diff options
author | tron <tron@pkgsrc.org> | 2014-06-02 15:51:10 +0000 |
---|---|---|
committer | tron <tron@pkgsrc.org> | 2014-06-02 15:51:10 +0000 |
commit | c95465f3284e931c89797764abb1ed20a2546ca6 (patch) | |
tree | 1c3245131f61a7f5f292d4cad95fcb9eca8b7fc4 | |
parent | cadc2f1b3bdf823d0c41d8791a3c8647826dd306 (diff) | |
download | pkgsrc-c95465f3284e931c89797764abb1ed20a2546ca6.tar.gz |
Pullup ticket #4428 - requested by taca
lang/php54: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.64
- lang/php54/Makefile.php 1.8
- lang/php54/distinfo 1.40
---
Module Name: pkgsrc
Committed By: taca
Date: Sat May 31 04:28:57 UTC 2014
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php54: Makefile.php distinfo
Log Message:
Update php54 to 5.4.29, contains fix for CVE-2014-0237 and CVE-2014-0238.
29 May 2014, PHP 5.4.29
- COM:
. Fixed bug #66431 (Special Character via COM Interface (CP_UTF8)). (Anatol)
- Core:
. Fixed bug #65701 (copy() doesn't work when destination filename is created
by tempnam()). (Boro Sitnikovski)
. Fixed bug #67072 (Echoing unserialized "SplFileObject" crash). (Anatol)
. Fixed bug #67245 (usage of memcpy() with overlapping src and dst in
zend_exceptions.c). (Bob)
. Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas)
. Fixed bug #67249 (printf out-of-bounds read). (Stas)
. Fixed bug #67250 (iptcparse out-of-bounds read). (Stas)
. Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas)
- Date:
. Fixed bug #67118 (DateTime constructor crash with invalid data). (Anatol)
. Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas)
. Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). (Stas)
- DOM:
. Fixed bug #67081 (DOMDocumentType->internalSubset returns entire DOCTYPE tag,
not only the subset). (Anatol)
- Fileinfo:
. Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol)
. Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS).
(CVE-2014-0238)
. Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in
performance degradation). (CVE-2014-0237)
- FPM:
. Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor).
(Julio Pintos)
- Phar:
. Fix bug #64498 ($phar->buildFromDirectory can't compress file with an accent
in its name). (PR #588)
-rw-r--r-- | lang/php/phpversion.mk | 4 | ||||
-rw-r--r-- | lang/php54/Makefile.php | 6 | ||||
-rw-r--r-- | lang/php54/distinfo | 8 |
3 files changed, 8 insertions, 10 deletions
diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index 53430605186..40c3c0ebf22 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.58.2.2 2014/06/02 15:33:45 tron Exp $ +# $NetBSD: phpversion.mk,v 1.58.2.3 2014/06/02 15:51:10 tron Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -82,7 +82,7 @@ PHPVERSION_MK= defined # Define each PHP's version. PHP53_VERSION= 5.3.28 -PHP54_VERSION= 5.4.28 +PHP54_VERSION= 5.4.29 PHP55_VERSION= 5.5.13 # Define initial release of major version. diff --git a/lang/php54/Makefile.php b/lang/php54/Makefile.php index 59b0264bc37..68052da8f45 100644 --- a/lang/php54/Makefile.php +++ b/lang/php54/Makefile.php @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.php,v 1.6.6.1 2014/06/01 13:20:22 spz Exp $ +# $NetBSD: Makefile.php,v 1.6.6.2 2014/06/02 15:51:10 tron Exp $ # used by lang/php54/Makefile # used by www/ap-php/Makefile # used by www/php-fpm/Makefile @@ -42,9 +42,7 @@ CONFIGURE_ARGS+= --with-libxml-dir=${PREFIX} .include "../../textproc/libxml2/buildlink3.mk" -# Note: This expression is the same as ${PKGBASE}, but the latter is -# not defined yet, so we cannot use it here. -PKG_OPTIONS_VAR= PKG_OPTIONS.${PKGNAME:C/-[0-9].*//} +PKG_OPTIONS_VAR= PKG_OPTIONS.${PHP_PKG_PREFIX} PKG_SUPPORTED_OPTIONS+= inet6 ssl maintainer-zts readline PKG_SUGGESTED_OPTIONS+= inet6 ssl diff --git a/lang/php54/distinfo b/lang/php54/distinfo index ffea185d6bb..75e0aef1c45 100644 --- a/lang/php54/distinfo +++ b/lang/php54/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.36.2.1 2014/06/01 13:20:22 spz Exp $ +$NetBSD: distinfo,v 1.36.2.2 2014/06/02 15:51:10 tron Exp $ -SHA1 (php-5.4.28.tar.bz2) = 857d458b0daf89f36f8d652c5d8bd5fe509bc691 -RMD160 (php-5.4.28.tar.bz2) = 22f3ac1c56b104a9fa615a26aa90b5591dea29ef -Size (php-5.4.28.tar.bz2) = 12266216 bytes +SHA1 (php-5.4.29.tar.bz2) = 199cfe6ba44732d737e03e5321ea9399823759d7 +RMD160 (php-5.4.29.tar.bz2) = 38e3d70fe04cf458f4615355857ded9a90df67e4 +Size (php-5.4.29.tar.bz2) = 12293765 bytes SHA1 (patch-acinclude.m4) = 71635e5381abf99a9fc9f2537b1c2f18e8096f00 SHA1 (patch-aclocal.m4) = eae2ed8ea2985933c4fe88ba52577c14ac88eb92 SHA1 (patch-build_libtool.m4) = 6dfef7c07a42dc54611c104265ef43c50a4e88ca |