diff options
author | bsiegert <bsiegert> | 2016-06-28 19:37:34 +0000 |
---|---|---|
committer | bsiegert <bsiegert> | 2016-06-28 19:37:34 +0000 |
commit | b5230f3ceb63796555929f9838e2a773a0ab76ac (patch) | |
tree | 144f6004036e7b17658e095b1e9bd65bc45ea8ea /lang/php/phpversion.mk | |
parent | 48471e6dd5fd011023df29dab4329d14e2f2d315 (diff) | |
download | pkgsrc-b5230f3ceb63796555929f9838e2a773a0ab76ac.tar.gz |
Pullup ticket #5051 - requested by taca
lang/php56: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.140
- lang/php56/Makefile 1.12
- lang/php56/distinfo 1.28
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jun 24 15:25:21 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php56: Makefile distinfo
Log Message:
Update php56 to 5.6.23 (PHP 5.6.23), including security fixes.
pkgsrc change: remove confiugre from SUBST_FILES.path.
23 Jun 2016, PHP 5.6.23
- Core:
. Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/
json_utf8_to_utf16()). (Stas)
. Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Stas)
. Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL). (Stas)
- GD:
. Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas)
. Fixed bug #72337 (invalid dimensions can lead to crash) (Pierre)
. Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in
heap overflow). (Pierre)
. Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas)
. Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting
in heap overflow). (Pierre)
- Intl:
. Fixed bug #70484 (selectordinal doesn't work with named parameters).
(Anatol)
- mbstring:
. Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas)
- mcrypt:
. Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)
- Phar:
. Fixed bug #72321 (invalid free in phar_extract_file()).
(hji at dyntopia dot com)
- SPL:
. Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (Stas)
. Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and
unserialize). (Dmitry)
- OpenSSL:
. Fixed bug #72140 (segfault after calling ERR_free_strings()).
(Jakub Zelenka)
- WDDX:
. Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (Stas)
- zip:
. Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC
algorithm and unserialize). (Dmitry)
Diffstat (limited to 'lang/php/phpversion.mk')
-rw-r--r-- | lang/php/phpversion.mk | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index 35eab862faa..0ed34887778 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.131.2.7 2016/06/28 19:35:57 bsiegert Exp $ +# $NetBSD: phpversion.mk,v 1.131.2.8 2016/06/28 19:37:34 bsiegert Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -82,7 +82,7 @@ PHPVERSION_MK= defined # Define each PHP's version. PHP55_VERSION= 5.5.37 -PHP56_VERSION= 5.6.22 +PHP56_VERSION= 5.6.23 PHP70_VERSION= 7.0.7 # Define initial release of major version. |