pkgsrc.se | The NetBSD package collection

NOTICE: This package has been removed from pkgsrc

./lang/php55, PHP Hypertext Preprocessor version 5.5

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ]

Branch: CURRENT, Version: 5.5.38, Package name: php-5.5.38, Maintainer: pkgsrc-users

PHP is an HTML-embedded scripting language. It is modular, with
some object-oriented features. Much of its syntax is borrowed from
C, Java and Perl with a couple of unique PHP-specific features
thrown in. The language is designed to allow web developers to
write dynamically generated pages quickly.

This package provides PHP version 5.5.x.

Required to run:
[textproc/libxml2]

Package options: inet6, ssl

Master sites: (Expand)

SHA1: ac79d48510e4bfe8f376d009e3ecb5b734bbc3a1
RMD160: 2f1f0ff08c963975c6a624ecc83432cf48be3b39
Filesize: 13380.139 KB

Version history: (Expand)

(2016-09-14) Package deleted from pkgsrc
(2016-07-24) Updated to version: php-5.5.38
(2016-06-24) Updated to version: php-5.5.37
(2016-05-27) Updated to version: php-5.5.36
(2016-05-02) Updated to version: php-5.5.35
(2016-04-02) Updated to version: php-5.5.34

CVS history: (Expand)

2016-09-11 19:00:31 by Takahiro Kambe | Files touched by this commit (32) | Package removed

Log message:
Remove php55 pacakge from pkgsrc since it is EOL on 21 Jul 2016.

2016-08-13 19:34:41 by Takahiro Kambe | Files touched by this commit (10)

Log message:
* Switch to use external gd (graphics/gd package).
* Use the same PKG_OPTIONS as graphics/gd.

Bump PKGREVISION of php-gd.

2016-07-24 15:38:54 by Jaromir Dolecek | Files touched by this commit (2)

Log message:
add patch for ext/recode/recode.c also for php55

2016-07-24 04:15:16 by Takahiro Kambe | Files touched by this commit (1)

Log message:
Update php55 to 5.5.38 (PHP 5.5.38).

Quote from release note:

Note that according to our release schedule, PHP 5.5.38 is the last release
of the PHP 5.5 branch. There may be additional release if we discover
important security issues that warrant it, otherwise this release will be
the final one in the PHP 5.5 branch. If your PHP installation is based on
PHP 5.5, it may be a good time to start making the plans for the upgrade to
PHP 5.6 or PHP 7.0.

21 Jul 2016, PHP 5.5.38

- BZip2:
   . Fixed bug #72613 (Inadequate error handling in bzread()). (Stas)

- Core:
   . Fixed bug #70480 (php_url_parse_ex() buffer overflow read). (Stas)
   . Fixed bug #72513 (Stack-based buffer overflow vulnerability in
     virtual_file_ex). (loianhtuan at gmail dot com)
   . Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session
     Deserialization). (taoguangchen at icloud dot com)
   . Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and
     applications). (CVE-2016-5385) (Stas)

- EXIF:
   . Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).
     (Stas)
   . Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).
     (Stas)

- GD:
   . Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read
     access). (Pierre)
   . Fixed bug #72519 (imagegif/output out-of-bounds access). (Pierre)
   . Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).
     (CVE-2016-6207) (Pierre)

- Intl:
   . Fixed bug #72533 (locale_accept_from_http out-of-bounds access). (Stas)

- ODBC:
   . Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns)

- SNMP:
   . Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and
     unserialize()). (taoguangchen at icloud dot com)

- Xmlrpc:
   . Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn \ 
simplestring.c).
     (Stas)

- Zip:
   . Fixed bug #72520 (Stack-based buffer overflow vulnerability in
     php_stream_zip_opener). (loianhtuan at gmail dot com)

2016-06-24 17:23:00 by Takahiro Kambe | Files touched by this commit (2)

Log message:
Update php55 to 5.5.37 (PHP 5.5.37), including security fixes.

pkgsrc change: remove confiugre from SUBST_FILES.path.

23 Jun 2016, PHP 5.5.37

- Core:
  . Fixed bug #72268 (Integer Overflow in nl2br()). (Stas)
  . Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/
    json_utf8_to_utf16()). (Stas)
  . Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Stas)
  . Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL). (Stas)

- GD:
  . Fixed bug #66387 (Stack overflow with imagefilltoborder) (CVE-2015-8874).
    (cmb)
  . Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas)
  . Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in
    heap overflow). (Pierre)
  . Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas)
  . Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting
    in heap overflow). (Pierre)

- mbstring:
   . Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas)

- mcrypt:
   . Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)

- SPL:
  . Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (Stas)
  . Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and
    unserialize). (Dmitry)

- WDDX:
  . Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (Stas)

- zip:
  . Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC
    algorithm and unserialize). (Dmitry)

2016-05-27 15:25:44 by Takahiro Kambe | Files touched by this commit (1)

Log message:
Update php55 to 5.5.36 (PHP 5.5.36), including security fix.

26 May 2016, PHP 5.5.36

- Core:
  . Fixed bug #72114 (Integer underflow / arbitrary null write in
    fread/gzread). (Stas)
  . Fixed bug #72135 (Integer Overflow in php_html_entities). (Stas)

- GD:
   . Fixed bug #72227 (imagescale out-of-bounds read). (Stas)

- Intl:
   . Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (Stas)

- Phar:
  . Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()).
    (CVE-2016-4343) (Stas)

2016-05-02 15:06:21 by Takahiro Kambe | Files touched by this commit (2)

Log message:
Update php55 to 5.5.35.

pkgsrc change: Fix build problem on Linux noted by Matthias Ferdinand on
pkgsrc-users@.

28 Apr 2016, PHP 5.5.35

- BCMath:
  . Fix bug #72093 (bcpowmod accepts negative scale and corrupts _one_
    definition). (Stas)

- Exif:
  . Fix bug #72094 (Out of bounds heap read access in exif header
    processing). (Stas)

- GD:
  . Fix bug #71912 (libgd: signedness vulnerability). (Stas)

- Intl:
  . Fix bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative
    offset). (Stas)

- XML:
  . Fix bug #72099 (xml_parse_into_struct segmentation fault). (Stas)

2016-04-02 10:59:24 by Takahiro Kambe | Files touched by this commit (3)

Log message:
Update php55 to 5.5.34, including security fix.
Add add an patch to fix memory leak noted from Zafer Aydo«»an via
private mail.

31 Mar 2016, PHP 5.5.34

- Fileinfo:
  . Fixed bug #71527 (Buffer over-write in finfo_open with malformed magic
    file). (Anatol)

- Mbstring:
  . Fixed bug #71906 (AddressSanitizer: negative-size-param (-1) in
    mbfl_strcut). (Stas)

- OBBC
  . Fixed bug #71860 (Invalid memory write in phar on filename with \0 in
    name). (Stas)

- SNMP:
  . Fixed bug #71704 (php_snmp_error() Format String Vulnerability).
    (andrew at jmpesp dot org)

- Standard
  . Fixed bug #71798 (Integer Overflow in php_raw_url_encode).
    (taoguangchen at icloud dot com, Stas)