./lang/php73, PHP Hypertext Preprocessor version 7.3

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 7.3.16, Package name: php-7.3.16, Maintainer: pkgsrc-users

PHP is a widely-used open source general-purpose scripting language
that is especially suited for web development and can be embedded
into HTML. It is modular, and object-oriented. Much of its syntax
is borrowed from C, Java and Perl with a couple of unique PHP-specific
features thrown in. The language is designed to allow web developers
to write dynamically generated pages quickly.

This package provides PHP version 7.3.x.

PHP 7.3.0 comes with numerous improvements and new features such as

* Flexible Heredoc and Nowdoc Syntax
* PCRE2 Migration
* Multiple MBString Improvements
* LDAP Controls Support
* Improved FPM Logging
* Windows File Deletion Improvements
* Several Deprecations

For source downloads of PHP 7.3.0 please visit our downloads page Windows
binaries can be found on the PHP for Windows site. The list of changes is
recorded in the ChangeLog.


Required to run:
[textproc/libxml2] [security/openssl] [devel/readline] [devel/pcre2]

Required to build:
[pkgtools/cwrappers]

Package options: inet6, readline, ssl

Master sites: (Expand)

SHA1: 2571100c75b24aaa913339eafee3e3c8f410cc07
RMD160: d84bfc893aff1230c2d66ffc3bc00003715bacb6
Filesize: 11829.773 KB

Version history: (Expand)


CVS history: (Expand)


   2020-03-22 12:00:36 by Roland Illig | Files touched by this commit (1)
Log message:
lang/php73: remove phar.php from the files to be patched

That file contains neither the word PREFIX nor CGIDIR.
   2020-03-20 09:12:58 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
lang/php73: update to 7.3.16

Update php73 to 7.3.16.

19 Mar 2020, PHP 7.3.16

- Core:
  . Fixed bug #63206 (restore_error_handler does not restore previous errors
    mask). (Mark Plomer)

- COM:
  . Fixed bug #66322 (COMPersistHelper::SaveToFile can save to wrong location).
    (cmb)
  . Fixed bug #79242 (COM error constants don't match com_exception codes on
    x86). (cmb)
  . Fixed bug #79248 (Traversing empty VT_ARRAY throws com_exception). (cmb)
  . Fixed bug #79299 (com_print_typeinfo prints duplicate variables). (Litiano
    Moura)
  . Fixed bug #79332 (php_istreams are never freed). (cmb)
  . Fixed bug #79333 (com_print_typeinfo() leaks memory). (cmb)

- DOM:
  . Fixed bug #77569: (Write Access Violation in DomImplementation). (Nikita,
    cmb)
  . Fixed bug #79271 (DOMDocumentType::$childNodes is NULL). (cmb)

- Enchant:
  . Fixed bug #79311 (enchant_dict_suggest() fails on big endian architecture).
    (cmb)

- EXIF:
  . Fixed bug #79282 (Use-of-uninitialized-value in exif). (CVE-2020-7064)
    (Nikita)

- MBstring:
  . Fixed bug #79371 (mb_strtolower (UTF-32LE): stack-buffer-overflow at
    php_unicode_tolower_full). (CVE-2020-7065) (cmb)

- MySQLi:
  . Fixed bug #64032 (mysqli reports different client_version). (cmb)

- PCRE:
  . Fixed bug #79188 (Memory corruption in preg_replace/preg_replace_callback
    and unicode). (Nikita)

- PDO_ODBC:
  . Fixed bug #79038 (PDOStatement::nextRowset() leaks column values). (cmb)

- Reflection:
  . Fixed bug #79062 (Property with heredoc default value returns false for
    getDocComment). (Nikita)

- SQLite3:
  . Fixed bug #79294 (::columnType() may fail after SQLite3Stmt::reset()). (cmb)

- Standard:
  . Fixed bug #79329 (get_headers() silently truncates after a null byte).
    (CVE-2020-7066) (cmb)
  . Fixed bug #79254 (getenv() w/o arguments not showing changes). (cmb)
  . Fixed bug #79265 (Improper injection of Host header when using fopen for
    http requests). (Miguel Xavier Penha Neto)
   2020-02-20 15:43:18 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
lang/php73: update to 7.3.15

Update php73 to 7.3.15 (PHP 7.3.15).

20 Feb 2020, PHP 7.3.15

- Core:
  . Fixed bug #71876 (Memory corruption htmlspecialchars(): charset `*' not
    supported). (Nikita)
  . Fixed bug ##79146 (cscript can fail to run on some systems). (clarodeus)
  . Fixed bug #78323 (Code 0 is returned on invalid options). (Ivan Mikheykin)
  . Fixed bug #76047 (Use-after-free when accessing already destructed
    backtrace arguments). (Nikita)

- CURL:
  . Fixed bug #79078 (Hypothetical use-after-free in curl_multi_add_handle()).
    (cmb)

 -Intl:
  . Fixed bug #79212 (NumberFormatter::format() may detect wrong type). (cmb)

- Libxml:
  . Fixed bug #79191 (Error in SoapClient ctor disables DOMDocument::save()).
    (Nikita, cmb)

- MBString:
  . Fixed bug #79154 (mb_convert_encoding() can modify $from_encoding). (cmb)

- MySQLnd:
  . Fixed bug #79084 (mysqlnd may fetch wrong column indexes with MYSQLI_BOTH).
    (cmb)

- OpenSSL:
  . Fixed bug #79145 (openssl memory leak). (cmb, Nikita)

- Phar:
  . Fixed bug #79082 (Files added to tar with Phar::buildFromIterator have
    all-access permissions). (CVE-2020-7063) (stas)
  . Fixed bug #79171 (heap-buffer-overflow in phar_extract_file).
    (CVE-	2020-7061) (cmb)
  . Fixed bug #76584 (PharFileInfo::decompress not working). (cmb)

- Reflection:
  . Fixed bug #79115 (ReflectionClass::isCloneable call reflected class
    __destruct). (Nikita)

- Session:
  . Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload Progress).
    (CVE-2020-7062) (stas)

- SPL:
  . Fixed bug #79151 (heap use after free caused by
    spl_dllist_it_helper_move_forward). (Nikita)

- Standard:
  . Fixed bug #78902 (Memory leak when using stream_filter_append). (liudaixiao)

- Testing:
  . Fixed bug #78090 (bug45161.phpt takes forever to finish). (cmb)

- XSL:
  . Fixed bug #70078 (XSL callbacks with nodes as parameter leak memory). (cmb)
   2020-02-09 23:01:10 by Roland Illig | Files touched by this commit (2)
Log message:
lang/php73: disable strict configure options check for PHP modules

Several modules don't know the option --with-pcre-regex. These modules
should not fail.
   2020-01-25 18:21:14 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/php73: update to 7.3.14.

Update php73 to 7.3.14 (PHP 7.3.14).

23 Jan 2020, PHP 7.3.14

- Core
  . Fixed bug #78999 (Cycle leak when using function result as temporary).
    (Dmitry)

- CURL:
  . Fixed bug #79033 (Curl timeout error with specific url and post). (cmb)

- Date:
  . Fixed bug #79015 (undefined-behavior in php_date.c). (cmb)

- DBA:
  . Fixed bug #78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit reached).
    (cmb)

- Fileinfo:
  . Fixed bug #74170 (locale information change after mime_content_type).
    (Sergei Turchanov)

- GD:
  . Fixed bug #78923 (Artifacts when convoluting image with transparency).
    (wilson chen)
  . Fixed bug #79067 (gdTransformAffineCopy() may use unitialized values). (cmb)
  . Fixed bug #79068 (gdTransformAffineCopy() changes interpolation method).
    (cmb)

- Libxml:
  . Fixed bug #79029 (Use After Free's in XMLReader / XMLWriter). (Laruence)

- Mbstring:
  . Fixed bug #79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`).
    (CVE-2020-7060) (Nikita)

- OPcache:
  . Fixed bug #79040 (Warning Opcode handlers are unusable due to ASLR). (cmb)

- Pcntl:
  . Fixed bug #78402 (Converting null to string in error message is bad DX).
    (SATŌ Kentarō)

- PDO_PgSQL:
  . Fixed bug #78983 (pdo_pgsql config.w32 cannot find libpq-fe.h). (SATŌ
    Kentarō)
  . Fixed bug #78980 (pgsqlGetNotify() overlooks dead connection). (SATŌ
    Kentarō)
  . Fixed bug #78982 (pdo_pgsql returns dead persistent connection). (SATŌ
    Kentarō)

- Session:
  . Fixed bug #79091 (heap use-after-free in session_create_id()). (cmb, Nikita)

- Shmop:
  . Fixed bug #78538 (shmop memory leak). (cmb)

- Standard:
  . Fixed bug #79099 (OOB read in php_strip_tags_ex). (CVE-2020-7059). (cmb)
  . Fixed bug #54298 (Using empty additional_headers adding extraneous CRLF).
    (cmb)
   2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836)
Log message:
*: Recursive revision bump for openssl 1.1.1.
   2019-12-21 07:59:20 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
lang/php73: update to 7.3.13

Update php73 to 7.3.13, including security fixes.

19 Dec 2019, PHP 7.3.13

- Bcmath:
  . Fixed bug #78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046).
    (cmb)

- Core:
  . Fixed bug #78862 (link() silently truncates after a null byte on Windows).
    (CVE-2019-11044). (cmb)
  . Fixed bug #78863 (DirectoryIterator class silently truncates after a null
    byte). (CVE-2019-11045). (cmb)
  . Fixed bug #78943 (mail() may release string with refcount==1 twice).
    (CVE-2019-11049). (cmb)
  . Fixed bug #78787 (Segfault with trait overriding inherited private shadow
    property). (Nikita)
  . Fixed bug #78868 (Calling __autoload() with incorrect EG(fake_scope) value).
    (Antony Dovgal, Dmitry)
  . Fixed bug #78296 (is_file fails to detect file). (cmb)

- EXIF:
  . Fixed bug #78793 (Use-after-free in exif parsing under memory sanitizer).
    (CVE-2019-11050). (Nikita)
  . Fixed bug #78910 (Heap-buffer-overflow READ in exif). (CVE-2019-11047).
    (Nikita)

- GD:
  . Fixed bug #78849 (GD build broken with -D SIGNED_COMPARE_SLOW). (cmb)

- MBString:
  . Upgraded bundled Oniguruma to 6.9.4. (cmb)

- OPcache:
  . Fixed potential ASLR related invalid opline handler issues. (cmb)
  . Fixed $x = (bool)$x; with opcache (should emit undeclared variable notice).
    (Tyson Andre)

- PCRE:
  . Fixed bug #78853 (preg_match() may return integer > 1). (cmb)

- Standard:
  . Fixed bug #78759 (array_search in $GLOBALS). (Nikita)
  . Fixed bug #77638 (var_export'ing certain class instances segfaults). (cmb)
  . Fixed bug #78840 (imploding $GLOBALS crashes). (cmb)
  . Fixed bug #78833 (Integer overflow in pack causes out-of-bound access).
    (cmb)
  . Fixed bug #78814 (strip_tags allows / in tag name => whitelist bypass).
    (cmb)
   2019-12-16 16:58:19 by Takahiro Kambe | Files touched by this commit (25)
Log message:
lang/php*: clean up php langauges

Clean up php languages.

* Clean up php/phpversions.mk a little.
* Add php/replace.mk to provide common shebang line replace for PHP.
* Define USE_TOOLS before including <bsd.prefs.mk>.
* Fix most warnings of pkglint.

No functional change should be done.