Subject: CVS commit: [pkgsrc-2015Q1] pkgsrc/lang
From: Matthias Scheler
Date: 2015-06-13 12:46:49
Message id: 20150613104649.8938098@cvs.netbsd.org
Log Message:
Pullup ticket #4748 - requested by taca
lang/php55: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.100
- lang/php55/distinfo                                           1.41
- lang/php55/patches/patch-ext_phar_Makefile.frag               1.3

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Jun 12 00:44:32 UTC 2015

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php55: distinfo
   	pkgsrc/lang/php55/patches: patch-ext_phar_Makefile.frag

   Log Message:
   Update php55 to 5.5.26.

   11 Jun 2015, PHP 5.5.26

   - Core:
     . Fixed bug #69566 (Conditional jump or move depends on uninitialised value
       in extension trait). (jbboehr at gmail dot com)
     . Fixed bug #66048 (temp. directory is cached during multiple requests).
       (Julien)
     . Fixed bug #69628 (complex GLOB_BRACE fails on Windows).
       (Christoph M. Becker)
     . Fixed bug #69646 (OS command injection vulnerability in escapeshellarg).
       (Anatol Belski)
     . Fixed bug #69719 (Incorrect handling of paths with NULs). (Stas)

   - FTP:
     . Improved fix for bug #69545 (Integer overflow in ftp_genlist()
       resulting in heap overflow). (Max Spelsberg)

   - GD:
     . Fixed bug #69479 (GD fails to build with newer libvpx). (Remi)

   - Iconv:
     . Fixed bug #48147 (iconv with //IGNORE cuts the string). (Stas)

   - Litespeed SAPI:
     . Fixed bug #68812 (Unchecked return value). (George Wang)

   - Mail:
     . Fixed bug #68776 (mail() does not have mail header injection prevention for
       additional headers). (Yasuo)

   - MCrypt:
     . Added file descriptor caching to mcrypt_create_iv() (Leigh)

   - Opcache
     . Fixed bug #69549 (Memory leak with opcache.optimization_level=0xFFFFFFFF).
       (Laruence, Dmitry)

   - PCRE:
     . Upgraded pcrelib to 8.37. (CVE-2015-2325, CVE-2015-2326)

   - Phar:
     . Fixed bug #69680 (phar symlink in binary directory broken).
       (Matteo Bernardini, Remi)

   - Postgres:
     . Fixed bug #69667 (segfault in php_pgsql_meta_data). (Remi)

   - Sqlite3:
     . Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415,
       CVE-2015-3416) (Kaplan)
Files:
RevisionActionfile
1.38.2.3modifypkgsrc/lang/php55/distinfo
1.2.4.1modifypkgsrc/lang/php55/patches/patch-ext_phar_Makefile.frag