From 7623c78413fa489e6e45dd2f34fe1a320a36b94c Mon Sep 17 00:00:00 2001 From: bsiegert Date: Fri, 15 May 2020 16:47:57 +0000 Subject: Pullup ticket #6198 - requested by taca lang/php73: security fix Revisions pulled up: - lang/php/phpversion.mk 1.296 - lang/php73/distinfo 1.22 --- Module Name: pkgsrc Committed By: taca Date: Thu May 14 14:23:08 UTC 2020 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php73: distinfo Log Message: lang/php73: update to 7.3.18 Update php73 to 7.3.18 (PHP 7.3.18). 14 May 2020, PHP 7.3.18 - Core: . Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned). (CVE-2019-11048) (cmb) . Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (CVE-2019-11048) (cmb) . Fixed bug #79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference on !CS constant). (Nikita) . Fixed bug #79477 (casting object into array creates references). (Nikita) . Fixed bug #79470 (PHP incompatible with 3rd party file system on demand). (cmb) . Fixed bug #78784 (Unable to interact with files inside a VFS for Git repository). (cmb) - DOM: . Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes). (cmb) - FCGI: . Fixed bug #79491 (Search for .user.ini extends up to root dir). (cmb) - MBString: . Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported). (Girgias) - OpenSSL: . Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes with <1s timeout). (Joe Cai) - Phar: . Fix bug #79503 (Memory leak on duplicate metadata). (cmb) - SimpleXML: . Fixed bug #79528 (Different object of the same xml between 7.4.5 and 7.4.4). (cmb) - Standard: . Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter appended). (dinosaur) --- lang/php/phpversion.mk | 4 ++-- lang/php73/distinfo | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index 5d9322a4695..5bee5e055f3 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.292.2.3 2020/04/30 07:38:46 bsiegert Exp $ +# $NetBSD: phpversion.mk,v 1.292.2.4 2020/05/15 16:47:57 bsiegert Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -89,7 +89,7 @@ PHPVERSION_MK= defined # Define each PHP's version. PHP56_VERSION= 5.6.40 PHP72_VERSION= 7.2.30 -PHP73_VERSION= 7.3.17 +PHP73_VERSION= 7.3.18 PHP74_VERSION= 7.4.5 # Define initial release of major version. diff --git a/lang/php73/distinfo b/lang/php73/distinfo index 5b3a7be85f4..09d621d5415 100644 --- a/lang/php73/distinfo +++ b/lang/php73/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.20.2.1 2020/04/28 16:27:50 bsiegert Exp $ +$NetBSD: distinfo,v 1.20.2.2 2020/05/15 16:47:57 bsiegert Exp $ -SHA1 (php-7.3.17.tar.xz) = 877b376d17bb5c99668bc8e1c8fb7af1bf2a4f79 -RMD160 (php-7.3.17.tar.xz) = 3719d79c3e505788b65b51f43c562c22c4130507 -SHA512 (php-7.3.17.tar.xz) = ac99a645a7442c322b8334cb4d091474bb0486b5efe11f8ffc16e4a2c0ecf8dbb5d958206372617350ec70b579dd4756f4d166c2863f3892db480e9bfbd14837 -Size (php-7.3.17.tar.xz) = 12116072 bytes +SHA1 (php-7.3.18.tar.xz) = 06d88a6fdefb115f839133ad465fcc9cb8f46cc5 +RMD160 (php-7.3.18.tar.xz) = 2191ef2e2594744caae235f803bb76f1cf06bb58 +SHA512 (php-7.3.18.tar.xz) = e626091c835f6d165ff48ae3be8ddf7a66b0a320c6d77dc98fb73235d560814c180112a9e5478a5b3b6bb01ed99a50f8025fdc3d1ef80cca59e04ac248f9b0bf +Size (php-7.3.18.tar.xz) = 12116280 bytes SHA1 (patch-configure) = 08b80528ba90c705398e8841c232382663479a3b SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 SHA1 (patch-ext_gd_config.m4) = eaecfb31b18700dd642c067ed82748d4f6be2335 -- cgit v1.2.3