Navigation:
Browse pkgsrc
(this page) 2019-01-19 22:44:08 by Benny Siegert | Files touched by this commit (2) |  |
Log message:
Pullup ticket #5897 - requested by taca
lang/php72: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.243
- lang/php72/Makefile 1.16
- lang/php72/distinfo 1.35
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jan 12 14:59:03 UTC 2019
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php72: Makefile distinfo
Log message:
lang/php72: update to 7.2.14
10 Jan 2019, PHP 7.2.14
- Core:
. Fixed bug #77369 (memcpy with negative length via crafted DNS response). \
(Stas)
. Fixed bug #71041 (zend_signal_startup() needs ZEND_API).
(Valentin V. Bartenev)
. Fixed bug #76046 (PHP generates "FE_FREE" opcode on the wrong line).
(Nikita)
- COM:
. Fixed bug #77177 (Serializing or unserializing COM objects crashes). (cmb)
- Date:
. Fixed bug #77097 (DateTime::diff gives wrong diff when the actual diff is
less than 1 second). (Derick)
- Exif:
. Fixed bug #77184 (Unsigned rational numbers are written out as signed
rationals). (Colin Basnett)
- GD:
. Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to
use-after-free). (cmb)
. Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). (cmb)
. Fixed bug #77195 (Incorrect error handling of imagecreatefromjpeg()). (cmb)
. Fixed bug #77198 (auto cropping has insufficient precision). (cmb)
. Fixed bug #77200 (imagecropauto(…, GD_CROP_SIDES) crops left but \
not right).
(cmb)
- IMAP:
. Fixed bug #77020 (null pointer dereference in imap_mail). (cmb)
- Mbstring:
. Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). (Stas)
. Fixed bug #77371 (heap buffer overflow in mb regex functions
- compile_string_node). (Stas)
. Fixed bug #77381 (heap buffer overflow in multibyte match_at). (Stas)
. Fixed bug #77382 (heap buffer overflow due to incorrect length in
expand_case_fold_string). (Stas)
. Fixed bug #77385 (buffer overflow in fetch_token). (Stas)
. Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). (Stas)
. Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). (Stas)
- OCI8:
. Fixed bug #76804 (oci_pconnect with OCI_CRED_EXT not working). (KoenigsKind)
. Added oci_set_call_timeout() for call timeouts.
. Added oci_set_db_operation() for the DBOP end-to-end-tracing attribute.
- Opcache:
. Fixed bug #77215 (CFG assertion failure on multiple finalizing switch
frees in one block). (Nikita)
- PDO:
. Handle invalid index passed to PDOStatement::fetchColumn() as error. (Sergei
Morozov)
- Phar:
. Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). (Stas)
- Sockets:
. Fixed bug #77136 (Unsupported IPV6_RECVPKTINFO constants on macOS).
(Mizunashi Mana)
- SQLite3:
. Fixed bug #77051 (Issue with re-binding on SQLite3). (BohwaZ)
- Xmlrpc:
. Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). (cmb)
. Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). (Stas)
|
New packages: