incorrect NUMERIC value returned from PDO_Firebird).
       (cmb)

   - PDO/SQLite:
     . Fixed bug #81740 (PDO::quote() may return unquoted string). (CVE-2022-31631)
       (cmb)

   - Session:
     . Fixed GH-9932 (session name silently fails with . and [). (David Carlier)

   - SPL:
     . Fixed GH-9883 (SplFileObject::__toString() reads next line). (Girgias)
     . Fixed GH-10011 (Trampoline autoloader will get reregistered and cannot be
       unregistered). (Girgias)

   - SQLite3:
     . Fixed bug #81742 (open_basedir bypass in SQLite3 by using file URI). (cmb)

diffstat:

 lang/php/phpversion.mk                              |   4 +-
 lang/php81/distinfo                                 |   9 ++---
 lang/php81/patches/patch-sapi_fpm_fpm_events_port.c |  33 ---------------------
 3 files changed, 6 insertions(+), 40 deletions(-)

diffs (77 lines):

diff -r ab81480afce1 -r 8c070c577e6f lang/php/phpversion.mk
--- a/lang/php/phpversion.mk    Sun Jan 08 15:57:23 2023 +0000
+++ b/lang/php/phpversion.mk    Sun Jan 08 16:15:56 2023 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.383 2022/12/11 14:07:24 taca Exp $
+# $NetBSD: phpversion.mk,v 1.383.2.1 2023/01/08 16:15:56 bsiegert Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -90,7 +90,7 @@
 PHP56_VERSION= 5.6.40
 PHP74_VERSION= 7.4.33
 PHP80_VERSION= 8.0.26
-PHP81_VERSION= 8.1.13
+PHP81_VERSION= 8.1.14
 PHP82_VERSION= 8.2.0
 
 # Define API version or initial release of major version.
diff -r ab81480afce1 -r 8c070c577e6f lang/php81/distinfo
--- a/lang/php81/distinfo       Sun Jan 08 15:57:23 2023 +0000
+++ b/lang/php81/distinfo       Sun Jan 08 16:15:56 2023 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.15 2022/11/25 16:53:13 taca Exp $
+$NetBSD: distinfo,v 1.15.2.1 2023/01/08 16:15:56 bsiegert Exp $
 
-BLAKE2s (php-8.1.13.tar.xz) = 1c9669c505645ba60827a2610469fde932d55f71ef42510af5a6f003c3b16bef
-SHA512 (php-8.1.13.tar.xz) = a8966798ed8e723a362952f9d381a59cbfd63d921466d68a5bc4527960f4fe1b48a1f188284c74b0723e93524787e4cf1c1322ecd6ec1c9be199fd67df0a0542
-Size (php-8.1.13.tar.xz) = 11802424 bytes
+BLAKE2s (php-8.1.14.tar.xz) = 64f8740713f8b43f3ddabdfa9e34278fc88182f99bad08dc924cfec60c34208c
+SHA512 (php-8.1.14.tar.xz) = 75a5dc3b0490cd8105d4f6c5446522b38953d78fe7b568798db749740f365c818b251d86aba72f5e555c5fe4e4a28e352a9510803bf3cdfe37d125824ae84d61
+Size (php-8.1.14.tar.xz) = 11752004 bytes
 SHA1 (patch-build_libtool.m4) = e58a2bcebe9e9d7dc7255354fd9fe57878e3f8a6
 SHA1 (patch-configure) = e91e22267a9b7ebcc16a586ba6f325c772adb13c
 SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640
@@ -15,5 +15,4 @@
 SHA1 (patch-php.ini-production) = 5ab7fa6bf8403907160b0a62b56c1ee527f8eda6
 SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8
 SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3
-SHA1 (patch-sapi_fpm_fpm_events_port.c) = 30ecee10f6d34b7422972e1e275b4f73c7fd964d
 SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0
diff -r ab81480afce1 -r 8c070c577e6f lang/php81/patches/patch-sapi_fpm_fpm_events_port.c
--- a/lang/php81/patches/patch-sapi_fpm_fpm_events_port.c       Sun Jan 08 15:57:23 2023 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,33 +0,0 @@
-$NetBSD: patch-sapi_fpm_fpm_events_port.c,v 1.1 2021/11/27 07:24:43 taca Exp $
-
-Similar to upstream bug #65800. We should resubmit this patch and
-get that bugfix intergrated, by changing port_associate() call to
-use the wrapper fpm_event_port_add().
-
---- sapi/fpm/fpm/events/port.c.orig    2021-06-01 18:43:05.000000000 +0000
-+++ sapi/fpm/fpm/events/port.c
-@@ -145,14 +145,23 @@ static int fpm_event_port_wait(struct fp
-       }
- 
-       for (i = 0; i < nget; i++) {
-+              struct fpm_event_s *ev;
- 
-               /* do we have a ptr to the event ? */
-               if (!events[i].portev_user) {
-                       continue;
-               }
- 
-+              ev = (struct fpm_event_s *)events[i].portev_user;
-+
-+              if (port_associate(pfd, PORT_SOURCE_FD,
-+                  ev->fd, POLLIN, (void *)ev) < 0) {
-+                      zlog(ZLOG_ERROR, "port: unable to add the event");
-+                      return -1;
-+              }
-+
-               /* fire the event */
--              fpm_event_fire((struct fpm_event_s *)events[i].portev_user);
-+              fpm_event_fire(ev);
- 
-               /* sanity check */
-               if (fpm_globals.parent_pid != getpid()) {

Prev by Date: [pkgsrc/pkgsrc-2022Q4]: pkgsrc Pullup ticket #6716 - requested by taca
Next by Date: [pkgsrc/trunk]: pkgsrc/chat/ejabberd chat/ejabberd: Add upstream bug report a...
Previous by Thread: [pkgsrc/pkgsrc-2022Q4]: pkgsrc Pullup ticket #6716 - requested by taca
Next by Thread: [pkgsrc/trunk]: pkgsrc/chat/ejabberd chat/ejabberd: Add upstream bug report a...
Indexes:

Home | Main Index | Thread Index | Old Index