Pullup ticket #4946 - requested by taca

lang/php70: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.128
- lang/php70/distinfo                                           1.6
- lang/php70/patches/patch-configure                            1.2
- lang/php70/patches/patch-ext_opcache_config.m4                deleted

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Sat Mar  5 05:20:17 UTC 2016

   Modified Files:
           pkgsrc/lang/php: phpversion.mk
           pkgsrc/lang/php70: distinfo
           pkgsrc/lang/php70/patches: patch-configure
   Removed Files:
           pkgsrc/lang/php70/patches: patch-ext_opcache_config.m4

   Log Message:
   Update php70 to 7.0.4 (PHP 7.0.4), including security fxies.

   03 Mar 2016 PHP 7.0.4

   - Core:
     . Fixed bug (Low probability segfault in zend_arena). (Laruence)
     . Fixed bug #71441 (Typehinted Generator with return in try/finally crashes).
       (Bob)
     . Fixed bug #71442 (forward_static_call crash). (Laruence)
     . Fixed bug #71443 (Segfault using built-in webserver with intl using
       symfony). (Laruence)
     . Fixed bug #71449 (An integer overflow bug in php_implode()). (Stas)
     . Fixed bug #71450 (An integer overflow bug in php_str_to_str_ex()). (Stas)
     . Fixed bug #71474 (Crash because of VM stack corruption on Magento2).
       (Dmitry)
     . Fixed bug #71485 (Return typehint on internal func causes Fatal error
       when it throws exception). (Laruence)
     . Fixed bug #71529 (Variable references on array elements don't work when
       using count). (Nikita)
     . Fixed bug #71601 (finally block not executed after yield from). (Bob)
     . Fixed bug #71637 (Multiple Heap Overflow due to integer overflows in
       xml/filter_url/addcslashes). (Stas)

   - CLI server:
     . Fixed bug #71559 (Built-in HTTP server, we can download file in web by bug).
       (Johannes, Anatol)

   - CURL:
     . Fixed bug #71523 (Copied handle with new option CURLOPT_HTTPHEADER crashes
       while curl_multi_exec). (Laruence)
     . Fixed memory leak in curl_getinfo(). (Leigh)

   - Date:
     . Fixed bug #71525 (Calls to date_modify will mutate timelib_rel_time,
       causing date_date_set issues). (Sean DuBois)

   - Fileinfo:
     . Fixed bug #71434 (finfo throws notice for specific python file). (Laruence)

   - FPM:
     . Fixed bug #62172 (FPM not working with Apache httpd 2.4 balancer/fcgi
       setup). (Matt Haught, Remi)
     . Fixed bug #71269 (php-fpm dumped core). (Mickaël)

   - Opcache:
     . Fixed bug #71584 (Possible use-after-free of ZCG(cwd) in Zend Opcache).
       (Yussuf Khalil)

   - PCRE:
     . Fixed bug #71537 (PCRE segfault from Opcache). (Laruence)

   - phpdbg:
     . Fixed inherited functions from unspecified files being included in
       phpdbg_get_executable(). (Bob)

   - SOAP:
     . Fixed bug #71610 (Type Confusion Vulnerability - SOAP /
       make_http_soap_request()). (Stas)

   - Standard:
     . Fixed bug #71603 (compact() maintains references in php7). (Laruence)
     . Fixed bug #70720 (strip_tags improper php code parsing). (Julien)

   - XMLRPC:
     . Fixed bug #71501 (xmlrpc_encode_request ignores encoding option). (Hieu Le)

   - Zip:
     . Fixed bug #71561 (NULL pointer dereference in Zip::ExtractTo). (Laruence)

0 files changed, 0 insertions, 0 deletions