CVS commit: [pkgsrc-2015Q2] pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2015Q2] pkgsrc/lang
From: "Matthias Scheler" <tron%netbsd.org@localhost>
Date: Wed, 12 Aug 2015 20:12:29 +0000

Module Name:    pkgsrc
Committed By:   tron
Date:           Wed Aug 12 20:12:29 UTC 2015

Modified Files:
        pkgsrc/lang/php [pkgsrc-2015Q2]: phpversion.mk
        pkgsrc/lang/php55 [pkgsrc-2015Q2]: distinfo

Log Message:
Pullup ticket #4791 - requested by taca
lang/php55: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.107
- lang/php55/distinfo                                           1.44

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Aug  8 00:12:22 UTC 2015

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php55: distinfo

   Log Message:
   Update php55 to 5.5.28.

   06 Aug 2015, PHP 5.5.28

   - Core:
     . Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive
       method calls). (Stas)
     . Fixed bug #69892 (Different arrays compare indentical due to integer key
       truncation). (Nikita)
     . Fixed bug #70002 (TS issues with temporary dir handling). (Anatol)
     . Fixed bug #70121 (unserialize() could lead to unexpected methods execution
       / NULL pointer deref). (Stas)

   - OpenSSL:
     . Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
       secure). (Stas)

   - Phar:
     . Improved fix for bug #69441. (Anatol Belski)
     . Fixed bug #70019 (Files extracted from archive may be placed outside of
       destination directory). (Anatol Belski)

   - SOAP:
     . Fixed bug #70081 (SoapClient info leak / null pointer dereference via
        multiple type confusions). (Stas)

   - SPL:
     . Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject
       items). (sean.heelan)
     . Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
       SPLArrayObject). (taoguangchen at icloud dot com)
     . Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
       SplObjectStorage). (taoguangchen at icloud dot com)
     . Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
       SplDoublyLinkedList). (taoguangchen at icloud dot com)


To generate a diff of this commit:
cvs rdiff -u -r1.102.2.4 -r1.102.2.5 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.42.2.1 -r1.42.2.2 pkgsrc/lang/php55/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: [pkgsrc-2015Q2] pkgsrc/lang
Next by Date: CVS commit: [pkgsrc-2015Q2] pkgsrc/lang
Previous by Thread: CVS commit: [pkgsrc-2015Q2] pkgsrc/lang
Next by Thread: CVS commit: [pkgsrc-2015Q2] pkgsrc/lang
Indexes:

Home | Main Index | Thread Index | Old Index