Navigation:
Browse pkgsrc
(this page)
lang php5
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2011-01-08 16:29:47 by Matthias Scheler | Files touched by this commit (5) |  |
Log message: Pullup ticket #3319 - requested by taca lang/php5: security update lang/php53: security update Revisions pulled up: - lang/php5/Makefile.common 1.45 - lang/php5/distinfo 1.83 - lang/php5/distinfo 1.84 - lang/php5/patches/patch-ab 1.6 - lang/php5/patches/patch-ab delete - lang/php53/Makefile.common 1.4 - lang/php53/distinfo 1.9 - lang/php53/patches/patch-ar 1.1 --- Module Name: pkgsrc Committed By: jklos Date: Thu Jan 6 22:13:24 UTC 2011 Modified Files: pkgsrc/lang/php5: distinfo Added Files: pkgsrc/lang/php5/patches: patch-ab Log message: Fix VAX floating point handling in zend_strtod.c. --- Module Name: pkgsrc Committed By: taca Date: Fri Jan 7 09:16:28 UTC 2011 Modified Files: pkgsrc/lang/php5: Makefile.common distinfo Removed Files: pkgsrc/lang/php5/patches: patch-ab Log message: Update php5 pacakge to 5.2.17. * patch-ab (Fix VAX floating point handling) is merge to PHP 5.2.17. 06 Jan 2010, PHP 5.2.17 - Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott, Rasmus) --- Module Name: pkgsrc Committed By: taca Date: Fri Jan 7 09:20:16 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile.common distinfo Added Files: pkgsrc/lang/php53/patches: patch-ar Log message: Update php53 pacakge to 5.3.5. * Add fix for VAX floating point handling (Bug #53682), r307192 from PHP's repositry. (It is in PHP 5.2.17 but not in 5.3.5). 06 Jan 2011, PHP 5.3.5 - Fixed Bug #53632 (infinite loop with x87 fpu). (Scott, Rasmus) |
| 2010-12-23 11:10:56 by Steven Drake | Files touched by this commit (10) | |
Log message:
Pullup ticket #3312 - requested by taca
pkgsrc/lang/{php5,php53} security fixes
Revisions pulled up:
- pkgsrc/databases/php-mysql/Makefile 1.14
- pkgsrc/databases/php-mysqli/Makefile 1.3
- pkgsrc/databases/php-pdo_mysql/Makefile 1.12
- pkgsrc/lang/php5/Makefile 1.80, 1.81
- pkgsrc/lang/php5/Makefile.common 1.43, 1.44
- pkgsrc/lang/php5/distinfo 1.80, 1.81, 1.82
- pkgsrc/lang/php5/patches/patch-ak 1.8, deleted
- pkgsrc/lang/php5/patches/patch-bf 1.1, deleted
- pkgsrc/lang/php5/patches/patch-bg 1.1, deleted
- pkgsrc/lang/php53/Makefile 1.5, 1.6
- pkgsrc/lang/php53/Makefile.common 1.3
- pkgsrc/lang/php53/distinfo 1.7, 1.8
- pkgsrc/lang/php53/patches/patch-ab 1.3
- pkgsrc/lang/php53/patches/patch-am 1.1, deleted
- pkgsrc/lang/php53/patches/patch-an 1.1, deleted
- pkgsrc/lang/php53/patches/patch-ao 1.1, deleted
- pkgsrc/lang/php53/patches/patch-ap 1.1, deleted
- pkgsrc/lang/php53/patches/patch-aq 1.1, deleted
- pkgsrc/mail/php-imap/Makefile 1.21, 1.22
- pkgsrc/www/ap-php/Makefile 1.24
- pkgsrc/www/php-eaccelerator/Makefile 1.13
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 03:43:50 UTC 2010
Modified Files:
pkgsrc/lang/php53: Makefile distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq
Log message:
- GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016
- CVE-2010-3710 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=303779
- CVE-2010-3870 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=304959
- CVE-2010-4150 (php-imap)
http://svn.php.net/viewvc?view=revision&revision=305032
- CVE-2010-4156 (SA42135)
http://svn.php.net/viewvc?view=revision&revision=305214
Bump PKGREVISION.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 03:44:16 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg
Log message:
- CVE-2010-4150 (php-imap)
http://svn.php.net/viewvc?view=revision&revision=305032
- CVE-2010-3710 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=303885
- CVE-2010-3870 (a part of SA41724)
http://svn.php.net/viewvc?view=revision&revision=305055
Bump PKGREVISION.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 25 03:45:19 UTC 2010
Modified Files:
pkgsrc/mail/php-imap: Makefile
Log message:
Bump REVISION since CVE-2010-4150 fix was added.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Dec 13 13:15:46 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common distinfo
Removed Files:
pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg
Log message:
Update php5 package to 5.2.15 (PHP 5.2.15):
The PHP development team would like to announce the immediate
availability of PHP 5.2.15. This release marks the end of support for
PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.
This release focuses on improving the security and stability of the
PHP 5.2.x branch with a small number, of predominatly security fixes.
Security Enhancements and Fixes in PHP 5.2.15:
* Fixed extract() to do not overwrite $GLOBALS and $this when using
EXTR_OVERWRITE.
* Fixed crash in zip extract method (possible CWE-170).
* Fixed a possible double free in imap extension.
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed NULL pointer dereference in
ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
large amount of data).
Key enhancements in PHP 5.2.15 include:
* Fixed bug #47643 (array_diff() takes over 3000 times longer than php
5.2.4).
* Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy
with SoapClient object).
* To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
migration guide available on http://php.net/migration53, details the changes
between PHP 5.2 and PHP 5.3.
For a full list of changes in PHP 5.2.15 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.15.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Dec 13 13:16:37 UTC 2010
Modified Files:
pkgsrc/lang/php53: Makefile Makefile.common distinfo
pkgsrc/lang/php53/patches: patch-ab
Removed Files:
pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq
Log message:
Update lang/php53 package to 5.3.4 (PHP 5.3.4).
The PHP development team is proud to announce the immediate release of PHP
5.3.4. This is a maintenance release in the 5.3 series, which includes a large
number of bug fixes.
Security Enhancements and Fixes in PHP 5.3.4:
* Fixed crash in zip extract method (possible CWE-170).
* Paths with NULL in them (foo\0bar.txt) are now considered as invalid
(CVE-2006-7243).
* Fixed a possible double free in imap extension (Identified by Mateusz
Kocielski). (CVE-2010-4150).
* Fixed NULL pointer dereference in
ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950).
* Fixed symbolic resolution support when the target is a DFS share.
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
large amount of data) (CVE-2010-3710).
Key Bug Fixes in PHP 5.3.4 include:
* Added stat support for zip stream.
* Added follow_location (enabled by default) option for the http stream
support.
* Added a 3rd parameter to get_html_translation_table. It now takes a charset
hint, like htmlentities et al.
* Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend
multibyte at runtime.
* Multiple improvements to the FPM SAPI.
* Over 100 other bug fixes.
For users upgrading from PHP 5.2 there is a migration guide available here,
detailing the changes between those releases and PHP 5.3.
For a full list of changes in PHP 5.3.4, see the ChangeLog. For source
downloads please visit our downloads page, Windows binaries can be found on
windows.php.net/download/.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Mon Dec 13 13:18:20 UTC 2010
Modified Files:
pkgsrc/databases/php-mysql: Makefile
pkgsrc/databases/php-mysqli: Makefile
pkgsrc/databases/php-pdo_mysql: Makefile
pkgsrc/mail/php-imap: Makefile
pkgsrc/www/ap-php: Makefile
pkgsrc/www/php-eaccelerator: Makefile
Log message:
Reset PKGREVISION by update of base PHP version.
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Dec 16 14:20:45 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile.common distinfo
Log message:
Update php5 pacakge to 5.2.16:
PHP 5.2.16 Released!
The PHP development team would like to announce the immediate availability of
PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of
PHP 5.2 are encouraged to upgrade to PHP 5.3.
This release focuses on addressing a regression in open_basedir implementation
introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data
retrieval when the server is down. All users who have upgraded to 5.2.15 and
are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or
5.3.4.
To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
migration guide available on http://php.net/migration53, details the changes
between PHP 5.2 and PHP 5.3.
For a full list of changes in PHP 5.2.16 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.16.
ChangeLog:
Version 5.2.16
16-Dec-2010
* Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is
down). (gyp at balabit dot hu)
* Fixed bug #53516 (Regression in open_basedir handling). (Ilia)
|
New packages: