Navigation:
Browse pkgsrc
(this page)| 2007-05-06 22:07:37 by Adrian Portelli | Files touched by this commit (5) |
Log message: Update 5.2.2 * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) * Added missing open_basedir & safe_mode checks to zip:// and bzip:// wrappers. (MOPB-21 by Stefan Esser). * Limit nesting level of input variables with max_input_nesting_level as fix for (MOPB-03 by Stefan Esser) * Fixed CRLF injection inside ftp_putcmd(). (by loveshell[at]Bug.Center.Team) * Fixed a possible super-global overwrite inside import_request_variables(). (by Stefano Di Paola, Stefan Esser) * Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc library. (by Stanislav Malyshev) * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) * Fixed substr_compare and substr_count information leak (MOPB-14 by Stefan Esser) (Stas, Ilia) * Fixed a remotely trigger-able buffer overflow inside make_http_soap_request() (by Ilia Alshanetsky) * Fixed a buffer overflow inside user_filter_factory_create(). (by Ilia Alshanetsky) |
| 2007-05-06 15:08:34 by Matthias Scheler | Files touched by this commit (5) |
Log message: Add security fix for CVE-2007-1001 to "php4-gd" and \ "php5-gd" packages. Bump package revision. |
| 2007-05-05 23:45:12 by Adrian Portelli | Files touched by this commit (4) |
Log message: Remove PEAR from the default PHP install |
| 2007-04-29 14:30:18 by Takahiro Kambe | Files touched by this commit (2) |
Log message: Remove first hunk which contains RCS Id only from patch-ab. |
| 2007-04-29 00:05:51 by Stephen Borrill | Files touched by this commit (3) |
Log message: Patch to fix PHP bug #40326 (cannot open file from cwd if parent folder not readable). Patch will be in 5.2.2, so this patch can be removed once it has been released. |
| 2007-04-08 12:49:21 by Geert Hendrickx | Files touched by this commit (1) |
Log message: Fix reference to ap-php package, from PR#35927. |
| 2007-02-25 21:05:11 by Jaromir Dolecek | Files touched by this commit (2) |
Log message: put back openssl extension, mistakely commented out in PHP 5.2.1 upgrade noted by Manuel Bouyer |
| 2007-02-22 20:30:06 by Thomas Klausner | Files touched by this commit (33) |
Log message: pkglint USE_LANGUAGES cleanup. Patch from Sergey Svishchev. |
2007-02-22 20:01:28 by Thomas Klausner | Files touched by this commit (134) |  |
Log message: pkglint cleanup; update HOMEPAGE/MASTER_SITES. |
| 2007-02-20 21:46:20 by Jaromir Dolecek | Files touched by this commit (7) |
Log message: Update PHP5 to 5.2.1. Includes several important security fixes and large number of other fixes. Update for all users is strongly advised. |
New packages: