Next | Query returned 2 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2015-08-12 22:12:29 by Matthias Scheler | Files touched by this commit (1) | Package updated
Log message:
Pullup ticket #4791 - requested by taca
lang/php55: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.107
- lang/php55/distinfo                                           1.44

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Aug  8 00:12:22 UTC 2015

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php55: distinfo

   Log message:
   Update php55 to 5.5.28.

   06 Aug 2015, PHP 5.5.28

   - Core:
     . Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive
       method calls). (Stas)
     . Fixed bug #69892 (Different arrays compare indentical due to integer key
       truncation). (Nikita)
     . Fixed bug #70002 (TS issues with temporary dir handling). (Anatol)
     . Fixed bug #70121 (unserialize() could lead to unexpected methods execution
       / NULL pointer deref). (Stas)

   - OpenSSL:
     . Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
       secure). (Stas)

   - Phar:
     . Improved fix for bug #69441. (Anatol Belski)
     . Fixed bug #70019 (Files extracted from archive may be placed outside of
       destination directory). (Anatol Belski)

   - SOAP:
     . Fixed bug #70081 (SoapClient info leak / null pointer dereference via
        multiple type confusions). (Stas)

   - SPL:
     . Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject
       items). (sean.heelan)
     . Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
       SPLArrayObject). (taoguangchen at icloud dot com)
     . Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
       SplObjectStorage). (taoguangchen at icloud dot com)
     . Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
       SplDoublyLinkedList). (taoguangchen at icloud dot com)
   2015-07-15 00:11:16 by Matthias Scheler | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket #4773 - requested by taca
lang/php55: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.104
- lang/php55/Makefile                                           1.22
- lang/php55/distinfo                                           1.43
- lang/php55/patches/patch-ext_spl_spl__heap.c                  deleted

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Jul 11 00:30:11 UTC 2015

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php55: Makefile distinfo
   Removed Files:
   	pkgsrc/lang/php55/patches: patch-ext_spl_spl__heap.c

   Log message:
   Update php55 to 5.5.27.

   09 Jul 2015, PHP 5.5.27

   - Core:
     . Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
     . Fixed bug #69703 (Use __builtin_clzl on PowerPC).
       (dja at axtens dot net, Kalle)
     . Fixed bug #69732 (can induce segmentation fault with basic php code).
       (Dmitry)
     . Fixed bug #69642 (Windows 10 reported as Windows 8).
       (Christian Wenz, Anatol Belski)
     . Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation
       fault). (Christoph M. Becker)
     . Fixed bug #69781 (phpinfo() reports Professional Editions of Windows
       7/8/8.1/10 as "Business"). (Christian Wenz)
     . Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
       (Christian Wenz)
     . Fixed bug #69892 (Different arrays compare indentical due to integer key
       truncation). (Nikita)
     . Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
       from fix to bug #68776. (Yasuo)

   - GD:
     . Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)

   - Mysqlnd:
     . Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM) (CVE-2015-3152).
       (Andrey)

   - PCRE:
     . Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the
       string). (cmb)
     . Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab)

   - PDO_pgsql:
     . Fixed bug #69752 (PDOStatement::execute() leaks memory with DML
       Statements when closeCuror() is u). (Philip Hofstetter)
     . Fixed bug #69362 (PDO-pgsql fails to connect if password contains a
       leading single quote). (Matteo)
     . Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps).
       (Matteo)

   - Phar:
     . Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (Stas)
     . Fixed bug #69923 (Buffer overflow and stack smashing error in
       phar_fix_filepath). (Stas)

   - SimpleXML:
     . Refactored the fix for bug #66084 (simplexml_load_string() mangles empty
       node name). (Christoph Michael Becker)

   - SPL:
     . Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error).
       (Stas)
     . Fixed bug #67805 (SplFileObject setMaxLineLength). (Willian Gustavo Veiga).

Next | Query returned 2 messages, browsing 1 to 10 | previous