diff options
author | bsiegert <bsiegert> | 2016-06-28 19:38:32 +0000 |
---|---|---|
committer | bsiegert <bsiegert> | 2016-06-28 19:38:32 +0000 |
commit | 9b693880a6b4709338b58bfbff4560cf0754fad0 (patch) | |
tree | bfbbfe8540ba423c5715620375ac3d91c57ecf98 /lang/gcc-aux/distinfo | |
parent | b5230f3ceb63796555929f9838e2a773a0ab76ac (diff) | |
download | pkgsrc-9b693880a6b4709338b58bfbff4560cf0754fad0.tar.gz |
Pullup ticket #5052 - requested by taca
lang/php70: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.141
- lang/php70/Makefile 1.4
- lang/php70/Makefile.php 1.2
- lang/php70/distinfo 1.14
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jun 24 15:27:57 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: Makefile Makefile.php distinfo
Log Message:
Update php70 to 7.0.8 (PHP 7.0.8), including security fixes.
pkgsrc change:
* remove confiugre from SUBST_FILES.path.
* Remove --with-regex=3Dsystem and --without-mysql from CONFIGURE_ARGS.=
* Add --without-mysqli to CONFIGURE_ARGS.
23 Jun 2016 PHP 7.0.8
- Core:
. Fixed bug #72218 (If host name cannot be resolved then PHP 7 crashe=
s).
(Esminis at esminis dot lt)
. Fixed bug #72221 (segfault, past-the-end access). (Lauri Kentt=E4)
. Fixed bug #72268 (Integer Overflow in nl2br()). (Stas)
. Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/
json_utf8_to_utf16()). (Stas)
. Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Sta=
s)
. Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL).=
(Stas)
- FPM:
. Fixed bug #72308 (fastcgi_finish_request and logging environment
variables). (Laruence)
- GD:
. Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas)
. Fixed bug #72337 (invalid dimensions can lead to crash) (Pierre)
. Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in
heap overflow). (Pierre)
. Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas)=
- Intl:
. Fixed bug #64524 (Add intl.use_exceptions to php.ini-*). (Anatol)
- mbstring:
. Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (=
Stas)
- mcrypt:
. Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)
- PCRE:
. Fixed bug #72143 (preg_replace uses int instead of size_t). (Joe)
- PDO_pgsql:
. Fixed bug #71573 (Segfault (core dumped) if paramno beyond bound).
(Laruence)
. Fixed bug #72294 (Segmentation fault/invalid pointer in connection
with pgsql_stmt_dtor). (Anatol)
- Phpdbg:
. Fixed bug #72284 (phpdbg fatal errors with coverage). (Bob)
- Postgres:
. Fixed bug #72195 (pg_pconnect/pg_connect cause use-after-free). (La=
ruence)
. Fixed bug #72197 (pg_lo_create arbitrary read). (Anatol)
- SPL:
. Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (S=
tas)
. Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorith=
m and
unserialize). (Dmitry)
- Standard:
. Fixed bug #72017 (range() with float step produces unexpected resul=
t).
(Thomas Punt)
. Fixed bug #72193 (dns_get_record returns array containing elements =
of
type 'unknown'). (Laruence)
. Fixed bug #72229 (Wrong reference when serialize/unserialize an obj=
ect).
(Laruence)
. Fixed bug #72300 (ignore_user_abort(false) has no effect). (Laruenc=
e)
- XML:
. Fixed bug #72206 (xml_parser_create/xml_parser_free leaks mem). (Jo=
e)
- XMLRPC:
. Fixed bug #72155 (use-after-free caused by get_zval_xmlrpc_type).
(Joe, Laruence)
- WDDX:
. Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (St=
as)
- Zip:
. Fixed ug #72258 (ZipArchive converts filenames to unrecoverable for=
m).
(Anatol)
. Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in =
PHP's GC
algorithm and unserialize). (Dmitry)
Diffstat (limited to 'lang/gcc-aux/distinfo')
0 files changed, 0 insertions, 0 deletions