Path to this page:
Subject: CVS commit: [pkgsrc-2020Q2] pkgsrc/lang
From: Benny Siegert
Date: 2020-08-23 20:42:13
Message id: 20200823184213.6F4C8FB28@cvs.NetBSD.org
Log Message:
Pullup ticket #6299 - requested by taca
lang/php74: security fix
Revisions pulled up:
- lang/php74/distinfo 1.10-1.11
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jul 11 04:02:14 UTC 2020
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php74: distinfo
Log Message:
lang/php74: update to 7.4.8
Update php74 to 7.4.8.
09 Jul 2020, PHP 7.4.8
- Core:
. Fixed bug #79649 (Altering disable_functions from module init corrupts
memory). (Laruence)
. Fixed bug #79595 (zend_init_fpu() alters FPU precision). (cmb, Nikita)
. Fixed bug #79650 (php-win.exe 100% cpu lockup). (cmb)
. Fixed bug #79668 (get_defined_functions(true) may miss functions). (cmb,
Nikita)
. Fixed bug #79657 ("yield from" hangs when invalid value \
encountered).
(Nikita)
. Fixed bug #79683 (Fake reflection scope affects __toString()). (Nikita)
. Fixed possibly unsupported timercmp() usage. (cmb)
- Exif:
. Fixed bug #79687 (Sony picture - PHP Warning - Make, Model, MakerNotes).
(cmb)
- Fileinfo:
. Fixed bug #79681 (mime_content_type/finfo returning incorrect mimetype).
(cmb)
- Filter:
. Fixed bug #73527 (Invalid memory access in php_filter_strip). (cmb)
- GD:
. Fixed bug #79676 (imagescale adds black border with IMG_BICUBIC). (cmb)
- OpenSSL:
. Fixed bug #62890 (default_socket_timeout=-1 causes connection to timeout).
(cmb)
- PDO SQLite:
. Fixed bug #79664 (PDOStatement::getColumnMeta fails on empty result set).
(cmb)
- phpdbg:
. Fixed bug #73926 (phpdbg will not accept input on restart execution). (cmb)
. Fixed bug #73927 (phpdbg fails with windows error prompt at "watch \
array").
(cmb)
. Fixed several mostly Windows related phpdbg bugs. (cmb)
- SPL:
. Fixed bug #79710 (Reproducible segfault in error_handler during GC
involved an SplFileObject). (Nikita)
- Standard:
. Fixed bug #74267 (segfault with streams and invalid data). (cmb)
. Fixed bug #79579 (ZTS build of PHP 7.3.17 doesn't handle ERANGE for
posix_getgrgid and others). (Böszörményi Zoltán)
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Aug 8 13:31:19 UTC 2020
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php74: distinfo
Log Message:
lang/php74: update to 7.4.9
Update php74 to 7.4.9 (PHP 7.4.9).
06 Aug 2020, PHP 7.4.9
- Apache:
. Fixed bug #79030 (Upgrade apache2handler's php_apache_sapi_get_request_time
to return usec). (Herbert256)
- COM:
. Fixed bug #63208 (BSTR to PHP string conversion not binary safe). (cmb)
. Fixed bug #63527 (DCOM does not work with Username, Password parameter).
(cmb)
- Core:
. Fixed bug #79740 (serialize() and unserialize() methods can not be called
statically). (Nikita)
. Fixed bug #79783 (Segfault in php_str_replace_common). (Nikita)
. Fixed bug #79778 (Assertion failure if dumping closure with unresolved
static variable). (Nikita)
. Fixed bug #79779 (Assertion failure when assigning property of string
offset by reference). (Nikita)
. Fixed bug #79792 (HT iterators not removed if empty array is destroyed).
(Nikita)
. Fixed bug #78598 (Changing array during undef index RW error segfaults).
(Nikita)
. Fixed bug #79784 (Use after free if changing array during undef var during
array write fetch). (Nikita)
. Fixed bug #79793 (Use after free if string used in undefined index warning
is changed). (Nikita)
. Fixed bug #79862 (Public non-static property in child should take priority
over private static). (Nikita)
. Fixed bug #79877 (getimagesize function silently truncates after a null
byte) (cmb)
- Fileinfo:
. Fixed bug #79756 (finfo_file crash (FILEINFO_MIME)). (cmb)
- FTP:
. Fixed bug #55857 (ftp_size on large files). (cmb)
- Mbstring:
. Fixed bug #79787 (mb_strimwidth does not trim string). (XXiang)
- Phar:
. Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile
function). (CVE-2020-7068) (cmb)
- Reflection:
. Fixed bug #79487 (::getStaticProperties() ignores property modifications).
(cmb, Nikita)
. Fixed bug #69804 (::getStaticPropertyValue() throws on protected props).
(cmb, Nikita)
. Fixed bug #79820 (Use after free when type duplicated into
ReflectionProperty gets resolved). (Christopher Broadbent)
- Standard:
. Fixed bug #70362 (Can't copy() large 'data://' with open_basedir). (cmb)
. Fixed bug #78008 (dns_check_record() always return true on Alpine).
(Andy Postnikov)
. Fixed bug #79839 (array_walk() does not respect property types). (Nikita)
Files: