From a90cb1ea08943311911b37af9fda08cda06087e2 Mon Sep 17 00:00:00 2001 From: taca Date: Sun, 6 Sep 2015 12:25:11 +0000 Subject: Update php54 to 5.4.45 including security fixes. 03 Sep 2015 PHP 5.4.45 - Core: . Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (Stas) . Fixed bug #70219 (Use after free vulnerability in session deserializer). (taoguangchen at icloud dot com) - EXIF: . Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes). (Stas) - hash: . Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). (letsgolee at naver dot com) - PCRE: . Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions). (Anatol Belski) - SOAP: . Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). (Stas) - SPL: . Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectStorage). (taoguangchen at icloud dot com) . Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLinkedList). (taoguangchen at icloud dot com) - XSLT: . Fixed bug #69782 (NULL pointer dereference). (Stas) - ZIP: . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when creating directories). (neal at fb dot com) --- lang/php/phpversion.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lang/php') diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index 41a8ba044ac..e2f380587c9 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.108 2015/08/08 00:13:36 taca Exp $ +# $NetBSD: phpversion.mk,v 1.109 2015/09/06 12:25:11 taca Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -81,7 +81,7 @@ PHPVERSION_MK= defined # Define each PHP's version. -PHP54_VERSION= 5.4.44 +PHP54_VERSION= 5.4.45 PHP55_VERSION= 5.5.28 PHP56_VERSION= 5.6.12 -- cgit v1.2.3