Navigation:
Browse pkgsrc
(this page) 2019-06-04 21:39:07 by S.P.Zeidler | Files touched by this commit (2) |  |
Log message:
Pullup ticket #5974 - requested by taca
lang/php72: security update
meta-pkgs/php72-extensions: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.259
- lang/php72/distinfo 1.41
- meta-pkgs/php72-extensions/Makefile 1.3
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Jun 1 15:33:52 UTC 2019
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php72: distinfo
Log message:
lang/php72: update to 7.2.19
Update php72 to 7.2.19.
30 May 2019, PHP 7.2.19
- EXIF:
. Fixed bug #77988 (heap-buffer-overflow on php_jpg_get16).
(CVE-2019-11040) (Stas)
- FPM:
. Fixed bug #77934 (php-fpm kill -USR2 not working). (Jakub Zelenka)
. Fixed bug #77921 (static.php.net doesn't work anymore). (Peter Kokot)
- GD:
. Fixed bug #77943 (imageantialias($image, false); does not work). (cmb)
. Fixed bug #77973 (Uninitialized read in gdImageCreateFromXbm).
(CVE-2019-11038) (cmb)
- Iconv:
. Fixed bug #78069 (Out-of-bounds read in iconv.c:_php_iconv_mime_decode()
due to integer overflow). (CVE-2019-11039). (maris dot adam)
- JSON:
. Fixed bug #77843 (Use after free with json serializer). (Nikita)
- Opcache:
. Fixed possible crashes, because of inconsistent PCRE cache and opcache
SHM reset. (Alexey Kalinin, Dmitry)
- PDO_MySQL:
. Fixed bug #77944 (Wrong meta pdo_type for bigint on LLP64). (cmb)
- Reflection:
. Fixed bug #75186 (Inconsistent reflection of Closure:::__invoke()). (Nikita)
- Session:
. Fixed bug #77911 (Wrong warning for session.sid_bits_per_character). (cmb)
- SPL:
. Fixed bug #77024 (SplFileObject::__toString() may return array). (Craig
Duncan)
- SQLite:
. Fixed bug #77967 (Bypassing open_basedir restrictions via file uris). (Stas)
To generate a diff of this commit:
cvs rdiff -u -r1.258 -r1.259 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.40 -r1.41 pkgsrc/lang/php72/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Jun 1 15:35:05 UTC 2019
Modified Files:
pkgsrc/meta-pkgs/php72-extensions: Makefile
Log message:
meta-pkgs/php72-extensions: reset PKGREVISION
Reset PKGREVISION along with update of lang/php72.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 pkgsrc/meta-pkgs/php72-extensions/Makefile
|
| 2019-05-14 07:17:31 by S.P.Zeidler | Files touched by this commit (1) | |
Log message:
Pullup ticket #5964 - requested by taca
lang/php72: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.255
- lang/php72/distinfo 1.40
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 2 13:43:38 UTC 2019
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php72: distinfo
Log message:
lang/php72: update to 7.2.18
Update php72 to update to 7.2.18.
02 May 2019, PHP 7.2.18
- CLI:
. Fixed bug #77794 (Incorrect Date header format in built-in server).
(kelunik)
- EXIF
. Fixed bug #77950 (Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG).
(CVE-2019-11036) (Stas)
- Interbase:
. Fixed bug #72175 (Impossibility of creating multiple connections to
Interbase with php 7.x). (Nikita)
- Intl:
. Fixed bug #77895 (IntlDateFormatter::create fails in strict mode if $locale
= null). (Nikita)
- litespeed:
. LiteSpeed SAPI 7.3.1, better process management, new API function
litespeed_finish_request(). (George Wang)
- Mail
. Fixed bug #77821 (Potential heap corruption in TSendMail()). (cmb)
- PCRE:
. Fixed bug #77827 (preg_match does not ignore \r in regex flags). (requinix,
cmb)
- PDO:
. Fixed bug #77849 (Disable cloning of PDO handle/connection objects).
(camporter)
- phpdbg:
. Fixed bug #76801 (too many open files). (alekitto)
. Fixed bug #77800 (phpdbg segfaults on listing some conditional breakpoints).
(krakjoe)
. Fixed bug #77805 (phpdbg build fails when readline is shared). (krakjoe)
- Reflection:
. Fixed bug #77772 (ReflectionClass::getMethods(null) doesn't work). (Nikita)
. Fixed bug #77882 (Different behavior: always calls destructor). (Nikita)
- Standard:
. Fixed bug #77680 (recursive mkdir on ftp stream wrapper is incorrect).
(Vlad Temian)
. Fixed bug #77844 (Crash due to null pointer in parse_ini_string with
INI_SCANNER_TYPED). (Nikita)
. Fixed bug #77853 (Inconsistent substr_compare behaviour with empty
haystack). (Nikita)
To generate a diff of this commit:
cvs rdiff -u -r1.254 -r1.255 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.39 -r1.40 pkgsrc/lang/php72/distinfo
|
| 2019-04-10 13:17:13 by Benny Siegert | Files touched by this commit (1) | |
Log message:
Pullup ticket #5937 - requested by taca
lang/php72: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.253
- lang/php72/distinfo 1.39
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Apr 7 16:31:08 UTC 2019
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php72: distinfo
Log message:
lang/php72: update to 7.2.17
04 Apr 2019, PHP 7.2.17
- Core:
. Fixed bug #77738 (Nullptr deref in zend_compile_expr). (Laruence)
. Fixed bug #77660 (Segmentation fault on break 2147483648). (Laruence)
. Fixed bug #77652 (Anonymous classes can lose their interface information).
(Nikita)
. Fixed bug #77676 (Unable to run tests when building shared extension on
AIX). (Kevin Adler)
- Bcmath:
. Fixed bug #77742 (bcpow() implementation related to gcc compiler
optimization). (Nikita)
- COM:
. Fixed bug #77578 (Crash when php unload). (cmb)
- Date:
. Fixed bug #50020 (DateInterval:createDateFromString() silently fails).
(Derick)
. Fixed bug #75113 (Added DatePeriod::getRecurrences() method). (Ignace
Nyamagana Butera)
- EXIF:
. Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s). (Stas)
. Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value). (Stas)
- FPM:
. Fixed bug #77677 (FPM fails to build on AIX due to missing WCOREDUMP).
(Kevin Adler)
- GD:
. Fixed bug #77700 (Writing truecolor images as GIF ignores interlace flag).
(cmb)
- MySQLi:
. Fixed bug #77597 (mysqli_fetch_field hangs scripts). (Nikita)
- Opcache:
. Fixed bug #77691 (Opcache passes wrong value for inline array push
assignments). (Nikita)
. Fixed bug #77743 (Incorrect pi node insertion for jmpznz with identical
successors). (Nikita)
- phpdbg:
. Fixed bug #77767 (phpdbg break cmd aliases listed in help do not match
actual aliases). (Miriam Lauter)
- sodium:
. Fixed bug #77646 (sign_detached() strings not terminated). (Frank)
- SQLite3:
. Added sqlite3.defensive INI directive. (BohwaZ)
- Standard:
. Fixed bug #77664 (Segmentation fault when using undefined constant in
custom wrapper). (Laruence)
. Fixed bug #77669 (Crash in extract() when overwriting extracted array).
(Nikita)
. Fixed bug #76717 (var_export() does not create a parsable value for
PHP_INT_MIN). (Nikita)
. Fixed bug #77765 (FTP stream wrapper should set the directory as
executable). (Vlad Temian)
|
New packages: