summaryrefslogtreecommitdiff
path: root/lang/php72/Makefile
AgeCommit message (Collapse)AuthorFilesLines
2020-08-23Pullup ticket #6300 - requested by tacabsiegert1-2/+1
lang/php72: security fix Revisions pulled up: - lang/php/phpversion.mk 1.306 - lang/php72/Makefile 1.28 - lang/php72/distinfo 1.56-1.57 --- Module Name: pkgsrc Committed By: taca Date: Sat Jul 11 04:06:07 UTC 2020 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php72: Makefile distinfo Log Message: lang/php72: update to 7.2. Update php72 to 7.2 09 Jul 2020, PHP 7.2.32 - Core: . No source changes to this release. Vesion number added for reproduction of Windows builds. (cmb) 14 May 2020, PHP 7.2.31 - Core: . Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned). (CVE-2019-11048) (cmb) . Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (CVE-2019-11048) (cmb) --- Module Name: pkgsrc Committed By: taca Date: Sat Aug 8 13:32:57 UTC 2020 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php72: distinfo Log Message: lang/php72: update to 7.2.33 Update php72 to 7.2.33 (PHP 7.2.33). 06 Aug 2020, PHP 7.2.33 - Core: . Fixed bug #79877 (getimagesize function silently truncates after a null byte) (cmb) - Phar: . Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile function). (CVE-2020-7068) (cmb)
2020-06-02Revbump for icuadam1-1/+2
2020-04-25lang/php72: re-add accidentally removed file to SUBST_FILESrillig1-1/+2
2020-04-25lang/php72: remove no-op SUBST_FILESrillig1-7/+4
2020-01-25lang/php72: update to 7.2.27taca1-2/+1
Update php72 to 7.2.27 (PHP 7.2.27). 23 Jan 2020, PHP 7.2.27 - Mbstring: . Fixed bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`). (CVE-2020-7060) (Nikita) - Session: . Fixed bug #79091 (heap use-after-free in session_create_id()). (cmb, Nikita) - Standard: . Fixed bug #79099 (OOB read in php_strip_tags_ex). (CVE-2020-7059). (cmb)
2020-01-18*: Recursive revision bump for openssl 1.1.1.jperkin1-1/+2
2019-12-16lang/php*: clean up php langaugestaca1-1/+4
Clean up php languages. * Clean up php/phpversions.mk a little. * Add php/replace.mk to provide common shebang line replace for PHP. * Define USE_TOOLS before including <bsd.prefs.mk>. * Fix most warnings of pkglint. No functional change should be done.
2019-10-02lang/php72: update to 7.2.23taca1-2/+1
Update lang/php72 to 7.2.23. pkgsrc changes * Clean two pkglint's warnings. 26 Sep 2019, PHP 7.2.23 - Core: . Fixed bug #78220 (Can't access OneDrive folder). (cmb, ab) . Fixed bug #78412 (Generator incorrectly reports non-releasable $this as GC child). (Nikita) - FastCGI: . Fixed bug #78469 (FastCGI on_accept hook is not called when using named pipes on Windows). (Sergei Turchanov) - MySQLnd: . Fixed connect_attr issues and added the _server_host connection attribute. (Qianqian Bu) - ODBC: . Fixed bug #78473 (odbc_close() closes arbitrary resources). (cmb) - PDO_MySQL: . Fixed bug #41997 (SP call yields additional empty result set). (cmb) - sodium: . Fixed bug #78510 (Partially uninitialized buffer returned by sodium_crypto_generichash_init()). (Frank Denis, cmb) - SPL: . Fixed bug #72884 (SplObject isCloneable() returns true but errs on clone). (Chu Zhaowei)
2019-07-03Use https for php.net.nia1-2/+2
2019-05-23all: replace SUBST_SED with the simpler SUBST_VARSrillig1-3/+3
pkglint -Wall -r --only "substitution command" -F With manual review and indentation fixes since pkglint doesn't get that part correct in every case.
2019-03-12lang/php72: update to 7.2.16taca1-2/+1
Update php72 to 7.2.16. 07 Mar 2019, PHP 7.2.16 - Core: . Fixed bug #77589 (Core dump using parse_ini_string with numeric sections). (Laruence) . Fixed bug #77630 (rename() across the device may allow unwanted access during processing). (Stas) - COM: . Fixed bug #77621 (Already defined constants are not properly reported). (cmb) - EXIF: . Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF). (Stas) . Fixed bug #77540 (Invalid Read on exif_process_SOFn). (Stas) . Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas) . Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas) - PDO_OCI: . Support Oracle Database tracing attributes ACTION, MODULE, CLIENT_INFO, and CLIENT_IDENTIFIER. (Cameron Porter) - PHAR: . Fixed bug #77396 (Null Pointer Dereference in phar_create_or_parse_filename). (bishop) - SPL: . Fixed bug #51068 (DirectoryIterator glob:// don't support current path relative queries). (Ahmed Abdou) . Fixed bug #77431 (openFile() silently truncates after a null byte). (cmb) - Standard: . Fixed bug #77552 (Unintialized php_stream_statbuf in stat functions). (John Stevenson) - MySQL . Disabled LOCAL INFILE by default, can be enabled using php.ini directive mysqli.allow_local_infile for mysqli, or PDO::MYSQL_ATTR_LOCAL_INFILE attribute for pdo_mysql. (Darek Slusarczyk)
2019-03-11php72: Do not autodetect (and get wrong) maintainer-zts.jperkin1-1/+2
This resulted in a mod_php that cannot be loaded, as reported in joyent/pkgsrc#152. Patch copied from php71. Bump PKGREVISION.
2019-01-12lang/php72: update to 7.2.14taca1-2/+1
10 Jan 2019, PHP 7.2.14 - Core: . Fixed bug #77369 (memcpy with negative length via crafted DNS response). (Stas) . Fixed bug #71041 (zend_signal_startup() needs ZEND_API). (Valentin V. Bartenev) . Fixed bug #76046 (PHP generates "FE_FREE" opcode on the wrong line). (Nikita) - COM: . Fixed bug #77177 (Serializing or unserializing COM objects crashes). (cmb) - Date: . Fixed bug #77097 (DateTime::diff gives wrong diff when the actual diff is less than 1 second). (Derick) - Exif: . Fixed bug #77184 (Unsigned rational numbers are written out as signed rationals). (Colin Basnett) - GD: . Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to use-after-free). (cmb) . Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). (cmb) . Fixed bug #77195 (Incorrect error handling of imagecreatefromjpeg()). (cmb) . Fixed bug #77198 (auto cropping has insufficient precision). (cmb) . Fixed bug #77200 (imagecropauto(…, GD_CROP_SIDES) crops left but not right). (cmb) - IMAP: . Fixed bug #77020 (null pointer dereference in imap_mail). (cmb) - Mbstring: . Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). (Stas) . Fixed bug #77371 (heap buffer overflow in mb regex functions - compile_string_node). (Stas) . Fixed bug #77381 (heap buffer overflow in multibyte match_at). (Stas) . Fixed bug #77382 (heap buffer overflow due to incorrect length in expand_case_fold_string). (Stas) . Fixed bug #77385 (buffer overflow in fetch_token). (Stas) . Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). (Stas) . Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). (Stas) - OCI8: . Fixed bug #76804 (oci_pconnect with OCI_CRED_EXT not working). (KoenigsKind) . Added oci_set_call_timeout() for call timeouts. . Added oci_set_db_operation() for the DBOP end-to-end-tracing attribute. - Opcache: . Fixed bug #77215 (CFG assertion failure on multiple finalizing switch frees in one block). (Nikita) - PDO: . Handle invalid index passed to PDOStatement::fetchColumn() as error. (Sergei Morozov) - Phar: . Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). (Stas) - Sockets: . Fixed bug #77136 (Unsupported IPV6_RECVPKTINFO constants on macOS). (Mizunashi Mana) - SQLite3: . Fixed bug #77051 (Issue with re-binding on SQLite3). (BohwaZ) - Xmlrpc: . Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). (cmb) . Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). (Stas)
2018-12-09revbump after updating textproc/icuadam1-2/+2
2018-12-09Bump PKGREVISION for separation of php-sqlite3 package fromtaca1-1/+2
lang/php?? base packages.
2018-07-31move --disable-gcc-global-regs to Makefile.php.maya1-7/+1
Seems to make a previously segfaulting netbsd-8/i386's build not segfault. ap-php runs PHP's configure and builds some of its code, so it needs the same flag. Now we can stop requiring an arbitrary GCC version. The test case in the GCC bugzilla fails on all GCC versions I tested, but magically some versions of GCC manage to build a working PHP.
2018-07-20lang/php72: reset PKGREVISIONtaca1-2/+1
Reset PKGREVISION along with update to 7.2.8.
2018-07-20lang/php72: update to 7.2.8taca1-2/+1
19 Jul 2018, PHP 7.2.8 - Core: . Fixed bug #76534 (PHP hangs on 'illegal string offset on string references with an error handler). (Laruence) . Fixed bug #76520 (Object creation leaks memory when executed over HTTP). (Nikita) . Fixed bug #76502 (Chain of mixed exceptions and errors does not serialize properly). (Nikita) - Date: . Fixed bug #76462 (Undefined property: DateInterval::$f). (Anatol) - EXIF: . Fixed bug #76409 (heap use after free in _php_stream_free). (cmb) . Fixed bug #76423 (Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c). (Stas) . Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while reading exif data). (Stas) - FPM: . Fixed bug #73342 (Vulnerability in php-fpm by changing stdin to non-blocking). (Nikita) - GMP: . Fixed bug #74670 (Integer Underflow when unserializing GMP and possible other classes). (Nikita) - intl: . Fixed bug #76556 (get_debug_info handler for BreakIterator shows wrong type). (cmb) - mbstring: . Fixed bug #76532 (Integer overflow and excessive memory usage in mb_strimwidth). (MarcusSchwarz) - Opcache: . Fixed bug #76477 (Opcache causes empty return value). (Nikita, Laruence) - PGSQL: . Fixed bug #76548 (pg_fetch_result did not fetch the next row). (Anatol) - phpdbg: . Fix arginfo wrt. optional/required parameters. (cmb) - Reflection: . Fixed bug #76536 (PHP crashes with core dump when throwing exception in error handler). (Laruence) . Fixed bug #75231 (ReflectionProperty#getValue() incorrectly works with inherited classes). (Nikita) - Standard: . Fixed bug #76505 (array_merge_recursive() is duplicating sub-array keys). (Laruence) . Fixed bug #71848 (getimagesize with $imageinfo returns false). (cmb) - Win32: . Fixed bug #76459 (windows linkinfo lacks openbasedir check). (Anatol) - ZIP: . Fixed bug #76461 (OPSYS_Z_CPM defined instead of OPSYS_CPM). (Dennis Birkholz, Remi)
2018-07-20Recursive revbump from textproc/icu-62.1ryoon1-2/+2
2018-07-16php*: disable global regs on i386.maya1-1/+8
Fixes PR pkg/53222 that resurfaced Remove the previous workaround to add GCC_REQD, which isn't sufficient any more, possibly due to enabling ssp/fortify? XXX bumping PKGREVISION might not be sufficient, for the same reason the GCC_REQD had to be moved to Makefile.php, it affects modules too.
2018-04-26lang/php72: Reset PKGREVISIONtaca1-2/+1
2018-04-14revbump after icu updateadam1-1/+2
2018-03-02lang/php72: update to 7.2.3taca1-2/+1
01 Mar 2018, PHP 7.2.3 - Core: . Fixed bug #75864 ("stream_isatty" returns wrong value on s390x). (Sam Ding) - Apache2Handler: . Fixed bug #75882 (a simple way for segfaults in threadsafe php just with configuration). (Anatol) - Date: . Fixed bug #75857 (Timezone gets truncated when formatted). (carusogabriel) . Fixed bug #75928 (Argument 2 for `DateTimeZone::listIdentifiers()` should accept `null`). (Pedro Lacerda) . Fixed bug #68406 (calling var_dump on a DateTimeZone object modifies it). (jhdxr) - LDAP: . Fixed bug #49876 (Fix LDAP path lookup on 64-bit distros). (dzuelke) - libxml2: . Fixed bug #75871 (use pkg-config where available). (pmmaga) - PGSQL: . Fixed bug #75838 (Memory leak in pg_escape_bytea()). (ard_1 at mail dot ru) - Phar: . Fixed bug #54289 (Phar::extractTo() does not accept specific directories to be extracted). (bishop) . Fixed bug #65414 (deal with leading slash while adding files correctly). (bishopb) . Fixed bug #65414 (deal with leading slash when adding files correctly). (bishopb) - ODBC: . Fixed bug #73725 (Unable to retrieve value of varchar(max) type). (Anatol) - Opcache: . Fixed bug #75729 (opcache segfault when installing Bitrix). (Nikita) . Fixed bug #75893 (file_get_contents $http_response_header variable bugged with opcache). (Nikita) . Fixed bug #75938 (Modulus value not stored in variable). (Nikita) - SPL: . Fixed bug #74519 (strange behavior of AppendIterator). (jhdxr) - Standard: . Fixed bug #75916 (DNS_CAA record results contain garbage). (Mike, Philip Sharp) . Fixed bug #75981 (Prevent reading beyond buffer start in http wrapper). (Stas)
2018-02-05Switch lang/php72 to use pkgsrc pcre library instead of the bundled onejdolecek1-9/+2
PHP bundles it's own copy of pcre 8.41 with the distribution, which is used when build doesn't find system one. Switch to the pkgsrc pcre, so that we don't need to maintain local PHP JIT patch here. Upcoming PHP 7.3 already switched to pcre2, so no value maintaining private PCRE patch any more (if there ever was). XXX devel/pcre doesn't seem to enable PCRE JIT, might be good to do so
2018-02-04Switch php72 to use pkgsrc sqlite3 library instead of the bundled onejdolecek1-1/+2
PHP bundles a sqlite3 lib, it's used when the build can't find system one. Switch to the pkgsrc-provided one, eliminating also need to maintain a local patch for it. While here make this into a tunable compile option 'sqlite3', by default on, same as before.
2017-11-30Updated php72 from RC6 to final 7.2.0jdolecek1-4/+1
Changes versus 7.1.x as listed in release announcement: * Convert numeric keys in object/array casts * Counting of non-countable objects * Object typehint * HashContext as Object * Argon2 in password hash * Improve TLS constants to sane values * Mcrypt extension removed * New sodium extension
2017-11-15add a comment to fix the MASTER_SITES once this is out of RCjdolecek1-1/+3
2017-11-15Add php72 7.2.0RC6jdolecek1-0/+72
PHP 7.2.x builds upon 7.1.x, adding new features: * Argument type declarations * Object return type declarations * Parameter Type Widening * Trailing commas in list syntax * Argon2 in password hash * Libsodium as part of PHP Core * Deprecated: __autoload, $php_errormsg, create_function(), mbstring.func_overload, parse_str() without second argument, gmp_random(), each(), assert(), $errcontext * uniqid() patch to avoid usleep() integrated, 10000x improvement on NetBSD, about 10x on Linux
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-27 11:45:10 +0000