Navigation:
Browse pkgsrc
(this page)
lang php55
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2014-08-25 18:14:59 by Matthias Scheler | Files touched by this commit (8) |  |
Log message:
Pullup ticket #4487 - requested by tron
lang/php55: security update
Revisions pulled up:
- lang/php/phpversion.mk patch
- lang/php55/Makefile 1.16
- lang/php55/distinfo 1.27-1.28
- lang/php55/patches/patch-aclocal.m4 1.2
- lang/php55/patches/patch-build_libtool.m4 1.2
- lang/php55/patches/patch-configure 1.8
- lang/php55/patches/patch-ext_gd_libgd_gdxpm.c deleted
- lang/php55/patches/patch-ext_spl_spl__array.c deleted
- lang/php55/patches/patch-ext_spl_spl__dllist.c deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jul 26 00:11:55 UTC 2014
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php55: Makefile distinfo
pkgsrc/lang/php55/patches: patch-aclocal.m4 patch-build_libtool.m4
patch-configure
Removed Files:
pkgsrc/lang/php55/patches: patch-ext_spl_spl__array.c
patch-ext_spl_spl__dllist.c
Log message:
Update php55 to 5.5.15.
24 Jul 2014, PHP 5.5.15
- Core:
. Fixed bug #67428 (header('Location: foo') will override a 308-399 response
code). (Adam)
. Fixed bug #67436 (Autoloader isn't called if two method definitions don't
match). (Bob)
. Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 10.0).
(Ferenc)
. Fixed bug #67497 (eval with parse error causes segmentation fault in
generator). (Nikita)
. Fixed bug #67151 (strtr with empty array crashes). (Nikita)
. Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server
2012). (Christian Wenz)
- CLI server:
. Implemented FR #67429 (CLI server is missing some new HTTP response codes).
(Adam)
. Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
(Adam)
- FPM:
. Fixed bug #67530 (error_log=syslog ignored). (Remi)
. Fixed bug #67531 (syslog cannot be set in pool configuration). (Remi)
- Intl:
. Fixed bug #66921 (Wrong argument type hint for function
intltz_from_date_time_zone). (Stas)
. Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).
(Stas)
- OPCache:
. Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault
happen) (Dmitry, Laruence)
- pgsql:
. Fixed bug #67550 (Error in code "form" instead of \
"from", pgsql.c, line 756),
which affected builds against libpq < 7.3. (Adam)
- Phar:
. Fixed bug #67587 (Redirection loop on nginx with FPM). (Christian Weiske)
- SPL:
. Fixed bug #67539 (ArrayIterator use-after-free due to object change during
sorting). (research at insighti dot org, Laruence)
. Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670) (Laruence)
- Streams:
. Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects). (Adam)
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Aug 23 16:09:21 UTC 2014
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php55: distinfo
Removed Files:
pkgsrc/lang/php55/patches: patch-ext_gd_libgd_gdxpm.c
Log message:
Update php55 to 5.5.16 (PHP 5.5.16).
21 Aug 2014, PHP 5.5.16
- COM:
. Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas).
- Fileinfo:
. Fixed bug #67705 (extensive backtracking in rule regular expression).
(CVE-2014-3538) (Remi)
. Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587) (Remi)
- FPM:
. Fixed bug #67635 (php links to systemd libraries without using pkg-config).
(pacho@gentoo.org, Remi)
- GD:
. Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference).
(CVE-2014-2497) (Remi)
. Fixed bug #67730 (Null byte injection possible with imagexxx functions).
(CVE-2014-5120) (Ryan Mauger)
- Milter:
. Fixed bug #67715 (php-milter does not build and crashes randomly). (Mike)
- OpenSSL:
. Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).
- readline:
. Fixed bug #55496 (Interactive mode doesn't force a newline before the
prompt). (Bob, Johannes)
. Fixed bug #67496 (Save command history when exiting interactive shell
with control-c). (Dmitry Saprykin, Johannes)
- Sessions:
. Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).
- Core:
. Fixed bug #67693 (incorrect push to the empty array) (Tjerk)
. Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597) (Remi)
- ODBC:
. Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte
char fields). (Keyur)
|
| 2014-07-17 20:03:59 by Matthias Scheler | Files touched by this commit (4) |
Log message: Pullup ticket #4453 - requested by taca lang/php55: security patch Revisions pulled up: - lang/php55/Makefile 1.15 - lang/php55/distinfo 1.26 - lang/php55/patches/patch-ext_spl_spl__array.c 1.1 - lang/php55/patches/patch-ext_spl_spl__dllist.c 1.1 --- Module Name: pkgsrc Committed By: taca Date: Sun Jul 13 15:23:42 UTC 2014 Modified Files: pkgsrc/lang/php55: Makefile distinfo Added Files: pkgsrc/lang/php55/patches: patch-ext_spl_spl__array.c patch-ext_spl_spl__dllist.c Log message: Add fix for CVE-2014-4698 and CVE-2014-4670. Bump PKGREVISION. |
New packages: