Next | Query returned 2 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2016-11-28 19:12:44 by Benny Siegert | Files touched by this commit (1)
Log message:
Pullup ticket #5158 - requested by taca
lang/php70: security fix

Revisions pulled up:
- lang/php70/distinfo                                           1.21

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Nov 12 15:38:29 UTC 2016

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php70: distinfo

   Log message:
   Update php70 to 7.0.13 (PHP 7.0.13), including security fix (as usual).

   10 Nov 2016 PHP 7.0.13

   - Core:
     . Fixed bug #73350 (Exception::__toString() cause circular references).
       (Laruence)
     . Fixed bug #73181 (parse_str() without a second argument leads to crash).
       (Nikita)
     . Fixed bug #66773 (Autoload with Opcache allows importing conflicting class
       name to namespace). (Nikita)
     . Fixed bug #66862 ((Sub-)Namespaces unexpected behaviour). (Nikita)
     . Fix pthreads detection when cross-compiling (ffontaine)
     . Fixed bug #73337 (try/catch not working with two exceptions inside a same
       operation). (Dmitry)
     . Fixed bug #73338 (Exception thrown from error handler causes valgrind
       warnings (and crashes)). (Bob, Dmitry)
     . Fixed bug #73329 ((Float)"Nano" == NAN). (Anatol)

   - GD:
     . Fixed bug #73213 (Integer overflow in imageline() with antialiasing). (cmb)
     . Fixed bug #73272 (imagescale() is not affected by, but affects
       imagesetinterpolation()). (cmb)
     . Fixed bug #73279 (Integer overflow in gdImageScaleBilinearPalette()). (cmb)
     . Fixed bug #73280 (Stack Buffer Overflow in GD dynamicGetbuf). (cmb)
     . Fixed bug #72482 (Ilegal write/read access caused by gdImageAALine
       overflow). (cmb)
     . Fixed bug #72696 (imagefilltoborder stackoverflow on truecolor images).
       (cmb)

   - IMAP:
     . Fixed bug #73418 (Integer Overflow in "_php_imap_mail" leads to \ 
crash).
       (Anatol)

   - OCI8
     . Fixed bug #71148 (Bind reference overwritten on PHP 7). (Oracle Corp.)

   - phpdbg:
     . Properly allow for stdin input from a file. (Bob)
     . Add -s command line option / stdin command for reading script from stdin.
       (Bob)
     . Ignore non-executable opcodes in line mode of phpdbg_end_oplog(). (Bob)
     . Fixed bug #70776 (Simple SIGINT does not have any effect with -rr). (Bob)
     . Fixed bug #71234 (INI files are loaded even invoked as -n --version). (Bob)

   - Session:
     . Fixed bug #73273 (session_unset() empties values from all variables in which
       is $_session stored). (Nikita)

   - SOAP:
     . Fixed bug #73037 (SoapServer reports Bad Request when gzipped). (Anatol)
     . Fixed bug #73237 (Nested object in "any" element overwrites \ 
other fields).
       (Keith Smiley)
     . Fixed bug #69137 (Peer verification fails when using a proxy with SoapClient)
       (Keith Smiley)

   - SQLite3:
     . Fixed bug #73333 (2147483647 is fetched as string). (cmb)

   - Standard:
     . Fixed bug #73203 (passing additional_parameters causes mail to fail). (cmb)
     . Fixed bug #71241 (array_replace_recursive sometimes mutates its parameters).
       (adsr)

   - Wddx:
     . Fixed bug #73331 (NULL Pointer Dereference in WDDX Packet Deserialization
       with PDORow). (Stas)
   2016-10-21 20:44:42 by Benny Siegert | Files touched by this commit (2) | Package updated
Log message:
Pullup ticket #5139 - requested by taca
lang/php70: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.160
- lang/php70/distinfo                                           1.20
- lang/php70/patches/patch-ext_pcre_pcrelib_config.h            1.3

---
   Module Name:	pkgsrc
   Committed By:	jdolecek
   Date:		Fri Oct 14 15:06:21 UTC 2016

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php70: distinfo
   	pkgsrc/lang/php70/patches: patch-ext_pcre_pcrelib_config.h

   Log message:
   Update php70 to 7.0.12

   Changes:

   Core:
     Fixed bug #73025 (Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c).
     Fixed bug #72703 (Out of bounds global memory read in BF_crypt triggered by \ 
password_verify).
     Fixed bug #73058 (crypt broken when salt is 'too' long).
     Fixed bug #69579 (Invalid free in extension trait).
     Fixed bug #73156 (segfault on undefined function).
     Fixed bug #73163 (PHP hangs if error handler throws while accessing undef \ 
const in default value).
     Fixed bug #73172 (parse error: Invalid numeric literal).
     Fixed for #73240 (Write out of bounds at number_format).
     Fixed bug #73147 (Use After Free in PHP7 unserialize()).
     Fixed bug #73189 (Memcpy negative size parameter php_resolve_path).
   BCmath:
     Fixed bug #73190 (memcpy negative parameter _bc_new_num_ex).
   COM:
     Fixed bug #73126 (Cannot pass parameter 1 by reference).
   Date:
     Fixed bug #73091 (Unserializing DateInterval object may lead to __toString \ 
invocation).
   DOM:
     Fixed bug #73150 (missing NULL check in dom_document_save_html).
   Filter:
     Fixed bug #72972 (Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and \ 
FILTER_FLAG_NO_PRIV_RANGE).
     Fixed bug #73054 (default option ignored when object passed to int filter).
   GD:
     Fixed bug #67325 (imagetruecolortopalette: white is duplicated in palette).
     Fixed bug #50194 (imagettftext broken on transparent background w/o \ 
alphablending).
     Fixed bug #73003 (Integer Overflow in gdImageWebpCtx of gd_webp.c).
     Fixed bug #53504 (imagettfbbox gives incorrect values for bounding box).
     Fixed bug #73157 (imagegd2() ignores 3rd param if 4 are given).
     Fixed bug #73155 (imagegd2() writes wrong chunk sizes on boundaries).
     Fixed bug #73159 (imagegd2(): unrecognized formats may result in corrupted \ 
files).
     Fixed bug #73161 (imagecreatefromgd2() may leak memory).
   Intl:
     Fixed bug #73218 (add mitigation for ICU int overflow).
   Mbstring:
     Fixed bug #66797 (mb_substr only takes 32-bit signed integer).
     Fixed bug #66964 (mb_convert_variables() cannot detect recursion).
     Fixed bug #72992 (mbstring.internal_encoding doesn't inherit default_charset).
   Mysqlnd:
     Fixed bug #72489 (PHP Crashes When Modifying Array Containing MySQLi Result \ 
Data).
   Opcache:
     Fixed bug #72982 (Memory leak in zend_accel_blacklist_update_regexp() function).
   OpenSSL:
     Fixed bug #73072 (Invalid path SNI_server_certs causes segfault).
     Fixed bug #73276 (crash in openssl_random_pseudo_bytes function).
     Fixed bug #73275 (crash in openssl_encrypt function).
   PCRE:
     Fixed bug #73121 (Bundled PCRE doesn't compile because JIT isn't supported \ 
on s390).
     Fixed bug #73174 (heap overflow in php_pcre_replace_impl).
   PDO_DBlib:
     Fixed bug #72414 (Never quote values as raw binary data).
     Allow \PDO::setAttribute() to set query timeouts.
     Handle SQLDECIMAL/SQLNUMERIC types, which are used by later TDS versions.
     Add common PDO test suite.
     Free error and message strings when cleaning up PDO instances.
     Fixed bug #67130 (\PDOStatement::nextRowset() should succeed when all rows \ 
in current rowset haven't been fetched).
     Ignore potentially misleading dberr values.
   phpdbg:
     Fixed bug #72996 (phpdbg_prompt.c undefined reference to DL_LOAD).
     Fixed next command not stopping when leaving function.
   Session:
     Fixed bug #68015 (Session does not report invalid uid for files save handler).
     Fixed bug #73100 (session_destroy null dereference in ps_files_path_create).
   SimpleXML:
     Fixed bug #73293 (NULL pointer dereference in SimpleXMLElement::asXML()).
   SOAP:
     Fixed bug #71711 (Soap Server Member variables reference bug).
     Fixed bug #71996 (Using references in arrays doesn't work like expected).
   SPL:
     Fixed bug #73257, Fixed bug #73258 (SplObjectStorage unserialize allows use \ 
of non-object as key).
   SQLite3:
     Updated bundled SQLite3 to 3.14.2.
   Zip:
     Fixed bug #70752 (Depacking with wrong password leaves 0 length files).

Next | Query returned 2 messages, browsing 1 to 10 | previous