CVS commit: pkgsrc/lang

["Takahiro Kambe" <taca%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   taca
Date:           Fri Jan  8 03:29:12 UTC 2016

Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php70: distinfo

Log Message:
Update php70 to 7.0.2, including security fix.

07 Jan 2016 PHP 7.0.2

- Core:
  . Fixed bug #71165 (-DGC_BENCH=1 doesn't work on PHP7).
    (y dot uchiyama dot 1015 at gmail dot com)
  . Fixed bug #71163 (Segmentation Fault: cleanup_unfinished_calls). (Laruence)
  . Fixed bug #71109 (ZEND_MOD_CONFLICTS("xdebug") doesn't work). (Laruence)
  . Fixed bug #71092 (Segmentation fault with return type hinting). (Laruence)
  . Fixed bug memleak in header_register_callback. (Laruence)
  . Fixed bug #71067 (Local object in class method stays in memory for each
    call). (Laruence)
  . Fixed bug #66909 (configure fails utf8_to_mutf7 test). (Michael Orlitzky)
  . Fixed bug #70781 (Extension tests fail on dynamic ext dependency).
    (Francois Laupretre)
  . Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
  . Fixed bug #71086 (Invalid numeric literal parse error within
    highlight_string() function). (Nikita)
  . Fixed bug #71154 (Incorrect HT iterator invalidation causes iterator reuse).
    (Nikita)
  . Fixed bug #52355 (Negating zero does not produce negative zero). (Andrea)
  . Fixed bug #66179 (var_export() exports float as integer). (Andrea)
  . Fixed bug #70804 (Unary add on negative zero produces positive zero).
    (Andrea)

- CURL:
  . Fixed bug #71144 (Sementation fault when using cURL with ZTS).
    (Michael Maroszek, Laruence)

- DBA:
  . Fixed key leak with invalid resource. (Laruence)

- Filter:
  . Fixed bug #71063 (filter_input(INPUT_ENV, ..) does not work). (Reeze Xia)

- FTP:
  . Implemented FR #55651 (Option to ignore the returned FTP PASV address).
    (abrender at elitehosts dot com)

- FPM:
  . Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). (Stas)

- GD:
  . Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index
    Out of Bounds). (emmanuel dot law at gmail dot com).

- Mbstring:
  . Fixed bug #71066 (mb_send_mail: Program terminated with signal SIGSEGV,
    Segmentation fault). (Laruence)

- Opcache:
  . Fixed bug #71127 (Define in auto_prepend_file is overwrite). (Laruence)

- PCRE:
  . Fixed bug #71178 (preg_replace with arrays creates [0] in replace array
    if not already set). (Laruence)

- Readline:
  . Fixed bug #71094 (readline_completion_function corrupts static array on
    second TAB). (Nikita)

- Session:
  . Fixed bug #71122 (Session GC may not remove obsolete session data). (Yasuo)

- SPL:
  . Fixed bug #71077 (ReflectionMethod for ArrayObject constructor returns
    wrong number of parameters). (Laruence)
  . Fixed bug #71153 (Performance Degradation in ArrayIterator with large
    arrays). (Nikita)

- Standard:
  . Fixed bug #71270 (Heap BufferOver Flow in escapeshell functions).
    (emmanuel dot law at gmail dot com)

- WDDX:
  . Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).
    (taoguangchen at icloud dot com)
  . Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion
    Vulnerability). (taoguangchen at icloud dot com)

- XMLRPC
  . Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker).
    (Julien)


To generate a diff of this commit:
cvs rdiff -u -r1.121 -r1.122 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php70/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.