Update php56 to 5.6.6 (PHP 5.6.6).

19 Feb 2015, PHP 5.6.6

- Core:
  . Removed support for multi-line headers, as the are deprecated by RFC 7230.
    (Stas)
  . Fixed bug #67068 (getClosure returns somethings that's not a closure).
    (Danack at basereality dot com)
  . Fixed bug #68942 (Use after free vulnerability in unserialize() with
    DateTimeZone). (CVE-2015-0273) (Stas)
  . Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname
    buffer overflow). (Stas)
  . Fixed Bug #67988 (htmlspecialchars() does not respect default_charset
    specified by ini_set) (Yasuo)
  . Added NULL byte protection to exec, system and passthru. (Yasuo)

- Dba:
  . Fixed bug #68711 (useless comparisons). (bugreports at internot dot info)

- Enchant:
  . Fixed bug #68552 (heap buffer overflow in enchant_broker_request_dict()).
    (Antony)

- Fileinfo:
  . Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers)
  . Fixed bug #67647 (Bundled libmagic 5.17 does not detect quicktime files
    correctly). (Anatol)
  . Fixed bug #68731 (finfo_buffer doesn't extract the correct mime with some
    gifs). (Anatol)

- FPM:
  . Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle)
  . Fixed bug #68571 (core dump when webserver close the socket).
    (redfoxli069 at gmail dot com, Laruence)

- JSON:
  . Fixed bug #50224 (json_encode() does not always encode a float as a float)
    by adding JSON_PRESERVE_ZERO_FRACTION. (Juan Basso)

- LIBXML:
  . Fixed bug #64938 (libxml_disable_entity_loader setting is shared
    between threads). (Martin Jansen)

- Mysqli:
  . Fixed bug #68114 (linker error on some OS X machines with fixed
    width decimal support) (Keyur Govande)
  . Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient
    has rounding errors) (Keyur Govande)

- Opcache:
  . Fixed bug with try blocks being removed when extended_info opcode
    generation is turned on. (Laruence)

- PDO_mysql:
  . Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of
    named pipes). (steffenb198 at aol dot com)

- Phar:
  . Fixed bug #68901 (use after free). (bugreports at internot dot info)

- Pgsql:
  . Fixed Bug #65199 (pg_copy_from() modifies input array variable) (Yasuo)

- Session:
  . Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo)
  . Fixed Bug #66623 (no EINTR check on flock) (Yasuo)
  . Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo)

- Sqlite3:
  . Fixed bug #68260 (SQLite3Result::fetchArray declares wrong
    required_num_args). (Julien)

- Standard:
  . Fixed bug #65272 (flock() out parameter not set correctly in windows).
    (Daniel Lowrey)
  . Fixed bug #69033 (Request may get env. variables from previous requests
    if PHP works as FastCGI). (Anatol)

- Streams:
  . Fixed bug which caused call after final close on streams filter. (Bob)

7 files changed, 9 insertions, 107 deletions

diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk
index 63373164059..0cef49ab1f4 100644
--- a/lang/php/phpversion.mk
+++ b/lang/php/phpversion.mk
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.87 2015/02/19 13:35:24 taca Exp $
+# $NetBSD: phpversion.mk,v 1.88 2015/02/20 01:17:49 taca Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -84,7 +84,7 @@ PHPVERSION_MK=	defined
 PHP53_VERSION=	5.3.29
 PHP54_VERSION=	5.4.38
 PHP55_VERSION=	5.5.22
-PHP56_VERSION=	5.6.5
+PHP56_VERSION=	5.6.6
 
 # Define initial release of major version.
 PHP53_RELDATE=	20090630
diff --git a/lang/php56/Makefile b/lang/php56/Makefile
index 28516c304d1..e487cc7973c 100644
--- a/lang/php56/Makefile
+++ b/lang/php56/Makefile
@@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.3 2015/02/19 00:23:20 sevan Exp $
+# $NetBSD: Makefile,v 1.4 2015/02/20 01:17:49 taca Exp $
 
 #
 # We can't omit PKGNAME here to handle PKG_OPTIONS.
 #
 PKGNAME=		php-${PHP_BASE_VERS}
-PKGREVISION=		1
 CATEGORIES=		lang
 
 HOMEPAGE=		http://www.php.net/
diff --git a/lang/php56/PLIST b/lang/php56/PLIST
index 74897edc836..8e293abf7a3 100644
--- a/lang/php56/PLIST
+++ b/lang/php56/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.1 2014/11/24 15:37:08 taca Exp $
+@comment $NetBSD: PLIST,v 1.2 2015/02/20 01:17:49 taca Exp $
 bin/phar
 bin/phar.phar
 bin/php
@@ -96,6 +96,7 @@ include/php/ext/hash/php_hash_tiger.h
 include/php/ext/hash/php_hash_whirlpool.h
 include/php/ext/libxml/php_libxml.h
 include/php/ext/mysqlnd/config-win.h
+include/php/ext/mysqlnd/mysql_float_to_double.h
 include/php/ext/mysqlnd/mysqlnd.h
 include/php/ext/mysqlnd/mysqlnd_alloc.h
 include/php/ext/mysqlnd/mysqlnd_block_alloc.h
diff --git a/lang/php56/distinfo b/lang/php56/distinfo
index a216bb193e3..97482fbef42 100644
--- a/lang/php56/distinfo
+++ b/lang/php56/distinfo
@@ -1,15 +1,12 @@
-$NetBSD: distinfo,v 1.5 2015/02/19 00:23:20 sevan Exp $
+$NetBSD: distinfo,v 1.6 2015/02/20 01:17:49 taca Exp $
 
-SHA1 (php-5.6.5.tar.bz2) = a523a13110a66f020c36f088089d2c5c7de9f6a9
-RMD160 (php-5.6.5.tar.bz2) = 9c9219b69187c2b14c9bb3b74ef30a65dbf458ed
-Size (php-5.6.5.tar.bz2) = 13556146 bytes
+SHA1 (php-5.6.6.tar.bz2) = 6795db456f66193634ff38cf8039636b168eda3c
+RMD160 (php-5.6.6.tar.bz2) = 8d9a30c550397b9863cefbb7ea012b6a7e7e26ff
+Size (php-5.6.6.tar.bz2) = 13687928 bytes
 SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8
 SHA1 (patch-aclocal.m4) = 49117c42e03bd3ed57d967d33ba543f936013b4f
 SHA1 (patch-build_libtool.m4) = f459cda09cbdad9780568d271091fb17bbc5d965
 SHA1 (patch-configure) = d3d44c814deb0264fd4fc41908c2ff31fde00b0d
-SHA1 (patch-ext_date_php_date.c) = a5d594d5b054f170f5cd129c0a9ddec6334cce9a
-SHA1 (patch-ext_date_tests_bug68942.phpt) = d3ebf7a5f78bf8b4b3f1a0c85d40480c335b491e
-SHA1 (patch-ext_date_tests_bug68942_2.phpt) = af2a9ffef7c7f0ecf5425e96cfb67dd3beac6827
 SHA1 (patch-ext_gd_config.m4) = 4b44853250eb4a638af4c663e618307ff25d2cbd
 SHA1 (patch-ext_imap_config.m4) = 9c6ed6966366c4fe1b7cfd34b5910e2ff0e68577
 SHA1 (patch-ext_mssql_php__mssql.c) = c4fa9231dc539ffb027f1beb6f182f21ddb94a3c
diff --git a/lang/php56/patches/patch-ext_date_php_date.c b/lang/php56/patches/patch-ext_date_php_date.c
deleted file mode 100644
index ded8beba396..00000000000
--- a/lang/php56/patches/patch-ext_date_php_date.c
+++ /dev/null
@@ -1,63 +0,0 @@
-$NetBSD: patch-ext_date_php_date.c,v 1.1 2015/02/19 00:23:20 sevan Exp $
-
-Fix CVE-2015-0273 / bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)
-
---- ext/date/php_date.c.orig	2015-01-21 00:40:37.000000000 +0000
-+++ ext/date/php_date.c
-@@ -2807,12 +2807,9 @@ static int php_date_initialize_from_hash
- 	timelib_tzinfo   *tzi;
- 	php_timezone_obj *tzobj;
- 
--	if (zend_hash_find(myht, "date", 5, (void**) &z_date) == SUCCESS) {
--		convert_to_string(*z_date);
--		if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS) {
--			convert_to_long(*z_timezone_type);
--			if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS) {
--				convert_to_string(*z_timezone);
-+	if (zend_hash_find(myht, "date", 5, (void**) &z_date) == SUCCESS && Z_TYPE_PP(z_date) == IS_STRING) {
-+		if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS && Z_TYPE_PP(z_timezone_type) == IS_LONG) {
-+			if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS && Z_TYPE_PP(z_timezone) == IS_STRING) {
- 
- 				switch (Z_LVAL_PP(z_timezone_type)) {
- 					case TIMELIB_ZONETYPE_OFFSET:
-@@ -2827,7 +2824,6 @@ static int php_date_initialize_from_hash
- 
- 					case TIMELIB_ZONETYPE_ID: {
- 						int ret;
--						convert_to_string(*z_timezone);
- 
- 						tzi = php_date_parse_tzfile(Z_STRVAL_PP(z_timezone), DATE_TIMEZONEDB TSRMLS_CC);
- 
-@@ -3744,9 +3740,8 @@ static int php_date_timezone_initialize_
- 	zval            **z_timezone = NULL;
- 	zval            **z_timezone_type = NULL;
- 
--	if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS) {
-+	if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS && Z_TYPE_PP(z_timezone_type) == IS_LONG) {
- 		if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS) {
--			convert_to_long(*z_timezone_type);
- 			if (SUCCESS == timezone_initialize(*tzobj, Z_STRVAL_PP(z_timezone) TSRMLS_CC)) {
- 				return SUCCESS;
- 			}
-@@ -3771,7 +3766,9 @@ PHP_METHOD(DateTimeZone, __set_state)
- 
- 	php_date_instantiate(date_ce_timezone, return_value TSRMLS_CC);
- 	tzobj = (php_timezone_obj *) zend_object_store_get_object(return_value TSRMLS_CC);
--	php_date_timezone_initialize_from_hash(&return_value, &tzobj, myht TSRMLS_CC);
-+	if(php_date_timezone_initialize_from_hash(&return_value, &tzobj, myht TSRMLS_CC) != SUCCESS) {
-+		php_error_docref(NULL, E_ERROR, "Timezone initialization failed");
-+	}
- }
- /* }}} */
- 
-@@ -3787,7 +3784,9 @@ PHP_METHOD(DateTimeZone, __wakeup)
- 
- 	myht = Z_OBJPROP_P(object);
- 	
--	php_date_timezone_initialize_from_hash(&return_value, &tzobj, myht TSRMLS_CC);
-+	if(php_date_timezone_initialize_from_hash(&return_value, &tzobj, myht TSRMLS_CC) != SUCCESS) {
-+		php_error_docref(NULL, E_ERROR, "Timezone initialization failed");
-+	}
- }
- /* }}} */
- 
diff --git a/lang/php56/patches/patch-ext_date_tests_bug68942.phpt b/lang/php56/patches/patch-ext_date_tests_bug68942.phpt
deleted file mode 100644
index b2411fa0dcf..00000000000
--- a/lang/php56/patches/patch-ext_date_tests_bug68942.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-ext_date_tests_bug68942.phpt,v 1.1 2015/02/19 00:23:20 sevan Exp $
-
-Test CVE-2015-0273 / bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)
-
---- ext/date/tests/bug68942.phpt.orig	2015-02-18 23:36:15.000000000 +0000
-+++ ext/date/tests/bug68942.phpt
-@@ -0,0 +1,9 @@
-+--TEST--
-+Bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone).
-+--FILE--
-+<?php
-+$data = unserialize('a:2:{i:0;O:12:"DateTimeZone":2:{s:13:"timezone_type";a:2:{i:0;i:1;i:1;i:2;}s:8:"timezone";s:1:"A";}i:1;R:4;}');
-+var_dump($data);
-+?>
-+--EXPECTF--
-+Fatal error: DateTimeZone::__wakeup(): Timezone initialization failed in %s/bug68942.php on line %d
diff --git a/lang/php56/patches/patch-ext_date_tests_bug68942_2.phpt b/lang/php56/patches/patch-ext_date_tests_bug68942_2.phpt
deleted file mode 100644
index 10a47b4b67e..00000000000
--- a/lang/php56/patches/patch-ext_date_tests_bug68942_2.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-ext_date_tests_bug68942_2.phpt,v 1.1 2015/02/19 00:23:20 sevan Exp $
-
-Test CVE-2015-0273 / bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)
-
---- ext/date/tests/bug68942_2.phpt.orig	2015-02-18 23:37:44.000000000 +0000
-+++ ext/date/tests/bug68942_2.phpt
-@@ -0,0 +1,9 @@
-+--TEST--
-+Bug #68942 (Use after free vulnerability in unserialize() with DateTime).
-+--FILE--
-+<?php
-+$data = unserialize('a:2:{i:0;O:8:"DateTime":3:{s:4:"date";s:26:"2000-01-01 00:00:00.000000";s:13:"timezone_type";a:2:{i:0;i:1;i:1;i:2;}s:8:"timezone";s:1:"A";}i:1;R:5;}');
-+var_dump($data);
-+?>
-+--EXPECTF--
-+Fatal error: Invalid serialization data for DateTime object in %s/bug68942_2.php on line %d