summaryrefslogtreecommitdiff
path: root/lang
AgeCommit message (Collapse)AuthorFilesLines
2015-02-19Update php55 to 5.5.22 (PHP 5.5.22).taca7-107/+9
19 Feb 2015, PHP 5.5.22 - Core: . Fixed bug #67068 (getClosure returns somethings that's not a closure). (Danack at basereality dot com) . Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname buffer overflow). (Stas) . Fixed bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone). (CVE-2015-0273) (Stas) . Added NULL byte protection to exec, system and passthru. (Yasuo) . Removed support for multi-line headers, as the are deprecated by RFC 7230. (Stas) - Date: . Fixed bug #45081 (strtotime incorrectly interprets SGT time zone). (Derick) - Dba: . Fixed bug #68711 (useless comparisons). (bugreports at internot dot info) - Enchant: . Fixed bug #6855 (heap buffer overflow in enchant_broker_request_dict()). (Antony) - Fileinfo: . Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers) - FPM: . Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle) . Fixed bug #68571 (core dump when webserver close the socket). (redfoxli069 at gmail dot com, Laruence) - Libxml: . Fixed bug #64938 (libxml_disable_entity_loader setting is shared between threads). (Martin Jansen) - OpenSSL: . Fixed bug #55618 (use case-insensitive cert name matching). (Daniel Lowrey) - PDO_mysql: . Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of named pipes). (steffenb198@aol.com) - Phar: . Fixed bug #68901 (use after free). (bugreports at internot dot info) - Pgsql: . Fixed Bug #65199 'pg_copy_from() modifies input array variable). (Yasuo) - Sqlite3: . Fixed bug #68260 (SQLite3Result::fetchArray declares wrong required_num_args). (Julien) - Mysqli: . Fixed bug #68114 (linker error on some OS X machines with fixed width decimal support) (Keyur Govande) . Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient has rounding errors) (Keyur Govande) - Session: . Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo) . Fixed Bug #66623 (no EINTR check on flock) (Yasuo) . Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo) - Standard: . Fixed bug #65272 (flock() out parameter not set correctly in windows). (Daniel Lowrey) . Fixed bug #69033 (Request may get env. variables from previous requests if PHP works as FastCGI) - Streams: . Fixed bug which caused call after final close on streams filter. (Bob)
2015-02-19Forgot to commit with php54 update.taca1-2/+2
2015-02-19Fix build with DTrace 1.11 and newer which is more strict about objectsjperkin5-5/+37
with no probes enabled. Bump PKGREVISION.
2015-02-19Update php54 to 5.4.38 (PHP 5.4.38).taca4-54/+5
19 Feb 2015 PHP 5.4.38 - Core: . Removed support for multi-line headers, as the are deprecated by RFC 7230. (Stas) . Added NULL byte protection to exec, system and passthru. (Yasuo) . Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname buffer overflow). (Stas) . Fixed bug #67827 (broken detection of system crypt sha256/sha512 support). (ncopa at alpinelinux dot org) . Fixed bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone). (Stas) - Enchant: . Fixed bug #6855 (heap buffer overflow in enchant_broker_request_dict()). (Antony) - SOAP: . Fixed bug #67427 (SoapServer cannot handle large messages) (brandt at docoloc dot de)
2015-02-19Fix CVE-2015-0273 php: #68942 Use after free vulnerability insevan5-2/+101
unserialize() with DateTimeZone Reviewed by wiz@
2015-02-18Fix CVE-2015-0273 php: #68942 Use after free vulnerability insevan5-2/+101
unserialize() with DateTimeZone Reviewed by wiz@
2015-02-18Fix CVE-2015-0273 php: #68942 Use after free vulnerability insevan4-2/+51
unserialize() with DateTimeZone Reviewed by wiz@
2015-02-17Silence missing ghc.joerg1-2/+2
2015-02-17Add upstream Trac URL for our workaround to non-standard curses pathpho2-5/+5
2015-02-16Add fix for CVE-2015-1426.taca3-3/+26
Bump PKGREVISION.
2015-02-16Put back autodetection of LUA_VERSION_REQD based on the package name.jperkin1-1/+11
2015-02-16Put back PKG_SYSCONFVAR fix.jperkin1-1/+2
2015-02-16Apologies for not noticing sooner, the previous commit was incorrect asjperkin2-14/+1
taca has already implemented different handling for zend_extension.
2015-02-16Put back custom PHP_ZEND_EXTENSION MESSAGE file.jperkin2-1/+14
2015-02-16Add upstream Trac URLpho2-6/+9
2015-02-15Re-add part of revision 1.33 slighly different way; show "zend_extension"taca2-3/+8
instead of "extension".
2015-02-13Suppress linker warnings about compatibility syscall wrappers by using ↵pho5-5/+79
"capi" instead of "ccall" In Haskell FFI, "ccall" is actually an interface to C ABI rather than C API. That is, GHC generates direct references to the symbol even if it's actually defined as a cpp macro or something like that, because GHC knows nothing about those macros in foreign headers. I will later send these patches to the upstream.
2015-02-13On FreeBSD we need pkgsrc libiconvpho1-1/+7
See bootstrap.mk for details.
2015-02-13add bootstrap jvm binaries for NetBSD 7.* / sparc64,tnn4-11/+17
built in 7.0_BETA chroot with libkver.
2015-02-12Ensure global tool arguments are used in one more place.tnn2-1/+17
2015-02-12- sync w/ lang/openjdk7tnn5-16/+66
- add basic support for NetBSD/sparc64 - can use either cups-1.5 or cups-2.0 headers for build - rerun configure after the 1st build pass, since boot jdk major changes
2015-02-12- Add basic support for NetBSD/sparc64tnn6-38/+36
- drop obsolete patch; libgcc_s linking is handled by the package - can use either cups-1.5 or cups-2.0 headers for build
2015-02-11make Erlang compile on netbsd-6*/shark.is1-2/+2
2015-02-11Use BROKEN_EXCEPT_ON_PLATFORM instead of ONLY_FOR_PLATFORM because it's ↵pho1-2/+2
merely broken on unlisted platforms, not inappropriate
2015-02-11Uploaded bootkits for NetBSD/amd64, FreeBSD/i386 and Darwin/ppc to LOCAL_PORTSpho2-26/+45
They derived from safe bootkits in wip/ghc. See my previous commit for details.
2015-02-11Oops, I forgot to replace some of ${PKGNAME} with ${PKGNAME_NOREV}pho1-8/+8
2015-02-11Preparing to upload some of bootkits to LOCAL_PORTSpho2-36/+42
Refactored bootstrap.mk with no semantic changes in this commit. I will soon upload some of bootkits derived from wip/ghc to LOCAL_PORTS but only for safe ones. Here's a note about safety: * NetBSD/amd64, FreeBSD/i386, Darwin/ppc [SAFE]: These kits were built on my secured private machines under my exclusive control. I'm planning to upload them. * Linux/amd64 [UNSAFE]: I built my kit for this one on a machine shared with my co-workers with root access. I won't upload it. * NetBSD/i386 [UNSAFE]: I built my kit for this one on an Amazon EC2 instance (although it's private). I won't upload it either. For other developers, please do not upload any bootkits derived from unsafe ones mentioned above, because they have some degree of possibility of being compromised. And please keep in mind that machines shared with someone or on a cloud hosting service should be avoided for building bootkits.
2015-02-10Let the build find intermediate libs when it wants to run intermediate rmic.tnn2-4/+14
2015-02-10Fix error observed in SmartOS bulk build.tnn4-1070/+46
Note: PLIST.SunOS should list only files unique to SunOS, not duplicates. XXX why does it bundle libfreetype.so.6? looks wrong.
2015-02-10Really fix previous. Now fontconfig loads and the jconsole UI comes up.tnn3-6/+7
Bump PKGREVISION.
2015-02-10fix mistake in patch portingtnn2-5/+5
2015-02-10try to fix broken freetype detection in some casestnn2-3/+12
2015-02-10drop stray X11 runtime dependencies from headless buildtnn3-14/+17
2015-02-09Clean up +UseSerialGC handling and ensure it is set for the entire build.tnn14-49/+84
(has anyone analyzed the concurrent GC memory allocation problem?) Bump PKGREVISION for this and previous changes.
2015-02-08Optionalize debug, X11 and ZeroVM similar to lang/openjdk8 + minor cleanupstnn8-168/+157
2015-02-08Infrastructure glue for openjdk8tnn1-2/+2
2015-02-08fix hilarious typotnn1-2/+2
2015-02-08FreeBSD/clang build fixtnn1-1/+3
2015-02-08Added lang/openjdk8tnn1-1/+2
2015-02-08Import openjdk8-1.8.31 as lang/openjdk8.tnn53-0/+2474
Open-source implementation of the Java Platform, Standard Edition.
2015-02-08Update ruby-execjs to 2.3.0.taca3-9/+7
Changes are not available, it looks various fixes.
2015-02-08g/c comment, no longer appliestnn1-3/+1
2015-02-08Fix inconsistency between _WRAP_EXTRA_ARGS and CWRAPPERS_APPENDtnn1-1/+2
2015-02-08Don't need to set -DDEFAULT_LIBPATH on compiler command line when it'stnn3-6/+5
handled in a patch already.
2015-02-08netbsd -> ${LOWER_OPSYS}tnn1-3/+3
2015-02-07No reason to keep netbsd-4 hacks when we don't have it in ONLY_FOR_PLATFORMtnn3-30/+2
2015-02-07Provide (invalid) value for BOOT_ARCHIVE for unknown architectures tojoerg1-1/+2
avoid warnings in the rest of the while.
2015-02-07Bootkit for FreeBSD needs to use pkgsrc libiconvpho1-3/+12
2015-02-06${MAKE} bootstrap: Build bootkits with -static-libgccpho1-6/+24
We don't want our bootkits to have a run-time dependency on libgcc. In fact GHC's implementation of Haskell exception handling does not depend on libgcc's facilities so it is attractive to do the same for "normal" build... but we can't. This is because Haskell programs may call C functions via FFI, and those C functions may call C++ functions in turn, possibly in a different shared library. But on some platforms, gcc automagically inserts a dependency on a shared libgcc when -lpthread is given, which is seemingly unavoidable.
2015-02-06patches/patch-rts_ghc.mk: dtrace hack is no longer neededpho2-25/+6
The problem only occurs when $(WhatGccIsCalled) is an absolute path to the "real" gcc (e.g. "/usr/bin/gcc"), which happens if we run ${WRKSRC}/configure with an option something like "--with-gcc=/usr/bin/gcc". As long as we use "--with-gcc" with a command name (i.e. ${CC}, not ${CCPATH}), everything works fine without any problems. This is because dtrace(1) executes cpp in a rather weird way: it calls execvp("/usr/bin/gcc", argv) with argv set to {"gcc", "-E", "-xc", ...}, not {"/usr/bin/gcc", "-E", "-xc", ...}. When GCC is called that way, it needs to find platform-specific subprograms by walking through ${PATH}. And if it sees an executable named "gcc" which in fact isn't actually gcc, it gets confused and dies with an error: % cat dtrace-emu.c #include <unistd.h> #include <stdio.h> int main() { char *argv[] = {"gcc", "-E", NULL}; execvp("/usr/bin/gcc", argv); return 0; } % gcc dtrace-emu.c -o /tmp/gcc % /tmp/gcc powerpc-apple-darwin9-gcc-4.0.1: no input files % PATH=/tmp/gcc /tmp/gcc gcc: installation problem, cannot exec '/tmp/powerpc-apple-darwin9-gcc-4.0.1': No such file or directory And even if the problem should really be addressed, it should be done in the wrapper framework because dtrace(1) is actually a part of compiler toolchain.