CVS commit: [pkgsrc-2014Q3] pkgsrc/lang

["Matthias Scheler" <tron%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   tron
Date:           Sun Dec 21 10:26:39 UTC 2014

Modified Files:
        pkgsrc/lang/php [pkgsrc-2014Q3]: phpversion.mk
        pkgsrc/lang/php54 [pkgsrc-2014Q3]: distinfo

Log Message:
Pullup ticket #4577 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.79
- lang/php54/distinfo                                           1.50

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Fri Dec 19 16:08:35 UTC 2014

   Modified Files:
           pkgsrc/lang/php: phpversion.mk
           pkgsrc/lang/php54: distinfo

   Log Message:
   Update php54 to 5.4.36, including security fix.

   18 Dec 2014 PHP 5.4.36

   - Core:
     . Upgraded crypt_blowfish to version 1.3. (Leigh)
     . Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
     . Fixed bug #68594 (Use after free vulnerability in unserialize()).
       (CVE-2014-8142) (Stefan Esser)

   13 Nov 2014 PHP 5.4.35

   - Core:
     . Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in
       zend_hash_copy). (Dmitry)

   - Fileinfo:
     . Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers).
       (CVE-2014-3710) (Remi)

   - GMP:
    . Fixed bug #63595 (GMP memory management conflicts with other libraries
      using GMP). (Remi)

   - PDO_pgsql:
     . Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)


To generate a diff of this commit:
cvs rdiff -u -r1.73.2.4 -r1.73.2.5 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.47.2.2 -r1.47.2.3 pkgsrc/lang/php54/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.