CVS commit: pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/lang
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Fri, 24 Sep 2021 02:27:04 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Fri Sep 24 02:27:04 UTC 2021

Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php74: distinfo

Log Message:
lang/php74: update to 7.4.24

This is security release fixing CVE-2021-21706.

23 Sep 2021, PHP 7.4.24

- Core:
  . Fixed bug #81302 (Stream position after stream filter removed). (cmb)
  . Fixed bug #81346 (Non-seekable streams don't update position after write).
    (cmb)
  . Fixed bug #73122 (Integer Overflow when concatenating strings). (cmb)

-GD:
  . Fixed bug #53580 (During resize gdImageCopyResampled cause colors change).
    (cmb)

- Opcache:
  . Fixed bug #81353 (segfault with preloading and statically bound closure).
    (Nikita)

- Shmop:
  . Fixed bug #81407 (shmop_open won't attach and causes php to crash). (cmb)

- Standard:
  . Fixed bug #71542 (disk_total_space does not work with relative paths). (cmb)
  . Fixed bug #81400 (Unterminated string in dns_get_record() results). (cmb)

- SysVMsg:
  . Fixed bug #78819 (Heap Overflow in msg_send). (cmb)

- XML:
  . Fixed bug #81351 (xml_parse may fail, but has no error code). (cmb, Nikita)

- Zip:
  . Fixed bug #81420 (ZipArchive::extractTo extracts outside of destination).
    (CVE-2021-21706) (cmb)


To generate a diff of this commit:
cvs rdiff -u -r1.340 -r1.341 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.27 -r1.28 pkgsrc/lang/php74/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/php/phpversion.mk
diff -u pkgsrc/lang/php/phpversion.mk:1.340 pkgsrc/lang/php/phpversion.mk:1.341
--- pkgsrc/lang/php/phpversion.mk:1.340 Thu Sep 23 15:48:37 2021
+++ pkgsrc/lang/php/phpversion.mk       Fri Sep 24 02:27:03 2021
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.340 2021/09/23 15:48:37 taca Exp $
+# $NetBSD: phpversion.mk,v 1.341 2021/09/24 02:27:03 taca Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -89,7 +89,7 @@ PHPVERSION_MK=        defined
 # Define each PHP's version.
 PHP56_VERSION= 5.6.40
 PHP73_VERSION= 7.3.31
-PHP74_VERSION= 7.4.23
+PHP74_VERSION= 7.4.24
 PHP80_VERSION= 8.0.11
 
 # Define initial release of major version.

Index: pkgsrc/lang/php74/distinfo
diff -u pkgsrc/lang/php74/distinfo:1.27 pkgsrc/lang/php74/distinfo:1.28
--- pkgsrc/lang/php74/distinfo:1.27     Sat Aug 28 06:22:42 2021
+++ pkgsrc/lang/php74/distinfo  Fri Sep 24 02:27:04 2021
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.27 2021/08/28 06:22:42 taca Exp $
+$NetBSD: distinfo,v 1.28 2021/09/24 02:27:04 taca Exp $
 
-SHA1 (php-7.4.23.tar.xz) = 47bb61cbadd25e1a64ab69566e6bf34e107466a2
-RMD160 (php-7.4.23.tar.xz) = 9735c55365d2ef8fe5b99b7dbbfc909240fe773e
-SHA512 (php-7.4.23.tar.xz) = 659b6bbf9be21a09640529bc088dfd7a494081188e37eb1f2dac2cab92a1084062fd06d550dc8c97bdd7dd9b57f4146e357447be2cb86643bda1d8dbc8a0d4a3
-Size (php-7.4.23.tar.xz) = 10371160 bytes
+SHA1 (php-7.4.24.tar.xz) = 34660781db70c891dcaab046931d38f60464d7e3
+RMD160 (php-7.4.24.tar.xz) = 67a0c7ca2067311ee363e685fc89aba1980b0778
+SHA512 (php-7.4.24.tar.xz) = 30dd0a83d6184791f4cff3edcffeb05470de8f98ddadba3c11544449bf500280ff2048a8ca8588b35d0622dcbbf16f55ea297f51d469ae137048cab2d40da9cd
+Size (php-7.4.24.tar.xz) = 10372816 bytes
 SHA1 (patch-build_libtool.m4) = 3656eb516fb14defd4b0964fe21e117c630be856
 SHA1 (patch-configure) = 5e9c9c06f6d819d5ba2832d648f41363f40f3108
 SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640

Prev by Date: CVS commit: pkgsrc/meta-pkgs/courier
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/meta-pkgs/courier
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index