Navigation:
Browse pkgsrc
(this page)| 2010-03-20 16:25:50 by Joerg Sonnenberger | Files touched by this commit (1) |
Log message: Limit packages to PHP80xa before 5.3 |
| 2010-03-16 17:03:22 by Takahiro Kambe | Files touched by this commit (1) |
Log message: Update description in comments. |
| 2010-03-04 16:36:04 by Takahiro Kambe | Files touched by this commit (3) |
Log message: Update suhosin patch for PHP 5.2.13. Bump PKGREVISION. |
| 2010-03-03 11:51:35 by Takahiro Kambe | Files touched by this commit (1) |
Log message: Re-enable suhosin option since there is no need to disable it. Noted by Volkmar Seifert and I misunderstood something. |
| 2010-03-03 03:15:16 by Takahiro Kambe | Files touched by this commit (2) |
Log message: Oops, previous patch's path was wrong and corrected now. |
| 2010-03-03 03:01:40 by Takahiro Kambe | Files touched by this commit (2) |
Log message: Fix php-gmp build problem with gmp-5.0.1 and later refering http://svn.php.net/viewvc?view=revision&revision=295402. No PKGREVISION bump since it is only build problem fix. |
| 2010-02-27 04:25:17 by Takahiro Kambe | Files touched by this commit (4) |
Log message: Update php5 package to 5.2.13. 25 Feb 2010, PHP 5.2.13 - Updated timezone database to version 2010.2. (Derick) - Upgraded bundled PCRE to version 7.9. (Ilia) - Removed automatic file descriptor unlocking happening on shutdown and/or stream close (on all OSes excluding Windows). (Tony, Ilia) - Changed tidyNode class to disallow manual node creation. (Pierrick) - Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL. (Ilia) - Improved LCG entropy. (Rasmus, Samy Kamkar) - Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen) - Fixed a possible open_basedir/safe_mode bypass in session extension identified by Grzegorz Stachowiak. (Ilia) - Fixed bug in bundled libgd causing spurious horizontal lines drawn by gdImageFilledPolygon (libgd #100). (Takeshi Abe) - Fixed build of mysqli with MySQL 5.5.0-m2. (Andrey) - Fixed bug #50940 Custom content-length set incorrectly in Apache sapis. (Brian France, Rasmus) - Fixed bug #50930 (Wrong date by php_date.c patch with ancient gcc/glibc versions). (Derick) - Fixed bug #50859 (build fails with openssl 1.0 due to md2 deprecation). (Ilia, hanno at hboeck dot de) - Fixed bug #50847 (strip_tags() removes all tags greater then 1023 bytes long). (Ilia) - Fixed bug #50832 (HTTP fopen wrapper does not support passwordless HTTP authentication). (Jani) - Fixed bug #50823 (ReflectionFunction::isDeprecated producing "cannot be called statically" error). (Jani, Felipe) - Fixed bug #50791 (Compile failure: Bad logic in defining fopencookie emulation). (Jani) - Fixed bug #50787 (stream_set_write_buffer() has no effect on socket streams). (vnegrier at optilian dot com, Ilia) - Fixed bug #50772 (mysqli constructor without parameters does not return a working mysqli object). (Andrey) - Fixed bug #50761 (system.multiCall crashes in xmlrpc extension). (hiroaki dot kawai at gmail dot com, Ilia) - Fixed bug #50732 (exec() adds single byte twice to $output array). (Ilia) - Fixed bug #50728 (All PDOExceptions hardcode 'code' property to 0). (Joey, Ilia) - Fixed bug #50727 (Accessing mysqli->affected_rows on no connection causes segfault). (Andrey, Johannes) - Fixed bug #50680 (strtotime() does not support eighth ordinal number). (Ilia) - Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob) - Fixed bug #50657 (copy() with an empty (zero-byte) HTTP source succeeds but returns false). (Ilia) - Fixed bug #50636 (MySQLi_Result sets values before calling constructor). (Pierrick) - Fixed bug #50632 (filter_input() does not return default value if the variable does not exist). (Ilia) - Fixed bug #50576 (XML_OPTION_SKIP_TAGSTART option has no effect). (Pierrick) - Fixed bug #50575 (PDO_PGSQL LOBs are not compatible with PostgreSQL 8.5). (Matteo) - Fixed bug #50558 (Broken object model when extending tidy). (Pierrick) - Fixed bug #50540 (Crash while running ldap_next_reference test cases). (Sriram) - Fixed bug #50508 (compile failure: Conflicting HEADER type declarations). (Jani) - Fixed bug #50394 (Reference argument converted to value in __call). (Stas) - Fixed bug #49851 (http wrapper breaks on 1024 char long headers). (Ilia) - Fixed bug #49600 (imageTTFText text shifted right). (Takeshi Abe) - Fixed bug #49585 (date_format buffer not long enough for >4 digit years). (Derick, Adam) - Fixed bug #49463 (setAttributeNS fails setting default namespace). (Rob) - Fixed bug #48667 (Implementing Iterator and IteratorAggregate). (Etienne) - Fixed bug #48590 (SoapClient does not honor max_redirects). (Sriram) - Fixed bug #48190 (Content-type parameter "boundary" is not \ case-insensitive in HTTP uploads). (Ilia) - Fixed bug #47601 (defined() requires class to exist when testing for class constants). (Ilia) - Fixed bug #47409 (extract() problem with array containing word "this"). (Ilia, chrisstocktonaz at gmail dot com) - Fixed bug #47002 (Field truncation when reading from dbase dbs with more then 1024 fields). (Ilia, sjoerd-php at linuxonly dot nl) - Fixed bug #45599 (strip_tags() truncates rest of string with invalid attribute). (Ilia, hradtke) - Fixed bug #44827 (define() allows :: in constant names). (Ilia) |
| 2010-02-05 13:15:47 by OBATA Akio | Files touched by this commit (2) |
Log message: Suhosin patch for php-5.2.12 is available now. Noticed by Volkmar Seifert via PR#42749. |
2010-01-17 13:02:58 by Thomas Klausner | Files touched by this commit (724) |  |
Log message: Recursive PKGREVISION bump for jpeg update to 8. |
| 2009-12-23 08:07:35 by Takahiro Kambe | Files touched by this commit (12) | |
Log message: Update lang/php5 to 5.2.12, security update. Security Enhancements and Fixes in PHP 5.2.12: * Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus) * Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus) * Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion, identified by Bogdan Calin. (CVE-2009-4017, Ilia) * Added protection for $_SESSION from interrupt corruption and improved "session.save_path" check, identified by Stefan Esser. (CVE-2009-4143, Stas) * Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com) Key enhancements in PHP 5.2.12 include: * Fixed unnecessary invocation of setitimer when timeouts have been disabled. (Arvind Srinivasan) * Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre) * Fixed crash in SQLiteDatabase::ArrayQuery() and SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe) * Fixed crash when instantiating PDORow and PDOStatement through Reflection. (Felipe) * Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe) * Fixed bug #50207 (segmentation fault when concatenating very large strings on 64bit linux). (Ilia) * Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle database). (Felipe) * Fixed bug #50006 (Segfault caused by uksort()). (Felipe) * Fixed bug #50005 (Throwing through Reflection modified Exception object makes segmentation fault). (Felipe) * Fixed bug #49174 (crash when extending PDOStatement and trying to set queryString property). (Felipe) * Fixed bug #49098 (mysqli segfault on error). (Rasmus) * Over 50 other bug fixes. |
New packages: