CVS commit: pkgsrc/lang

["Takahiro Kambe" <taca%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   taca
Date:           Sat Aug  8 00:12:22 UTC 2015

Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php55: distinfo

Log Message:
Update php55 to 5.5.28.

06 Aug 2015, PHP 5.5.28

- Core:
  . Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive
    method calls). (Stas)
  . Fixed bug #69892 (Different arrays compare indentical due to integer key
    truncation). (Nikita)
  . Fixed bug #70002 (TS issues with temporary dir handling). (Anatol)
  . Fixed bug #70121 (unserialize() could lead to unexpected methods execution
    / NULL pointer deref). (Stas)

- OpenSSL:
  . Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
    secure). (Stas)

- Phar:
  . Improved fix for bug #69441. (Anatol Belski)
  . Fixed bug #70019 (Files extracted from archive may be placed outside of
    destination directory). (Anatol Belski)

- SOAP:
  . Fixed bug #70081 (SoapClient info leak / null pointer dereference via
     multiple type confusions). (Stas)

- SPL:
  . Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject
    items). (sean.heelan)
  . Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
    SPLArrayObject). (taoguangchen at icloud dot com)
  . Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
    SplObjectStorage). (taoguangchen at icloud dot com)
  . Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
    SplDoublyLinkedList). (taoguangchen at icloud dot com)


To generate a diff of this commit:
cvs rdiff -u -r1.106 -r1.107 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.43 -r1.44 pkgsrc/lang/php55/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.