summaryrefslogtreecommitdiff
path: root/lang/php55
diff options
context:
space:
mode:
authortaca <taca@pkgsrc.org>2015-02-19 13:35:24 +0000
committertaca <taca@pkgsrc.org>2015-02-19 13:35:24 +0000
commit52f9048c2e279549c3f1ddc09552a9e6fb757541 (patch)
treea387215ba79588f17408dbe6f4d4a36a13f1fe09 /lang/php55
parent717ff91341193ae94c3cb790c3e2a206a4483dfa (diff)
downloadpkgsrc-52f9048c2e279549c3f1ddc09552a9e6fb757541.tar.gz
Update php55 to 5.5.22 (PHP 5.5.22).
19 Feb 2015, PHP 5.5.22 - Core: . Fixed bug #67068 (getClosure returns somethings that's not a closure). (Danack at basereality dot com) . Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname buffer overflow). (Stas) . Fixed bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone). (CVE-2015-0273) (Stas) . Added NULL byte protection to exec, system and passthru. (Yasuo) . Removed support for multi-line headers, as the are deprecated by RFC 7230. (Stas) - Date: . Fixed bug #45081 (strtotime incorrectly interprets SGT time zone). (Derick) - Dba: . Fixed bug #68711 (useless comparisons). (bugreports at internot dot info) - Enchant: . Fixed bug #6855 (heap buffer overflow in enchant_broker_request_dict()). (Antony) - Fileinfo: . Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers) - FPM: . Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle) . Fixed bug #68571 (core dump when webserver close the socket). (redfoxli069 at gmail dot com, Laruence) - Libxml: . Fixed bug #64938 (libxml_disable_entity_loader setting is shared between threads). (Martin Jansen) - OpenSSL: . Fixed bug #55618 (use case-insensitive cert name matching). (Daniel Lowrey) - PDO_mysql: . Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of named pipes). (steffenb198@aol.com) - Phar: . Fixed bug #68901 (use after free). (bugreports at internot dot info) - Pgsql: . Fixed Bug #65199 'pg_copy_from() modifies input array variable). (Yasuo) - Sqlite3: . Fixed bug #68260 (SQLite3Result::fetchArray declares wrong required_num_args). (Julien) - Mysqli: . Fixed bug #68114 (linker error on some OS X machines with fixed width decimal support) (Keyur Govande) . Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient has rounding errors) (Keyur Govande) - Session: . Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo) . Fixed Bug #66623 (no EINTR check on flock) (Yasuo) . Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo) - Standard: . Fixed bug #65272 (flock() out parameter not set correctly in windows). (Daniel Lowrey) . Fixed bug #69033 (Request may get env. variables from previous requests if PHP works as FastCGI) - Streams: . Fixed bug which caused call after final close on streams filter. (Bob)
Diffstat (limited to 'lang/php55')
-rw-r--r--lang/php55/Makefile3
-rw-r--r--lang/php55/PLIST3
-rw-r--r--lang/php55/distinfo11
-rw-r--r--lang/php55/patches/patch-ext_date_php_date.c63
-rw-r--r--lang/php55/patches/patch-ext_date_tests_bug68942.phpt16
-rw-r--r--lang/php55/patches/patch-ext_date_tests_bug68942_2.phpt16
6 files changed, 7 insertions, 105 deletions
diff --git a/lang/php55/Makefile b/lang/php55/Makefile
index b2f2b7e8963..effed4a77e4 100644
--- a/lang/php55/Makefile
+++ b/lang/php55/Makefile
@@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.18 2015/02/18 11:14:15 sevan Exp $
+# $NetBSD: Makefile,v 1.19 2015/02/19 13:35:24 taca Exp $
#
# We can't omit PKGNAME here to handle PKG_OPTIONS.
#
PKGNAME= php-${PHP_BASE_VERS}
-PKGREVISION= 1
CATEGORIES= lang
HOMEPAGE= http://www.php.net/
diff --git a/lang/php55/PLIST b/lang/php55/PLIST
index f080d0e9b93..4610a0463f4 100644
--- a/lang/php55/PLIST
+++ b/lang/php55/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2014/11/15 14:53:12 taca Exp $
+@comment $NetBSD: PLIST,v 1.5 2015/02/19 13:35:24 taca Exp $
bin/phar
bin/phar.phar
bin/php
@@ -96,6 +96,7 @@ include/php/ext/hash/php_hash_types.h
include/php/ext/hash/php_hash_whirlpool.h
include/php/ext/libxml/php_libxml.h
include/php/ext/mysqlnd/config-win.h
+include/php/ext/mysqlnd/mysql_float_to_double.h
include/php/ext/mysqlnd/mysqlnd.h
include/php/ext/mysqlnd/mysqlnd_alloc.h
include/php/ext/mysqlnd/mysqlnd_block_alloc.h
diff --git a/lang/php55/distinfo b/lang/php55/distinfo
index 4fb4785941e..b733bdef5de 100644
--- a/lang/php55/distinfo
+++ b/lang/php55/distinfo
@@ -1,15 +1,12 @@
-$NetBSD: distinfo,v 1.34 2015/02/18 11:14:15 sevan Exp $
+$NetBSD: distinfo,v 1.35 2015/02/19 13:35:24 taca Exp $
-SHA1 (php-5.5.21.tar.bz2) = a6251bb3565f144593df4329fd15bedd70ae13a8
-RMD160 (php-5.5.21.tar.bz2) = eaea30ff8b5facbb03197ab81101f5b0e34463f5
-Size (php-5.5.21.tar.bz2) = 13306064 bytes
+SHA1 (php-5.5.22.tar.bz2) = 76fcfc157855100e2bb09b22209e78e3088a4b11
+RMD160 (php-5.5.22.tar.bz2) = 8849bc779dbb8687d83e2d50dd476d43900713d6
+Size (php-5.5.22.tar.bz2) = 13305486 bytes
SHA1 (patch-acinclude.m4) = 9e9c433e4cb96e469f7cf14b2064a0f41fc4568a
SHA1 (patch-aclocal.m4) = 46f192351e541453b1e32299acd1b4cfefc93cb2
SHA1 (patch-build_libtool.m4) = 3811edd697fd21eadc4f65cba35c6297141e8ff2
SHA1 (patch-configure) = e81731b426b31656de72a4e4b3ad341b5ac34f82
-SHA1 (patch-ext_date_php_date.c) = 7a70c71942db9ff2d5622bd4b946f8229159f703
-SHA1 (patch-ext_date_tests_bug68942.phpt) = c73486a8023d27c2a5a0a2656ba4a8d8dbc990a5
-SHA1 (patch-ext_date_tests_bug68942_2.phpt) = 420530f386c80f975d7ba3d8a3c61d44766a7633
SHA1 (patch-ext_gd_config.m4) = 91c9798333d4776856a0a9e20196986856b758b2
SHA1 (patch-ext_imap_config.m4) = 01681e8b54ee586ec4db72a5da2d0aec3fa89fcc
SHA1 (patch-ext_mssql_php__mssql.c) = 4ef1837850443e9db2e71620a3ddaed5ab5c435b
diff --git a/lang/php55/patches/patch-ext_date_php_date.c b/lang/php55/patches/patch-ext_date_php_date.c
deleted file mode 100644
index d8a4f3e3296..00000000000
--- a/lang/php55/patches/patch-ext_date_php_date.c
+++ /dev/null
@@ -1,63 +0,0 @@
-$NetBSD: patch-ext_date_php_date.c,v 1.1 2015/02/18 11:14:15 sevan Exp $
-
-Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)
-
---- ext/date/php_date.c.orig 2015-01-21 10:23:27.000000000 +0000
-+++ ext/date/php_date.c
-@@ -2779,12 +2779,9 @@ static int php_date_initialize_from_hash
- timelib_tzinfo *tzi;
- php_timezone_obj *tzobj;
-
-- if (zend_hash_find(myht, "date", 5, (void**) &z_date) == SUCCESS) {
-- convert_to_string(*z_date);
-- if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS) {
-- convert_to_long(*z_timezone_type);
-- if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS) {
-- convert_to_string(*z_timezone);
-+ if (zend_hash_find(myht, "date", 5, (void**) &z_date) == SUCCESS && Z_TYPE_PP(z_date) == IS_STRING) {
-+ if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS && Z_TYPE_PP(z_timezone_type) == IS_LONG) {
-+ if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS && Z_TYPE_PP(z_timezone) == IS_STRING) {
-
- switch (Z_LVAL_PP(z_timezone_type)) {
- case TIMELIB_ZONETYPE_OFFSET:
-@@ -2799,7 +2796,6 @@ static int php_date_initialize_from_hash
-
- case TIMELIB_ZONETYPE_ID: {
- int ret;
-- convert_to_string(*z_timezone);
-
- tzi = php_date_parse_tzfile(Z_STRVAL_PP(z_timezone), DATE_TIMEZONEDB TSRMLS_CC);
-
-@@ -3716,9 +3712,8 @@ static int php_date_timezone_initialize_
- zval **z_timezone = NULL;
- zval **z_timezone_type = NULL;
-
-- if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS) {
-+ if (zend_hash_find(myht, "timezone_type", 14, (void**) &z_timezone_type) == SUCCESS && Z_TYPE_PP(z_timezone_type) == IS_LONG) {
- if (zend_hash_find(myht, "timezone", 9, (void**) &z_timezone) == SUCCESS) {
-- convert_to_long(*z_timezone_type);
- if (SUCCESS == timezone_initialize(*tzobj, Z_STRVAL_PP(z_timezone) TSRMLS_CC)) {
- return SUCCESS;
- }
-@@ -3743,7 +3738,9 @@ PHP_METHOD(DateTimeZone, __set_state)
-
- php_date_instantiate(date_ce_timezone, return_value TSRMLS_CC);
- tzobj = (php_timezone_obj *) zend_object_store_get_object(return_value TSRMLS_CC);
-- php_date_timezone_initialize_from_hash(&return_value, &tzobj, myht TSRMLS_CC);
-+ if(php_date_timezone_initialize_from_hash(&return_value, &tzobj, myht TSRMLS_CC) != SUCCESS) {
-+ php_error_docref(NULL, E_ERROR, "Timezone initialization failed");
-+ }
- }
- /* }}} */
-
-@@ -3759,7 +3756,9 @@ PHP_METHOD(DateTimeZone, __wakeup)
-
- myht = Z_OBJPROP_P(object);
-
-- php_date_timezone_initialize_from_hash(&return_value, &tzobj, myht TSRMLS_CC);
-+ if(php_date_timezone_initialize_from_hash(&return_value, &tzobj, myht TSRMLS_CC) != SUCCESS) {
-+ php_error_docref(NULL, E_ERROR, "Timezone initialization failed");
-+ }
- }
- /* }}} */
-
diff --git a/lang/php55/patches/patch-ext_date_tests_bug68942.phpt b/lang/php55/patches/patch-ext_date_tests_bug68942.phpt
deleted file mode 100644
index fe8949db051..00000000000
--- a/lang/php55/patches/patch-ext_date_tests_bug68942.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-ext_date_tests_bug68942.phpt,v 1.1 2015/02/18 11:14:16 sevan Exp $
-
-Test bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)
-
---- ext/date/tests/bug68942.phpt.orig 2015-02-18 02:20:29.000000000 +0000
-+++ ext/date/tests/bug68942.phpt
-@@ -0,0 +1,9 @@
-+--TEST--
-+Bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone).
-+--FILE--
-+<?php
-+$data = unserialize('a:2:{i:0;O:12:"DateTimeZone":2:{s:13:"timezone_type";a:2:{i:0;i:1;i:1;i:2;}s:8:"timezone";s:1:"A";}i:1;R:4;}');
-+var_dump($data);
-+?>
-+--EXPECTF--
-+Fatal error: DateTimeZone::__wakeup(): Timezone initialization failed in %s/bug68942.php on line %d
diff --git a/lang/php55/patches/patch-ext_date_tests_bug68942_2.phpt b/lang/php55/patches/patch-ext_date_tests_bug68942_2.phpt
deleted file mode 100644
index 63303694e70..00000000000
--- a/lang/php55/patches/patch-ext_date_tests_bug68942_2.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-ext_date_tests_bug68942_2.phpt,v 1.1 2015/02/18 11:14:16 sevan Exp $
-
-Test bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)
-
---- ext/date/tests/bug68942_2.phpt.orig 2015-02-18 02:20:29.000000000 +0000
-+++ ext/date/tests/bug68942_2.phpt
-@@ -0,0 +1,9 @@
-+--TEST--
-+Bug #68942 (Use after free vulnerability in unserialize() with DateTime).
-+--FILE--
-+<?php
-+$data = unserialize('a:2:{i:0;O:8:"DateTime":3:{s:4:"date";s:26:"2000-01-01 00:00:00.000000";s:13:"timezone_type";a:2:{i:0;i:1;i:1;i:2;}s:8:"timezone";s:1:"A";}i:1;R:5;}');
-+var_dump($data);
-+?>
-+--EXPECTF--
-+Fatal error: Invalid serialization data for DateTime object in %s/bug68942_2.php on line %d