Path to this page:
Next | Query returned 3 messages, browsing 1 to 10 | previous
CVS Commit History:
2014-12-21 11:26:39 by Matthias Scheler | Files touched by this commit (1) | |
Log message:
Pullup ticket #4577 - requested by taca
lang/php54: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.79
- lang/php54/distinfo 1.50
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Dec 19 16:08:35 UTC 2014
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php54: distinfo
Log message:
Update php54 to 5.4.36, including security fix.
18 Dec 2014 PHP 5.4.36
- Core:
. Upgraded crypt_blowfish to version 1.3. (Leigh)
. Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
. Fixed bug #68594 (Use after free vulnerability in unserialize()).
(CVE-2014-8142) (Stefan Esser)
13 Nov 2014 PHP 5.4.35
- Core:
. Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in
zend_hash_copy). (Dmitry)
- Fileinfo:
. Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers).
(CVE-2014-3710) (Remi)
- GMP:
. Fixed bug #63595 (GMP memory management conflicts with other libraries
using GMP). (Remi)
- PDO_pgsql:
. Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)
|
2014-11-19 12:08:47 by Matthias Scheler | Files touched by this commit (1) | |
Log message:
Pullup ticket #4550 - requested by taca
lang/php54: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.76
- lang/php54/distinfo 1.49
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Nov 15 14:49:45 UTC 2014
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php54: distinfo
Log message:
Update php54 to 5.4.35 (PHP 5.4.35).
13 Nov 2014 PHP 5.4.35
- Core:
. Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in
zend_hash_copy). (Dmitry)
- Fileinfo:
. Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers).
(CVE-2014-3710) (Remi)
- GMP:
. Fixed bug #63595 (GMP memory management conflicts with other libraries
using GMP). (Remi)
- PDO_pgsql:
. Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)
|
2014-10-25 16:08:57 by Matthias Scheler | Files touched by this commit (1) | |
Log message:
Pullup ticket #4525 - requested by taca
lang/php54: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.75
- lang/php54/distinfo 1.48
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Oct 18 14:29:04 UTC 2014
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php54: distinfo
Log message:
Update to php54 5.4.34.
16 Oct 2014, PHP 5.4.34
- Fileinfo:
. Fixed bug #66242 (libmagic: don't assume char is signed). (ArdB)
- Core:
. Fixed bug #67985 (Incorrect last used array index copied to new array after
unset). (Tjerk)
. Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)).
(CVE-2014-3669) (Stas)
- cURL:
. Fixed bug #68089 (NULL byte injection - cURL lib). (Stas)
- EXIF:
. Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
(Stas)
- OpenSSL:
. Reverted fixes for bug #41631, due to regressions. (Stas)
- XMLRPC:
. Fixed bug #68027 (Global buffer overflow in mkgmtime() function).
(CVE-2014-3668) (Stas)
|
Next | Query returned 3 messages, browsing 1 to 10 | previous