diff options
author | bsiegert <bsiegert@pkgsrc.org> | 2016-10-21 18:47:32 +0000 |
---|---|---|
committer | bsiegert <bsiegert@pkgsrc.org> | 2016-10-21 18:47:32 +0000 |
commit | 13908e95bfdc82a484d15e731d337ca46968ac4d (patch) | |
tree | a8f153e6e6eef2df1b0b682e44ac5f2ea30cac3d /lang | |
parent | f9b2eb646d55becc2f926a7933a0702438592767 (diff) | |
download | pkgsrc-13908e95bfdc82a484d15e731d337ca46968ac4d.tar.gz |
Pullup ticket #5140 - requested by taca
lang/php56: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.161
- lang/php56/distinfo 1.35
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Oct 16 11:58:42 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php56: distinfo
Log Message:
Update php56 to 5.6.27.
13 Oct 2016, PHP 5.6.27
- Core:
. Fixed bug #73025 (Heap Buffer Overflow in virtual_popen of
zend_virtual_cwd.c). (cmb)
. Fixed bug #73058 (crypt broken when salt is 'too' long). (Anatol)
. Fixed bug #72703 (Out of bounds global memory read in BF_crypt triggered by
password_verify). (Anatol)
. Fixed bug #73189 (Memcpy negative size parameter php_resolve_path). (Stas)
. Fixed bug #73147 (Use After Free in unserialize()). (Stas)
- BCmath:
. Fixed bug #73190 (memcpy negative parameter _bc_new_num_ex). (Stas)
- DOM:
. Fixed bug #73150 (missing NULL check in dom_document_save_html). (Stas)
- Ereg:
. Fixed bug #73284 (heap overflow in php_ereg_replace function). (Stas)
- Filter:
. Fixed bug #72972 (Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and
FILTER_FLAG_NO_PRIV_RANGE). (julien)
. Fixed bug #67167 (Wrong return value from FILTER_VALIDATE_BOOLEAN,
FILTER_NULL_ON_FAILURE). (levim, cmb)
. Fixed bug #73054 (default option ignored when object passed to int filter).
(cmb)
- GD:
. Fixed bug #67325 (imagetruecolortopalette: white is duplicated in palette).
(cmb)
. Fixed bug #50194 (imagettftext broken on transparent background w/o
alphablending). (cmb)
. Fixed bug #73003 (Integer Overflow in gdImageWebpCtx of gd_webp.c). (trylab,
cmb)
. Fixed bug #53504 (imagettfbbox gives incorrect values for bounding box).
(Mark Plomer, cmb)
. Fixed bug #73157 (imagegd2() ignores 3rd param if 4 are given). (cmb)
. Fixed bug #73155 (imagegd2() writes wrong chunk sizes on boundaries). (cmb)
. Fixed bug #73159 (imagegd2(): unrecognized formats may result in corrupted
files). (cmb)
. Fixed bug #73161 (imagecreatefromgd2() may leak memory). (cmb)
- Intl:
. Fixed bug #73218 (add mitigation for ICU int overflow). (Stas)
- Imap:
. Fixed bug #73208 (integer overflow in imap_8bit caused heap corruption).
(Stas)
- Mbstring:
. Fixed bug #72994 (mbc_to_code() out of bounds read). (Laruence, cmb)
. Fixed bug #66964 (mb_convert_variables() cannot detect recursion). (Yasuo)
. Fixed bug #72992 (mbstring.internal_encoding doesn't inherit default_charset).
(Yasuo)
. Fixed bug #73082 (string length overflow in mb_encode_* function). (Stas)
- PCRE:
. Fixed bug #73174 (heap overflow in php_pcre_replace_impl). (Stas)
- Opcache:
. Fixed bug #72590 (Opcache restart with kill_all_lockers does not work).
(Keyur) (julien backport)
- OpenSSL:
. Fixed bug #73072 (Invalid path SNI_server_certs causes segfault).
(Jakub Zelenka)
. Fixed bug #73275 (crash in openssl_encrypt function). (Stas)
. Fixed bug #73276 (crash in openssl_random_pseudo_bytes function). (Stas)
- Session:
. Fixed bug #68015 (Session does not report invalid uid for files save handler).
(Yasuo)
. Fixed bug #73100 (session_destroy null dereference in ps_files_path_create).
(cmb)
- SimpleXML:
. Fixed bug #73293 (NULL pointer dereference in SimpleXMLElement::asXML()).
(Stas)
- SPL:
. Fixed bug #73073 (CachingIterator null dereference when convert to string).
(Stas)
- Standard:
. Fixed bug #73240 (Write out of bounds at number_format). (Stas)
. Fixed bug #73017 (memory corruption in wordwrap function). (Stas)
- Stream:
. Fixed bug #73069 (readfile() mangles files larger than 2G). (Laruence)
- Zip:
. Fixed bug #70752 (Depacking with wrong password leaves 0 length files).
(cmb)
Diffstat (limited to 'lang')
-rw-r--r-- | lang/php/phpversion.mk | 4 | ||||
-rw-r--r-- | lang/php56/distinfo | 10 |
2 files changed, 7 insertions, 7 deletions
diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index 977c040e782..05d1cc19569 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.158.2.2 2016/10/21 18:44:42 bsiegert Exp $ +# $NetBSD: phpversion.mk,v 1.158.2.3 2016/10/21 18:47:32 bsiegert Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -87,7 +87,7 @@ PHPVERSION_MK= defined # Define each PHP's version. -PHP56_VERSION= 5.6.26 +PHP56_VERSION= 5.6.27 PHP70_VERSION= 7.0.12 PHP71_VERSION= 7.1.0RC3 diff --git a/lang/php56/distinfo b/lang/php56/distinfo index e44c3ace8ea..ad3e3367439 100644 --- a/lang/php56/distinfo +++ b/lang/php56/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.34 2016/09/16 16:09:24 taca Exp $ +$NetBSD: distinfo,v 1.34.2.1 2016/10/21 18:47:33 bsiegert Exp $ -SHA1 (php-5.6.26.tar.bz2) = d0e05dbc4d1be0e316cadee64f5bda83a16932a9 -RMD160 (php-5.6.26.tar.bz2) = eedd93ab6808d86055a7e5f41ca3b92ea7feee63 -SHA512 (php-5.6.26.tar.bz2) = fcac6ff1db2d3a897ce7253735216b3784568167d7e1c3738409c45f72bdce6708d42c6935c13c28f16da15218213b202e959fb68355b5c692fdc54a7393b553 -Size (php-5.6.26.tar.bz2) = 14927510 bytes +SHA1 (php-5.6.27.tar.bz2) = d633816758b0ab0481b1dabda098a70f5ad3ef4b +RMD160 (php-5.6.27.tar.bz2) = 04ee43239ece4dfaf28440429848e9020eab3f99 +SHA512 (php-5.6.27.tar.bz2) = d9118b7937eb111cebf1020296a3105dc4ae5aee9a5e655643b872d6948e68ceb3340e861810b8fcaa4a201c5aec6c1009a7e3cf3ff1678e0ea68aefb632f10b +Size (php-5.6.27.tar.bz2) = 14977600 bytes SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8 SHA1 (patch-configure) = 5d76f71aa903efa3c3491b908ff76419aa4af27c SHA1 (patch-ext_gd_config.m4) = b92ab4c7fe8aceaef7787a607a7d2eac258fee19 |