pkgsrc.se | The NetBSD package collection

./lang/php55, PHP Hypertext Preprocessor version 5.5

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2016Q1, Version: 5.5.37, Package name: php-5.5.37, Maintainer: pkgsrc-users

PHP is an HTML-embedded scripting language. It is modular, with
some object-oriented features. Much of its syntax is borrowed from
C, Java and Perl with a couple of unique PHP-specific features
thrown in. The language is designed to allow web developers to
write dynamically generated pages quickly.

This package provides PHP version 5.5.x.

Required to run:
[textproc/libxml2]

Package options: inet6, ssl

Master sites: (Expand)

SHA1: f999bf46a6b3a1adee8239c40e13e8ce06fd470a
RMD160: 349fbe9ea88423a2f6b0b8b47468401c3537ff8c
Filesize: 13378.761 KB

Version history: (Expand)

(2016-06-29) Updated to version: php-5.5.37
(2016-06-05) Updated to version: php-5.5.36
(2016-05-08) Updated to version: php-5.5.35
(2016-04-07) Package added to pkgsrc.se, version php-5.5.34 (created)

CVS history: (Expand)

2016-06-28 21:35:58 by Benny Siegert | Files touched by this commit (2)

Log message:
Pullup ticket #5050 - requested by taca
lang/php55: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.139
- lang/php55/Makefile                                           1.27
- lang/php55/distinfo                                           1.54

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Jun 24 15:23:00 UTC 2016

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php55: Makefile distinfo

   Log message:
   Update php55 to 5.5.37 (PHP 5.5.37), including security fixes.

   pkgsrc change: remove confiugre from SUBST_FILES.path.

   23 Jun 2016, PHP 5.5.37

   - Core:
     . Fixed bug #72268 (Integer Overflow in nl2br()). (Stas)
     . Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/
       json_utf8_to_utf16()). (Stas)
     . Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Stas)
     . Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL). (Stas)

   - GD:
     . Fixed bug #66387 (Stack overflow with imagefilltoborder) (CVE-2015-8874).
       (cmb)
     . Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas)
     . Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in
       heap overflow). (Pierre)
     . Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas)
     . Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting
       in heap overflow). (Pierre)

   - mbstring:
      . Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas)

   - mcrypt:
      . Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)

   - SPL:
     . Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (Stas)
     . Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and
       unserialize). (Dmitry)

   - WDDX:
     . Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (Stas)

   - zip:
     . Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC
       algorithm and unserialize). (Dmitry)

2016-06-04 21:45:19 by Benny Siegert | Files touched by this commit (1)

Log message:
Pullup ticket #5034 - requested by taca
lang/php55: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.136
- lang/php55/distinfo                                           1.53

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri May 27 13:25:44 UTC 2016

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php55: distinfo

   Log message:
   Update php55 to 5.5.36 (PHP 5.5.36), including security fix.

   26 May 2016, PHP 5.5.36

   - Core:
     . Fixed bug #72114 (Integer underflow / arbitrary null write in
       fread/gzread). (Stas)
     . Fixed bug #72135 (Integer Overflow in php_html_entities). (Stas)

   - GD:
      . Fixed bug #72227 (imagescale out-of-bounds read). (Stas)

   - Intl:
      . Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (Stas)

   - Phar:
     . Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()).
       (CVE-2016-4343) (Stas)

2016-05-08 10:10:06 by Benny Siegert | Files touched by this commit (2)

Log message:
Pullup ticket #4972 - requested by taca
lang/php55: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.132-1.133
- lang/php55/distinfo                                           1.52
- lang/php55/patches/patch-ext_standard_php__dns.h              1.2

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Fri Apr 22 09:46:50 UTC 2016

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk

   Log message:
   Detect php-7.0 (define _PHP_VERSION_70_INSTALLED).

   Addresses PR 50957.

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon May  2 13:06:21 UTC 2016

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php55: distinfo
   	pkgsrc/lang/php55/patches: patch-ext_standard_php__dns.h

   Log message:
   Update php55 to 5.5.35.

   pkgsrc change: Fix build problem on Linux noted by Matthias Ferdinand on
   pkgsrc-users@.

   28 Apr 2016, PHP 5.5.35

   - BCMath:
    . Fix bug #72093 (bcpowmod accepts negative scale and corrupts _one_
      definition). (Stas)

   - Exif:
    . Fix bug #72094 (Out of bounds heap read access in exif header
      processing). (Stas)

   - GD:
    . Fix bug #71912 (libgd: signedness vulnerability). (Stas)

   - Intl:
    . Fix bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative
      offset). (Stas)

   - XML:
    . Fix bug #72099 (xml_parse_into_struct segmentation fault). (Stas)