Log message:
Pullup ticket 3184 - requested by tron
security updates
Revisions pulled up:
- pkgsrc/lang/php5/Makefile 1.79
- pkgsrc/lang/php5/distinf 1.79
- pkgsrc/lang/php5/Makefile.common 1.42
- pkgsrc/lang/php5/Makefile.ph 1.42
- pkgsrc/lang/php53/Makefile 1.4
- pkgsrc/lang/php53/Makefile.common 1.2
- pkgsrc/lang/php53/Makefile.php 1.3
- pkgsrc/lang/php53/distinfo 1.6
- pkgsrc/lang/php53/patches/patch-ab 1.2
- pkgsrc/converters/php-mbstring/Makefile 1.2
- pkgsrc/devel/php-gmp/Makefile 1.12
- pkgsrc/graphics/php-gd/Makefile 1.24
- pkgsrc/multimedia/php-ming/Makefile 1.11
- pkgsrc/net/php-xmlrpc/Makefile 1.13
- pkgsrc/net/php-yaz/Makefile 1.9
- pkgsrc/print/php-pdflib/Makefile 1.17
Files deleted:
pkgsrc/lang/php5/patches/patch-be
pkgsrc/lang/php53/patches/patch-ak
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 22:23:15 UTC 2010
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common Makefile.php distinfo
Removed Files:
pkgsrc/lang/php5/patches: patch-be
Log message:
Update "php5" package to version 5.2.14. Changes since version 5.2.13:
- Reverted bug fix #49521 (PDO fetchObject sets values before calling
constructor). (Felipe)
- Updated timezone database to version 2010.5. (Derick)
- Upgraded bundled PCRE to version 8.02. (Ilia)
- Rewrote var_export() to use smart_str rather than output buffering, prevents
data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)
- Fixed a possible interruption array leak in strrchr(). Reported by
P??ter Veres. (CVE-2010-2484) (Felipe)
- Fixed a possible interruption array leak in strchr(), strstr(), substr(),
chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
- Fixed a possible memory corruption in substr_replace() (Dmitry)
- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
- Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
Esser (Ilia)
- Reset error state in PDO::beginTransaction() reset error state. (Ilia)
- Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
- Fixed handling of session variable serialization on certain prefix
characters. Reported by Stefan Esser (Ilia)
- Fixed a possible arbitrary memory access inside sqlite extension. Reported
by Mateusz Kocielski. (Ilia)
- Fixed a crash when calling an inexistent method of a class that inherits
PDOStatement if instantiated directly instead of doing by the PDO methods.
(Felipe)
- Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64
bit)). (Adam)
- Fixed bug #52238 (Crash when an Exception occured in iterator_to_array).
(Johannes)
- Fixed bug #52237 (Crash when passing the reference of the property of a
non-object). (Dmitry)
- Fixed bug #52163 (SplFileObject::fgetss() fails due to parameter that can't
be set). (Felipe)
- Fixed bug #52162 (custom request header variables with numbers are removed).
(Sriram Natarajan)
- Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe)
- Fixed bug #52061 (memory_limit above 2G). (Felipe)
- Fixed bug #52041 (Memory leak when writing on uninitialized variable returned
from function). (Dmitry)
- Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at
debian dot org, Kalle)
- Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick)
- Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command).
(Ilia, Felipe)
- Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle,
coreystup at gmail dot com)
- Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with
constant array). (Felipe)
- Fixed bug #51905 (ReflectionParameter fails if default value is an array
with an access to self::). (Felipe)
- Fixed bug #51822 (Segfault with strange __destruct() for static class
variables). (Dmitry)
- Fixed bug #51671 (imagefill does not work correctly for small images).
(Pierre)
- Fixed bug #51670 (getColumnMeta causes segfault when re-executing query
after calling nextRowset). (Pierrick)
- Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading).
(Pierre)
- Fixed bug #51617 (PDO PGSQL still broken against PostGreSQL < 7.4).
(Felipe, wdierkes at 5dollarwhitebox dot org)
- Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe)
- Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter).
(Felipe)
- Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string
literal). (cbandy at jbandy dot com)
- Fixed bug #51607 (pg_copy_from does not allow schema in the tablename
argument). (cbandy at jbandy dot com)
- Fixed bug #51604 (newline in end of header is shown in start of message).
(Daniel Egeberg)
- Fixed bug #51562 (query timeout in mssql can not be changed per query).
(ejsmont dot artur at gmail dot com)
- Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory
issues). (Dmitry)
- Fixed bug #51532 (Wrong prototype for SplFileObject::fscanf()). (Etienne)
- Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe)
- Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains
timezone). (Adam)
- Fixed bug #51374 (Wrongly initialized object properties). (Etienne)
- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
on). (Ilia, j dot jeising at gmail dot com)
- Fixed bug #51273 (Faultstring property does not exist when the faultstring is
empty) (Ilia, dennis at transip dot nl)
- Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
- Fixed bug #51263 (imagettftext and rotated text uses wrong baseline)
(cschneid at cschneid dot com, Takeshi Abe)
- Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)
- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia,
alexr at oplot dot com)
- Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that
includes '-'). (Adam, solar at azrael dot ws).
- Fixed bug #51190 (ftp_put() returns false when transfer was successful).
(Ilia)
- Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio).
(Sriram Natarajan)
- Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when
an invalid option is provided). (Ilia)
- Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre)
- Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones)
- Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris
Jones)
- Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4).
(Raphael Geissert)
- Fixed bug #50762 (in WSDL mode Soap Header handler function only being called
if defined in WSDL). (mephius at gmail dot com)
- Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable
endpoints). (Justin Dearing)
- Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not
include file and line in trace). (Felipe)
- Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe)
- Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne)
- Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus)
- Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe)
- Fixed bug #49267 (Linking fails for iconv). (Moriyosh)
- Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob)
- Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken).
(Adam, patch from hiroaki dot kawai at gmail dot com).
- Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus)
- Fixed bug #33210 (getimagesize() fails to detect width/height on certain
JPEGs). (Ilia)
- Fixed bug #23229 (syslog() truncates messages). (Adam)
To generate a diff of this commit:
cvs rdiff -u -r1.78 -r1.79 pkgsrc/lang/php5/Makefile \
pkgsrc/lang/php5/distinfo
cvs rdiff -u -r1.41 -r1.42 pkgsrc/lang/php5/Makefile.common \
pkgsrc/lang/php5/Makefile.php
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-be
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 22:23:37 UTC 2010
Modified Files:
pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo
pkgsrc/lang/php53/patches: patch-ab
Removed Files:
pkgsrc/lang/php53/patches: patch-ak
Log message:
Update "php53" package to version 5.3.3. Changes since version 5.3.2:
- Rewrote var_export() to use smart_str rather than output buffering,
prevents data disclosure if a fatal error occurs (CVE-2010-2531).
(Scott)
- Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
- Fixed SplObjectStorage unserialization problems (CVE-2010-2225).
(Stas)
- A large number of not security related bug fixes
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/Makefile.common
cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php53/Makefile.php
cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/php53/distinfo
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/patches/patch-ab
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php53/patches/patch-ak
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sat Jul 24 22:24:22 UTC 2010
Modified Files:
pkgsrc/converters/php-mbstring: Makefile
pkgsrc/devel/php-gmp: Makefile
pkgsrc/graphics/php-gd: Makefile
pkgsrc/multimedia/php-ming: Makefile
pkgsrc/net/php-xmlrpc: Makefile
pkgsrc/net/php-yaz: Makefile
pkgsrc/print/php-pdflib: Makefile
Log message:
Revert revision of several PHP extensions after both core PHP packages
were updated.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/converters/php-mbstring/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/php-gmp/Makefile
cvs rdiff -u -r1.23 -r1.24 pkgsrc/graphics/php-gd/Makefile
cvs rdiff -u -r1.10 -r1.11 pkgsrc/multimedia/php-ming/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/php-xmlrpc/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/php-yaz/Makefile
cvs rdiff -u -r1.16 -r1.17 pkgsrc/print/php-pdflib/Makefile
|