Subject: CVS commit: pkgsrc/lang
From: Takahiro Kambe
Date: 2024-04-13 04:53:35
Message id: 20240413025335.6322AFA2C@cvs.NetBSD.org
Log Message:
lang/php81: update to 8.1.27

This release includes security fixes.

11 Apr 2024, PHP 8.1.28

- Standard:
  . Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command
    parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
  . Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
    partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
  . Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
    opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)
Files:
RevisionActionfile
1.32modifypkgsrc/lang/php81/distinfo