Navigation:
Browse pkgsrc
(this page)| 2006-11-04 12:19:41 by Adrian Portelli | Files touched by this commit (3) |
Log message: Fix for CVE-2006-5465 from PHP CVS http://www.hardened-php.net/advisory_132006.138.html |
| 2006-11-03 08:00:40 by Thomas Klausner | Files touched by this commit (2) |
Log message: Fix build for php4-curl with curl-7.16.0, using same patch as for php5. |
| 2006-10-22 15:16:42 by Adrian Portelli | Files touched by this commit (3) |
Log message: Fix for CVE-2006-4625 Bump nb |
| 2006-10-21 00:10:34 by Jaromir Dolecek | Files touched by this commit (5) |
Log message: remove --enable-memory-limit - 8MB is too low, and this just duplicates process resource limits, which already provide necessary "safety net" protection against rogue scripts bump PKGREVISION for this adressess PR pkg/32007 by "pancake" also remove --enable-track-vars, since that configure argument is long gone from PHP |
| 2006-08-20 11:44:59 by Adrian Portelli | Files touched by this commit (3) |
Log message: PHP 4.4.4 Release Announcement This release address a series of locally exploitable security problems discovered since PHP 4.4.3. All PHP users are encouraged to upgrade to this release as soon as possible. This release provides the following security fixes: * Added missing safe_mode/open_basedir checks inside the error_log(), file_exists(), imap_open() and imap_reopen() functions. * Fixed overflows inside str_repeat() and wordwrap() functions on 64bit systems. * Fixed possible open_basedir/safe_mode bypass in cURL extension. * Fixed overflow in GD extension on invalid GIF images. * Fixed a buffer overflow inside sscanf() function. * Fixed memory_limit restriction on 64 bit system. |
| 2006-08-16 08:49:56 by Lubomir Sedlacik | Files touched by this commit (1) |
Log message: Add RCSid for better tracking. |
| 2006-08-11 01:01:40 by Adrian Portelli | Files touched by this commit (11) |
Log message: Update to 4.4.3 All PHP 4.x users are encouraged to upgrade to this release as soon as possible. The security issues resolved include the following: * Disallow certain characters in session names. * Fixed a buffer overflow inside the wordwrap() function. * Prevent jumps to parent directory via the 2nd parameter of the tempnam() function. * Improved safe_mode check for the error_log() function. * Fixed cross-site scripting inside the phpinfo() function. The release also includes about 20 bug fixes and an upgraded PCRE library (version 6.6). For a full list of changes in PHP 4.4.3, see the ChangeLog: http://www.php.net/ChangeLog-4.php#4.4.3 This also contains a fix for CVE-2006-4020 (SA21403) |
| 2006-07-18 23:26:17 by Adrian Portelli | Files touched by this commit (2) |
Log message: Replace an absolute path for sh Ride the previous nb bump |
| 2006-07-18 23:21:19 by Adrian Portelli | Files touched by this commit (5) |
Log message: Fix for CVE-2006-1990 Fix for CVE-2006-3011 Include our own pear.sh from the tarball but slightly hacked to get around memory isses on installation. |
| 2006-07-09 01:11:17 by Johnny C. Lam | Files touched by this commit (877) |
Log message: Change the format of BUILDLINK_ORDER to contain depth information as well, and add a new helper target and script, "show-buildlink3", that outputs a listing of the buildlink3.mk files included as well as the depth at which they are included. For example, "make show-buildlink3" in fonts/Xft2 displays: zlib fontconfig iconv zlib freetype2 expat freetype2 Xrender renderproto |
New packages: