Next | Query returned 4 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2016-06-28 21:38:32 by Benny Siegert | Files touched by this commit (3)
Log message:
Pullup ticket #5052 - requested by taca
lang/php70: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.141
- lang/php70/Makefile                                           1.4
- lang/php70/Makefile.php                                       1.2
- lang/php70/distinfo                                           1.14

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Jun 24 15:27:57 UTC 2016

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php70: Makefile Makefile.php distinfo

   Log message:
   Update php70 to 7.0.8 (PHP 7.0.8), including security fixes.

   pkgsrc change:
   * remove confiugre from SUBST_FILES.path.
   * Remove --with-regex=3Dsystem and --without-mysql from CONFIGURE_ARGS.=

   * Add --without-mysqli to CONFIGURE_ARGS.

   23 Jun 2016 PHP 7.0.8

   - Core:
     . Fixed bug #72218 (If host name cannot be resolved then PHP 7 crashe=
   s).
       (Esminis at esminis dot lt)
     . Fixed bug #72221 (segfault, past-the-end access). (Lauri Kentt=E4)
     . Fixed bug #72268 (Integer Overflow in nl2br()). (Stas)
     . Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/
       json_utf8_to_utf16()). (Stas)
     . Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Sta=
   s)
     . Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL).=
    (Stas)

   - FPM:
     . Fixed bug #72308 (fastcgi_finish_request and logging environment
       variables). (Laruence)

   - GD:
     . Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas)
     . Fixed bug #72337 (invalid dimensions can lead to crash) (Pierre)
     . Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in
       heap overflow). (Pierre)
     . Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas)=

   - Intl:
     . Fixed bug #64524 (Add intl.use_exceptions to php.ini-*). (Anatol)

   - mbstring:
     . Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (=
   Stas)

   - mcrypt:
      . Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)

   - PCRE:
     . Fixed bug #72143 (preg_replace uses int instead of size_t). (Joe)

   - PDO_pgsql:
     . Fixed bug #71573 (Segfault (core dumped) if paramno beyond bound).
       (Laruence)
     . Fixed bug #72294 (Segmentation fault/invalid pointer in connection
       with pgsql_stmt_dtor). (Anatol)

   - Phpdbg:
     . Fixed bug #72284 (phpdbg fatal errors with coverage). (Bob)

   - Postgres:
     . Fixed bug #72195 (pg_pconnect/pg_connect cause use-after-free). (La=
   ruence)
     . Fixed bug #72197 (pg_lo_create arbitrary read). (Anatol)

   - SPL:
     . Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (S=
   tas)
     . Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorith=
   m and
       unserialize). (Dmitry)

   - Standard:
     . Fixed bug #72017 (range() with float step produces unexpected resul=
   t).
       (Thomas Punt)
     . Fixed bug #72193 (dns_get_record returns array containing elements =
   of
       type 'unknown'). (Laruence)
     . Fixed bug #72229 (Wrong reference when serialize/unserialize an obj=
   ect).
       (Laruence)
     . Fixed bug #72300 (ignore_user_abort(false) has no effect). (Laruenc=
   e)

   - XML:
     . Fixed bug #72206 (xml_parser_create/xml_parser_free leaks mem). (Jo=
   e)

   - XMLRPC:
     . Fixed bug #72155 (use-after-free caused by get_zval_xmlrpc_type).
       (Joe, Laruence)

   - WDDX:
     . Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (St=
   as)

   - Zip:
     . Fixed ug #72258 (ZipArchive converts filenames to unrecoverable for=
   m).
       (Anatol)
     . Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in =
   PHP's GC
       algorithm and unserialize). (Dmitry)
   2016-06-28 20:59:07 by Benny Siegert | Files touched by this commit (2)
Log message:
Pullup ticket #5042 - requested by joerg
lang/php70: build fix

Revisions pulled up:
- lang/php70/distinfo                                           1.13
- lang/php70/patches/patch-sapi_cli_Makefile.frag               1.3

---
   Module Name:	pkgsrc
   Committed By:	joerg
   Date:		Tue Jun  7 19:23:50 UTC 2016

   Modified Files:
   	pkgsrc/lang/php70: distinfo
   	pkgsrc/lang/php70/patches: patch-sapi_cli_Makefile.frag

   Log message:
   Unbreak unprivileged build. Actually test for executable.
   2016-06-04 21:56:37 by Benny Siegert | Files touched by this commit (2)
Log message:
Pullup ticket #5036 - requested by taca
lang/php70: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.138
- lang/php70/distinfo                                           1.10-1.12
- lang/php70/patches/patch-sapi_cli_Makefile.frag               1.1-1.2

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri May 27 13:29:58 UTC 2016

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php70: distinfo

   Log message:
   Update php70 to 7.0.7 (PHP 7.0.7), including security fix.

   26 May 2016 PHP 7.0.7

   - Core:
     . Fixed bug #72162 (use-after-free - error_reporting). (Laruence)
     . Add compiler option to disable special case function calls. (Joe)
     . Fixed bug #72101 (crash on complex code). (Dmitry)
     . Fixed bug #72100 (implode() inserts garbage into resulting string when
       joins very big integer). (Mikhail Galanin)
     . Fixed bug #72057 (PHP Hangs when using custom error handler and typehint).
       (Nikita Nefedov)
     . Fixed bug #72038 (Function calls with values to a by-ref parameter don't
       always throw a notice). (Bob)
     . Fixed bug #71737 (Memory leak in closure with parameter named $this).
       (Nikita)
     . Fixed bug #72059 (?? is not allowed on constant expressions). (Bob, Marcio)
     . Fixed bug #72159 (Imported Class Overrides Local Class Name). (Nikita)

   - Curl:
     . Fixed bug #68658 (Define CURLE_SSL_CACERT_BADFILE). (Pierrick)

   - DBA:
     . Fixed bug #72157 (use-after-free caused by dba_open). (Shm, Laruence)

   - GD:
     . Fixed bug #72227 (imagescale out-of-bounds read). (Stas)

   - Intl:
     . Fixed #72241 (get_icu_value_internal out-of-bounds read). (Stas)

   - JSON:
     . Fixed bug #72069 (Behavior \JsonSerializable different from json_encode).
       (Laruence)

   - Mbstring:
     . Fixed bug #72164 (Null Pointer Dereference - mb_ereg_replace). (Laruence)

   - OCI8:
     . Fixed bug #71600 (oci_fetch_all segfaults when selecting more than eight
       columns). (Tian Yang)

   - Opcache:
     . Fixed bug #72014 (Including a file with anonymous classes multiple times
       leads to fatal error). (Laruence)

   - OpenSSL:
     . Fixed bug #72165 (Null pointer dereference - openssl_csr_new). (Anatol)

   - PCNTL:
     . Fixed bug #72154 (pcntl_wait/pcntl_waitpid array internal structure
       overwrite). (Laruence)

   - POSIX:
     . Fixed bug #72133 (php_posix_group_to_array crashes if gr_passwd is NULL).
       (esminis at esminis dot lt)

   - Postgres:
     . Fixed bug #72028 (pg_query_params(): NULL converts to empty string).
       (Laruence)
     . Fixed bug #71062 (pg_convert() doesn't accept ISO 8601 for datatype
       timestamp). (denver at timothy dot io)
     . Fixed bug #72151 (mysqli_fetch_object changed behaviour). (Anatol)

   - Reflection:
     . Fixed bug #72174 (ReflectionProperty#getValue() causes __isset call).
       (Nikita)

   - Session:
     . Fixed bug #71972 (Cyclic references causing session_start(): Failed to
       decode session object). (Laruence)

   - Sockets:
     . Added socket_export_stream() function for getting a stream compatible
       resource from a socket resource. (Chris Wright, Bob)

   - SPL:
     . Fixed bug #72051 (The reference in CallbackFilterIterator doesn't work as
       expected). (Laruence)

   - SQLite3:
     . Fixed bug #68849 (bindValue is not using the right data type). (Anatol)

   - Standard:
     . Fixed bug #72075 (Referencing socket resources breaks stream_select).
       (Laruence)
     . Fixed bug #72031 (array_column() against an array of objects discards all
       values matching null). (Nikita)

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Sat May 28 08:02:26 UTC 2016

   Modified Files:
   	pkgsrc/lang/php70: distinfo
   Added Files:
   	pkgsrc/lang/php70/patches: patch-sapi_cli_Makefile.frag

   Log message:
   Mark php binary with paxctl +m because of JIT code.

   Needed on NetBSD-current with PaX MPROTECT.

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Sat May 28 08:13:15 UTC 2016

   Modified Files:
   	pkgsrc/lang/php70: distinfo
   	pkgsrc/lang/php70/patches: patch-sapi_cli_Makefile.frag

   Log message:
   Add upstream bug report URL.
   2016-05-08 16:27:23 by Benny Siegert | Files touched by this commit (4)
Log message:
Pullup ticket #4974 - requested by taca
lang/php70: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.135
- lang/php70/distinfo                                           1.9
- lang/php70/patches/patch-configure                            1.3
- lang/php70/patches/patch-ext_opcache_config.m4                deleted
- lang/php70/patches/patch-ext_standard_php__dns.h              1.2

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon May  2 13:09:49 UTC 2016

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php70: distinfo
   	pkgsrc/lang/php70/patches: patch-configure
   	    patch-ext_standard_php__dns.h
   Removed Files:
   	pkgsrc/lang/php70/patches: patch-ext_opcache_config.m4

   Log message:
   Update php70 to 7.0.6.

   pkgsrc change: Fix build problem on Linux noted by Matthias Ferdinand on
   pkgsrc-users@.

   28 Apr 2016 PHP 7.0.6

   - Core:
    . Fixed bug #71930 (_zval_dtor_func: Assertion `(arr)->gc.refcount <= 1'
      failed). (Laruence)
    . Fixed bug #71922 (Crash on assert(new class{})). (Nikita)
    . Fixed bug #71914 (Reference is lost in "switch"). (Laruence)
    . Fixed bug #71871 (Interfaces allow final and abstract functions). (Nikita)
    . Fixed Bug #71859 (zend_objects_store_call_destructors operates on realloced
      memory, crashing). (Laruence)
    . Fixed bug #71841 (EG(error_zval) is not handled well). (Laruence)
    . Fixed bug #71750 (Multiple Heap Overflows in php_raw_url_encode/
      php_url_encode). (Stas)
    . Fixed bug #71731 (Null coalescing operator and ArrayAccess). (Nikita)
    . Fixed bug #71609 (Segmentation fault on ZTS with gethostbyname). (krakjoe)
    . Fixed bug #71428 (inheritance and allow_null). (krakjoe)
    . Fixed bug #71414 (Inheritance, traits and interfaces). (krakjoe)
    . Fixed bug #71359 (Null coalescing operator and magic). (krakjoe)
    . Fixed bug #71334 (Cannot access array keys while uksort()). (Nikita)
    . Fixed bug #69659 (ArrayAccess, isset() and the offsetExists method).
      (Nikita)
    . Fixed bug #69537 (__debugInfo with empty string for key gives error).
      (krakjoe)
    . Fixed bug #62059 (ArrayObject and isset are not friends). (Nikita)
    . Fixed bug #71980 (Decorated/Nested Generator is Uncloseable in Finally).
      (Nikita)

   - BCmath:
    . Fixed bug #72093 (bcpowmod accepts negative scale and corrupts
      _one_ definition). (Stas)

   - Curl:
    . Fixed bug #71831 (CURLOPT_NOPROXY applied as long instead of string).
      (Michael Sierks)

   - Date:
    . Fixed bug #71889 (DateInterval::format Segmentation fault). (Thomas Punt)

   - EXIF:
    . Fixed bug #72094 (Out of bounds heap read access in exif header \ 
processing). (Stas)

   - GD:
    . Fixed bug #71912 (libgd: signedness vulnerability). (Stas)

   - Intl:
    . Fixed bug #71516 (IntlDateFormatter looses locale if pattern is set via
      constructor). (Anatol)
    . Fixed bug #70455 (Missing constant: IntlChar::NO_NUMERIC_VALUE). (Anatol)
    . Fixed bug #70451, #70452 (Inconsistencies in return values of IntlChar
      methods). (Daniel Persson)
    . Fixed bug #68893 (Stackoverflow in datefmt_create). (Anatol)
    . Fixed bug #66289 (Locale::lookup incorrectly returns en or en_US if locale
      is empty). (Anatol)
    . Fixed bug #70484 (selectordinal doesn't work with named parameters).
      (Anatol)
    . Fixed bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative
      offset). (Stas)

   - ODBC:
    . Fixed bug #63171 (Script hangs after max_execution_time). (Remi)

   - Opcache:
    . Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER).
      (Laruence)

   - PDO:
    . Fixed bug #52098 (Own PDOStatement implementation ignore __call()).
      (Daniel kalaspuffar, Julien)
    . Fixed bug #71447 (Quotes inside comments not properly handled). (Matteo)

   - PDO_DBlib:
    . Fixed bug #71943 (dblib_handle_quoter needs to allocate an extra byte).
      (Adam Baratz)
    . Add DBLIB-specific attributes for controlling timeouts. (Adam Baratz)

   - PDO_pgsql:
    . Fixed bug #62498 (pdo_pgsql inefficient when getColumnMeta() is used).
      (Joseph Bylund)

   - Postgres:
    . Fixed bug #71820 (pg_fetch_object binds parameters before call
      constructor). (Anatol)
    . Fixed bug #71998 (Function pg_insert does not insert when column
      type = inet). (Anatol)

   - SOAP:
    . Fixed bug #71986 (Nested foreach assign-by-reference creates broken
      variables). (Laruence)

   - SPL:
    . Fixed bug #71838 (Deserializing serialized SPLObjectStorage-Object can't
      access properties in PHP). (Nikita)
    . Fixed bug #71735 (Double-free in SplDoublyLinkedList::offsetSet). (Stas)
    . Fixed bug #67582 (Cloned SplObjectStorage with overwritten getHash fails
      offsetExists()). (Nikita)
    . Fixed bug #52339 (SPL autoloader breaks class_exists()). (Nikita)

   - Standard:
    . Fixed bug #71995 (Returning the same var twice from __sleep() produces
      broken serialized data). (Laruence)
    . Fixed bug #71940 (Unserialize crushes on restore object reference).
      (Laruence)
    . Fixed bug #71969 (str_replace returns an incorrect resulting array after
      a foreach by reference). (Laruence)
    . Fixed bug #71891 (header_register_callback() and
      register_shutdown_function()). (Laruence)
    . Fixed bug #71884 (Null pointer deref (segfault) in
      stream_context_get_default). (Laruence)
    . Fixed bug #71840 (Unserialize accepts wrongly data). (Ryat, Laruence)
    . Fixed bug #71837 (Wrong arrays behaviour). (Laruence)
    . Fixed bug #71827 (substr_replace bug, string length). (krakjoe)
    . Fixed bug #67512 (php_crypt() crashes if crypt_r() does not exist or
      _REENTRANT is not defined). (Nikita)
    . Fixed bug #72116 (array_fill optimization breaks implementation). (Bob)

   - XML:
    . Fixed bug #72099 (xml_parse_into_struct segmentation fault). (Stas)

   - Zip:
    . Fixed bug #71923 (integer overflow in ZipArchive::getFrom*). (Stas)

Next | Query returned 4 messages, browsing 1 to 10 | previous