diff options
author | bsiegert <bsiegert> | 2016-09-24 17:21:18 +0000 |
---|---|---|
committer | bsiegert <bsiegert> | 2016-09-24 17:21:18 +0000 |
commit | b5d5bf10ba9305ede3752dbf6078ee7e09ed2f24 (patch) | |
tree | 1ea018405811240122982a6d0d49768820c0ef69 | |
parent | 7c1a3273a71fbb7ff3918584751358b6b1f5ef61 (diff) | |
download | pkgsrc-b5d5bf10ba9305ede3752dbf6078ee7e09ed2f24.tar.gz |
Pullup ticket #5105 - requested by taca
lang/php56: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.156
- lang/php56/distinfo 1.34
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Sep 16 16:09:24 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php56: distinfo
Log Message:
Update php56 to 5.6.26 (PHP 5.6.26).
15 Sep 2016, PHP 5.6.26
- Core:
. Fixed bug #72907 (null pointer deref, segfault in gc_remove_zval_from_buffer
(zend_gc.c:260)). (Laruence)
- Dba:
. Fixed bug #71514 (Bad dba_replace condition because of wrong API usage).
(cmb)
. Fixed bug #70825 (Cannot fetch multiple values with group in ini file).
(cmb)
- EXIF:
. Fixed bug #72926 (Uninitialized Thumbail Data Leads To Memory Leakage in
exif_process_IFD_in_TIFF). (Stas)
- FTP:
. Fixed bug #70195 (Cannot upload file using ftp_put to FTPES with
require_ssl_reuse). (Benedict Singer)
- GD:
. Fixed bug #66005 (imagecopy does not support 1bit transparency on truecolor
images). (cmb)
. Fixed bug #72913 (imagecopy() loses single-color transparency on palette
images). (cmb)
. Fixed bug #68716 (possible resource leaks in _php_image_convert()). (cmb)
- Intl:
. Fixed bug #73007 (add locale length check). (Stas)
- JSON:
. Fixed bug #72787 (json_decode reads out of bounds). (Jakub Zelenka)
- mbstring:
. Fixed bug #66797 (mb_substr only takes 32-bit signed integer). (cmb)
. Fixed bug #72910 (Out of bounds heap read in mbc_to_code() / triggered by
mb_ereg_match()). (Stas)
- MSSQL:
. Fixed bug #72039 (Use of uninitialised value on mssql_guid_string). (Kalle)
- Mysqlnd:
. Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields). (Stas)
- Phar:
. Fixed bug #72928 (Out of bound when verify signature of zip phar in
phar_parse_zipfile). (Stas)
. Fixed bug #73035 (Out of bound when verify signature of tar phar in
phar_parse_tarfile). (Stas)
- PDO:
. Fixed bug #60665 (call to empty() on NULL result using PDO::FETCH_LAZY
returns false). (cmb)
- PDO_pgsql:
. Implemented FR #72633 (Postgres PDO lastInsertId() should work without
specifying a sequence). (Pablo Santiago Sa'nchez, Matteo)
. Fixed bug #72759 (Regression in pgo_pgsql). (Anatol)
- SPL:
. Fixed bug #73029 (Missing type check when unserializing SplArray). (Stas)
- Standard:
. Fixed bug #72823 (strtr out-of-bound access). (cmb)
. Fixed bug #72278 (getimagesize returning FALSE on valid jpg). (cmb)
. Fixed bug #65550 (get_browser() incorrectly parses entries with "+" sign).
(cmb)
. Fixed bug #71882 (Negative ftruncate() on php://memory exhausts memory).
(cmb)
. Fixed bug #73011 (integer overflow in fgets cause heap corruption). (Stas)
. Fixed bug #73017 (memory corruption in wordwrap function). (Stas)
. Fixed bug #73045 (integer overflow in fgetcsv caused heap corruption). (Stas)
. Fixed bug #73052 (Memory Corruption in During Deserialized-object Destruction)
(Stas)
- Streams:
. Fixed bug #72853 (stream_set_blocking doesn't work). (Laruence)
- Wddx:
. Fixed bug #72860 (wddx_deserialize use-after-free). (Stas)
. Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element). (Stas)
- XML:
. Fixed bug #72085 (SEGV on unknown address zif_xml_parse). (cmb)
. Fixed bug #72927 (integer overflow in xml_utf8_encode). (Stas)
- ZIP:
. Fixed bug #68302 (impossible to compile php with zip support). (cmb)
-rw-r--r-- | lang/php/phpversion.mk | 4 | ||||
-rw-r--r-- | lang/php56/distinfo | 10 |
2 files changed, 7 insertions, 7 deletions
diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index 57df253e49a..9f081c684e1 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.141.2.4 2016/09/07 19:17:50 bsiegert Exp $ +# $NetBSD: phpversion.mk,v 1.141.2.5 2016/09/24 17:21:18 bsiegert Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -82,7 +82,7 @@ PHPVERSION_MK= defined # Define each PHP's version. PHP55_VERSION= 5.5.38 -PHP56_VERSION= 5.6.25 +PHP56_VERSION= 5.6.26 PHP70_VERSION= 7.0.10 # Define initial release of major version. diff --git a/lang/php56/distinfo b/lang/php56/distinfo index 2e0ab1b5ab2..a6bf5282086 100644 --- a/lang/php56/distinfo +++ b/lang/php56/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.28.2.2 2016/09/07 18:23:59 bsiegert Exp $ +$NetBSD: distinfo,v 1.28.2.3 2016/09/24 17:21:18 bsiegert Exp $ -SHA1 (php-5.6.25.tar.bz2) = 7d0274f6f0e8db35edc56d47d2d65fdf851820b9 -RMD160 (php-5.6.25.tar.bz2) = 04b56cc6c3f7b649dd37e2c8bdaea31f03fa4a5e -SHA512 (php-5.6.25.tar.bz2) = 675a5244822f00abd93ec4ef31c539a4c305cab0aaf4735f6cbe037507853ba3f1691fcbaf1cf54dde106d918c22337bb600ed78c38351d4405da8ffdc5d50e0 -Size (php-5.6.25.tar.bz2) = 14923535 bytes +SHA1 (php-5.6.26.tar.bz2) = d0e05dbc4d1be0e316cadee64f5bda83a16932a9 +RMD160 (php-5.6.26.tar.bz2) = eedd93ab6808d86055a7e5f41ca3b92ea7feee63 +SHA512 (php-5.6.26.tar.bz2) = fcac6ff1db2d3a897ce7253735216b3784568167d7e1c3738409c45f72bdce6708d42c6935c13c28f16da15218213b202e959fb68355b5c692fdc54a7393b553 +Size (php-5.6.26.tar.bz2) = 14927510 bytes SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8 SHA1 (patch-configure) = 5d76f71aa903efa3c3491b908ff76419aa4af27c SHA1 (patch-ext_gd_config.m4) = 4b44853250eb4a638af4c663e618307ff25d2cbd |