Age | Commit message (Collapse) | Author | Files | Lines |
|
security fix for lang/php53
Revisions pulled up:
- lang/php53/Makefile 1.8
- lang/php53/Makefile.common 1.5
- lang/php53/distinfo 1.13
- lang/php53/patches/patch-aa 1.2
- lang/php53/patches/patch-ab 1.4
- lang/php53/patches/patch-af 1.2
- lang/php53/patches/patch-ar Removed
- lang/php53/patches/patch-ext_exif_exif.c Removed
- lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c Removed
- lang/php53/patches/patch-ext_zip_php__zip.c Removed
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Mar 19 07:01:19 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile Makefile.common distinfo
pkgsrc/lang/php53/patches: patch-aa patch-ab patch-af
Removed Files:
pkgsrc/lang/php53/patches: patch-ar patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Update lang/php53 package to PHP 5.3.
PHP 5.3.6 Released!
[17-Mar-2011]
The PHP development team would like to announce the immediate availability
of PHP 5.3.6. This release focuses on improving the stability of the PHP
5.3.x branch with over 60 bug fixes, some of which are security related.
Security Enhancements and Fixes in PHP 5.3.6:
* Enforce security in the fastcgi protocol parsing with fpm SAPI.
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty
archive). (CVE-2011-0421)
Key enhancements in PHP 5.3.6 include:
* Upgraded bundled Sqlite3 to version 3.7.4.
* Upgraded bundled PCRE to version 8.11.
* Added ability to connect to HTTPS sites through proxy with basic
authentication using stream_context/http/header/Proxy-Authorization.
* Added options to debug backtrace functions.
* Changed default value of ini directive serialize_precision from 100 to 17.
* Fixed Bug #53971 (isset() and empty() produce apparently spurious
runtime error).
* Fixed Bug #53958 (Closures can't 'use' shared variables by value and
by reference).
* Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir
with a trailing forward slash).
* Over 60 other bug fixes.
|
|
security fix for lang/php5
Revisions pulled up:
- lang/php5/Makefile 1.84
- lang/php5/distinfo 1.89
- lang/php5/patches/patch-main_snprintf.c 1.1
- lang/php5/patches/patch-main_snprintf.h 1.1
- lang/php5/patches/patch-main_spprintf.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Mar 21 16:34:28 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-main_snprintf.c patch-main_snprintf.h
patch-main_spprintf.c
Log Message:
Apply changes by r308525 from PHP's repository to fix bug #54055
(buffer overrun with high values for precision ini setting).
It fixes one of security fixes by PHP 5.3.6.
Bump PKGREVISION.
|
|
security fix for devel/php-shmop
Revisions pulled up:
- devel/php-shmop/Makefile 1.10
- lang/php5/distinfo 1.88
- lang/php5/patches/patch-ext_shmop_shmop.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Mar 21 16:08:29 UTC 2011
Modified Files:
pkgsrc/devel/php-shmop: Makefile
pkgsrc/lang/php5: distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ext_shmop_shmop.c
Log Message:
Add a patch to fix bug #54193 (Integer overflow in shmop_read()) referring
r309018 from PHPs' repository. (CVE-2011-1092)
Bump PKGREVISION of devel/php-shmop.
|
|
lang/pear security fix.
Revisions pulled up:
- lang/pear/Makefile 1.15
- lang/pear/distinfo 1.7
- lang/pear/patches/patch-aa 1.6
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Tue Mar 1 03:15:17 UTC 2011
Modified Files:
pkgsrc/lang/pear: Makefile distinfo
pkgsrc/lang/pear/patches: patch-aa
Log Message:
Update pear package to 1.9.2, including update of these PEAR packages
Console_GetOpt and Structures_Graph.
PEAR 1.9.2:
Release date: 2011-02-28 18:58 UTC
Changelog:
Important! This is a security fix release. The advisory can be found at
http://pear.php.net/advisory-20110228.txt
Bugs:
* Fixed Bug #17463: Regression: On Windows, svntag [patch by doconnor]
* Fixed Bug #17641: pecl-list doesn't sort packages by name [dufuz]
* Fixed Bug #17781: invalid argument warning on foreach due to an
empty optional dependencie [dufuz]
* Fixed Bug #17801: PEAR run-tests wrongly detects php-cgi [patch by
David Jean Louis (izi)]
* Fixed Bug #17839: pear svntag does not tag package.xml file [dufuz]
* Fixed Bug #17986: PEAR Installer cannot handle files moved between
packages [dufuz]
* Fixed Bug #17997: Strange output if directories are not writeable [dufuz]
* Fixed Bug #18001: PEAR/RunTest coverage fails [dufuz]
* Fixed Bug #18056 [SECURITY]: Symlink attack in PEAR install [dufuz]
* Fixed Bug #18218: "pear package" does not allow the use of late
static binding [dufuz and Christer Edvartsen]
* Fixed Bug #18238: Wrong return code from "pear help" [till]
* Fixed Bug #18308: Broken error message about missing channel
validator [yunosh]
This feature is implemented as a result of #18056
* Implemented Request #16648: Use TMPDIR for builds instead of /var/tmp [dufuz]
Console_GetOpt 1.3.0
Release date: 2010-12-11 21:23 UTC
Changelog:
* Implement Request #13140: [PATCH] to skip unknown parameters.
[patch by rquadling, improved on by dufuz]
Structures_Graph 1.0.4
Release date: 2010-10-26 04:10 UTC
Changelog:
Bugfix Release:
* Bug #17108 BasicGraph::test_directed_degree fails on PHP 5 [clockwerx]
|
|
Security patch for "python26" package
Revisions pulled up:
- lang/python26/Makefile 1.34
- lang/python26/distinfo 1.32
- lang/python26/patches/patch-SA43463 1.1
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: tron
Date: Mon Feb 28 22:35:53 UTC 2011
Modified Files:
pkgsrc/lang/python26: Makefile distinfo
Added Files:
pkgsrc/lang/python26/patches: patch-SA43463
Log Message:
Add fix for the information disclosure vulnerability reported in SA43463
taken from the Python SVN repository.
|
|
archivers/ruby-libarchive: dependence update
comms/ruby-termios: dependence update
converters/ruby-uconv: dependence update
databases/ruby-do_sqlite3: dependence update
databases/ruby-ldap: dependence update
databases/ruby-mysql: dependence update
databases/ruby-odbc: dependence update
databases/ruby-pg: dependence update
databases/ruby-postgresql: dependence update
databases/ruby-qdbm: dependence update
databases/ruby-sqlite: dependence update
databases/ruby-sqlite3: dependence update
databases/ruby-tokyocabinet: dependence update
devel/ruby-SDL: dependence update
devel/ruby-debug-base: dependence update
devel/ruby-eet: dependence update
devel/ruby-eventmachine: dependence update
devel/ruby-ffi: dependence update
devel/ruby-gnome2-atk: dependence update
devel/ruby-gnome2-bonobo: dependence update
devel/ruby-gnome2-bonoboui: dependence update
devel/ruby-gnome2-gconf: dependence update
devel/ruby-gnome2-gio: dependence update
devel/ruby-gnome2-glib: dependence update
devel/ruby-gnome2-libglade: dependence update
devel/ruby-gnome2-pango: dependence update
devel/ruby-linecache: dependence update
devel/ruby-memcache: dependence update
devel/ruby-ncurses: dependence update
devel/ruby-priority-queue: dependence update
devel/ruby-racc: dependence update
devel/ruby-rbtree: dependence update
devel/ruby-rcov: dependence update
devel/ruby-rcsparse: dependence update
devel/ruby-subversion: dependence update
devel/ruby-thrift: dependence update
graphics/ruby-RMagick: dependence update
graphics/ruby-clutter-cairo: dependence update
graphics/ruby-clutter-core: dependence update
graphics/ruby-clutter-gtk: dependence update
graphics/ruby-gd: dependence update
graphics/ruby-gnome2-gdkpixbuf: dependence update
graphics/ruby-gnome2-gnomecanvas: dependence update
graphics/ruby-gnome2-goocanvas: dependence update
graphics/ruby-gnome2-gtkglext: dependence update
graphics/ruby-gnome2-libart: dependence update
graphics/ruby-gnome2-rsvg: dependence update
graphics/ruby-imlib2: dependence update
graphics/ruby-opengl: dependence update
graphics/ruby-rcairo: dependence update
inputmethod/ruby-zinnia: dependence update
lang/ruby: dependence update
lang/ruby18-base: security update
lang/ruby19-base: security update
mail/ruby-tmail: dependence update
math/ruby-rb-gsl: dependence update
multimedia/ruby-clutter-gst: dependence update
multimedia/ruby-gnome2-gstreamer: dependence update
multimedia/ruby-ming: dependence update
print/ruby-gnome2-gnomeprint: dependence update
print/ruby-gnome2-gnomeprintui: dependence update
print/ruby-gnome2-poppler: dependence update
security/ruby-password: dependence update
security/ruby-tcpwrap: dependence update
sysutils/ruby-quota: dependence update
textproc/ruby-bluecloth: dependence update
textproc/ruby-cabocha: dependence update
textproc/ruby-eruby: dependence update
textproc/ruby-ferret: dependence update
textproc/ruby-hpricot: dependence update
textproc/ruby-itex2MML: dependence update
textproc/ruby-json: dependence update
textproc/ruby-libxml: dependence update
textproc/ruby-mecab: dependence update
textproc/ruby-native-hyperestraier: dependence update
textproc/ruby-nokogiri: dependence update
textproc/ruby-oniguruma: dependence update
textproc/ruby-redcloth: dependence update
textproc/ruby-sary: dependence update
textproc/ruby-xmlparser: dependence update
textproc/ruby-xslt: dependence update
textproc/ruby-yamcha: dependence update
www/mongrel: dependence update
www/ruby-clearsilver: dependence update
www/ruby-fcgi: dependence update
www/ruby-gnome2-gtkhtml2: dependence update
www/ruby-gnome2-gtkmozembed: dependence update
www/ruby-patron: dependence update
www/thin: dependence update
x11/ruby-gnome2-gnome: dependence update
x11/ruby-gnome2-gtk: dependence update
x11/ruby-gnome2-gtksourceview: dependence update
x11/ruby-gnome2-gtksourceview2: dependence update
x11/ruby-gnome2-panelapplet: dependence update
x11/ruby-gnome2-vte: dependence update
Revisions pulled up:
- archivers/ruby-libarchive/Makefile 1.2
- comms/ruby-termios/Makefile 1.23
- converters/ruby-uconv/Makefile 1.19
- databases/ruby-do_sqlite3/Makefile 1.2
- databases/ruby-ldap/Makefile 1.7
- databases/ruby-mysql/Makefile 1.34 via patch
- databases/ruby-odbc/Makefile 1.10 via patch
- databases/ruby-pg/Makefile 1.6
- databases/ruby-postgresql/Makefile 1.37
- databases/ruby-qdbm/Makefile 1.12
- databases/ruby-sqlite/Makefile 1.3
- databases/ruby-sqlite3/Makefile 1.15
- databases/ruby-tokyocabinet/Makefile 1.24
- devel/ruby-SDL/Makefile 1.9 via patch
- devel/ruby-debug-base/Makefile 1.7
- devel/ruby-eet/Makefile 1.8
- devel/ruby-eventmachine/Makefile 1.7
- devel/ruby-ffi/Makefile 1.3
- devel/ruby-gnome2-atk/Makefile 1.8
- devel/ruby-gnome2-bonobo/Makefile patch
- devel/ruby-gnome2-bonoboui/Makefile patch
- devel/ruby-gnome2-gconf/Makefile patch
- devel/ruby-gnome2-gio/Makefile 1.3 via patch
- devel/ruby-gnome2-glib/Makefile 1.11
- devel/ruby-gnome2-libglade/Makefile patch
- devel/ruby-gnome2-pango/Makefile 1.18 via patch
- devel/ruby-linecache/Makefile 1.5
- devel/ruby-memcache/Makefile 1.4
- devel/ruby-ncurses/Makefile 1.9
- devel/ruby-priority-queue/Makefile 1.6
- devel/ruby-racc/Makefile 1.18
- devel/ruby-rbtree/Makefile 1.6
- devel/ruby-rcov/Makefile 1.5
- devel/ruby-rcsparse/Makefile 1.10
- devel/ruby-subversion/Makefile 1.28
- devel/ruby-thrift/Makefile 1.4 via patch
- graphics/ruby-RMagick/Makefile 1.76 via patch
- graphics/ruby-clutter-cairo/Makefile 1.8 via patch
- graphics/ruby-clutter-core/Makefile 1.11 via patch
- graphics/ruby-clutter-gtk/Makefile 1.8 via patch
- graphics/ruby-gd/Makefile 1.34 via patch
- graphics/ruby-gnome2-gdkpixbuf/Makefile 1.20 via patch
- graphics/ruby-gnome2-gnomecanvas/Makefile patch
- graphics/ruby-gnome2-goocanvas/Makefile 1.12 via patch
- graphics/ruby-gnome2-gtkglext/Makefile patch
- graphics/ruby-gnome2-libart/Makefile patch
- graphics/ruby-gnome2-rsvg/Makefile 1.21 va patch
- graphics/ruby-imlib2/Makefile 1.24 va patch
- graphics/ruby-opengl/Makefile 1.31
- graphics/ruby-rcairo/Makefile 1.22 via patch
- inputmethod/ruby-zinnia/Makefile 1.3
- lang/ruby/buildlink3.mk 1.13
- lang/ruby/rubyversion.mk 1.58-1.59
- lang/ruby18-base/distinfo 1.47
- lang/ruby19-base/DEINSTALL 1.2
- lang/ruby19-base/Makefile 1.7
- lang/ruby19-base/PLIST 1.4
- lang/ruby19-base/distinfo 1.4
- lang/ruby19-base/patches/patch-string.c 1.1
- mail/ruby-tmail/Makefile 1.19
- math/ruby-rb-gsl/Makefile 1.9
- multimedia/ruby-clutter-gst/Makefile 1.9 via patch
- multimedia/ruby-gnome2-gstreamer/Makefile 1.7
- multimedia/ruby-ming/Makefile 1.15 via patch
- print/ruby-gnome2-gnomeprint/Makefile patch
- print/ruby-gnome2-gnomeprintui/Makefile patch
- print/ruby-gnome2-poppler/Makefile 1.19 via patch
- security/ruby-password/Makefile 1.5
- security/ruby-tcpwrap/Makefile 1.18
- sysutils/ruby-quota/Makefile 1.21
- textproc/ruby-bluecloth/Makefile 1.5
- textproc/ruby-cabocha/Makefile 1.3
- textproc/ruby-eruby/Makefile 1.26
- textproc/ruby-ferret/Makefile 1.6
- textproc/ruby-hpricot/Makefile 1.8
- textproc/ruby-itex2MML/Makefile 1.7
- textproc/ruby-json/Makefile 1.9
- textproc/ruby-libxml/Makefile 1.7
- textproc/ruby-mecab/Makefile 1.6
- textproc/ruby-native-hyperestraier/Makefile 1.6
- textproc/ruby-nokogiri/Makefile 1.4
- textproc/ruby-oniguruma/Makefile 1.6
- textproc/ruby-redcloth/Makefile 1.14
- textproc/ruby-sary/Makefile 1.7
- textproc/ruby-xmlparser/Makefile 1.15
- textproc/ruby-xslt/Makefile 1.7
- textproc/ruby-yamcha/Makefile 1.3
- www/mongrel/Makefile 1.13 via patch
- www/ruby-clearsilver/Makefile 1.15
- www/ruby-fcgi/Makefile 1.15
- www/ruby-gnome2-gtkhtml2/Makefile patch
- www/ruby-gnome2-gtkmozembed/Makefile 1.17 via patch
- www/ruby-patron/Makefile 1.5
- www/thin/Makefile 1.8 via patch
- x11/ruby-gnome2-gtk/Makefile 1.25 via patch
- x11/ruby-gnome2-gtksourceview/Makefile patch via 1.12
- x11/ruby-gnome2-gtksourceview2/Makefile patch
- x11/ruby-gnome2-panelapplet/Makefile patch
- x11/ruby-gnome2-vte/Makefile 1.16 via patch
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 14:31:06 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
* Start upate of ruby18 and ruby19 packags.
* Remove redundant GEM_HOME definition from PLIST.
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 14:35:38 UTC 2011
Modified Files:
pkgsrc/lang/ruby18-base: distinfo
Log Message:
Update ruby18-base package to 1.8.7.334 (Ruby 1.8.7p334).
* The FileUtils Vulnerability
http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
* The $SAFE Vulnerability
Fri Feb 18 21:18:55 2011 Shugo Maeda <shugo@ruby-lang.org>
* test/ruby/test_exception.rb (TestException::test_to_s_taintness_propagation):
Test for below.
Fri Feb 18 21:18:55 2011 URABE Shyouhei <shyouhei@ruby-lang.org>
* error.c (exc_to_s): untainted strings can be tainted via
Exception#to_s, which enables attackers to overwrite sane strings.
Reported by: Yusuke Endoh <mame at tsg.ne.jp>.
* error.c (name_err_to_s): ditto.
Fri Feb 18 21:17:22 2011 Shugo Maeda <shugo@ruby-lang.org>
* lib/fileutils.rb (FileUtils::remove_entry_secure): there is a
race condition in the case where the given path is a directory,
and some other user can move that directory, and create a
symlink while this method is executing.
Reported by: Nicholas Jefferson <nicholas at pythonic.com.au>
Fri Feb 18 19:46:46 2011 NAKAMURA Usaku <usa@ruby-lang.org>
* win32/win32.c (init_stdhandle): backport mistake of r29382.
some code are needless in ruby 1.8.
[ruby-core:34579]
Fri Feb 18 19:22:17 2011 URABE Shyouhei <shyouhei@ruby-lang.org>
* configure.in: revert revision r29854. This revision introduced
binary incompatibilities on some circumstances. The bug that
revision was fixing gets reopened by this reversion.
[ruby-dev:43152] cf. [Bug #2553]
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 14:44:11 UTC 2011
Modified Files:
pkgsrc/lang/ruby19-base: DEINSTALL Makefile PLIST distinfo
Added Files:
pkgsrc/lang/ruby19-base/patches: patch-string.c
Log Message:
Update ruby19-base package to 1.9.2pl180 (Ruby 1.9.2 p180).
* The FileUtils Vulnerability
http://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/
* Add a patch r30779 from repository; a bug of utf-8 string handling.
For more detail changes of Ruby 1.9.2pl180, please refer:
http://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_180/ChangeLog
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 15:00:34 UTC 2011
Modified Files:
pkgsrc/lang/ruby: buildlink3.mk rubyversion.mk
Log Message:
Introduce RUBY_ABI_VERSION and use it BUILDLINK_ABI_DEPENDS.
There are ABI incompatibility amaong Ruby 1.8.7 patchlevel 302, 330 and 334,
So it would be handle if such problem in future.
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:01:24 UTC 2011
Modified Files:
pkgsrc/archivers/ruby-libarchive: Makefile
pkgsrc/comms/ruby-termios: Makefile
pkgsrc/converters/ruby-uconv: Makefile
pkgsrc/databases/ruby-do_sqlite3: Makefile
pkgsrc/databases/ruby-ldap: Makefile
pkgsrc/databases/ruby-mysql: Makefile
pkgsrc/databases/ruby-odbc: Makefile
pkgsrc/databases/ruby-pg: Makefile
pkgsrc/databases/ruby-postgresql: Makefile
pkgsrc/databases/ruby-qdbm: Makefile
pkgsrc/databases/ruby-sqlite: Makefile
pkgsrc/databases/ruby-sqlite3: Makefile
pkgsrc/databases/ruby-tokyocabinet: Makefile
pkgsrc/devel/ruby-SDL: Makefile
pkgsrc/devel/ruby-debug-base: Makefile
pkgsrc/devel/ruby-eet: Makefile
pkgsrc/devel/ruby-eventmachine: Makefile
pkgsrc/devel/ruby-ffi: Makefile
pkgsrc/devel/ruby-gnome2-atk: Makefile
pkgsrc/devel/ruby-gnome2-gio: Makefile
pkgsrc/devel/ruby-gnome2-glib: Makefile
pkgsrc/devel/ruby-gnome2-pango: Makefile
pkgsrc/devel/ruby-linecache: Makefile
pkgsrc/devel/ruby-memcache: Makefile
pkgsrc/devel/ruby-ncurses: Makefile
pkgsrc/devel/ruby-priority-queue: Makefile
pkgsrc/devel/ruby-racc: Makefile
pkgsrc/devel/ruby-rbtree: Makefile
pkgsrc/devel/ruby-rcov: Makefile
pkgsrc/devel/ruby-rcsparse: Makefile
pkgsrc/devel/ruby-subversion: Makefile
pkgsrc/devel/ruby-thrift: Makefile
pkgsrc/graphics/ruby-RMagick: Makefile
pkgsrc/graphics/ruby-clutter-cairo: Makefile
pkgsrc/graphics/ruby-clutter-core: Makefile
pkgsrc/graphics/ruby-clutter-gtk: Makefile
pkgsrc/graphics/ruby-gd: Makefile
pkgsrc/graphics/ruby-gnome2-gdkpixbuf: Makefile
pkgsrc/graphics/ruby-gnome2-goocanvas: Makefile
pkgsrc/graphics/ruby-gnome2-rsvg: Makefile
pkgsrc/graphics/ruby-imlib2: Makefile
pkgsrc/graphics/ruby-opengl: Makefile
pkgsrc/graphics/ruby-rcairo: Makefile
pkgsrc/inputmethod/ruby-zinnia: Makefile
pkgsrc/mail/ruby-tmail: Makefile
pkgsrc/math/ruby-rb-gsl: Makefile
pkgsrc/multimedia/ruby-clutter-gst: Makefile
pkgsrc/multimedia/ruby-gnome2-gstreamer: Makefile
pkgsrc/multimedia/ruby-ming: Makefile
pkgsrc/print/ruby-gnome2-poppler: Makefile
pkgsrc/security/ruby-password: Makefile
pkgsrc/security/ruby-tcpwrap: Makefile
pkgsrc/sysutils/ruby-quota: Makefile
pkgsrc/textproc/ruby-bluecloth: Makefile
pkgsrc/textproc/ruby-cabocha: Makefile
pkgsrc/textproc/ruby-eruby: Makefile
pkgsrc/textproc/ruby-ferret: Makefile
pkgsrc/textproc/ruby-hpricot: Makefile
pkgsrc/textproc/ruby-itex2MML: Makefile
pkgsrc/textproc/ruby-json: Makefile
pkgsrc/textproc/ruby-libxml: Makefile
pkgsrc/textproc/ruby-mecab: Makefile
pkgsrc/textproc/ruby-native-hyperestraier: Makefile
pkgsrc/textproc/ruby-nokogiri: Makefile
pkgsrc/textproc/ruby-oniguruma: Makefile
pkgsrc/textproc/ruby-redcloth: Makefile
pkgsrc/textproc/ruby-sary: Makefile
pkgsrc/textproc/ruby-xmlparser: Makefile
pkgsrc/textproc/ruby-xslt: Makefile
pkgsrc/textproc/ruby-yamcha: Makefile
pkgsrc/www/mongrel: Makefile
pkgsrc/www/ruby-clearsilver: Makefile
pkgsrc/www/ruby-fcgi: Makefile
pkgsrc/www/ruby-gnome2-gtkmozembed: Makefile
pkgsrc/www/ruby-patron: Makefile
pkgsrc/www/thin: Makefile
pkgsrc/x11/ruby-gnome2-gtk: Makefile
pkgsrc/x11/ruby-gnome2-gtksourceview2: Makefile
pkgsrc/x11/ruby-gnome2-vte: Makefile
Log Message:
Bump PKGREVISION due to ABI change of ruby18-base.
|
|
archivers/php-zip: security patch
graphics/php-exif: security patch
lang/php5: security patch
lang/php53: security patch
Revisions pulled up:
- archivers/php-zip/Makefile 1.12-1.13
- graphics/php-exif/Makefile 1.9-1.10
- lang/php5/Makefile 1.82-1.83
- lang/php5/Makefile.php 1.43-1.44
- lang/php5/distinfo 1.86-1.87
- lang/php5/patches/patch-ext_exif_exif.c 1.1
- lang/php5/patches/patch-ext_zip_lib_zip__name__locate.c 1.1
- lang/php5/patches/patch-ext_zip_php__zip.c 1.1
- lang/php53/Makefile 1.7
- lang/php53/Makefile.php 1.5
- lang/php53/distinfo 1.12
- lang/php53/patches/patch-ext_exif_exif.c 1.1
- lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c 1.1
- lang/php53/patches/patch-ext_zip_php__zip.c 1.1
---
Module Name: pkgsrc
Committed By: shattered
Date: Tue Feb 15 20:52:24 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.php
Log Message:
Re-enable DL_AUTO_VARS -- makes PHP CLI work again with extensions that
are linked to pthread (like mysql.so).
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:21:17 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile.php distinfo
Log Message:
Re-enable suhosin patch as php53.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:23:58 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile.php
Log Message:
Re-enable DL_AUTO_VARS as php5 package.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:25:33 UTC 2011
Modified Files:
pkgsrc/lang/php5: Makefile
Added Files:
pkgsrc/lang/php5/patches: patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Add patches to fix SA43328.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:26:50 UTC 2011
Modified Files:
pkgsrc/lang/php5: distinfo
Log Message:
Regen distinfo.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:29:15 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile
Log Message:
Bump PKGREVISION for DL_AUTO_VARS.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:30:44 UTC 2011
Modified Files:
pkgsrc/archivers/php-zip: Makefile
pkgsrc/graphics/php-exif: Makefile
Log Message:
Bump PKGREVISION reflects fix of SA43328.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 21 16:38:40 UTC 2011
Modified Files:
pkgsrc/lang/php53: distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-ext_exif_exif.c
patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c
Log Message:
Oops, it should be commit before CHANGE-2011 update.
Add Add patches to fix SA43328.
---
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 22 07:36:08 UTC 2011
Modified Files:
pkgsrc/archivers/php-zip: Makefile
pkgsrc/graphics/php-exif: Makefile
Log Message:
Add missing USE_PHP_EXT_PATCHES to apply patches really.
|
|
lang/sun-jdk6: security update
lang/sun-jre6: security update
Revivions pulled up:
- lang/sun-jdk6/Makefile 1.21
- lang/sun-jdk6/PLIST 1.11
- lang/sun-jdk6/distinfo 1.12
- lang/sun-jre6/Makefile 1.28
- lang/sun-jre6/PLIST.linux-i386 1.21
- lang/sun-jre6/distinfo 1.15
- lang/sun-jre6/sfiles-i386.mk 1.4
---
Module Name: pkgsrc
Committed By: obache
Date: Mon Feb 21 07:48:20 UTC 2011
Modified Files:
pkgsrc/lang/sun-jdk6: Makefile PLIST distinfo
pkgsrc/lang/sun-jre6: Makefile PLIST.linux-i386 distinfo sfiles-i386.mk
Log Message:
Update sun-{jre,jdk}6 to 6.0.24.
Java SE 6 Update 24
* OlsonData 2010o
* Java DB 10.6.2.1
* Bug Fixes, include following security fix.
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4451
CVE-2010-4452
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4466
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4474
CVE-2010-4475
CVE-2010-4476
Java SE 6 Update 23
* OlsonData 2010l
* Java Hotspot VM 19.0
* Java VisualVM 1.3.1
* Menu Item Corrections for Right-to-Left Languages
* Additional Languages Support in Linux Systems
* Bug Fixes
|
|
portability fix
Revisions pulled up:
- pkgsrc/lang/ruby19-base/Makefile 1.6
- pkgsrc/lang/ruby19-base/distinfo 1.3
- pkgsrc/lang/ruby19-base/patches/patch-as 1.2
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Feb 7 11:15:29 UTC 2011
Modified Files:
pkgsrc/lang/ruby19-base: Makefile distinfo
pkgsrc/lang/ruby19-base/patches: patch-as
Log Message:
Add a patch from FreeBSD's port and it fixes runtime problem
on DragonFly, too. The patch was provided by Rumko via private mail.
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/ruby19-base/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/ruby19-base/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/ruby19-base/patches/patch-as
|
|
portability fix
Revisions pulled up:
- pkgsrc/lang/ruby/rubyversion.mk 1.57
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Tue Feb 1 22:32:38 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
Apply patch provided by obache@, fixing build problem on Solaris.
Should be fix PR pkg/44480.
To generate a diff of this commit:
cvs rdiff -u -r1.55 -r1.56 pkgsrc/lang/ruby/rubyversion.mk
----------------------------------------------------------------------
Module Name: pkgsrc
Committed By: obache
Date: Wed Feb 2 08:47:01 UTC 2011
Modified Files:
pkgsrc/lang/ruby: rubyversion.mk
Log Message:
fixes shlib alias name for Solaris. PR#44480.
RUBY_API_TEENY must be used instead of _RUBY_VER_TEENY for shlib name.
To generate a diff of this commit:
cvs rdiff -u -r1.56 -r1.57 pkgsrc/lang/ruby/rubyversion.mk
|
|
lang/php53 with suhosin build fix
Revisions pulled up:
- pkgsrc/lang/php53/Makefile.php
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: rumko
Date: Sun Jan 30 17:58:06 UTC 2011
Modified Files:
pkgsrc/lang/php53: Makefile.php distinfo
Log Message:
lang/php53: add the missing suhosin patch
5.3.5 was released due to a critical issue and the previous suhosin
patch still applies. Prior art of this can be seen in OpenBSD's and
FreeBSD's ports.
ok@ wiz
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile.php
cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/php53/distinfo
|
|
* Security fix for ASP.NET (XSP / mod_mono) source code disclosure
(CVE-2010-4225)
* Backport ParallelFx improvements from master (jlaval)
* Fix state check for short-circuiting with SupportRecursion in
ReaderWriterLockSlim #655361 (jlaval)
* Increment Count even on single-processor in SpinWait.
Fix #624849. (jlaval)
* Update ThreadLocal to use default(T) for initialization with
parameterless ctor. Fix #658689. (jlaval)
|
|
* Add fix for VAX floating point handling (Bug #53682), r307192 from
PHP's repositry. (It is in PHP 5.2.17 but not in 5.3.5).
06 Jan 2011, PHP 5.3.5
- Fixed Bug #53632 (infinite loop with x87 fpu). (Scott, Rasmus)
|
|
* patch-ab (Fix VAX floating point handling) is merge to PHP 5.2.17.
06 Jan 2010, PHP 5.2.17
- Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott,
Rasmus)
|
|
|
|
|
|
otherwise they are not pulled in by the base package and the buildlink
step fails. (Broke avidemux.)
|
|
|
|
|
|
|
|
|
|
|
|
(multimedia/mediatomb and multimedia/avidemux) were confirmed as
working with the non-threaded version, and broken (spinning CPU)
with the threaded one, after the 1.8.0 update.
|
|
Release announce:
http://www.ruby-lang.org/en/news/2010/12/25/ruby-1-9-2-p136-is-released/
Full Changes:
http://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_136/ChangeLog
|
|
Release announce:
http://www.ruby-lang.org/en/news/2010/12/25/ruby-1-8-7-p330-released/
Quote from the announce:
* Here you are an annual release of 1.8.7 updates.
* No license change from previos 1.8.7 release.
Full Changes:
http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_330/ChangeLog
|
|
RUBY18_PATCHLEVEL pl330
RUBY19_PATCHLEVEL pl136
|
|
|
|
Changes in 1.8.8 (since 1.8.7)
* Bugs fixed
** Fix possible buffer overruns when parsing numbers
** Fix random number generator on 64-bit platforms
Previously the `scm_c_random' function would crash or return only 32-bit
worth of randomness. In addition, the new `scm_c_random64' function
explicitly returns 64 bits of randomness.
** Add missing range checks in `vector-move-left!' and `vector-move-right!'
Previously these procedures could write past the end of a vector.
** Avoid clash with system setjmp/longjmp on IA64
** Don't dynamically link an extension that is already registered
** Fix `wrong type arg' exceptions with IPv6 addresses
** Fix typos in `(srfi srfi-19)'
** Have `(srfi srfi-35)' provide named struct vtables
** Fix C documentation extraction ("snarfing") with recent GCC versions
** Fix some Interix build problems
** Fix Tru64 build problems
** Fix GC-related build issues on Solaris 10 x86 with Sun Studio 12
** Several small documentation fixes
|
|
* Use $(CC) for LDSHARED on NetBSD and DragonFly like any other.
Fixes PR#42598 for that libpython will be linked with sufficient flags.
Bump PKGREVISION.
|
|
|
|
No standard changelog provided from upstream, some bits scattered here:
* http://www.mozilla.org/js/spidermonkey/release-notes/JS_170.html
* https://developer.mozilla.org/En/SpiderMonkey/1.8
pkgsrc changes:
* Threading support (and dependency on devel/nspr) is now optional
(enabled by default). Threaded Spidermonkey may not be desirable
for e.g. server-side JavaScript usage.
* Unicode strings support optional.
* Rudimental OpenSolaris/Solaris 11 config file provided.
Release Candidate note:
Spidermonkey 1.8.0 RC1 was the last version ever released as
a standalone distribution, and is generally being used by the JavaScript
community nowaways, if needed. In the future, ripping Spidermonkey
out of the Mozilla tarball may be attempted too, to update the package
to 1.9.x.
|
|
alternative from mk/jpeg.buildlink3.mk
This allows selection of an alternative jpeg library (namely the x86 MMX,
SSE, SSE2 accelerated libjpeg-turbo) via JPEG_DEFAULT=libjpeg-turbo, and
follows the current standard model for alternatives (fam, motif, fuse etc).
The mechanical edits were applied via the following script:
#!/bin/sh
for d in */*; do
[ -d "$d" ] || continue
for i in "$d/"Makefile* "$d/"*.mk; do
case "$i" in *.orig|*"*"*) continue;; esac
out="$d/x"
sed -e 's;graphics/jpeg/buildlink3\.mk;mk/jpeg.buildlink3.mk;g' \
-e 's;BUILDLINK_PREFIX\.jpeg;JPEGBASE;g' \
< "$i" > "$out"
if cmp -s "$i" "$out"; then
rm -f "$out"
else
echo "Edited $i"
mv -f "$i" "$i.orig" && mv "$out" "$i"
fi
done
done
|
|
Pkgsrc changes:
o Adapt PLIST to changes in the set of installed files
o Adjust one patch to match the changed source
Upstream changes:
- Core
+ Just In Time native call frame generation using LibFFI
+ PIR op find_codepoint is no longer experimental, it is now supported
+ Several public functions in libparrot have been brought up to standard
naming conventions.
+ Improved linked-list implementation in GC
+ set_addr opcode is being replaced with the new set_label opcode
in core libraries
+ Removed deprecated CodeString PMC
+ Added close, is_closed, read, readline methods to Socket
+ Added experimental MappedByteArray PMC type
+ Added Parrot_warn_experimental, to warn the user about experimental features
+ Code for frontend executables moved from src/ to frontend/
+ Support for chunked receive in LWP library.
+ Added a "quickcover" make target
- Languages
+ PIRC
- left the nest and is currently at https://github.com/parrot/pirc/
+ Community
- Our README was translated into the following languages
by Google Code-In students and mentors:
Polish README.polski
Spanish README.espanol
German README.deutsch
- Documentation
- Tests
+ Test coverage increase on PMCs: String, Integer, NameSpace,
Complex, EventHandler
+ 'make quickcover' target added to speed up most essential
parts of coverage analysis
+ 'tools/dev/headerizer.pl' refactored to improve maintainability
(no change in functionality)
|
|
older releases.
|
|
|
|
- to do this, and make the result runnable on pre-thumb arm, change
upstreams assembler snippets and stubs to use "mov pc,reg" instead
of the return/call-to-thumb-friendly "bx reg", which is not available
in non-thumb-enabled arm CPUs. Whether this is the way to go, or a
seperate "armt" architecture for ocaml is needed, needs to be discussed
with upstream.
Resulting compiler, when running its selftest suite, has 6 errors less than
the same on i386. Unison compiled natively with this passes its self-test.
|
|
|
|
Boomerang is a programming language for writing lenses--well-behaved
bidirectional transformations--that operate on ad-hoc, textual data
formats. Every lens program, when read from left to right, describes
a function that maps an input to an output; when read from right
to left, the very same program describes a "backwards" function
that maps a modified output, together with the original input, back
to a modified input.
Lenses have been used to solve problems across a wide range of
areas in computing including: in data converters and synchronizers,
in parsers and pretty printers, in picklers and unpicklers, in
structure editors, in constraint maintainers for user interfaces,
in software model transformations, in schema evolution, in tools
for managing system configuration files, and in databases where
they provide updatable views.
|
|
|
|
Fold long line.
|
|
|
|
|
|
PHP 5.2.16 Released!
The PHP development team would like to announce the immediate availability of
PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of
PHP 5.2 are encouraged to upgrade to PHP 5.3.
This release focuses on addressing a regression in open_basedir implementation
introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data
retrieval when the server is down. All users who have upgraded to 5.2.15 and
are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or
5.3.4.
To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
migration guide available on http://php.net/migration53, details the changes
between PHP 5.2 and PHP 5.3.
For a full list of changes in PHP 5.2.16 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.16.
ChangeLog:
Version 5.2.16
16-Dec-2010
* Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is
down). (gyp at balabit dot hu)
* Fixed bug #53516 (Regression in open_basedir handling). (Ilia)
|
|
full gauche version in r6983 of sourceforge repository.
|
|
New in Gauche 0.9.1: Major Feature Enhancements
+ New Features
o Extended formals: Built-in lambda, define etc. can
recognize optional and keyword arguments, a la Common Lisp.
o Enhanced module mechanism: Now you can rename, choose,
or add prefix to the symbols when importing other modules.
o Efficient record types: A new module gauche.record provides
ERR5RS (srfi-99) compatible record types. It is also upper
compatible to srfi-9 records.
o More support for multithreaded applications: Thread-safe
queue is added to util.queue, and thread-pool feature is
provided by the new module control.thread-pool.
Continuations can be passed between threads.
o Partial continuations.
o Enhanced Windows support.
o New module: crypt.bcrypt: A module for Blowfish password hashing.
o New module: srfi-98: portable environment variable lookup support.
o New module: gauche.mop.propagate: Making object composition simpler.
o New module: rfc.json: JSON parsing and construction.
+ Changes
o The directory structure for Gauche installation has changed so
that we can keep binary compatibility for the extension
modules throughout 0.9.x releases.
o Now it is an error to pass a keyword argument that isn't
expected by the callee. It used to be a warning.
o Regular expression re{,M} now means the same as re{0,M},
which is compatible to Oniguruma.
+ Improvements
o The compiler and the runtime got optimized more.
The compiler now knows more about built-in procedures, and tries
compile-time constant folding and/or inlining more aggressively.
For example, sxml.ssax can parse XML document a lot faster.
o ^ can be used in place of lambda, allowing more concise code.
There's also convenience macros ^a, ^b, ... ^z and ^_ as
abbreviations of lambda (a) etc.
o ~ is added for universal accessing operator. (~ x y) is the same
as (ref x y), and (~ x y z) is the same as (ref (ref x y) z),
and so on. It can be used with generalized setter, e.g.
(set! (~ array i) x).
o define-syntax, let-syntax, and letrec-syntax are enhanced so that
they can take a general expression in rhs, as far as it yields
a syntactic transformer.
o gauche.process: I/O redirection handling in run-process becomes
more flexible.
o rfc.http module now supports https connection (unix platforms only).
Currently it relies on an external program (stunnel).
o A new procedure current-load-path allows the program to know
the file name it is being loaded from.
o A new procedure .$ is introduced as an alternative name of compose.
o Regular expressions now got read-write invariance. Some internal
regexp routines are made public, giving users an easy way
to construct and analyze regexp programatically.
o rfc.822: New procedure: rfc822-date->date.
o file.util: The procedure temporary-directory now became a parameter
so that you can switch it when necessary. The default value is taken
from (sys-tmpdir), which determines temporary directory in the
recommended way of the platform; esp., it works on Windows native
platforms. home-directory works on Windows, too.
Procedures null-device and console-device are added to make it easier
to write portable script across Unix and Windows platforms.
o util.queue: New proceduers: any-in-queue, every-in-queue.
o gauche.parseopt: When let-args encounters a command-line option
that doesn't match any spec, it now raises a condition of type
<parseopt-error> instead of <error>. The application can capture
the condition to handle invalid command-line arguments.
o gauche.uvector: New procedure uvector-size to obtain number of octets
actually to be written out when the given uvector is written out
by write-block.
o dbm: A new procedure dbm-type->class allows an application to load
appropriate dbm implementation at runtime. Utility scripts dbm/dump
and dbm/restore are provided for easier backup and migration.
o Procedure slot-pop! is added for the consistency with other
*-push!/pop! API pairs.
o When ref is used for object slot access, it can take default value
in case the slot is unbound.
o Made (set! (ref list k) value) work.
o New procedures delete-keywords, delete-keywords!, tree-map-map,
tree-map-for-each.
o unwind-protect allows multiple handlers, as in CL.
o sqrt now returns an exact number if the argument is exact and
the result can be computed exactly. Also, R6RS's exact-integer-sqrt
is added.
o gauche.parameter: Parameters can be used with generalized set!.
o The default-endian parameter is moved from binary.io module
to the core, so that this parameter controls default endian
of binary I/O in general. For example, read-block! and write-block
of the gauche.uvector module now uses the value of this parameter
as the default. A new procedure native-endian is added to retrieve
the platform's native endianness.
o More R6RS procedures: inexact, exact, real-valued?, rational-valued?,
integer-valued?, div, mod, div0, mod0.
A number of bug fixes.
|
|
BufferedReader.readLine (while building wip/jdk15)
KAFFE_BUGGY_NETBSD_SIGWAIT is only required in older NetBSD releases, and
in fact breaks NetBSD 5
Bump PKGREVISION
many thanks
|
|
New in version 1.0.45
* enhancement: ~/ and ~user/ are treated specially in pathnames.
* enhancement: ASDF has been updated to version 2.010.
* optimization: mutated closed-over variables that are only accessed
by DYNAMIC-EXTENT closures (currently only FLET and LABELS functions
declared to be DYNAMIC-EXTENT) are stored directly in their containing
stack frame, rather than allocating a VALUE-CELL (#586103).
* optimization: UNWIND-PROTECT cleanup functions are now declared
DYNAMIC-EXTENT.
Bug fixes.
New in version 1.0.44
* enhancement: RUN-PROGRAM accepts :EXTERNAL-FORMAT argument
to select the external-format for its :INPUT, :OUTPUT, AND
:ERROR :STREAMs.
* enhancement: ALLOCATION-INFORMATION also provides the page
the object resides on.
* enhancement: default dynamic-space size can be configured at
build-time without touching source, using the --dynamic-space-size
argument to make.sh.
* enhancement: DESCRIBE recognizes symbols naming optimization
policy qualities, and mentions ALWAYS-BOUND declarations.
* enhancement: ATOMIC-INCF now supports AREF of
(SIMPLE-ARRAY SB-EXT:WORD (*)) as a place.
* enhancement: ASDF has been updated to 2.009.
* enhancement: the system detects known type-erros in calls better,
signalling a full warning about violated proclaimed FTYPEs and
violations of derived FTYPEs within the same file, including self-calls.
* enhancement: new function: SB-EXT:DELETE-DIRECTORY is now provided.
* optimization: constant-folding exploits numeric and character types,
in addition member types.
* optimization: numeric, character and member types that are inhabited
by exactly one value are tested with EQL.
* optimization: more conditional branches are eliminated during IR1.
Branches are simplified before performing if/if-conversion,
and simple equivalent branches (that only read the same constant
or variable) are merged.
* improvements to the Windows port:
+ change: canonical unparsing form for pathname namestrings now
uses / as directory separator. NATIVE-NAMESTRING still uses \
as the separator.
+ bug fix: stackoverwriting due to incorrect usage of PeekConsoleInput
on Windows. (thanks to Kalyanov Dmitry)
+ bug fix: build now works on cygwin with GCC 4.x installed.
+ bug fix: run-sbcl.sh now works on Cygwin. (thanks to Kalyanov Dmitry)
Bug fixes.
New in version 1.0.43
* incompatible change: FD-STREAMS no longer participate in the
serve-event event-loop by default. (#316072)
+ In addition to streams created by explicit calls to MAKE-FD-STREAM
this affects streams from CL:OPEN.
+ Streams from SOCKET-MAKE-STREAM still participate in
serve-event by default, but this is liable to change:
applications needing serve-event for socket streams
should explicitly request it using :SERVE-EVENTS T in the call.
* enhancement: SB-EXT:WORD type is provided for use with
SB-EXT:ATOMIC-INCF &co.
* enhancement: CLOS effective method functions and defclass slot
typechecking function now have debug names for use in backtraces
and profiles.
* enhancement: ASDF has been updated to version 2.004.
* enhancement: symbols are printed using fully qualified names
in several error and warning messages which are often associated
with package conflicts or mixups (#622789, thanks to Attila Lendvai)
Bug fixes.
|
|
Requested in PR pkg/44076
Changes since previous package:
Wed Jul 7 10:51:12 MDT 2010
src/data.c, src/format.c, src/p1output.c: "invisible" tweaks to
silence warnings seen in compilation under Ubuntu; version.c not changed.
Fri Aug 27 09:14:17 MDT 2010
format.c: make sizeof(buf) depend on MAXNAMELEN to fix a bug with long
names. Update mswin/f2c.exe.gz accordingly.
Fri Sep 3 16:03:24 MDT 2010
fc: have "-m ..." modify CC rather than CFLAGS (to affect linking).
|
|
The PHP development team is proud to announce the immediate release of PHP
5.3.4. This is a maintenance release in the 5.3 series, which includes a large
number of bug fixes.
Security Enhancements and Fixes in PHP 5.3.4:
* Fixed crash in zip extract method (possible CWE-170).
* Paths with NULL in them (foo\0bar.txt) are now considered as invalid
(CVE-2006-7243).
* Fixed a possible double free in imap extension (Identified by Mateusz
Kocielski). (CVE-2010-4150).
* Fixed NULL pointer dereference in
ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950).
* Fixed symbolic resolution support when the target is a DFS share.
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
large amount of data) (CVE-2010-3710).
Key Bug Fixes in PHP 5.3.4 include:
* Added stat support for zip stream.
* Added follow_location (enabled by default) option for the http stream
support.
* Added a 3rd parameter to get_html_translation_table. It now takes a charset
hint, like htmlentities et al.
* Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend
multibyte at runtime.
* Multiple improvements to the FPM SAPI.
* Over 100 other bug fixes.
For users upgrading from PHP 5.2 there is a migration guide available here,
detailing the changes between those releases and PHP 5.3.
For a full list of changes in PHP 5.3.4, see the ChangeLog. For source
downloads please visit our downloads page, Windows binaries can be found on
windows.php.net/download/.
|
|
The PHP development team would like to announce the immediate
availability of PHP 5.2.15. This release marks the end of support for
PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.
This release focuses on improving the security and stability of the
PHP 5.2.x branch with a small number, of predominatly security fixes.
Security Enhancements and Fixes in PHP 5.2.15:
* Fixed extract() to do not overwrite $GLOBALS and $this when using
EXTR_OVERWRITE.
* Fixed crash in zip extract method (possible CWE-170).
* Fixed a possible double free in imap extension.
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed NULL pointer dereference in
ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
large amount of data).
Key enhancements in PHP 5.2.15 include:
* Fixed bug #47643 (array_diff() takes over 3000 times longer than php
5.2.4).
* Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy
with SoapClient object).
* To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
migration guide available on http://php.net/migration53, details the changes
between PHP 5.2 and PHP 5.3.
For a full list of changes in PHP 5.2.15 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.15.
|