[pkgsrc/trunk]: pkgsrc/lang/php5 Update lang/php5 to 5.2.11, fixing security ...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/lang/php5 Update lang/php5 to 5.2.11, fixing security ...
From: taca <taca%pkgsrc.org@localhost>
Date: Mon, 16 Jan 2023 19:49:51 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/b224684a5181
branches:  trunk
changeset: 399703:b224684a5181
user:      taca <taca%pkgsrc.org@localhost>
date:      Sat Sep 26 05:40:05 2009 +0000

description:
Update lang/php5 to 5.2.11, fixing security problem of 5.2.10.
One pkglint warning was fixed, too.

PHP                                                                        NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
17 Sep 2009, PHP 5.2.11
- Fixed certificate validation inside php_openssl_apply_verification_policy.
  (Ryan Sleevi, Ilia)


10 Sep 2009, PHP 5.2.11RC3
- Updated timezone database to version 2009.13 (2009m) (Derick)

- Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). (Ilia)
- Fixed bug #49447 (php engine needs to correctly check for socket API return
  status on windows). (Sriram Natarajan)
- Fixed bug #48060 (pdo_pgsql - large objects are returned as empty). (Matteo)


03 Sep 2009, PHP 5.2.11RC2
- Added missing sanity checks around exif processing. (Ilia)

- Fixed sanity check for the color index in imagecolortransparent. (Pierre)
- Fixed zlib.deflate compress filter to actually accept level parameter. (Jani)
- Fixed leak on error in popen/exec (and related functions) on Windows.
  (Pierre)

- Fixed bug #49361 (wordwrap() wraps incorrectly on end of line boundaries).
  (Ilia, code-it at mail dot ru)
- Fixed bug #49289 (bcmath module doesn't compile with phpize configure).
  (Jani)
- Fixed bug #49286 (php://input (php_stream_input_read) is broken). (Jani)
- Fixed bug #49269 (Ternary operator fails on Iterator object when used inside
  foreach declaration). (Etienne, Dmitry)
- Fixed bug #49236 (Missing PHP_SUBST(PDO_MYSQL_SHARED_LIBADD)). (Jani)
- Fixed bug #49144 (Import of schema from different host transmits original
  authentication details). (Dmitry)
- Fixed bug #49000 (PHP CLI in Interactive mode (php -a) crashes when including
  files from function). (Stas)
- Fixed bug #48696 (ldap_read() segfaults with invalid parameters). (Felipe)
- Fixed bug #47273 (Encoding bug in SoapServer->fault). (Dmitry)
- Fixed bug #28038 (Sent incorrect RCPT TO commands to SMTP server) (Garrett)


13 Aug 2009, PHP 5.2.11RC1
- Fixed regression in cURL extension that prevented flush of data to output
  defined as a file handle. (Ilia)
- Fixed memory leak in stream_is_local(). (Felipe, Tony)

- Fixed bug #49372 (segfault in php_curl_option_curl). (Pierre)
- Fixed bug #49132 (posix_times returns false without error).
  (phpbugs at gunnu dot us)
- Fixed bug #49125 (Error in dba_exists C code). (jdornan at stanford dot edu)
- Fixed bug #49095 (proc_get_status['exitcode'] fails on win32). (Felipe)
- Fixed bug #49074 (private class static fields can be modified by using
  reflection). (Jani)
- Fixed bug #49072 (feof never returns true for damaged file in zip). (Pierre)
- Fixed bug #49052 (context option headers freed too early when using
  --with-curlwrappers). (Jani)
- Fixed bug #49032 (SplFileObject::fscanf() variables passed by reference).
  (Jani)
- Fixed bug #49026 (proc_open() can bypass safe_mode_protected_env_vars
  restrictions). (Ilia)
- Fixed bug #48994 (zlib.output_compression does not output HTTP headers when
  set to a string value). (Jani)
- Fixed bug #48980 (Crash when compiling with pdo_firebird). (Felipe)
- Fixed bug #48962 (cURL does not upload files with specified filename).
  (Ilia)
- Fixed bug #48929 (Double \r\n after HTTP headers when "header" context
  option is an array). (David Zülke)
- Fixed bug #48913 (Too long error code strings in pdo_odbc driver).
  (naf at altlinux dot ru, Felipe)
- Fixed bug #48802 (printf() returns incorrect outputted length). (Jani)
- Fixed bug #48801 (Problem with imagettfbbox). (Takeshi Abe)
- Fixed bug #48788 (RecursiveDirectoryIterator doesn't descend into symlinked
  directories). (Ilia)
- Fixed bug #48774 (SIGSEGVs when using curl_copy_handle()).
  (Sriram Natarajan)
- Fixed bug #48763 (ZipArchive produces corrupt archive). (dani dot church at
  gmail dot com, Pierre)
- Fixed bug #48762 (IPv6 address filter still rejects valid address). (Felipe)
- Fixed bug #48733 (CURLOPT_WRITEHEADER|CURLOPT_FILE|CURLOPT_STDERR warns on
  files that have been opened with r+). (Ilia)
- Fixed bug #48732 (TTF Bounding box wrong for letters below baseline).
  (Takeshi Abe)
- Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain
  components). (Ilia)
- Fixed bug #48709 (metaphone and 'wh'). (brettz9 at yahoo dot com, Felipe)
- Fixed bug #48697 (mb_internal_encoding() value gets reset by parse_str()).
  (Moriyoshi)
- Fixed bug #48693 (Double declaration of __lambda_func when lambda wrongly
  formatted). (peter at lvp-media dot com, Felipe)
- Fixed bug #48661 (phpize is broken with non-bash shells). (Jani)
- Fixed bug #48645 (mb_convert_encoding() doesn't understand hexadecimal
  html-entities). (Moriyoshi)
- Fixed bug #48637 ("file" fopen wrapper is overwritten when using
  --with-curlwrappers). (Jani)
- Fixed bug #48636 (Error compiling of ext/date on netware). (guenter at
  php.net, Ilia)
- Fixed bug #48629 (get_defined_constants() ignores categorize parameter).
  (Felipe)
- Fixed bug #48619 (imap_search ALL segfaults). (Pierre)
- Fixed bug #48608 (Invalid libreadline version not detected during configure).
  (Jani)
- Fixed bug #48555 (ImageFTBBox() differs from previous versions for texts
  with new lines) (Takeshi Abe)
- Fixed bug #48539 (pdo_dblib fails to connect, throws empty PDOException
  "SQLSTATE[] (null)"). (Felipe)
- Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using
  TMPDIR). (Ilia)
- Fixed bug #48450 (Compile failure under IRIX 6.5.30 building gd.c). (Kalle)
- Fixed bug #48400 (imap crashes when closing stream opened with
  OP_PROTOTYPE flag). (Jani)
- Fixed bug #48284 (hash "adler32" byte order is reversed). (Scott)
- Fixed bug #48276 (date("Y") on big endian machines produces the
  wrong result). (Scott)
- Fixed bug #48247 (Infinite loop and possible crash during startup with
  errors when errors are logged). (Jani)
- Fixed bug #48116 (Fixed build with Openssl 1.0). (Pierre,
  Al dot Smith at aeschi dot ch dot eu dot org)
- Fixed bug #48182 (ssl handshake fails during asynchronous socket connection).
  (Sriram Natarajan)
- Fixed bug #48057 (Only the date fields of the first row are fetched,
  others are empty). (info at programmiernutte dot net)
- Fixed bug #47481 (natcasesort() does not sort extended ASCII characters
  correctly). (Herman Radtke)
- Fixed bug #47351 (Memory leak in DateTime). (Derick, Tobias John)
- Fixed bug #46020 (with Sun Java System Web Server 7.0 on HPUX, #define HPUX).
  (Uwe Schindler)
- Fixed bug #45905 (imagefilledrectangle() clipping error).
  (markril at hotmail dot com, Pierre)
- Fixed bug #45280 (Reflection of instantiated COM classes causes PHP to crash)
  (Paul Richards, Kalle)
- Fixed bug #45141 (setcookie will output expires years of >4 digits). (Ilia)
- Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre)
- Fixed bug #44144 (spl_autoload_functions() should return object instance
  when appropriate). (Hannes, Etienne)
- Fixed bug #43510 (stream_get_meta_data() does not return same mode as used
  in fopen). (Jani)
- Fixed bug #42434 (ImageLine w/ antialias = 1px shorter). (wojjie at gmail dot
  com, Kalle)

diffstat:

 lang/php5/Makefile.common  |   4 ++--
 lang/php5/Makefile.php     |   4 ++--
 lang/php5/PLIST            |   5 ++---
 lang/php5/distinfo         |  12 ++++--------
 lang/php5/patches/patch-ax |  30 ------------------------------
 5 files changed, 10 insertions(+), 45 deletions(-)

diffs (127 lines):

diff -r 448a3fd69f8e -r b224684a5181 lang/php5/Makefile.common
--- a/lang/php5/Makefile.common Fri Sep 25 16:38:22 2009 +0000
+++ b/lang/php5/Makefile.common Sat Sep 26 05:40:05 2009 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.36 2009/07/07 21:57:28 jdolecek Exp $
+# $NetBSD: Makefile.common,v 1.37 2009/09/26 05:40:05 taca Exp $
 # used by lang/php5/Makefile.php
 # used by lang/php/ext.mk
 
@@ -26,7 +26,7 @@
 MAINTAINER?=           jdolecek%NetBSD.org@localhost
 HOMEPAGE?=             http://www.php.net/
 
-PHP_BASE_VERS=         5.2.10
+PHP_BASE_VERS=         5.2.11
 
 PHP_EXTENSION_DIR=     lib/php/20040412
 PLIST_SUBST+=          PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR:Q}
diff -r 448a3fd69f8e -r b224684a5181 lang/php5/Makefile.php
--- a/lang/php5/Makefile.php    Fri Sep 25 16:38:22 2009 +0000
+++ b/lang/php5/Makefile.php    Sat Sep 26 05:40:05 2009 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.php,v 1.35 2009/07/07 21:57:28 jdolecek Exp $
+# $NetBSD: Makefile.php,v 1.36 2009/09/26 05:40:05 taca Exp $
 #
 
 .include "../../lang/php5/Makefile.common"
@@ -50,7 +50,7 @@
 SUBST_STAGE.ini=       post-patch
 SUBST_FILES.ini=       php.ini-dist
 SUBST_FILES.ini+=      php.ini-recommended
-SUBST_SED.ini=         -e "s|\;include_path = \".:/php/includes\"|include_path = \".:${PREFIX}/lib/php\"|g"
+SUBST_SED.ini=         -e "s|\\;include_path = \".:/php/includes\"|include_path = \".:${PREFIX}/lib/php\"|g"
 SUBST_MESSAGE.ini=     Fixing default ini files.
 
 .include "../../mk/bsd.options.mk"
diff -r 448a3fd69f8e -r b224684a5181 lang/php5/PLIST
--- a/lang/php5/PLIST   Fri Sep 25 16:38:22 2009 +0000
+++ b/lang/php5/PLIST   Sat Sep 26 05:40:05 2009 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.23 2009/06/14 20:34:14 joerg Exp $
+@comment $NetBSD: PLIST,v 1.24 2009/09/26 05:40:05 taca Exp $
 bin/php
 bin/php-config
 bin/phpize
@@ -110,7 +110,6 @@
 include/php/ext/standard/cyr_convert.h
 include/php/ext/standard/datetime.h
 include/php/ext/standard/dl.h
-include/php/ext/standard/dns.h
 include/php/ext/standard/exec.h
 include/php/ext/standard/file.h
 include/php/ext/standard/flock_compat.h
@@ -127,6 +126,7 @@
 include/php/ext/standard/php_browscap.h
 include/php/ext/standard/php_crypt.h
 include/php/ext/standard/php_dir.h
+include/php/ext/standard/php_dns.h
 include/php/ext/standard/php_ext_syslog.h
 include/php/ext/standard/php_filestat.h
 include/php/ext/standard/php_fopen_wrappers.h
@@ -157,7 +157,6 @@
 include/php/ext/standard/streamsfuncs.h
 include/php/ext/standard/uniqid.h
 include/php/ext/standard/url.h
-include/php/ext/standard/url_scanner.h
 include/php/ext/standard/url_scanner_ex.h
 include/php/ext/xml/expat_compat.h
 include/php/ext/xml/php_xml.h
diff -r 448a3fd69f8e -r b224684a5181 lang/php5/distinfo
--- a/lang/php5/distinfo        Fri Sep 25 16:38:22 2009 +0000
+++ b/lang/php5/distinfo        Sat Sep 26 05:40:05 2009 +0000
@@ -1,11 +1,8 @@
-$NetBSD: distinfo,v 1.65 2009/08/11 14:41:23 taca Exp $
+$NetBSD: distinfo,v 1.66 2009/09/26 05:40:05 taca Exp $
 
-SHA1 (php-5.2.10/php-5.2.10.tar.bz2) = 9a287e2791d28928fb1ee1a1167290c5005feccd
-RMD160 (php-5.2.10/php-5.2.10.tar.bz2) = 9a9ec823eda9d6b3c085967e7a71f776071fc78f
-Size (php-5.2.10/php-5.2.10.tar.bz2) = 8808759 bytes
-SHA1 (php-5.2.10/suhosin-patch-5.2.10-0.9.7.patch.gz) = 3768bbded0bb2376414322b26308342452cb927a
-RMD160 (php-5.2.10/suhosin-patch-5.2.10-0.9.7.patch.gz) = 18df1686a48d652f581591115b51461e9dacf5a4
-Size (php-5.2.10/suhosin-patch-5.2.10-0.9.7.patch.gz) = 23072 bytes
+SHA1 (php-5.2.11/php-5.2.11.tar.bz2) = 819c853ce657ef260d4a73b5a21f961115b97eef
+RMD160 (php-5.2.11/php-5.2.11.tar.bz2) = 6aad53dee864ab89f794a9d3c2aa32d435ed5654
+Size (php-5.2.11/php-5.2.11.tar.bz2) = 9030787 bytes
 SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20
 SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e
 SHA1 (patch-ah) = c7cbd4b9ea0796ea3b7491c2cffb6ddddc518587
@@ -16,4 +13,3 @@
 SHA1 (patch-aq) = 0c9d48547da2fa80aa8357d23ad8505d1c0330df
 SHA1 (patch-ar) = 2d74ec926cc00bfbb67d16210af78c33ad9ac38d
 SHA1 (patch-as) = f7ce5caffe2acdd1f8e9fc8ae6c7ba1d8c6a25c1
-SHA1 (patch-ax) = faee56533644ef84c1e001e37d5d399259047d71
diff -r 448a3fd69f8e -r b224684a5181 lang/php5/patches/patch-ax
--- a/lang/php5/patches/patch-ax        Fri Sep 25 16:38:22 2009 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,30 +0,0 @@
-$NetBSD: patch-ax,v 1.1 2009/08/11 14:41:23 taca Exp $
-
---- ext/openssl/openssl.c.orig 2009-04-20 19:00:41.000000000 +0900
-+++ ext/openssl/openssl.c
-@@ -227,8 +227,13 @@ inline static int php_openssl_safe_mode_
- static char default_ssl_conf_filename[MAXPATHLEN];
- 
- struct php_x509_request { /* {{{ */
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+      LHASH_OF(CONF_VALUE) * global_config;   /* Global SSL config */
-+      LHASH_OF(CONF_VALUE) * req_config;      /* SSL config for this request */
-+#else
-       LHASH * global_config;  /* Global SSL config */
-       LHASH * req_config;             /* SSL config for this request */
-+#endif
-       const EVP_MD * md_alg;
-       const EVP_MD * digest;
-       char    * section_name,
-@@ -410,7 +415,11 @@ static inline int php_openssl_config_che
-               const char * section_label,
-               const char * config_filename,
-               const char * section,
-+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-+              LHASH_OF(CONF_VALUE) * config TSRMLS_DC
-+#else
-               LHASH * config TSRMLS_DC
-+#endif
-               ) /* {{{ */
- {
-       X509V3_CTX ctx;
Prev by Date: [pkgsrc/trunk]: pkgsrc/net/md-whois Fix build problem on NetBSD 4.0. Should ...
Next by Date: [pkgsrc/trunk]: pkgsrc/net/ntop Fix build problem on NetBSD 4.0. Should be f...
Previous by Thread: [pkgsrc/trunk]: pkgsrc/net/md-whois Fix build problem on NetBSD 4.0. Should ...
Next by Thread: [pkgsrc/trunk]: pkgsrc/net/ntop Fix build problem on NetBSD 4.0. Should be f...
Indexes:
Home | Main Index | Thread Index | Old Index