From e778330bce8eb331d5f3fd27cd263f13bed11163 Mon Sep 17 00:00:00 2001 From: bsiegert Date: Fri, 14 Aug 2020 19:33:28 +0000 Subject: Pullup ticket #6298 - requested by taca lang/php73: security fix Revisions pulled up: - lang/php73/distinfo 1.24-1.25 --- Module Name: pkgsrc Committed By: taca Date: Sat Jul 11 03:59:46 UTC 2020 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php73: distinfo Log Message: lang/php73: update to 7.3.20 Update php73 to 7.3.20. 09 Jul 2020, PHP 7.3.20 - Core: . Fixed bug #79650 (php-win.exe 100% cpu lockup). (cmb) . Fixed bug #79668 (get_defined_functions(true) may miss functions). = (cmb, Nikita) . Fixed possibly unsupported timercmp() usage. (cmb) - Exif: . Fixed bug #79687 (Sony picture - PHP Warning - Make, Model, MakerNo= tes). (cmb) - Filter: . Fixed bug #73527 (Invalid memory access in php_filter_strip). (cmb)= - GD: . Fixed bug #79676 (imagescale adds black border with IMG_BICUBIC). (= cmb) - OpenSSL: . Fixed bug #62890 (default_socket_timeout=3D-1 causes connection to = timeout). (cmb) - PDO SQLite: . Fixed bug #79664 (PDOStatement::getColumnMeta fails on empty result= set). (cmb) - SPL: . Fixed bug #79710 (Reproducible segfault in error_handler during GC involved an SplFileObject). (Nikita) - Standard: . Fixed bug #74267 (segfault with streams and invalid data). (cmb) . Fixed bug #79579 (ZTS build of PHP 7.3.17 doesn't handle ERANGE for= posix_getgrgid and others). (B=F6sz=F6rm=E9nyi Zolt=E1n) 09 Jul 2020, PHP 7.3.20 - Core: . Fixed bug #79650 (php-win.exe 100% cpu lockup). (cmb) . Fixed bug #79668 (get_defined_functions(true) may miss functions). = (cmb, Nikita) . Fixed possibly unsupported timercmp() usage. (cmb) - Exif: . Fixed bug #79687 (Sony picture - PHP Warning - Make, Model, MakerNo= tes). (cmb) - Filter: . Fixed bug #73527 (Invalid memory access in php_filter_strip). (cmb)= - GD: . Fixed bug #79676 (imagescale adds black border with IMG_BICUBIC). (= cmb) - OpenSSL: . Fixed bug #62890 (default_socket_timeout=3D-1 causes connection to = timeout). (cmb) - PDO SQLite: . Fixed bug #79664 (PDOStatement::getColumnMeta fails on empty result= set). (cmb) - SPL: . Fixed bug #79710 (Reproducible segfault in error_handler during GC involved an SplFileObject). (Nikita) - Standard: . Fixed bug #74267 (segfault with streams and invalid data). (cmb) . Fixed bug #79579 (ZTS build of PHP 7.3.17 doesn't handle ERANGE for= posix_getgrgid and others). (B=F6sz=F6rm=E9nyi Zolt=E1n) --- Module Name: pkgsrc Committed By: taca Date: Sat Aug 8 13:30:07 UTC 2020 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php73: distinfo Log Message: lang/php73: update to 7.3.21 Update php73 to 7.3.21 (PHP 7.3.21). 06 Aug 2020, PHP 7.3.21 - Apache: . Fixed bug #79030 (Upgrade apache2handler's php_apache_sapi_get_requ= est_time to return usec). (Herbert256) - Core: . Fixed bug #79877 (getimagesize function silently truncates after a = null byte) (cmb) . Fixed bug #79778 (Assertion failure if dumping closure with unresol= ved static variable). (Nikita) . Fixed bug #79792 (HT iterators not removed if empty array is destro= yed). (Nikita) - COM: . Fixed bug #63208 (BSTR to PHP string conversion not binary safe). (= cmb) . Fixed bug #63527 (DCOM does not work with Username, Password parame= ter). (cmb) - Curl: . Fixed bug #79741 (curl_setopt CURLOPT_POSTFIELDS asserts on object = with declared properties). (Nikita) - Fileinfo: . Fixed bug #79756 (finfo_file crash (FILEINFO_MIME)). (cmb) - FTP: . Fixed bug #55857 (ftp_size on large files). (cmb) - Mbstring: . Fixed bug #79787 (mb_strimwidth does not trim string). (XXiang) - Phar: . Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile function). (CVE-2020-7068) (cmb) - Standard: . Fixed bug #70362 (Can't copy() large 'data://' with open_basedir). = (cmb) . Fixed bug #79817 (str_replace() does not handle INDIRECT elements).= (Nikita) . Fixed bug #78008 (dns_check_record() always return true on Alpine).= (Andy Postnikov) --- lang/php/phpversion.mk | 4 ++-- lang/php73/distinfo | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index bb1a3f88014..4929636d2df 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.300 2020/06/14 05:59:17 taca Exp $ +# $NetBSD: phpversion.mk,v 1.300.2.1 2020/08/14 19:33:28 bsiegert Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -89,7 +89,7 @@ PHPVERSION_MK= defined # Define each PHP's version. PHP56_VERSION= 5.6.40 PHP72_VERSION= 7.2.31 -PHP73_VERSION= 7.3.19 +PHP73_VERSION= 7.3.21 PHP74_VERSION= 7.4.7 # Define initial release of major version. diff --git a/lang/php73/distinfo b/lang/php73/distinfo index 7164c89fb52..774683b2f17 100644 --- a/lang/php73/distinfo +++ b/lang/php73/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.23 2020/06/14 05:56:51 taca Exp $ +$NetBSD: distinfo,v 1.23.2.1 2020/08/14 19:33:28 bsiegert Exp $ -SHA1 (php-7.3.19.tar.xz) = 69da646afaf60af9d035a4f94d25a2b26216f887 -RMD160 (php-7.3.19.tar.xz) = aa4a349f4595a78466800f8287e45a7c2284a41f -SHA512 (php-7.3.19.tar.xz) = f37800d9e1bf808ad1099f6190965cc75781e7bf6d2c341a7143aca435abc9974a2987cbfeb8c2b35805c946218343612906fde3cc84b195c2c586945869b760 -Size (php-7.3.19.tar.xz) = 12117968 bytes +SHA1 (php-7.3.21.tar.xz) = 00fe0041c180f4f3185a4e4ade7f07207eda94e7 +RMD160 (php-7.3.21.tar.xz) = 7f6fc55ccf3e35ab8dd238b217d1b7d5d12cdf8c +SHA512 (php-7.3.21.tar.xz) = fc2b9a40c92a6e79522a49cd025e56c0a52c2c2bd3f7379aaf004ca6b67957cf4ad059c40a5daac45665710abd07962562870430338f700f573856d797df3ff4 +Size (php-7.3.21.tar.xz) = 12123192 bytes SHA1 (patch-configure) = 08b80528ba90c705398e8841c232382663479a3b SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 SHA1 (patch-ext_gd_config.m4) = eaecfb31b18700dd642c067ed82748d4f6be2335 -- cgit v1.2.3