Next | Query returned 1 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2007-12-05 15:07:21 by Geert Hendrickx | Files touched by this commit (5) | Package updated
Log message:
Pullup ticket 2239 - requested by adrianp
security update for php5

- pkgsrc/lang/php5/Makefile				1.62
- pkgsrc/lang/php5/Makefile.common			1.28
- pkgsrc/lang/php5/distinfo				1.50
- pkgsrc/lang/php5/patches/patch-ao			removed
- pkgsrc/lang/php5/patches/patch-ar			removed

   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Fri Nov 23 13:20:01 UTC 2007

   Modified Files:
	   pkgsrc/lang/php5: Makefile Makefile.common distinfo
   Removed Files:
	   pkgsrc/lang/php5/patches: patch-ao patch-ar

   Log message:
   Update to 5.2.5

   * Security Enhancements and Fixes in PHP 5.2.5:
   Fixed dl() to only accept filenames. Reported by Laurent Gaffie.
   Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
   Reported by Laurent Gaffie.
   Fixed htmlentities/htmlspecialchars not to accept partial multibyte
   sequences. Reported by Rasmus Lerdorf
   Fixed possible triggering of buffer overflows inside glibc
   implementations of the fnmatch(), setlocale() and glob() functions.
   Reported by Laurent Gaffie.
   Fixed "mail.force_extra_parameters" php.ini directive not to be
   modifiable in .htaccess due to the security implications. Reported by
   SecurityReason.
   Fixed bug 42869 (automatic session id insertion adds sessions id to
   non-local forms).
   Fixed bug 41561 (Values set with php_admin_* in httpd.conf can be
   overwritten with ini_set()).

   * Key enhancements in PHP 5.2.5 include:
   Upgraded PCRE to version 7.3
   Updated timezone database to version 2007.9
   Added ability to control memory consumption between request using
   ZEND_MM_COMPACT environment variable.
   Improved speed of array_intersect_key(), array_intersect_assoc(),
   array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and
   array_udiff_assoc() functions
   Fixed bug 43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with
   fetchAll())
   Fixed bug 42785 (json_encode() formats doubles according to locale
   rather then following standard syntax)
   Fixed bug 42549 (ext/mysql failed to compile with libmysql 3.23)
   Over 60 bug fixes.

   For all the details see:
	   http://www.php.net/ChangeLog-5.php#5.2.5

Next | Query returned 1 messages, browsing 1 to 10 | previous