Pullup ticket #5106 - requested by taca

lang/php70: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.157
- lang/php70/distinfo                                           1.19

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Fri Sep 16 16:10:29 UTC 2016

   Modified Files:
           pkgsrc/lang/php: phpversion.mk
           pkgsrc/lang/php70: distinfo

   Log Message:
   Update php70 to 7.0.11 (PHP 7.0.11).

   15 Sep 2016 PHP 7.0.11

   - Core:
     . Fixed bug #72944 (Null pointer deref in zval_delref_p). (Dmitry)
     . Fixed bug #72943 (assign_dim on string doesn't reset hval). (Laruence)
     . Fixed bug #72911 (Memleak in zend_binary_assign_op_obj_helper). (Laruence)
     . Fixed bug #72813 (Segfault with __get returned by ref). (Laruence)
     . Fixed bug #72767 (PHP Segfaults when trying to expand an infinite operator).
       (Nikita)
     . Fixed bug #72854 (PHP Crashes on duplicate destructor call). (Nikita)
     . Fixed bug #72857 (stream_socket_recvfrom read access violation). (Anatol)

   - COM:
     . Fixed bug #72922 (COM called from PHP does not return out parameters).
       (Anatol)

   - Dba:
     . Fixed bug #70825 (Cannot fetch multiple values with group in ini file).
       (cmb)

   - FTP:
     . Fixed bug #70195 (Cannot upload file using ftp_put to FTPES with
       require_ssl_reuse). (Benedict Singer)

   - GD:
     . Fixed bug #72709 (imagesetstyle() causes OOB read for empty $styles). (cmb)
     . Fixed bug #66005 (imagecopy does not support 1bit transparency on truecolor
       images). (cmb)
     . Fixed bug #72913 (imagecopy() loses single-color transparency on palette
       images). (cmb)
     . Fixed bug #68716 (possible resource leaks in _php_image_convert()). (cmb)

   - iconv:
     . Fixed bug #72320 (iconv_substr returns false for empty strings). (cmb)

   - IMAP:
     . Fixed bug #72852 (imap_mail null dereference). (Anatol)

   - Intl:
     . Fixed bug #65732 (grapheme_*() is not Unicode compliant on CR LF
       sequence). (cmb)
     . Fixed bug #73007 (add locale length check). (Stas)

   - Mysqlnd:
     . Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields). (Stas)

   - OCI8
     . Fixed invalid handle error with Implicit Result Sets. (Chris Jones)
     . Fixed bug #72524 (Binding null values triggers ORA-24816 error). (Chris Jones)

   - Opcache:
     . Fixed bug #72949 (Typo in opcache error message). (cmb)

   - PDO:
     . Fixed bug #72788 (Invalid memory access when using persistent PDO
       connection). (Keyur)
     . Fixed bug #72791 (Memory leak in PDO persistent connection handling). (Keyur)
     . Fixed bug #60665 (call to empty() on NULL result using PDO::FETCH_LAZY
       returns false). (cmb)

   - PDO_DBlib:
     . Implemented stringify 'uniqueidentifier' fields.
       (Alexander Zhuravlev, Adam Baratz)

   - PDO_pgsql:
     . Implemented FR #72633 (Postgres PDO lastInsertId() should work without
       specifying a sequence). (Pablo Santiago Sa'nchez, Matteo)
     . Fixed bug #72759 (Regression in pgo_pgsql). (Anatol)

   - Phar:
     . Fixed bug #72928 (Out of bound when verify signature of zip phar in
       phar_parse_zipfile). (Stas)
     . Fixed bug #73035 (Out of bound when verify signature of tar phar in
       phar_parse_tarfile). (Stas)

   - Reflection:
     . Fixed bug #72846 (getConstant for a array constant with constant values
       returns NULL/NFC/UKNOWN). (Laruence)

   - Session:
     . Fixed bug #72724 (PHP7: session-uploadprogress kills httpd). (Nikita)
     . Fixed bug #72940 (SID always return "name=ID", even if session
       cookie exist). (Yasuo)

   - SimpleXML:
     . Fixed bug #72971 (SimpleXML isset/unset do not respect namespace). (Nikita)
     . Fixed bug #72957 (Null coalescing operator doesn't behave as expected with
       SimpleXMLElement). (Nikita)

   - SPL:
     . Fixed bug #73029 (Missing type check when unserializing SplArray). (Stas)

   - Standard:
     . Fixed bug #55451 (substr_compare NULL length interpreted as 0). (Lauri
       Kentta:)
     . Fixed bug #72278 (getimagesize returning FALSE on valid jpg). (cmb)
     . Fixed bug #65550 (get_browser() incorrectly parses entries with "+" sign).
       (cmb)

   - Streams:
     . Fixed bug #72853 (stream_set_blocking doesn't work). (Laruence)
     . Fixed bug #72764 (ftps:// opendir wrapper data channel encryption fails
       with IIS FTP 7.5, 8.5). (vhuk)
     . Fixed bug #71882 (Negative ftruncate() on php://memory exhausts memory).
       (cmb)

   - SQLite3:
     . Downgraded bundled SQLite to 3.8.10.2. (Anatol);

   - Sysvshm:
     . Fixed bug #72858 (shm_attach null dereference). (Anatol)

   - XML:
     . Fixed bug #72085 (SEGV on unknown address zif_xml_parse). (cmb)
     . Fixed bug #72714 (_xml_startElementHandler() segmentation fault). (cmb)

   - Wddx:
     . Fixed bug #72860 (wddx_deserialize use-after-free). (Stas)
     . Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element). (Stas)

   - ZIP:
     . Fixed bug #68302 (impossible to compile php with zip support). (cmb)

2 files changed, 7 insertions, 7 deletions

diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk
index 9f081c684e1..cf47a4817f0 100644
--- a/lang/php/phpversion.mk
+++ b/lang/php/phpversion.mk
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.141.2.5 2016/09/24 17:21:18 bsiegert Exp $
+# $NetBSD: phpversion.mk,v 1.141.2.6 2016/09/24 17:24:39 bsiegert Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -83,7 +83,7 @@ PHPVERSION_MK=	defined
 # Define each PHP's version.
 PHP55_VERSION=	5.5.38
 PHP56_VERSION=	5.6.26
-PHP70_VERSION=	7.0.10
+PHP70_VERSION=	7.0.11
 
 # Define initial release of major version.
 PHP55_RELDATE=	20130620
diff --git a/lang/php70/distinfo b/lang/php70/distinfo
index 417a66a41bb..b88a2cc21e8 100644
--- a/lang/php70/distinfo
+++ b/lang/php70/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.14.2.2 2016/09/07 19:17:50 bsiegert Exp $
+$NetBSD: distinfo,v 1.14.2.3 2016/09/24 17:24:39 bsiegert Exp $
 
-SHA1 (php-7.0.10.tar.bz2) = cfbf014117dc1c572d1faa14da5c0135c44e1798
-RMD160 (php-7.0.10.tar.bz2) = f2801f69c5d49d434974e098b12de0d261d5ed2f
-SHA512 (php-7.0.10.tar.bz2) = 521ba5f57c1dbd8c8b7c0c2839e7054cce192f6688fd0f6f98bb30802a3bf2990ea3843fd366a18d20960797bd8ff410819847cae5717ec605674fb8a910e0e9
-Size (php-7.0.10.tar.bz2) = 15170680 bytes
+SHA1 (php-7.0.11.tar.bz2) = ece2cad60ff621e38e39f9a8fa998716274c7a45
+RMD160 (php-7.0.11.tar.bz2) = 2ea9bf6e83c31730cbe2a6b2c4ce5b6ac1717969
+SHA512 (php-7.0.11.tar.bz2) = ea3a7b49ffe1e6be25d7388045fe80d776b02ad5c0b332980a0b994fe6e650a08ced1e403ca927ea9a186c19f83e73c17cc451801e40e9a018f289dc2945d66b
+Size (php-7.0.11.tar.bz2) = 14834943 bytes
 SHA1 (patch-acinclude.m4) = b682280fd89950c082c2226bdb7364b0dc475bad
 SHA1 (patch-configure) = a129e19ef87338f6e53ccc967c40ddcde7c7357c
 SHA1 (patch-ext_gd_config.m4) = a7ec1bd0d876657d4b5e597b9aa1e97c2d2801e3