diff options
author | bsiegert <bsiegert> | 2016-02-10 20:45:48 +0000 |
---|---|---|
committer | bsiegert <bsiegert> | 2016-02-10 20:45:48 +0000 |
commit | bc9b4c35790db52ab7f530b0602a7d482ad4d8cc (patch) | |
tree | 792c16ac1b90741a3dd1ba52b84b78d4440a6e7d /lang/php | |
parent | f69567355f271ae68450b12f706dad2e8fd8046c (diff) | |
download | pkgsrc-bc9b4c35790db52ab7f530b0602a7d482ad4d8cc.tar.gz |
Pullup ticket #4918 - requested by taca
lang/php70: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.125
- lang/php70/distinfo 1.4-1.5
- lang/php70/patches/patch-ext_pcre_pcrelib_config.h 1.1-1.2
---
Module Name: pkgsrc
Committed By: jklos
Date: Thu Jan 21 21:47:24 UTC 2016
Modified Files:
pkgsrc/lang/php70: distinfo
Added Files:
pkgsrc/lang/php70/patches: patch-ext_pcre_pcrelib_config.h
Log Message:
Selectively enable just-in-time support in PCRE for supported architectures.
Same issue as seen in older php:
https://mail-index.netbsd.org/pkgsrc-bugs/2015/09/13/msg057792.html
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Feb 6 07:14:44 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: distinfo
pkgsrc/lang/php70/patches: patch-ext_pcre_pcrelib_config.h
Log Message:
Update php70 to 7.0.3 (PHP 7.0.3).
04 Feb 2016 PHP 7.0.3
- Core:
. Added support for new HTTP 451 code. (Julien)
. Fixed bug #71039 (exec functions ignore length but look for NULL termination).
(Anatol)
. Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
. Fixed bug #71201 (round() segfault on 64-bit builds). (Anatol)
. Fixed bug #71221 (Null pointer deref (segfault) in get_defined_vars via
ob_start). (hugh at allthethings dot co dot nz)
. Fixed bug #71248 (Wrong interface is enforced). (Dmitry)
. Fixed bug #71273 (A wrong ext directory setup in php.ini leads to crash).
(Anatol)
. Fixed Bug #71275 (Bad method called on cloning an object having a trait).
(Bob)
. Fixed bug #71297 (Memory leak with consecutive yield from). (Bob)
. Fixed bug #71300 (Segfault in zend_fetch_string_offset). (Laruence)
. Fixed bug #71314 (var_export(INF) prints INF.0). (Andrea)
. Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its
input). (Leo Gaspard)
. Fixed bug #71336 (Wrong is_ref on properties as exposed via
get_object_vars()). (Laruence)
. Fixed bug #71459 (Integer overflow in iptcembed()). (Stas)
- Apache2handler:
. Fix >2G Content-Length headers in apache2handler. (Adam Harvey)
- CURL:
. Fixed bug #71227 (Can't compile php_curl statically). (Anatol)
. Fixed bug #71225 (curl_setopt() fails to set CURLOPT_POSTFIELDS with
reference to CURLFile). (Laruence)
- Interbase:
. Fixed Bug #71305 (Crash when optional resource is omitted).
(Laruence, Anatol)
- LDAP:
. Fixed bug #71249 (ldap_mod_replace/ldap_mod_add store value as string
"Array"). (Laruence)
- mbstring:
. Fixed bug #71397 (mb_send_mail segmentation fault). (Andrea, Yasuo)
- OpenSSL:
. Fixed bug #71475 (openssl_seal() uninitialized memory usage). (Stas)
- Phar:
. Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (Stas)
. Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
(Stas)
. Fixed bug #71488 (Stack overflow when decompressing tar archives). (Stas)
- SOAP:
. Fixed bug #70979 (crash with bad soap request). (Anatol)
- SPL:
. Fixed bug #71204 (segfault if clean spl_autoload_funcs while autoloading).
(Laruence)
. Fixed bug #71202 (Autoload function registered by another not activated
immediately). (Laruence)
. Fixed bug #71311 (Use-after-free vulnerability in SPL(ArrayObject,
unserialize)). (Sean Heelan)
. Fixed bug #71313 (Use-after-free vulnerability in SPL(SplObjectStorage,
unserialize)). (Sean Heelan)
- Standard:
. Fixed bug #71287 (Error message contains hexadecimal instead of decimal
number). (Laruence)
. Fixed bug #71264 (file_put_contents() returns unexpected value when
filesystem runs full). (Laruence)
. Fixed bug #71245 (file_get_contents() ignores "header" context option if
it's a reference). (Laruence)
. Fixed bug #71220 (Null pointer deref (segfault) in compact via ob_start).
(hugh at allthethings dot co dot nz)
. Fixed bug #71190 (substr_replace converts integers in original $search
array to strings). (Laruence)
. Fixed bug #71188 (str_replace converts integers in original $search array
to strings). (Laruence)
. Fixed bug #71132, #71197 (range() segfaults). (Thomas Punt)
- WDDX:
. Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization). (Stas)
Diffstat (limited to 'lang/php')
-rw-r--r-- | lang/php/phpversion.mk | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index 8e40f210c28..a17eb22d59d 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.119.2.5 2016/02/10 20:36:47 bsiegert Exp $ +# $NetBSD: phpversion.mk,v 1.119.2.6 2016/02/10 20:45:48 bsiegert Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -83,7 +83,7 @@ PHPVERSION_MK= defined # Define each PHP's version. PHP55_VERSION= 5.5.32 PHP56_VERSION= 5.6.18 -PHP70_VERSION= 7.0.2 +PHP70_VERSION= 7.0.3 # Define initial release of major version. PHP55_RELDATE= 20130620 |