Next | Query returned 70 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:


   2016-09-11 19:00:31 by Takahiro Kambe | Files touched by this commit (32) | Package removed
Log message:
Remove php55 pacakge from pkgsrc since it is EOL on 21 Jul 2016.
   2016-08-13 19:34:41 by Takahiro Kambe | Files touched by this commit (10)
Log message:
* Switch to use external gd (graphics/gd package).
* Use the same PKG_OPTIONS as graphics/gd.

Bump PKGREVISION of php-gd.
   2016-07-24 15:38:54 by Jaromir Dolecek | Files touched by this commit (2)
Log message:
add patch for ext/recode/recode.c also for php55
   2016-07-24 04:15:16 by Takahiro Kambe | Files touched by this commit (1)
Log message:
Update php55 to 5.5.38 (PHP 5.5.38).

Quote from release note:

Note that according to our release schedule, PHP 5.5.38 is the last release
of the PHP 5.5 branch. There may be additional release if we discover
important security issues that warrant it, otherwise this release will be
the final one in the PHP 5.5 branch. If your PHP installation is based on
PHP 5.5, it may be a good time to start making the plans for the upgrade to
PHP 5.6 or PHP 7.0.

21 Jul 2016, PHP 5.5.38

- BZip2:
   . Fixed bug #72613 (Inadequate error handling in bzread()). (Stas)

- Core:
   . Fixed bug #70480 (php_url_parse_ex() buffer overflow read). (Stas)
   . Fixed bug #72513 (Stack-based buffer overflow vulnerability in
     virtual_file_ex). (loianhtuan at gmail dot com)
   . Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session
     Deserialization). (taoguangchen at icloud dot com)
   . Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and
     applications). (CVE-2016-5385) (Stas)

- EXIF:
   . Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).
     (Stas)
   . Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).
     (Stas)

- GD:
   . Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read
     access). (Pierre)
   . Fixed bug #72519 (imagegif/output out-of-bounds access). (Pierre)
   . Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).
     (CVE-2016-6207) (Pierre)

- Intl:
   . Fixed bug #72533 (locale_accept_from_http out-of-bounds access). (Stas)

- ODBC:
   . Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns)

- SNMP:
   . Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and
     unserialize()). (taoguangchen at icloud dot com)

- Xmlrpc:
   . Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn \ 
simplestring.c).
     (Stas)

- Zip:
   . Fixed bug #72520 (Stack-based buffer overflow vulnerability in
     php_stream_zip_opener). (loianhtuan at gmail dot com)
   2016-06-24 17:23:00 by Takahiro Kambe | Files touched by this commit (2)
Log message:
Update php55 to 5.5.37 (PHP 5.5.37), including security fixes.

pkgsrc change: remove confiugre from SUBST_FILES.path.

23 Jun 2016, PHP 5.5.37

- Core:
  . Fixed bug #72268 (Integer Overflow in nl2br()). (Stas)
  . Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/
    json_utf8_to_utf16()). (Stas)
  . Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Stas)
  . Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL). (Stas)

- GD:
  . Fixed bug #66387 (Stack overflow with imagefilltoborder) (CVE-2015-8874).
    (cmb)
  . Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas)
  . Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in
    heap overflow). (Pierre)
  . Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas)
  . Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting
    in heap overflow). (Pierre)

- mbstring:
   . Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas)

- mcrypt:
   . Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)

- SPL:
  . Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (Stas)
  . Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and
    unserialize). (Dmitry)

- WDDX:
  . Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (Stas)

- zip:
  . Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC
    algorithm and unserialize). (Dmitry)
   2016-05-27 15:25:44 by Takahiro Kambe | Files touched by this commit (1)
Log message:
Update php55 to 5.5.36 (PHP 5.5.36), including security fix.

26 May 2016, PHP 5.5.36

- Core:
  . Fixed bug #72114 (Integer underflow / arbitrary null write in
    fread/gzread). (Stas)
  . Fixed bug #72135 (Integer Overflow in php_html_entities). (Stas)

- GD:
   . Fixed bug #72227 (imagescale out-of-bounds read). (Stas)

- Intl:
   . Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (Stas)

- Phar:
  . Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()).
    (CVE-2016-4343) (Stas)
   2016-05-02 15:06:21 by Takahiro Kambe | Files touched by this commit (2)
Log message:
Update php55 to 5.5.35.

pkgsrc change: Fix build problem on Linux noted by Matthias Ferdinand on
pkgsrc-users@.

28 Apr 2016, PHP 5.5.35

- BCMath:
  . Fix bug #72093 (bcpowmod accepts negative scale and corrupts _one_
    definition). (Stas)

- Exif:
  . Fix bug #72094 (Out of bounds heap read access in exif header
    processing). (Stas)

- GD:
  . Fix bug #71912 (libgd: signedness vulnerability). (Stas)

- Intl:
  . Fix bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative
    offset). (Stas)

- XML:
  . Fix bug #72099 (xml_parse_into_struct segmentation fault). (Stas)
   2016-04-02 10:59:24 by Takahiro Kambe | Files touched by this commit (3)
Log message:
Update php55 to 5.5.34, including security fix.
Add add an patch to fix memory leak noted from Zafer Aydo«»an via
private mail.

31 Mar 2016, PHP 5.5.34

- Fileinfo:
  . Fixed bug #71527 (Buffer over-write in finfo_open with malformed magic
    file). (Anatol)

- Mbstring:
  . Fixed bug #71906 (AddressSanitizer: negative-size-param (-1) in
    mbfl_strcut). (Stas)

- OBBC
  . Fixed bug #71860 (Invalid memory write in phar on filename with \0 in
    name). (Stas)

- SNMP:
  . Fixed bug #71704 (php_snmp_error() Format String Vulnerability).
    (andrew at jmpesp dot org)

- Standard
  . Fixed bug #71798 (Integer Overflow in php_raw_url_encode).
    (taoguangchen at icloud dot com, Stas)
   2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813)
Log message:
Bump PKGREVISION for security/openssl ABI bump.
   2016-03-05 06:17:33 by Takahiro Kambe | Files touched by this commit (1)
Log message:
Update php55 to 5.5.33, security fixes.

03 Mar 2016, PHP 5.5.33

- Phar:
  . Fixed bug #71498 (Out-of-Bound Read in phar_parse_zipfile()). (Stas)

- WDDX:
  . Fixed bug #71587 (Use-After-Free / Double-Free in WDDX Deserialize). (Stas)

Next | Query returned 70 messages, browsing 1 to 10 | Previous