CVS commit: [pkgsrc-2015Q4] pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2015Q4] pkgsrc/lang
From: "Benny Siegert" <bsiegert%netbsd.org@localhost>
Date: Wed, 10 Feb 2016 20:45:48 +0000

Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Wed Feb 10 20:45:48 UTC 2016

Modified Files:
        pkgsrc/lang/php [pkgsrc-2015Q4]: phpversion.mk
        pkgsrc/lang/php70 [pkgsrc-2015Q4]: distinfo
Added Files:
        pkgsrc/lang/php70/patches [pkgsrc-2015Q4]:
            patch-ext_pcre_pcrelib_config.h

Log Message:
Pullup ticket #4918 - requested by taca
lang/php70: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.125
- lang/php70/distinfo                                           1.4-1.5
- lang/php70/patches/patch-ext_pcre_pcrelib_config.h            1.1-1.2

---
   Module Name: pkgsrc
   Committed By:        jklos
   Date:                Thu Jan 21 21:47:24 UTC 2016

   Modified Files:
        pkgsrc/lang/php70: distinfo
   Added Files:
        pkgsrc/lang/php70/patches: patch-ext_pcre_pcrelib_config.h

   Log Message:
   Selectively enable just-in-time support in PCRE for supported architectures.
   Same issue as seen in older php:
   https://mail-index.netbsd.org/pkgsrc-bugs/2015/09/13/msg057792.html

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Feb  6 07:14:44 UTC 2016

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php70: distinfo
        pkgsrc/lang/php70/patches: patch-ext_pcre_pcrelib_config.h

   Log Message:
   Update php70 to 7.0.3 (PHP 7.0.3).

   04 Feb 2016 PHP 7.0.3

   - Core:
     . Added support for new HTTP 451 code. (Julien)
     . Fixed bug #71039 (exec functions ignore length but look for NULL termination).
       (Anatol)
     . Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
     . Fixed bug #71201 (round() segfault on 64-bit builds). (Anatol)
     . Fixed bug #71221 (Null pointer deref (segfault) in get_defined_vars via
       ob_start). (hugh at allthethings dot co dot nz)
     . Fixed bug #71248 (Wrong interface is enforced). (Dmitry)
     . Fixed bug #71273 (A wrong ext directory setup in php.ini leads to crash).
       (Anatol)
     . Fixed Bug #71275 (Bad method called on cloning an object having a trait).
       (Bob)
     . Fixed bug #71297 (Memory leak with consecutive yield from). (Bob)
     . Fixed bug #71300 (Segfault in zend_fetch_string_offset). (Laruence)
     . Fixed bug #71314 (var_export(INF) prints INF.0). (Andrea)
     . Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its
       input). (Leo Gaspard)
     . Fixed bug #71336 (Wrong is_ref on properties as exposed via
       get_object_vars()). (Laruence)
     . Fixed bug #71459 (Integer overflow in iptcembed()). (Stas)

   - Apache2handler:
     . Fix >2G Content-Length headers in apache2handler. (Adam Harvey)

   - CURL:
     . Fixed bug #71227 (Can't compile php_curl statically). (Anatol)
     . Fixed bug #71225 (curl_setopt() fails to set CURLOPT_POSTFIELDS with
       reference to CURLFile). (Laruence)

   - Interbase:
     . Fixed Bug #71305 (Crash when optional resource is omitted).
     (Laruence, Anatol)

   - LDAP:
     . Fixed bug #71249 (ldap_mod_replace/ldap_mod_add store value as string
       "Array"). (Laruence)

   - mbstring:
     . Fixed bug #71397 (mb_send_mail segmentation fault). (Andrea, Yasuo)

   - OpenSSL:
     . Fixed bug #71475 (openssl_seal() uninitialized memory usage). (Stas)

   - Phar:
     . Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (Stas)
     . Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
       (Stas)
     . Fixed bug #71488 (Stack overflow when decompressing tar archives). (Stas)

   - SOAP:
     . Fixed bug #70979 (crash with bad soap request). (Anatol)

   - SPL:
     . Fixed bug #71204 (segfault if clean spl_autoload_funcs while autoloading).
       (Laruence)
     . Fixed bug #71202 (Autoload function registered by another not activated
       immediately). (Laruence)
     . Fixed bug #71311 (Use-after-free vulnerability in SPL(ArrayObject,
       unserialize)). (Sean Heelan)
     . Fixed bug #71313 (Use-after-free vulnerability in SPL(SplObjectStorage,
       unserialize)). (Sean Heelan)

   - Standard:
     . Fixed bug #71287 (Error message contains hexadecimal instead of decimal
       number). (Laruence)
     . Fixed bug #71264 (file_put_contents() returns unexpected value when
       filesystem runs full). (Laruence)
     . Fixed bug #71245 (file_get_contents() ignores "header" context option if
       it's a reference). (Laruence)
     . Fixed bug #71220 (Null pointer deref (segfault) in compact via ob_start).
       (hugh at allthethings dot co dot nz)
     . Fixed bug #71190 (substr_replace converts integers in original $search
       array to strings). (Laruence)
     . Fixed bug #71188 (str_replace converts integers in original $search array
       to strings). (Laruence)
     . Fixed bug #71132, #71197 (range() segfaults). (Thomas Punt)

   - WDDX:
     . Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization). (Stas)


To generate a diff of this commit:
cvs rdiff -u -r1.119.2.5 -r1.119.2.6 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.2.2.1 -r1.2.2.2 pkgsrc/lang/php70/distinfo
cvs rdiff -u -r0 -r1.2.2.2 \
    pkgsrc/lang/php70/patches/patch-ext_pcre_pcrelib_config.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: [pkgsrc-2015Q4] pkgsrc/lang
Next by Date: CVS commit: [pkgsrc-2015Q4] pkgsrc/doc
Previous by Thread: CVS commit: [pkgsrc-2015Q4] pkgsrc/lang
Next by Thread: CVS commit: [pkgsrc-2015Q4] pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index