Navigation:
Browse pkgsrc
(this page) 2019-09-10 19:56:00 by Benny Siegert | Files touched by this commit (1) |  |
Log message:
Pullup ticket #6044 - requested by taca
lang/php73: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.267
- lang/php73/distinfo 1.11
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Sep 1 13:03:17 UTC 2019
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php73: distinfo
Log message:
lag/php73: update to 7.3.9
29 Aug 2019, PHP 7.3.9
- Core:
. Fixed bug #78363 (Buffer overflow in zendparse). (Nikita)
. Fixed bug #78379 (Cast to object confuses GC, causes crash). (Dmitry)
. Fixed bug #78412 (Generator incorrectly reports non-releasable $this as GC
child). (Nikita)
- Curl:
. Fixed bug #77946 (Bad cURL resources returned by curl_multi_info_read()).
(Abyr Valg)
- Exif:
. Fixed bug #78333 (Exif crash (bus error) due to wrong alignment and
invalid cast). (Nikita)
- FPM:
. Fixed bug #77185 (Use-after-free in FPM master event handling).
(Maksim Nikulin)
- Iconv:
. Fixed bug #78342 (Bus error in configure test for iconv //IGNORE). (Rainer
Jung)
- LiteSpeed:
. Updated to LiteSpeed SAPI V7.5 (Fixed clean shutdown). (George Wang)
- MBString:
. Fixed bug #78380 (Oniguruma 6.9.3 fixes CVEs). (CVE-2019-13224) (Stas)
- MySQLnd:
. Fixed bug #78179 (MariaDB server version incorrectly detected). (cmb)
. Fixed bug #78213 (Empty row pocket). (cmb)
- Opcache:
. Fixed bug #77191 (Assertion failure in dce_live_ranges() when silencing is
used). (Nikita)
- Standard:
. Fixed bug #69100 (Bus error from stream_copy_to_stream (file -> SSL stream)
with invalid length). (Nikita)
. Fixed bug #78282 (atime and mtime mismatch). (cmb)
. Fixed bug #78326 (improper memory deallocation on stream_get_contents()
with fixed length buffer). (Albert Casademont)
. Fixed bug #78346 (strip_tags no longer handling nested php tags). (cmb)
|
| 2019-08-10 14:07:22 by Benny Siegert | Files touched by this commit (1) | |
Log message:
Pullup ticket #6020 - requested by taca
lang/php73: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.262-1.263
- lang/php73/distinfo 1.9-1.10
---
Module Name: pkgsrc
Committed By: taca
Date: Mon Jul 8 13:20:29 UTC 2019
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php73: distinfo
Log message:
lang/php73: update to 7.3.7
Update php73 to 7.3.7.
04 Jul 2019, PHP 7.3.7
- Core:
. Fixed bug #76980 (Interface gets skipped if autoloader throws an exception).
(Nikita)
- DOM:
. Fixed bug #78025 (segfault when accessing properties of DOMDocumentType).
(cmb)
- MySQLi:
. Fixed bug #77956 (When mysqli.allow_local_infile = Off, use a meaningful
error message). (Sjon Hortensius)
. Fixed bug #38546 (bindParam incorrect processing of bool types).
(camporter)
- MySQLnd:
. Fixed bug #77955 (Random segmentation fault in mysqlnd from php-fpm).
(Nikita)
- Opcache:
. Fixed bug #78015 (Incorrect evaluation of expressions involving partials
arrays in SCCP). (Nikita)
. Fixed bug #78106 (Path resolution fails if opcache disabled during request).
(Nikita)
- OpenSSL:
. Fixed bug #78079 (openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c).
(Jakub Zelenka)
- phpdbg:
. Fixed bug #78050 (SegFault phpdbg + opcache on include file twice).
(Nikita)
- Sockets:
. Fixed bug #78038 (Socket_select fails when resource array contains
references). (Nikita)
- Sodium:
. Fixed bug #78114 (segfault when calling sodium_* functions from eval). (cmb)
- Standard:
. Fixed bug #77135 (Extract with EXTR_SKIP should skip $this).
(Craig Duncan, Dmitry)
. Fixed bug ##77937 (preg_match failed). (cmb, Anatol)
- Zip:
. Fixed bug #76345 (zip.h not found). (Michael Maroszek)
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 1 14:14:04 UTC 2019
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php73: distinfo
Log message:
lang/php73: update to 7.3.8
01 Aug 2019, PHP 7.3.8
- Core:
. Added syslog.filter=raw option. (Erik Lundin)
. Fixed bug #78212 (Segfault in built-in webserver). (cmb)
- Date:
. Fixed bug #69044 (discrepency between time and microtime). (krakjoe)
. Updated timelib to 2018.02. (Derick)
- EXIF:
. Fixed bug #78256 (heap-buffer-overflow on exif_process_user_comment).
(CVE-2019-11042) (Stas)
. Fixed bug #78222 (heap-buffer-overflow on exif_scan_thumbnail).
(CVE-2019-11041) (Stas)
- FTP:
. Fixed bug #78039 (FTP with SSL memory leak). (Nikita)
- Libxml:
. Fixed bug #78279 (libxml_disable_entity_loader settings is shared between
requests (cgi-fcgi)). (Nikita)
- LiteSpeed:
. Updated to LiteSpeed SAPI V7.4.3 (increased response header count limit from
100 to 1000, added crash handler to cleanly shutdown PHP request, added
CloudLinux mod_lsapi mode). (George Wang)
. Fixed bug #76058 (After "POST data can't be buffered", using \
php://input
makes huge tmp files). (George Wang)
- Openssl:
. Fixed bug #78231 (Segmentation fault upon stream_socket_accept of exported
socket-to-stream). (Nikita)
- Opcache:
. Fixed bug #78341 (Failure to detect smart branch in DFA pass). (Nikita)
. Fixed bug #78189 (file cache strips last character of uname hash). (cmb)
. Fixed bug #78202 (Opcache stats for cache hits are capped at 32bit NUM).
(cmb)
. Fixed bug #78271 (Invalid result of if-else). (Nikita)
. Fixed bug #78291 (opcache_get_configuration doesn't list all directives).
(Andrew Collington)
- PCRE:
. Fixed bug #78338 (Array cross-border reading in PCRE). (cmb)
. Fixed bug #78197 (PCRE2 version check in configure fails for \
"##.##-xxx"
version strings). (pgnet, Peter Kokot)
- PDO_Sqlite:
. Fixed bug #78192 (SegFault when reuse statement after schema has changed).
(Vincent Quatrevieux)
- Phar:
. Fixed bug #77919 (Potential UAF in Phar RSHUTDOWN). (cmb)
- Phpdbg:
. Fixed bug #78297 (Include unexistent file memory leak). (Nikita)
- SQLite:
. Upgraded to SQLite 3.28.0. (cmb)
- Standard:
. Fixed bug #78241 (touch() does not handle dates after 2038 in PHP \
64-bit). (cmb)
. Fixed bug #78269 (password_hash uses weak options for argon2). (Remi)
|
New packages: