diff options
author | taca <taca@pkgsrc.org> | 2014-08-23 16:09:21 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2014-08-23 16:09:21 +0000 |
commit | f3f6a426b3c36519f8b38ba1bb9b784ee4e778e8 (patch) | |
tree | 0b2e4f19b25e0c6e2b77eecfaf348888f7c455a9 | |
parent | 8d8bf65e85228c864c82988bfb4a257cb154e446 (diff) | |
download | pkgsrc-f3f6a426b3c36519f8b38ba1bb9b784ee4e778e8.tar.gz |
Update php55 to 5.5.16 (PHP 5.5.16).
21 Aug 2014, PHP 5.5.16
- COM:
. Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas).
- Fileinfo:
. Fixed bug #67705 (extensive backtracking in rule regular expression).
(CVE-2014-3538) (Remi)
. Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587) (Remi)
- FPM:
. Fixed bug #67635 (php links to systemd libraries without using pkg-config).
(pacho@gentoo.org, Remi)
- GD:
. Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference).
(CVE-2014-2497) (Remi)
. Fixed bug #67730 (Null byte injection possible with imagexxx functions).
(CVE-2014-5120) (Ryan Mauger)
- Milter:
. Fixed bug #67715 (php-milter does not build and crashes randomly). (Mike)
- OpenSSL:
. Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).
- readline:
. Fixed bug #55496 (Interactive mode doesn't force a newline before the
prompt). (Bob, Johannes)
. Fixed bug #67496 (Save command history when exiting interactive shell
with control-c). (Dmitry Saprykin, Johannes)
- Sessions:
. Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).
- Core:
. Fixed bug #67693 (incorrect push to the empty array) (Tjerk)
. Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597) (Remi)
- ODBC:
. Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte
char fields). (Keyur)
-rw-r--r-- | lang/php/phpversion.mk | 4 | ||||
-rw-r--r-- | lang/php55/distinfo | 9 | ||||
-rw-r--r-- | lang/php55/patches/patch-ext_gd_libgd_gdxpm.c | 31 |
3 files changed, 6 insertions, 38 deletions
diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index d682bb64915..3378824efaf 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.70 2014/08/23 16:07:24 taca Exp $ +# $NetBSD: phpversion.mk,v 1.71 2014/08/23 16:09:21 taca Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -83,7 +83,7 @@ PHPVERSION_MK= defined # Define each PHP's version. PHP53_VERSION= 5.3.29 PHP54_VERSION= 5.4.32 -PHP55_VERSION= 5.5.15 +PHP55_VERSION= 5.5.16 # Define initial release of major version. PHP53_RELDATE= 20090630 diff --git a/lang/php55/distinfo b/lang/php55/distinfo index 9bf1af59a83..f39b191f484 100644 --- a/lang/php55/distinfo +++ b/lang/php55/distinfo @@ -1,14 +1,13 @@ -$NetBSD: distinfo,v 1.27 2014/07/26 00:11:55 taca Exp $ +$NetBSD: distinfo,v 1.28 2014/08/23 16:09:21 taca Exp $ -SHA1 (php-5.5.15.tar.bz2) = 7e487b27342994e405180dd11a01921b7f34161f -RMD160 (php-5.5.15.tar.bz2) = 16871d2a9afb0c23e313d6759cfed3dceef4d30b -Size (php-5.5.15.tar.bz2) = 13244903 bytes +SHA1 (php-5.5.16.tar.bz2) = 36c007e24a440f97c4f56ac094ac5e271dbd1a11 +RMD160 (php-5.5.16.tar.bz2) = dc0f15b662c37e99a5eea728774e29a54fb58db7 +Size (php-5.5.16.tar.bz2) = 13257031 bytes SHA1 (patch-acinclude.m4) = 9e9c433e4cb96e469f7cf14b2064a0f41fc4568a SHA1 (patch-aclocal.m4) = 46f192351e541453b1e32299acd1b4cfefc93cb2 SHA1 (patch-build_libtool.m4) = 3811edd697fd21eadc4f65cba35c6297141e8ff2 SHA1 (patch-configure) = e81731b426b31656de72a4e4b3ad341b5ac34f82 SHA1 (patch-ext_gd_config.m4) = 91c9798333d4776856a0a9e20196986856b758b2 -SHA1 (patch-ext_gd_libgd_gdxpm.c) = 9a175417fad9ac23037a24122f8d1258b9eebbcb SHA1 (patch-ext_imap_config.m4) = 01681e8b54ee586ec4db72a5da2d0aec3fa89fcc SHA1 (patch-ext_mssql_php__mssql.c) = 4ef1837850443e9db2e71620a3ddaed5ab5c435b SHA1 (patch-ext_opcache_config.m4) = 7c0d98feaeec8a0ca61f6f77a1906aa2d601be3f diff --git a/lang/php55/patches/patch-ext_gd_libgd_gdxpm.c b/lang/php55/patches/patch-ext_gd_libgd_gdxpm.c deleted file mode 100644 index 69500e3e012..00000000000 --- a/lang/php55/patches/patch-ext_gd_libgd_gdxpm.c +++ /dev/null @@ -1,31 +0,0 @@ -$NetBSD: patch-ext_gd_libgd_gdxpm.c,v 1.1 2014/05/11 11:20:47 he Exp $ - -Patch to fix CVE-2014-2497, taken from -https://bugs.php.net/patch-display.php?bug_id=66901 - ---- ext/gd/libgd/gdxpm.c.orig 2014-04-29 08:04:30.000000000 +0000 -+++ ext/gd/libgd/gdxpm.c -@@ -39,6 +39,13 @@ gdImagePtr gdImageCreateFromXpm (char *f - number = image.ncolors; - colors = (int *) safe_emalloc(number, sizeof(int), 0); - for (i = 0; i < number; i++) { -+ if (!image.colorTable[i].c_color) -+ { -+ /* unsupported color key or color key not defined */ -+ gdImageDestroy(im); -+ im = 0; -+ goto done; -+ } - switch (strlen (image.colorTable[i].c_color)) { - case 4: - buf[1] = '\0'; -@@ -125,8 +132,8 @@ gdImagePtr gdImageCreateFromXpm (char *f - } - } - -- gdFree(colors); - done: -+ gdFree(colors); - XpmFreeXpmImage(&image); - XpmFreeXpmInfo(&info); - return im; |