Log message:
Update patches for png-1.5.

Log message:
Update php5 pacakge to 5.2.17.

* patch-ab (Fix VAX floating point handling) is merge to PHP 5.2.17.

06 Jan 2010, PHP 5.2.17
- Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott,
  Rasmus)

Log message:
Fix VAX floating point handling in zend_strtod.c.

Log message:
Update php5 pacakge to 5.2.16:

PHP 5.2.16 Released!

The PHP development team would like to announce the immediate availability of
PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of
PHP 5.2 are encouraged to upgrade to PHP 5.3.

This release focuses on addressing a regression in open_basedir implementation
introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data
retrieval when the server is down. All users who have upgraded to 5.2.15 and
are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or
5.3.4.

To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
migration guide available on http://php.net/migration53, details the changes
between PHP 5.2 and PHP 5.3.

For a full list of changes in PHP 5.2.16 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.16.

ChangeLog:

Version 5.2.16

16-Dec-2010

* Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is
  down). (gyp at balabit dot hu)
* Fixed bug #53516 (Regression in open_basedir handling). (Ilia)

Log message:
Update php5 package to 5.2.15 (PHP 5.2.15):

The PHP development team would like to announce the immediate
availability of PHP 5.2.15. This release marks the end of support for
PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.

This release focuses on improving the security and stability of the
PHP 5.2.x branch with a small number, of predominatly security fixes.

Security Enhancements and Fixes in PHP 5.2.15:

* Fixed extract() to do not overwrite $GLOBALS and $this when using
  EXTR_OVERWRITE.
* Fixed crash in zip extract method (possible CWE-170).
* Fixed a possible double free in imap extension.
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed NULL pointer dereference in
  ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
  large amount of data).

Key enhancements in PHP 5.2.15 include:

* Fixed bug #47643 (array_diff() takes over 3000 times longer than php
  5.2.4).
* Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy
  with SoapClient object).
* To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
  migration guide available on http://php.net/migration53, details the changes
  between PHP 5.2 and PHP 5.3.

For a full list of changes in PHP 5.2.15 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.15.

Log message:
- CVE-2010-4150 (php-imap)
	http://svn.php.net/viewvc?view=revision&revision=305032
- CVE-2010-3710 (a part of SA41724)
	http://svn.php.net/viewvc?view=revision&revision=303885
- CVE-2010-3870 (a part of SA41724)
	http://svn.php.net/viewvc?view=revision&revision=305055

Bump PKGREVISION.

Log message:
ABI is also restricted to <5.3

Log message:
Update "php5" package to version 5.2.14. Changes since version 5.2.13:
- Reverted bug fix #49521 (PDO fetchObject sets values before calling
  constructor). (Felipe)
- Updated timezone database to version 2010.5. (Derick)
- Upgraded bundled PCRE to version 8.02. (Ilia)
- Rewrote var_export() to use smart_str rather than output buffering, prevents
  data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)
- Fixed a possible interruption array leak in strrchr(). Reported by
  Péter Veres. (CVE-2010-2484) (Felipe)
- Fixed a possible interruption array leak in strchr(), strstr(), substr(),
  chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
- Fixed a possible memory corruption in substr_replace() (Dmitry)
- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
- Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
  Esser (Ilia)
- Reset error state in PDO::beginTransaction() reset error state. (Ilia)
- Fixed a NULL pointer dereference when processing invalid XML-RPC
  requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
- Fixed handling of session variable serialization on certain prefix
  characters. Reported by Stefan Esser (Ilia)
- Fixed a possible arbitrary memory access inside sqlite extension. Reported
  by Mateusz Kocielski. (Ilia)
- Fixed a crash when calling an inexistent method of a class that inherits
  PDOStatement if instantiated directly instead of doing by the PDO methods.
  (Felipe)
- Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64
  bit)). (Adam)
- Fixed bug #52238 (Crash when an Exception occured in iterator_to_array).
  (Johannes)
- Fixed bug #52237 (Crash when passing the reference of the property of a
  non-object). (Dmitry)
- Fixed bug #52163 (SplFileObject::fgetss() fails due to parameter that can't
  be set). (Felipe)
- Fixed bug #52162 (custom request header variables with numbers are removed).
  (Sriram Natarajan)
- Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe)
- Fixed bug #52061 (memory_limit above 2G). (Felipe)
- Fixed bug #52041 (Memory leak when writing on uninitialized variable returned
  from function). (Dmitry)
- Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at
  debian dot org, Kalle)
- Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick)
- Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command).
  (Ilia, Felipe)
- Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle,
  coreystup at gmail dot com)
- Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with
  constant array). (Felipe)
- Fixed bug #51905 (ReflectionParameter fails if default value is an array
  with an access to self::). (Felipe)
- Fixed bug #51822 (Segfault with strange __destruct() for static class
  variables). (Dmitry)
- Fixed bug #51671 (imagefill does not work correctly for small images).
  (Pierre)
- Fixed bug #51670 (getColumnMeta causes segfault when re-executing query
  after calling nextRowset). (Pierrick)
- Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading).
  (Pierre)
- Fixed bug #51617 (PDO PGSQL still broken against PostGreSQL < 7.4).
  (Felipe, wdierkes at 5dollarwhitebox dot org)
- Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe)
- Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter).
  (Felipe)
- Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string
  literal). (cbandy at jbandy dot com)
- Fixed bug #51607 (pg_copy_from does not allow schema in the tablename
  argument). (cbandy at jbandy dot com)
- Fixed bug #51604 (newline in end of header is shown in start of message).
  (Daniel Egeberg)
- Fixed bug #51562 (query timeout in mssql can not be changed per query).
  (ejsmont dot artur at gmail dot com)
- Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory
  issues). (Dmitry)
- Fixed bug #51532 (Wrong prototype for SplFileObject::fscanf()). (Etienne)
- Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe)
- Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains
  timezone). (Adam)
- Fixed bug #51374 (Wrongly initialized object properties). (Etienne)
- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
  on). (Ilia, j dot jeising at gmail dot com)
- Fixed bug #51273 (Faultstring property does not exist when the faultstring is
  empty) (Ilia, dennis at transip dot nl)
- Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
- Fixed bug #51263 (imagettftext and rotated text uses wrong baseline)
  (cschneid at cschneid dot com, Takeshi Abe)
- Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)
- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia,
  alexr at oplot dot com)
- Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that
  includes '-'). (Adam, solar at azrael dot ws).
- Fixed bug #51190 (ftp_put() returns false when transfer was successful).
  (Ilia)
- Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio).
  (Sriram Natarajan)
- Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when
  an invalid option is provided). (Ilia)
- Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre)
- Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones)
- Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris
  Jones)
- Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4).
  (Raphael Geissert)
- Fixed bug #50762 (in WSDL mode Soap Header handler function only being called
  if defined in WSDL). (mephius at gmail dot com)
- Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable
  endpoints). (Justin Dearing)
- Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not
  include file and line in trace). (Felipe)
- Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe)
- Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne)
- Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus)
- Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe)
- Fixed bug #49267 (Linking fails for iconv). (Moriyosh)
- Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob)
- Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken).
  (Adam, patch from hiroaki dot kawai at gmail dot com).
- Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus)
- Fixed bug #33210 (getimagesize() fails to detect width/height on certain
  JPEGs). (Ilia)
- Fixed bug #23229 (syslog() truncates messages). (Adam)

Log message:
Bump PKGREVISION for libpng shlib name change.
Also add some patches to remove use of deprecated symbols and fix other
problems when looking for or compiling against libpng-1.4.x.

Log message:
Add patch for php-xmlrpc to fix CVE-2010-0397 security problem.
These patch are created from r296152 and r296153 from svn from PHP.