./lang/php82, PHP Hypertext Preprocessor version 8.2

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 8.2.18, Package name: php-8.2.18, Maintainer: pkgsrc-users

PHP is a widely-used open source general-purpose scripting language
that is especially suited for web development and can be embedded
into HTML. It is modular, and object-oriented. Much of its syntax
is borrowed from C, Java and Perl with a couple of unique PHP-specific
features thrown in. The language is designed to allow web developers
to write dynamically generated pages quickly.

PHP 8.2 comes with numerous improvements and new features such as

* Readonly classes
* Disjunctive Normal Form (DNF) Types
* New stand-alone types: null, false, and true
* New "Random" extension
* Constants in traits
* Deprecate dynamic properties
* And much much more...



Package options: inet6, readline, ssl

Master sites:

Filesize: 11806.055 KB

Version history: (Expand)

CVS history: (Expand)


   2024-04-13 04:49:41 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/php82: update to 8.2.18

This release includes security fixes.

11 Apr 2024, PHP 8.2.18

- Core:
  . Fixed bug GH-13612 (Corrupted memory in destructor with weak references).
    (nielsdos)
  . Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure). (Remi)
  . Fixed bug GH-13670 (GC does not scale well with a lot of objects created in
    destructor). (Arnaud)

- DOM:
  . Add some missing ZPP checks. (nielsdos)
  . Fix potential memory leak in XPath evaluation results. (nielsdos)
  . Fix phpdoc for DOMDocument load methods. (VincentLanglet)

- FPM
  . Fix incorrect check in fpm_shm_free(). (nielsdos)

- GD:
  . Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests). (Michael Orlitzky)

- Gettext:
  . Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5
    with category set to LC_ALL. (David Carlier)

- MySQLnd:
  . Fix GH-13452 (Fixed handshake response [mysqlnd]). (Saki Takamachi)
  . Fix incorrect charset length in check_mb_eucjpms(). (nielsdos)

- Opcache:
  . Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null).
    (Arnaud, Dmitry)
  . Fixed GH-13712 (Segmentation fault for enabled observers when calling trait
    method of internal trait when opcache is loaded). (Bob)

- PDO:
  . Fix various PDORow bugs. (Girgias)

- Random:
  . Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown
    modes). (timwolla)
  . Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between
    requests when MT_RAND_PHP is used). (timwolla)

- Session:
  . Fixed bug GH-13680 (Segfault with session_decode and compilation error).
    (nielsdos)

- Sockets:
  . Fixed bug GH-13604 (socket_getsockname returns random characters in the end
    of the socket name). (David Carlier)

- SPL:
  . Fixed bug GH-13531 (Unable to resize SplfixedArray after being unserialized
    in PHP 8.2.15). (nielsdos)
  . Fixed bug GH-13685 (Unexpected null pointer in zend_string.h). (nielsdos)

- Standard:
  . Fixed bug GH-11808 (Live filesystem modified by tests). (nielsdos)
  . Fixed GH-13402 (Added validation of `\n` in $additional_headers of mail()).
    (SakiTakamachi)
  . Fixed bug GH-13203 (file_put_contents fail on strings over 4GB on Windows).
    (divinity76)
  . Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command
    parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
  . Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
    partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
  . Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
    opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)

- XML:
  . Fixed bug GH-13517 (Multiple test failures when building with
    --with-expat). (nielsdos)
   2024-03-17 17:46:06 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/php82: update to 8.2.17

PHP 8.2.17 (2024-03-14)

- Core:
  . Fix ZTS persistent resource crashes on shutdown. (nielsdos)

- Curl:
  . Fix failing tests due to string changes in libcurl 8.6.0. (Ayesh)

- DOM:
  . Fix reference access in dimensions for DOMNodeList and DOMNodeMap.
    (nielsdos)

- Fileinfo:
  . Fixed bug GH-13344 (finfo::buffer(): Failed identify data 0:(null),
    backport). (nielsdos)

- FPM:
  . Fixed bug #75712 (getenv in php-fpm should not read $_ENV, $_SERVER).
    (Jakub Zelenka)

- GD:
  . Fixed bug GH-12019 (detection of image formats in system gd library).
    (Michael Orlitzky)

- MySQLnd:
  . Fixed bug GH-11950 ([mysqlnd] Fixed not to set CR_MALFORMED_PACKET to error
    if CR_SERVER_GONE_ERROR is already set). (Saki Takamachi)

- PGSQL:
  . Fixed bug GH-13354 (pg_execute/pg_send_query_params/pg_send_execute
    with null value passed by reference). (George Barbarosie)

- Standard:
  . Fixed array key as hash to string (case insensitive) comparison typo
    for the second operand buffer size (albeit unused for now). (A. Slepykh)
   2024-02-16 14:16:59 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/php82: update to 8.2.16

15 Feb 2024, PHP 8.2.16

- Core:
  . Fixed timer leak in zend-max-execution-timers builds. (withinboredom)
  . Fixed bug GH-12349 (linking failure on ARM with mold). (Jan Palus)
  . Fixed bug GH-13097 (Anonymous class reference in trigger_error / thrown
    Exception). (nielsdos)
  . Fixed bug GH-13215 (GCC 14 build failure). (Remi)

- Curl:
  . Fix missing error check in curl_multi_init(). (divinity76)

- FPM:
  . Fixed bug GH-12996 (Incorrect SCRIPT_NAME with Apache ProxyPassMatch when
    plus in path). (Jakub Zelenka)

- GD:
  . Fixed bug GH-10344 (imagettfbbox(): Could not find/open font UNC path).
    (nielsdos)
  . Fixed bug GH-10614 (imagerotate will turn the picture all black, when
    rotated 90). (nielsdos)

- MySQLnd:
  . Fixed bug GH-12107 (When running a stored procedure (that returns a result
    set) twice, PHP crashes). (nielsdos)

- Opcache:
  . Fixed bug GH-13232 (Segmentation fault will be reported when JIT is off but
    JIT_debug is still on). (nielsdos)

- OpenSSL:
  . Fixed LibreSSL undefined reference when OPENSSL_NO_ENGINE not set.
   (David Carlier).

- PDO_Firebird:
  . Fix GH-13119 (Changed to convert float and double values ​​into strings using
    `H` format). (SakiTakamachi)

- Phar:
  . Fixed bug #71465 (PHAR doesn't know about litespeed). (nielsdos)
  . Fixed bug GH-13037 (PharData incorrectly extracts zip file). (nielsdos)

- Random:
  . Fixed bug GH-13138 (Randomizer::pickArrayKeys() does not detect broken
    engines). (timwolla)

- Session:
  . Fixed bug GH-12504 (Corrupted session written when there's a fatal error
    in autoloader). (nielsdos)

- Streams:
  . Fixed bug GH-13071 (Copying large files using mmap-able source streams may
    exhaust available memory and fail). (nielsdos)
   2024-01-21 08:56:16 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/php82: update to 8.2.15

8.2.15 (2024-01-18)

- Core:
  . Fixed bug GH-12953 (false positive SSA integrity verification failed when
    loading composer classmaps with more than 11k elements). (nielsdos)
  . Fixed bug GH-12966 (missing cross-compiling 3rd argument so Autoconf doesn't
    emit warnings). (Peter Kokot)

- Cli:
  . Fix incorrect timeout in built-in web server when using router script and
    max_input_time. (ilutov)

- FFI:
  . Fixed bug GH-9698 (stream_wrapper_register crashes with FFI\CData).
    (Jakub Zelenka)
  . Fixed bug GH-12905 (FFI::new interacts badly with observers). (nielsdos)

- Intl:
  . Fixed GH-12943 (IntlDateFormatter::__construct accepts 'C' as valid locale).
    (David Carlier)

- Hash:
  . Fixed bug GH-12936 (hash() function hangs endlessly if using sha512 on
    strings >= 4GiB). (nielsdos)

- ODBC:
  . Fix crash on Apache shutdown with persistent connections. (nielsdos)

- Opcache:
  . Fixed oss-fuzz #64727 (JIT undefined array key warning may overwrite DIM
    with NULL when DIM is the same var as result). (ilutov)
  . Added workaround for SELinux mprotect execheap issue.
    See https://bugzilla.kernel.org/show_bug.cgi?id=218258. (ilutov)

- OpenSSL:
  . Fixed bug GH-12987 (openssl_csr_sign might leak new cert on error).
    (Jakub Zelenka)

- PDO:
  . Fix GH-12969 (Fixed PDO::getAttribute() to get PDO::ATTR_STRINGIFY_FETCHES).
    (SakiTakamachi)

- PDO_ODBC:
  . Fixed bug GH-12767 (Unable to turn on autocommit mode with setAttribute()).
    (SakiTakamachi)

- PGSQL:
  . Fixed auto_reset_persistent handling and allow_persistent type. (David Carlier)
  . Fixed bug GH-12974 (Apache crashes on shutdown when using pg_pconnect()).
    (nielsdos)

- Phar:
  . Fixed bug #77432 (Segmentation fault on including phar file). (nielsdos)

- PHPDBG:
  . Fixed bug GH-12962 (Double free of init_file in phpdbg_prompt.c). (nielsdos)

- SimpleXML:
  . Fix getting the address of an uninitialized property of a SimpleXMLElement
    resulting in a crash. (nielsdos)

- Tidy:
  . Fixed bug GH-12980 (tidynode.props.attribute is missing
    "Boolean Attributes" and empty attributes). (nielsdos)
   2024-01-05 03:13:17 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/php82: update to 8.2.14

PHP 8.2.14 (2023-12-21)

- Core:
  . Fixed oss-fuzz #54325 (Use-after-free of name in var-var with malicious
    error handler). (ilutov)
  . Fixed oss-fuzz #64209 (In-place modification of filename in
    php_message_handler_for_zend). (ilutov)
  . Fixed bug GH-12758 / GH-12768 (Invalid opline in OOM handlers within
    ZEND_FUNC_GET_ARGS and ZEND_BIND_STATIC). (Florian Engelhardt)
  . Fix various missing NULL checks. (nielsdos, dstogov)
  . Fixed bug GH-12835 (Leak of call->extra_named_params on internal __call).
    (ilutov)

- Date:
  . Fixed improbably integer overflow while parsing really large (or small)
    Unix timestamps. (Derick)

- DOM:
  . Fixed bug GH-12616 (DOM: Removing XMLNS namespace node results in invalid
    default: prefix). (nielsdos)

- FPM:
  . Fixed bug GH-12705 (Segmentation fault in fpm_status_export_to_zval).
    (Patrick Prasse)

- FTP:
  . Fixed bug GH-9348 (FTP & SSL session reuse). (nielsdos)

- Intl:
  . Fixed bug GH-12635 (Test bug69398.phpt fails with ICU 74.1). (nielsdos)

- LibXML:
  . Fixed bug GH-12702 (libxml2 2.12.0 issue building from src). (nono303)
  . Fixed test failures for libxml2 2.12.0. (nielsdos)

- MySQLnd:
  . Avoid using uninitialised struct. (mikhainin)
  . Fixed bug GH-12791 (Possible dereference of NULL in MySQLnd debug code).
    (nielsdos)

- Opcache:
  . Fixed JIT bug (Function JIT emits "Uninitialized string offset" warning
    at the same time as invalid offset Error). (Girgias)
  . Fixed JIT bug (JIT emits "Attempt to assign property of non-object"
    warning at the same time as Error is being thrown). (Girgias)

- OpenSSL:
  . Fixed bug #50713 (openssl_pkcs7_verify() may ignore untrusted CAs).
    (Jakub Zelenka)

- PCRE:
  . Fixed bug GH-12628 (The gh11374 test fails on Alpinelinux). (nielsdos)

- PDO PGSQL:
  . Fixed the default value of $fetchMode in PDO::pgsqlGetNotify() (kocsismate)

- PGSQL:
  . Fixed bug GH-12763 wrong argument type for pg_untrace. (degtyarov)

- PHPDBG:
  . Fixed bug GH-12675 (MEMORY_LEAK in phpdbg_prompt.c). (nielsdos)

- SOAP:
  . Fixed bug GH-12838 ([SOAP] Temporary WSDL cache files not being deleted).
    (nielsdos)

- SPL:
  . Fixed bug GH-12721 (SplFileInfo::getFilename() segfault in combination
    with GlobIterator and no directory separator). (nielsdos)

- SQLite3:
  . Fixed bug GH-12633 (sqlite3_defensive.phpt fails with sqlite 3.44.0).
    (SakiTakamachi)

- Standard:
  . Fix memory leak in syslog device handling. (danog)
  . Fixed bug GH-12621 (browscap segmentation fault when configured in the
    vhost). (nielsdos)
  . Fixed bug GH-12655 (proc_open() does not take into account references
    in the descriptor array). (nielsdos)

- Streams:
  . Fixed bug #79945 (Stream wrappers in imagecreatefrompng causes segfault).
    (Jakub Zelenka)

- Zip:
  . Fixed bug GH-12661 (Inconsistency in ZipArchive::addGlob remove_path Option
    Behavior). (Remi)
   2023-11-24 07:01:26 by Takahiro Kambe | Files touched by this commit (3) 
Log message:
PHP 8.2.13 (2023-11-23)

- Core:
  . Fixed double-free of non-interned enum case name. (ilutov)
  . Fixed bug GH-12457 (Incorrect result of stripos with single character
    needle). (SakiTakamachi)
  . Fixed bug GH-12468 (Double-free of doc_comment when overriding static
    property via trait). (ilutov)
  . Fixed segfault caused by weak references to FFI objects. (sj-i)
  . Fixed max_execution_time: don't delete an unitialized timer. (Kévin Dunglas)
  . Fixed bug GH-12558 (Arginfo soft-breaks with namespaced class return type
    if the class name starts with N). (kocsismate)

- DOM:
  . Fix registerNodeClass with abstract class crashing. (nielsdos)
  . Add missing NULL pointer error check. (icy17)
  . Fix validation logic of php:function() callbacks. (nielsdos)

- Fiber:
  . Fixed bug GH-11121 (ReflectionFiber segfault). (danog, trowski, bwoebi)

- FPM:
  . Fixed bug GH-9921 (Loading ext in FPM config does not register module
    handlers). (Jakub Zelenka)
  . Fixed bug GH-12232 (FPM: segfault dynamically loading extension without
    opcache). (Jakub Zelenka)
  . Fixed bug #76922 (FastCGI terminates conn after FCGI_GET_VALUES).
    (Jakub Zelenka)

- Intl:
  . Removed the BC break on IntlDateFormatter::construct which threw an
    exception with an invalid locale. (David Carlier)

- Opcache:
  . Added warning when JIT cannot be enabled. (danog)
  . Fixed bug GH-8143 (Crashes in zend_accel_inheritance_cache_find since
    upgrading to 8.1.3 due to corrupt on-disk file cache). (turchanov)

- OpenSSL:
  . Fixed bug GH-12489 (Missing sigbio creation checking in openssl_cms_verify).
    (Jakub Zelenka)

- PCRE:
  . Fixed bug GH-11374 (Backport upstream fix, Different preg_match result
    with -d pcre.jit=0). (mvorisek)

- SOAP:
  . Fixed bug GH-12392 (Segmentation fault on SoapClient::__getTypes).
    (nielsdos)
  . Fixed bug #66150 (SOAP WSDL cache race condition causes Segmentation
    Fault). (nielsdos)
  . Fixed bug #67617 (SOAP leaves incomplete cache file on ENOSPC). (nielsdos)
  . Fix incorrect uri check in SOAP caching. (nielsdos)
  . Fix segfault and assertion failure with refcounted props and arrays.
    (nielsdos)
  . Fix potential crash with an edge case of persistent encoders. (nielsdos)
  . Fixed bug #75306 (Memleak in SoapClient). (nielsdos)

- Streams:
  . Fixed bug #75708 (getimagesize with "&$imageinfo" fails on \ 
StreamWrappers).
    (Jakub Zelenka)

- XMLReader:
  . Add missing NULL pointer error check. (icy17)

- XMLWriter:
  . Add missing NULL pointer error check. (icy17)

- XSL:
  . Add missing module dependency. (nielsdos)
  . Fix validation logic of php:function() callbacks. (nielsdos)
   2023-11-08 14:21:43 by Thomas Klausner | Files touched by this commit (2377) 
Log message:
*: recursive bump for icu 74.1
   2023-10-27 17:02:43 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
lang/php82: update to 8.2.12

26 Oct 2023, PHP 8.2.12

- Core:
  . Fixed bug GH-12207 (memory leak when class using trait with doc block).
    (rioderelfte)
  . Fixed bug GH-12215 (Module entry being overwritten causes type errors in
    ext/dom). (nielsdos)
  . Fixed bug GH-12273 (__builtin_cpu_init check). (Freaky)
  . Fixed bug #80092 (ZTS + preload = segfault on shutdown). (nielsdos)

- CLI:
  . Ensure a single Date header is present. (coppolafab)

- CType:
  . Fixed bug GH-11997 (ctype_alnum 5 times slower in PHP 8.1 or greater).
    (nielsdos)

- DOM:
  . Restore old namespace reconciliation behaviour. (nielsdos)
  . Fixed bug GH-8996 (DOMNode serialization on PHP ^8.1). (nielsdos)

- Fileinfo:
  . Fixed bug GH-11891 (fileinfo returns text/xml for some svg files). (usarise)

- Filter:
  . Fix explicit FILTER_REQUIRE_SCALAR with FILTER_CALLBACK (ilutov)

- Hash:
  . Fixed bug GH-12186 (segfault copying/cloning a finalized HashContext).
    (MaxSem)

- Intl:
  . Fixed bug GH-12243 (segfault on IntlDateFormatter::construct).
    (David Carlier)
  . Fixed bug GH-12282 (IntlDateFormatter::construct should throw an exception
    on an invalid locale). (David Carlier)

- MySQLnd:
  . Fixed bug GH-12297 (PHP Startup: Invalid library (maybe not a PHP library)
    'mysqlnd.so' in Unknown on line). (nielsdos)

- Opcache:
  . Fixed opcache_invalidate() on deleted file. (mikhainin)
  . Fixed bug GH-12380 (JIT+private array property access inside closure
    accesses private property in child class). (nielsdos)

- PCRE:
  . Fixed bug GH-11956 (Backport upstream fix, PCRE regular expressions with
    JIT enabled gives different result). (nielsdos)

- SimpleXML:
  . Fixed bug GH-12170 (Can't use xpath with comments in SimpleXML). (nielsdos)
  . Fixed bug GH-12223 (Entity reference produces infinite loop in
    var_dump/print_r). (nielsdos)
  . Fixed bug GH-12167 (Unable to get processing instruction contents in
    SimpleXML). (nielsdos)
  . Fixed bug GH-12169 (Unable to get comment contents in SimpleXML).
    (nielsdos)

- Streams:
  . Fixed bug GH-12190 (binding ipv4 address with both address and port at 0).
    (David Carlier)

- XML:
  . Fix return type of stub of xml_parse_into_struct(). (nielsdos)
  . Fix memory leak when calling xml_parse_into_struct() twice. (nielsdos)

- XSL:
  . Fix type error on XSLTProcessor::transformToDoc return value with
    SimpleXML. (nielsdos)