Subject: CVS commit: pkgsrc/databases/php4-mssql
To: None <pkgsrc-changes@NetBSD.org>
From: Jaromir Dolecek <jdolecek@netbsd.org>
List: pkgsrc-changes
Date: 07/14/2004 08:04:37
Module Name: pkgsrc
Committed By: jdolecek
Date: Wed Jul 14 08:04:37 UTC 2004
Added Files:
pkgsrc/databases/php4-mssql: distinfo
Log Message:
Update php4 to 4.3.8.
This is security fix release, fixing several important security
issues. From the ChangeLog:
* Fixed strip_tags() to correctly handle '\0' characters.
* Improved stability during startup when memory_limit is used.
* Replace alloca() with emalloc() for better stack protection.
* Added missing safe_mode checks inside ftok and itpc.
* Fixed bug #28963 Fixed address allocation routine in IMAP extension.
* Fixed bug #28632 Prevent open_basedir bypass via MySQL's LOAD DATA LOCAL.
Note: package update also includes extra patches from PHP CVS not
present in stock PHP 4.3.8 release - compilation fix for
mssql extension and Zend engine memory-use-after-free fix.
To generate a diff of this commit:
cvs rdiff -r0 -r1.1 pkgsrc/databases/php4-mssql/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.