Subject: CVS commit: [pkgsrc-2007Q4] pkgsrc/www/php4
From: Geert Hendrickx
Date: 2008-01-15 09:33:29
Message id: 20080115083329.8A3B921507@cvs.netbsd.org

Log Message:
Pullup ticket 2267 - requested by adrianp
security update for php4

- pkgsrc/lang/php4/Makefile				1.80
- pkgsrc/lang/php4/Makefile.common			1.57
- pkgsrc/lang/php4/distinfo				1.67
- pkgsrc/lang/php4/patches/patch-aw			removed

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Fri Jan  4 10:07:54 UTC 2008

   Modified Files:
	   pkgsrc/www/php4: Makefile Makefile.common distinfo
   Removed Files:
	   pkgsrc/www/php4/patches: patch-aw

   Log Message:
   Update to 4.4.8

   Improved fix for MOPB-02-2007.
   Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner.
   Fixed integer overlow in str[c]spn().
   Fixed regression in glob when open_basedir is on introduced by 41655 fix.
   Fixed money_format() not to accept multiple %i or %n tokens.
   Addded "max_input_nesting_level" php.ini option to limit nesting \ 
level of input variables. Fix for MOPB-03-2007.
   Fixed INFILE LOCAL option handling with MySQL - now not allowed when \ 
open_basedir or safe_mode is active.
   Fixed session.save_path and error_log values to be checked against \ 
open_basedir and safe_mode (CVE-2007-3378).
   Fixed bug 43010 (Fixed regression in imagearc with two equivelent angles).
   Fixed bug 41765 (Recode crashes/does not work on amd64).
   Fixed bug 41630 (segfault when an invalid color index is present in the image \ 
data).
   Fixed bug 41628 (PHP settings leak between Virtual Hosts in Apache 1.3).
   Fixed bug 38798 (OpenSSL init corrected in php5 but not in php4).

Files:
RevisionActionfile
1.79.4.1modifypkgsrc/www/php4/Makefile
1.56.6.1modifypkgsrc/www/php4/Makefile.common
1.66.4.1modifypkgsrc/www/php4/distinfo
1.3removepkgsrc/www/php4/patches/patch-aw