Pullup ticket #4918 - requested by taca

lang/php70: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.125
- lang/php70/distinfo                                           1.4-1.5
- lang/php70/patches/patch-ext_pcre_pcrelib_config.h            1.1-1.2

---
   Module Name:	pkgsrc
   Committed By:	jklos
   Date:		Thu Jan 21 21:47:24 UTC 2016

   Modified Files:
   	pkgsrc/lang/php70: distinfo
   Added Files:
   	pkgsrc/lang/php70/patches: patch-ext_pcre_pcrelib_config.h

   Log Message:
   Selectively enable just-in-time support in PCRE for supported architectures.
   Same issue as seen in older php:
   https://mail-index.netbsd.org/pkgsrc-bugs/2015/09/13/msg057792.html

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Feb  6 07:14:44 UTC 2016

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php70: distinfo
   	pkgsrc/lang/php70/patches: patch-ext_pcre_pcrelib_config.h

   Log Message:
   Update php70 to 7.0.3 (PHP 7.0.3).

   04 Feb 2016 PHP 7.0.3

   - Core:
     . Added support for new HTTP 451 code. (Julien)
     . Fixed bug #71039 (exec functions ignore length but look for NULL termination).
       (Anatol)
     . Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
     . Fixed bug #71201 (round() segfault on 64-bit builds). (Anatol)
     . Fixed bug #71221 (Null pointer deref (segfault) in get_defined_vars via
       ob_start). (hugh at allthethings dot co dot nz)
     . Fixed bug #71248 (Wrong interface is enforced). (Dmitry)
     . Fixed bug #71273 (A wrong ext directory setup in php.ini leads to crash).
       (Anatol)
     . Fixed Bug #71275 (Bad method called on cloning an object having a trait).
       (Bob)
     . Fixed bug #71297 (Memory leak with consecutive yield from). (Bob)
     . Fixed bug #71300 (Segfault in zend_fetch_string_offset). (Laruence)
     . Fixed bug #71314 (var_export(INF) prints INF.0). (Andrea)
     . Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its
       input). (Leo Gaspard)
     . Fixed bug #71336 (Wrong is_ref on properties as exposed via
       get_object_vars()). (Laruence)
     . Fixed bug #71459 (Integer overflow in iptcembed()). (Stas)

   - Apache2handler:
     . Fix >2G Content-Length headers in apache2handler. (Adam Harvey)

   - CURL:
     . Fixed bug #71227 (Can't compile php_curl statically). (Anatol)
     . Fixed bug #71225 (curl_setopt() fails to set CURLOPT_POSTFIELDS with
       reference to CURLFile). (Laruence)

   - Interbase:
     . Fixed Bug #71305 (Crash when optional resource is omitted).
     (Laruence, Anatol)

   - LDAP:
     . Fixed bug #71249 (ldap_mod_replace/ldap_mod_add store value as string
       "Array"). (Laruence)

   - mbstring:
     . Fixed bug #71397 (mb_send_mail segmentation fault). (Andrea, Yasuo)

   - OpenSSL:
     . Fixed bug #71475 (openssl_seal() uninitialized memory usage). (Stas)

   - Phar:
     . Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (Stas)
     . Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
       (Stas)
     . Fixed bug #71488 (Stack overflow when decompressing tar archives). (Stas)

   - SOAP:
     . Fixed bug #70979 (crash with bad soap request). (Anatol)

   - SPL:
     . Fixed bug #71204 (segfault if clean spl_autoload_funcs while autoloading).
       (Laruence)
     . Fixed bug #71202 (Autoload function registered by another not activated
       immediately). (Laruence)
     . Fixed bug #71311 (Use-after-free vulnerability in SPL(ArrayObject,
       unserialize)). (Sean Heelan)
     . Fixed bug #71313 (Use-after-free vulnerability in SPL(SplObjectStorage,
       unserialize)). (Sean Heelan)

   - Standard:
     . Fixed bug #71287 (Error message contains hexadecimal instead of decimal
       number). (Laruence)
     . Fixed bug #71264 (file_put_contents() returns unexpected value when
       filesystem runs full). (Laruence)
     . Fixed bug #71245 (file_get_contents() ignores "header" context option if
       it's a reference). (Laruence)
     . Fixed bug #71220 (Null pointer deref (segfault) in compact via ob_start).
       (hugh at allthethings dot co dot nz)
     . Fixed bug #71190 (substr_replace converts integers in original $search
       array to strings). (Laruence)
     . Fixed bug #71188 (str_replace converts integers in original $search array
       to strings). (Laruence)
     . Fixed bug #71132, #71197 (range() segfaults). (Thomas Punt)

   - WDDX:
     . Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization). (Stas)

1 files changed, 2 insertions, 2 deletions

diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk
index 8e40f210c28..a17eb22d59d 100644
--- a/lang/php/phpversion.mk
+++ b/lang/php/phpversion.mk
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.119.2.5 2016/02/10 20:36:47 bsiegert Exp $
+# $NetBSD: phpversion.mk,v 1.119.2.6 2016/02/10 20:45:48 bsiegert Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -83,7 +83,7 @@ PHPVERSION_MK=	defined
 # Define each PHP's version.
 PHP55_VERSION=	5.5.32
 PHP56_VERSION=	5.6.18
-PHP70_VERSION=	7.0.2
+PHP70_VERSION=	7.0.3
 
 # Define initial release of major version.
 PHP55_RELDATE=	20130620