| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Changes:
- Core:
. Fixed bug #73156 (segfault on undefined function). (Dmitry)
. Fixed bug #73163 (PHP hangs if error handler throws while accessing undef
const in default value). (Nikita)
. Fixed bug #73172 (parse error: Invalid numeric literal). (Nikita, Anatol)
. Fixed bug #73181 (parse_str() without a second argument leads to crash).
(Nikita)
- COM:
. Fixed bug #73126 (Cannot pass parameter 1 by reference). (Anatol)
. Fixed bug #69579 (Invalid free in extension trait). (John Boehr)
- GD:
. Fixed bug #50194 (imagettftext broken on transparent background w/o
alphablending). (cmb)
. Fixed bug #73003 (Integer Overflow in gdImageWebpCtx of gd_webp.c). (trylab,
cmb)
. Fixed bug #53504 (imagettfbbox gives incorrect values for bounding box).
(Mark Plomer, cmb)
. Fixed bug #73157 (imagegd2() ignores 3rd param if 4 are given). (cmb)
. Fixed bug #73155 (imagegd2() writes wrong chunk sizes on boundaries). (cmb)
. Fixed bug #73159 (imagegd2(): unrecognized formats may result in corrupted
files). (cmb)
. Fixed bug #73161 (imagecreatefromgd2() may leak memory). (cmb)
- JSON:
. Fixed bug #73113 (Segfault with throwing JsonSerializable). (julien)
- PCRE:
. Fixed bug #73121 (Bundled PCRE doesn't compile because JIT isn't supported
on s390). (Anatol)
- PDO_DBlib:
. Fixed bug #72414 (Never quote values as raw binary data). (Adam Baratz)
. Allow \PDO::setAttribute() to set query timeouts. (Adam Baratz)
. Handle SQLDECIMAL/SQLNUMERIC types, which are used by later TDS versions.
(Adam Baratz)
. Add common PDO test suite. (Adam Baratz)
. Free error and message strings when cleaning up PDO instances.
(Adam Baratz)
. Fixed bug #67130 (\PDOStatement::nextRowset() should succeed when all rows
in current rowset haven't been fetched). (Peter LeBrun)
. Ignore potentially misleading dberr values. (Chris Kings-Lynne)
- phpdbg:
. Added generator command for inspection of currently alive generators. (Bob)
- Reflection
. Undo backwards compatiblity break in ReflectionType->__toString() and
deprecate via documentation instead. (Nikita)
- Session:
. Fixed bug #73100 (session_destroy null dereference in ps_files_path_create).
(cmb)
|
|
|
|
shouldn't work at runtime (can't run on netbsd nayway), thx khorben
|
|
https://github.com/golang/go/issues/16352.
|
|
|
|
There's no guarantee that __errno is free for own use.
(On NetBSD it isn't!)
|
|
linker was emitting bogus warnings about the code not being PIC.
still fails under netbsd/mips because it (mostly) hard-codes a page size of 4K
|
|
|
|
switch the use of nops (most likely used to eliminate hazards too) to
ehb/ssnop. nop doesn't eliminate hazards on a superscalar MIPS CPU.
probably helps the report of vague problems on loongson2f.
|
|
comment for the patch.
note: the choice of o32 for this package is questionable, and defaulting
to n32 on gcc/config.gcc instead is probably the right thing, this package
won't run on platforms that use o32, and the n32 linker can't handle the
o32 objects apparently - it dies with "not enough GOT space for local GOT
entries" (PR toolchain/51521).
defaulting to n32 will allow deleting this patch, but I won't make the
transition because I can't get further in the build and hit a compile
assertion about MTYPE not matching CEXT (double float in my case), similar
to GCC bug #20633.
|
|
Some highlights of the release are:
- erts: Improved dirty scheduler support. A purge of a module will
- not have to wait for completion of all ongoing dirty NIF calls.
- erts: Improved accuracy of timeouts on MacOS X.
- kernel: Add net_kernel:setopts/2 and net_kernel:getopts/2 to
- control options for distribution sockets in runtime.
- asn1: Compiling multiple ASN.1 modules in the same directory with
- parallel make (make -j) should now be safe.
- httpd: support for PUT and DELETE in mod_esi
- ~30 contributions since 19.0
You can find the Release Notes with more detailed info at
http://www.erlang.org/download/otp_src_19.1.readme
|
|
sevan@ added to gcc6 - apple's ld may stumble here from the whitespace
we added before the path.
|
|
Otherwise the flag may be misinterpreted by linker (e.g. Apple's ld).
|
|
Add a comment to note the removal of option.
Discussed on pkgsrc-users@
http://mail-index.netbsd.org/pkgsrc-users/2016/09/29/msg023796.html
|
|
on platforms which do not include driver-arm.o in gcc/config.host, and do
not have this function. such as netbsd/arm.
an alternative would be to add driver-arm.o for the netbsd/arm case too, but
it would be diverging from netbsd base gcc, and /proc/cpuinfo which is needed
for this function to do anything useful is empty at least on my machine.
(I still can't complete a build on ARM)
|
|
it was only a precaution to ensure we don't override other values as well.
append to the value rather than overwriting while adding an irrelevant
(and likely unset) variable. NFC
|
|
netbsd/mips gcc defaults to -mips1 which lacks ll/sc instructions
(or anything like them), and rejects the assembly code used here.
switch to mips3 (bare minimum for synchronization primitives) for
these instructions. this will result in runtime failures (illegal
instruction) on mips1, but we're unlikely to see any such users
(MIPS3 was released in 1992).
I'm not comfortable using the proper fix of switching to using
__sync_* because that seems to be a compiler builtin and gcc 4.1.2
might not have it.
Also, that change requires careful testing that this 'dumb' change
doesn't. Additionally, g95 is a dead end (upstream gone), so not
worth the effort.
PR pkg/44547: pkgsrc build failure for g95 on NetBSD/cobalt
|
|
No change for i386/amd64, but arm needs additional extra_objs to build.
Mistake was in a netbsd-specific part of configure as well.
Thanks to Richard Earnshaw and ktkachov at GCC for finding the problem.
|
|
it fails at configure as an unsupported language for powerpc, and is not
too useful.
not bumping pkgrevision as requested - it shouldn't matter to anyone who
already has the package, even on netbsd, and avoids an expensive rebuild.
|
|
- openssl: Remove support for loading dynamic third-party engine
modules. An attacker may be able to hide malicious code to be
inserted into Node.js at runtime by masquerading as one of the
dynamic engine modules.
- http: CVE-2016-5325 - Properly validate for allowable characters
in the reason argument in ServerResponse#writeHead().
- buffer: Zero-fill excess bytes in new Buffer objects created
with Buffer.concat() while providing a totalLength parameter
that exceeds the total length of the original Buffer objects
being concatenated.
- src: Fix regression where passing an empty password and/or salt
to crypto.pbkdf2() would cause a fatal error
- tls: CVE-2016-7099 - Fix invalid wildcard certificate validation
check whereby a TLS server may be able to serve an invalid
wildcard certificate for its hostname due to improper validation
of *. in the wildcard string.
- v8: Fix regression where a regex on a frozen object was broken
|
|
- openssl: Remove support for loading dynamic third-party engine
modules. An attacker may be able to hide malicious code to be
inserted into Node.js at runtime by masquerading as one of the
dynamic engine modules.
- http: CVE-2016-5325 - Properly validate for allowable characters
in the reason argument in ServerResponse#writeHead().
- buffer: Zero-fill excess bytes in new Buffer objects created
with Buffer.concat() while providing a totalLength parameter
that exceeds the total length of the original Buffer objects
being concatenated.
- tls: CVE-2016-7099 - Fix invalid wildcard certificate validation
check whereby a TLS server may be able to serve an invalid
wildcard certificate for its hostname due to improper validation
of *. in the wildcard string.
|
|
cint is no longer developed upstream and was replaced with cling in root.
Add the latest version available from https://root.cern.ch/download/
New HOMEPAGE ships an unversioned tarball as the latest release, but its
conent is unrecognized and very different from the known cint from the old
cern.ch site.
FreeBSD claims to ship with cint-5.18 and there are references to it, but
it's probably root version 5.18 with possibly extracted files for cint.
If there is a newer version somewhere it will be upgraded later accordingly.
pkgsrc changes:
- refactor configure & build & install stages
- install demo files
- add license
- update DESCR
- new HOMEPAGE
- new MASTER_SITES
- remove conflict with devel/man-pages
Upstream changelog
==================
* 5.16.2, July 14 2005
* 6.1.2, July 14 2005
* - , Convert most of the C source file from K&R C to Ansi C++
* - The files *.c were renamed v6_*.cxx. The interfaces are
* - kept backward compatible (extern "C")
*
* 5.16.3, November 11, 2005
* 6.1.3, November 11, 2005
* - , Port to windows visual C++ version 8
* - , Many bugs fixes (see CVS change log for details)
*
* 5.16.4 November 30, 2005
* 6.1.4 November 30, 2005
* - Add support for generating dictionary using the reflex API (makecint -c3)
* - See CVS Change log for other updates.
*
* 5.16.5 November 30, 2005
* 6.1.5 November 30, 2005
* - Improve support for generating dictionary using the reflex API (makecint -c3)
* - Extend ClassInfo to better support array allocation and deallocation
* - See CVS Change log for other updates.
*
* 5.16.6 January 9, 2006
* 6.1.6 January 9, 2006
* - Import and use the shadow class mechanism from ROOT. This allows the
* calculation of the data member offset even if they are protected/private.
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.7 January 19, 2006
* 6.1.7 January 19, 2006
* - Many improvement to the shadow class generation.
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.8 February 9, 2006
* 6.1.8 February 9, 2006
* - Update and streamline the handling operator new and delete
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.9 March 3, 2006
* 6.1.9 March 3, 2006
* - Upgrade the support for operator new and delete in the dictionaries (improve usage
of user provided operator new).
* - Add a new command line option (-E) to insure exit on error.
* - Improve error message in case of missing symbols.
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.10 March 30, 2006
* 6.1.10 March 30, 2006
* - Refresh of the port to icc and alpha cxx
* - Fix for comment parsing in the CPP parser.
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.11 April 14, 2006
* 6.1.10 April 14, 2006
* - Improve template support
* - Port to MacOS on Intel
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.12 May 16, 2006
* 6.1.12 May 16, 2006
* - Add support for variadic functions on AMD64 and EM64T.
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.13 June 8, 2006
* 6.1.13 June 8, 2006
* - New build system based on the configure/make model. MAKEINFO is not longer used.
* - A few more function has been officially exported and/or added to the appropriate
* header files
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.14 August 18, 2006
* 6.1.14 August 18, 2006
* - Clarification of the license (Now MIT License)
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.15 September 21, 2006
* 6.1.15 September 21, 2006
* - Various bug fixes (include a couple of cint dlls cleanups)
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.16 November 24, 2006
* 6.1.16 November 24, 2006
* - Some minor bug fixes: remove G__CINTVERSION from strm dict files, AMD64 vararg passing, long comments, extern "C" multiline issue
* - G__sizeof, G__getfunction now part of the API
* - respect system macros when generating dictionaries
* - Move public header files into inc/
* - Changes to achieve binary compatibility with cint7; some of these are temporary
* - Move C++ API into namespace Cint
* - added build support for linux x86_64
* - See CVS Change log for other updates (http://root.cern.ch/root/ChangeLog-cint.phtml)
*
* 5.16.17 December 12, 2006
* 6.1.17 December 12, 2006
* - Some previously publicly visibly types are now private. Please let us know if this
* causes problems for you!
* - G__MethodInfo::Get/SetUserParam() added
* - extend G__ClassInfo::AddMethod
* - the relevant platform macros are now known to CINT, except when interpreting where the
* compiler macros (e.g. __GNUC__) are hidden
* - Fix prec_stl for solarisgcc, cygwin (posix)
*
* 5.16.18 February 9, 2007
* 6.1.18 February 9, 2007
* - Fix a few bugs (fix arithmetics involving long double, "!",
* LL suffix for operators' long long args, quoting of default
* params,
* - Implement G__pop_tempobject_nodel() to "steal" temp object from CINT
* - modify algo.h's random_shuffle to use new Cint::G__long_random in new v6_random.cxx
* - make G__free_ifunc_table non-recursive
* - for ROOT, use R__HAVE_CONFIG, not HAVE_CONFIG
*
* 5.16.19 March 16, 2007
* 6.1.19 March 16, 2007
* - handle 1dim arrays properly (!= scalar)
* - more memory effient G__param and G__inherit
* - implement forward decl in dictionaries (e.g. if dict for "A* f()" is
* setup, lib containing A will not be loaded)
* - add a reference layer between API ifunc* and internal ifunc*, so
* reloading (scrupto of scripts) doesn't invalidate the external
* ptrs for dependent libs
* - update tagnums below scrupto limit if they are autoload entries
* - allow multiple shared lib init routines
* - bug fixes: fix decl locations in .so-s, distinguish "class*",
* "decl if unknown" in G__search_tagname
* - split Shadow.h off Api.h
* - remove temporary files on windows once they are unused (fixes problem
* with tmp file flooding)
*
|
|
|
|
Don't fail in configure.
|
|
configs for gcc on netbsd don't build -march=native support, but this
stray prototype was left, causing build errors:
gcc.o:(.rodata+0x58c4): undefined reference to
`host_detect_local_cpu(int, char const**)'
|
|
|
|
Bump PKGREVISION.
|
|
|
|
Notable changes
- crypto: Added crypto.timingSafeEqual().
- events: Made the "max event listeners" memory leak warning more
accessible.
- promises: Unhandled rejections now emit a process warning after
the first tick.
- repl: Added auto alignment for .editor mode.
- util: Some functionality has been added to util.inspect():
- Returning this from a custom inspect function now works.
- Added support for Symbol-based custom inspection methods.
|
|
|
|
Chagnelog:
Fix the following vulnerabilities
CVE-2016-3587
CVE-2016-3606
CVE-2016-3552
CVE-2016-3511
CVE-2016-3503
CVE-2016-3498
CVE-2016-3500
CVE-2016-3508
CVE-2016-3458
CVE-2016-3550
CVE-2016-3485
|
|
|
|
Original changes in python27/Makefile r1.62-r1.67
=================================================
Add an option for Python: x11
Fix dlopen(3) calls in _ctypes.so for X11BASE libraries
A Python code can dynamically load shared libraries and it's wrapped with
a plain dlopen(3) call. The holder of this interface (_ctypes module)
without rpath set to X11BASE cannot detect libs like 'GL'.
Fixing find_library() on POSIX-like (excluding Darwin) systems.
This isn't addressing Python's wrapper for dlopen(3).
This possibily addresses mostly NetBSD as other popular OSes have ldconfig.
Testing commands:
- before applying the patch
>>> from ctypes.util import find_library
>>> find_library("m")
'libm.so.0'
>>> find_library("crypto")
'libcrypto.so.11'
>>> find_library("GL")
>>> find_library("curl")
- after applying the patch
>>> from ctypes.util import find_library
>>> find_library("m")
'libm.so.0'
>>> find_library("crypto")
'libcrypto.so.11'
>>> find_library("GL")
'libGL.so.2'
>>> find_library("curl")
'libcurl.so.4'
This patch doesn't solve the case of custom dirs like $PREFIX/qt5/lib.
However it's solving most common cases of using this call.
A possible solution is to parse the output "pkg_info -La"... however it's
very slow. In other words a cache with libraries might be needed to handle
it efficiently.
|
|
Original changes in python27/Makefile r1.62-r1.67
=================================================
Add an option for Python: x11
Fix dlopen(3) calls in _ctypes.so for X11BASE libraries
A Python code can dynamically load shared libraries and it's wrapped with
a plain dlopen(3) call. The holder of this interface (_ctypes module)
without rpath set to X11BASE cannot detect libs like 'GL'.
Fixing find_library() on POSIX-like (excluding Darwin) systems.
This isn't addressing Python's wrapper for dlopen(3).
This possibily addresses mostly NetBSD as other popular OSes have ldconfig.
Testing commands:
- before applying the patch
>>> from ctypes.util import find_library
>>> find_library("m")
'libm.so.0'
>>> find_library("crypto")
'libcrypto.so.11'
>>> find_library("GL")
>>> find_library("curl")
- after applying the patch
>>> from ctypes.util import find_library
>>> find_library("m")
'libm.so.0'
>>> find_library("crypto")
'libcrypto.so.11'
>>> find_library("GL")
'libGL.so.2'
>>> find_library("curl")
'libcurl.so.4'
This patch doesn't solve the case of custom dirs like $PREFIX/qt5/lib.
However it's solving most common cases of using this call.
A possible solution is to parse the output "pkg_info -La"... however it's
very slow. In other words a cache with libraries might be needed to handle
it efficiently.
|
|
|
|
Nim (formerly known as "Nimrod") is a statically typed, imperative
programming language that tries to give the programmer ultimate power
without compromises on runtime efficiency. This means it focuses on
compile-time mechanisms in all their various forms.
Beneath a nice infix/indentation based syntax with a powerful (AST based,
hygienic) macro system lies a semantic model that supports a soft realtime
GC on thread local heaps. Asynchronous message passing is used between
threads, so no "stop the world" mechanism is necessary. An unsafe shared
memory heap is also provided for the increased efficiency that results from
that model.
Originally packaged in pkgsrc-wip by:
- Christian Koch
- Roland Illig
and
- myself.
|
|
|
|
|
|
swallows the first byte of the request body. This will also be in the
next point release.
|
|
Thanks for wiz@ who noted me via private e-mail.
|
|
15 Sep 2016, PHP 7.1.0RC2
- Core:
. Fixed bug #73067 (__debugInfo crashes when throwing an exception).
(Laruence)
. Fixed bug #73025 (Heap Buffer Overflow in virtual_popen of
zend_virtual_cwd.c). (cmb)
. Fixed bug #73058 (crypt broken when salt is 'too' long). (Anatol)
- Filter:
. Fixed bug #72972 (Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and
FILTER_FLAG_NO_PRIV_RANGE). (julien)
. Fixed bug #73054 (default option ignored when object passed to int filter).
(cmb)
-GD:
. Fixed bug #67325 (imagetruecolortopalette: white is duplicated in palette).
(cmb)
- Mbstring
. Fixed bug #66964 (mb_convert_variables() cannot detect recursion) (Yasuo)
. Fixed bug #72992 (mbstring.internal_encoding doesn't inherit default_charset).
(Yasuo)
- Opcache:
. Fixed bug #72982 (Memory leak in zend_accel_blacklist_update_regexp()
function). (Laruence)
- OpenSSL:
. Fixed bug #73072 (Invalid path SNI_server_certs causes segfault).
(Jakub Zelenka)
- Session:
. Fixed bug #68015 (Session does not report invalid uid for files save handler).
(Yasuo)
- SQLite3:
. Updated to SQLite3 3.14.2. (cmb)
|
|
15 Sep 2016 PHP 7.0.11
- Core:
. Fixed bug #72944 (Null pointer deref in zval_delref_p). (Dmitry)
. Fixed bug #72943 (assign_dim on string doesn't reset hval). (Laruence)
. Fixed bug #72911 (Memleak in zend_binary_assign_op_obj_helper). (Laruence)
. Fixed bug #72813 (Segfault with __get returned by ref). (Laruence)
. Fixed bug #72767 (PHP Segfaults when trying to expand an infinite operator).
(Nikita)
. Fixed bug #72854 (PHP Crashes on duplicate destructor call). (Nikita)
. Fixed bug #72857 (stream_socket_recvfrom read access violation). (Anatol)
- COM:
. Fixed bug #72922 (COM called from PHP does not return out parameters).
(Anatol)
- Dba:
. Fixed bug #70825 (Cannot fetch multiple values with group in ini file).
(cmb)
- FTP:
. Fixed bug #70195 (Cannot upload file using ftp_put to FTPES with
require_ssl_reuse). (Benedict Singer)
- GD:
. Fixed bug #72709 (imagesetstyle() causes OOB read for empty $styles). (cmb)
. Fixed bug #66005 (imagecopy does not support 1bit transparency on truecolor
images). (cmb)
. Fixed bug #72913 (imagecopy() loses single-color transparency on palette
images). (cmb)
. Fixed bug #68716 (possible resource leaks in _php_image_convert()). (cmb)
- iconv:
. Fixed bug #72320 (iconv_substr returns false for empty strings). (cmb)
- IMAP:
. Fixed bug #72852 (imap_mail null dereference). (Anatol)
- Intl:
. Fixed bug #65732 (grapheme_*() is not Unicode compliant on CR LF
sequence). (cmb)
. Fixed bug #73007 (add locale length check). (Stas)
- Mysqlnd:
. Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields). (Stas)
- OCI8
. Fixed invalid handle error with Implicit Result Sets. (Chris Jones)
. Fixed bug #72524 (Binding null values triggers ORA-24816 error). (Chris Jones)
- Opcache:
. Fixed bug #72949 (Typo in opcache error message). (cmb)
- PDO:
. Fixed bug #72788 (Invalid memory access when using persistent PDO
connection). (Keyur)
. Fixed bug #72791 (Memory leak in PDO persistent connection handling). (Keyur)
. Fixed bug #60665 (call to empty() on NULL result using PDO::FETCH_LAZY
returns false). (cmb)
- PDO_DBlib:
. Implemented stringify 'uniqueidentifier' fields.
(Alexander Zhuravlev, Adam Baratz)
- PDO_pgsql:
. Implemented FR #72633 (Postgres PDO lastInsertId() should work without
specifying a sequence). (Pablo Santiago Sánchez, Matteo)
. Fixed bug #72759 (Regression in pgo_pgsql). (Anatol)
- Phar:
. Fixed bug #72928 (Out of bound when verify signature of zip phar in
phar_parse_zipfile). (Stas)
. Fixed bug #73035 (Out of bound when verify signature of tar phar in
phar_parse_tarfile). (Stas)
- Reflection:
. Fixed bug #72846 (getConstant for a array constant with constant values
returns NULL/NFC/UKNOWN). (Laruence)
- Session:
. Fixed bug #72724 (PHP7: session-uploadprogress kills httpd). (Nikita)
. Fixed bug #72940 (SID always return "name=ID", even if session
cookie exist). (Yasuo)
- SimpleXML:
. Fixed bug #72971 (SimpleXML isset/unset do not respect namespace). (Nikita)
. Fixed bug #72957 (Null coalescing operator doesn't behave as expected with
SimpleXMLElement). (Nikita)
- SPL:
. Fixed bug #73029 (Missing type check when unserializing SplArray). (Stas)
- Standard:
. Fixed bug #55451 (substr_compare NULL length interpreted as 0). (Lauri
Kenttä)
. Fixed bug #72278 (getimagesize returning FALSE on valid jpg). (cmb)
. Fixed bug #65550 (get_browser() incorrectly parses entries with "+" sign).
(cmb)
- Streams:
. Fixed bug #72853 (stream_set_blocking doesn't work). (Laruence)
. Fixed bug #72764 (ftps:// opendir wrapper data channel encryption fails
with IIS FTP 7.5, 8.5). (vhuk)
. Fixed bug #71882 (Negative ftruncate() on php://memory exhausts memory).
(cmb)
- SQLite3:
. Downgraded bundled SQLite to 3.8.10.2. (Anatol);
- Sysvshm:
. Fixed bug #72858 (shm_attach null dereference). (Anatol)
- XML:
. Fixed bug #72085 (SEGV on unknown address zif_xml_parse). (cmb)
. Fixed bug #72714 (_xml_startElementHandler() segmentation fault). (cmb)
- Wddx:
. Fixed bug #72860 (wddx_deserialize use-after-free). (Stas)
. Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element). (Stas)
- ZIP:
. Fixed bug #68302 (impossible to compile php with zip support). (cmb)
|
|
15 Sep 2016, PHP 5.6.26
- Core:
. Fixed bug #72907 (null pointer deref, segfault in gc_remove_zval_from_buffer
(zend_gc.c:260)). (Laruence)
- Dba:
. Fixed bug #71514 (Bad dba_replace condition because of wrong API usage).
(cmb)
. Fixed bug #70825 (Cannot fetch multiple values with group in ini file).
(cmb)
- EXIF:
. Fixed bug #72926 (Uninitialized Thumbail Data Leads To Memory Leakage in
exif_process_IFD_in_TIFF). (Stas)
- FTP:
. Fixed bug #70195 (Cannot upload file using ftp_put to FTPES with
require_ssl_reuse). (Benedict Singer)
- GD:
. Fixed bug #66005 (imagecopy does not support 1bit transparency on truecolor
images). (cmb)
. Fixed bug #72913 (imagecopy() loses single-color transparency on palette
images). (cmb)
. Fixed bug #68716 (possible resource leaks in _php_image_convert()). (cmb)
- Intl:
. Fixed bug #73007 (add locale length check). (Stas)
- JSON:
. Fixed bug #72787 (json_decode reads out of bounds). (Jakub Zelenka)
- mbstring:
. Fixed bug #66797 (mb_substr only takes 32-bit signed integer). (cmb)
. Fixed bug #72910 (Out of bounds heap read in mbc_to_code() / triggered by
mb_ereg_match()). (Stas)
- MSSQL:
. Fixed bug #72039 (Use of uninitialised value on mssql_guid_string). (Kalle)
- Mysqlnd:
. Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields). (Stas)
- Phar:
. Fixed bug #72928 (Out of bound when verify signature of zip phar in
phar_parse_zipfile). (Stas)
. Fixed bug #73035 (Out of bound when verify signature of tar phar in
phar_parse_tarfile). (Stas)
- PDO:
. Fixed bug #60665 (call to empty() on NULL result using PDO::FETCH_LAZY
returns false). (cmb)
- PDO_pgsql:
. Implemented FR #72633 (Postgres PDO lastInsertId() should work without
specifying a sequence). (Pablo Santiago Sánchez, Matteo)
. Fixed bug #72759 (Regression in pgo_pgsql). (Anatol)
- SPL:
. Fixed bug #73029 (Missing type check when unserializing SplArray). (Stas)
- Standard:
. Fixed bug #72823 (strtr out-of-bound access). (cmb)
. Fixed bug #72278 (getimagesize returning FALSE on valid jpg). (cmb)
. Fixed bug #65550 (get_browser() incorrectly parses entries with "+" sign).
(cmb)
. Fixed bug #71882 (Negative ftruncate() on php://memory exhausts memory).
(cmb)
. Fixed bug #73011 (integer overflow in fgets cause heap corruption). (Stas)
. Fixed bug #73017 (memory corruption in wordwrap function). (Stas)
. Fixed bug #73045 (integer overflow in fgetcsv caused heap corruption). (Stas)
. Fixed bug #73052 (Memory Corruption in During Deserialized-object Destruction)
(Stas)
- Streams:
. Fixed bug #72853 (stream_set_blocking doesn't work). (Laruence)
- Wddx:
. Fixed bug #72860 (wddx_deserialize use-after-free). (Stas)
. Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element). (Stas)
- XML:
. Fixed bug #72085 (SEGV on unknown address zif_xml_parse). (cmb)
. Fixed bug #72927 (integer overflow in xml_utf8_encode). (Stas)
- ZIP:
. Fixed bug #68302 (impossible to compile php with zip support). (cmb)
|
|
|
|
pointed out by jperkin, thanks
fix netbsd gcc-java option build
netbsd has gethostbyname_r in libc, but not in any headers.
configure test succeeds, but compilation fails.
workaround with passing ac_cv_func_gethostbyname_r=no to autoconf
thanks joerg for the suggestion.
|
|
to bump their dependencies (except those that were bumped in the last 24
hours already).
|
|
is installed into ${PREFIX}.
|
|
Previously, this installed into /usr/pkg/guile/2.0, to allow guile
(1.8) to have the main prefix. Now, this is reversed.
|
|
Thank you, jperkin@.
|
|
- buffer: Fix regression introduced in v6.4.0 that prevented
.write() at buffer end
- deps: update V8 to 5.1.281.75
- inspector:
- fix inspector hang while disconnecting
- add support for uncaught exception
- repl: Fix saving editor mode text in .save
- Revert "repl,util: insert carriage returns in output"
|
