Next | Query returned 2 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2021-11-23 23:47:05 by Thomas Merkel | Files touched by this commit (2)
Log message:
Pullup ticket #6541 - requested by taca
lang/php74: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.345
- lang/php74/distinfo                                           1.33
- lang/php74/patches/patch-ext_intl_breakiterator_codepointiterator__internal.cpp 1.3

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Nov 19 14:26:29 UTC 2021

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php74: distinfo
   	pkgsrc/lang/php74/patches:
   	    patch-ext_intl_breakiterator_codepointiterator__internal.cpp

   Log message:
   lang/php74: udpate to 7.4.26

   This release contains security fix.

   18 Nov 2021, PHP 7.4.26

   - Core:
     . Fixed bug #81518 (Header injection via default_mimetype / default_charset).
       (cmb)

   - Date:
     . Fixed bug #81500 (Interval serialization regression since 7.3.14 / 7.4.2).
       (cmb)

   - MBString:
     . Fixed bug #76167 (mbstring may use pointer from some previous request).
       (cmb, cataphract)

   - MySQLi:
     . Fixed bug #81494 (Stopped unbuffered query does not throw error). (Nikita)

   - PCRE:
     . Fixed bug #81424 (PCRE2 10.35 JIT performance regression). (cmb)

   - Streams:
     . Fixed bug #54340 (Memory corruption with user_filter). (Nikita)

   - XML:
     . Fixed bug #79971 (special character is breaking the path in xml function).
       (CVE-2021-21707) (cmb)
   2021-11-02 19:20:51 by Thomas Merkel | Files touched by this commit (1) | Package updated
Log message:
Pullup ticket #6527 - requested by taca
lang/php74: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.343
- lang/php74/distinfo                                           1.31

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Oct 22 15:14:24 UTC 2021

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php74: distinfo

   Log message:
   lang/php74: update to 7.4.25

   This is a security fix release.

   21 Oct 2021, PHP 7.4.25

   - DOM:
     . Fixed bug #81433 (DOMElement::setIdAttribute() called twice may remove ID).
       (Viktor Volkov)

   - FFI:
     . Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not
       defined). (Dmitry)

   - Fileinfo:
     . Fixed bug #78987 (High memory usage during encoding detection). (Anatol)

   - Filter:
     . Fixed bug #61700 (FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing).
       (cmb, Nikita)

   - FPM:
     . Fixed bug #81026 (PHP-FPM oob R/W in root process leading to privilege
       escalation) (CVE-2021-21703). (Jakub Zelenka)

   - SPL:
     . Fixed bug #80663 (Recursive SplFixedArray::setSize() may cause double-free).
       (cmb, Nikita, Tyson Andre)

   - Streams:
     . Fixed bug #81475 (stream_isatty emits warning with attached stream wrapper).
       (cmb)

   - XML:
     . Fixed bug #70962 (XML_OPTION_SKIP_WHITE strips embedded whitespace).
       (Aliaksandr Bystry, cmb)

   - Zip:
     . Fixed bug #81490 (ZipArchive::extractTo() may leak memory). (cmb, Remi)
     . Fixed bug #77978 (Dirname ending in colon unzips to wrong dir). (cmb)

Next | Query returned 2 messages, browsing 1 to 10 | previous