./lang/php83, PHP Hypertext Preprocessor version 8.3

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 8.3.13nb4, Package name: php-8.3.13nb4, Maintainer: pkgsrc-users

PHP is a widely-used open source general-purpose scripting language
that is especially suited for web development and can be embedded
into HTML. It is modular, and object-oriented. Much of its syntax
is borrowed from C, Java and Perl with a couple of unique PHP-specific
features thrown in. The language is designed to allow web developers
to write dynamically generated pages quickly.

PHP 8.3 comes with numerous improvements and new features such as

* Typed Class Constants
* Fetch class constant dynamically syntax
* Readonly Amendments
* Override Attribute
* New Randomizer method Random\Randomizer::getBytesFromString
* New function json_validate
* And much much more...



Package options: inet6, readline, ssl

Master sites:

Filesize: 12191.438 KB

Version history: (Expand)


CVS history: (Expand)


   2024-04-13 04:51:54 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/php83: update to 8.3.5

This release includes security fixes.

11 Apr 2024, PHP 8.3.5

- Core:
  . Fixed GH-13569 (GC buffer unnecessarily grows up to GC_MAX_BUF_SIZE when
    scanning WeakMaps). (Arnaud)
  . Fixed bug GH-13612 (Corrupted memory in destructor with weak references).
    (nielsdos)
  . Fixed bug GH-13446 (Restore exception handler after it finishes). (ilutov)
  . Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure). (Remi)
  . Fixed bug GH-13670 (GC does not scale well with a lot of objects created in
    destructor). (Arnaud)

- DOM:
  . Add some missing ZPP checks. (nielsdos)
  . Fix potential memory leak in XPath evaluation results. (nielsdos)

- FPM:
  . Fixed GH-11086 (FPM: config test runs twice in daemonised mode).
    (Jakub Zelenka)
  . Fix incorrect check in fpm_shm_free(). (nielsdos)

- GD:
  . Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests). (Michael Orlitzky)

- Gettext:
  . Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5
    with category set to LC_ALL. (David Carlier)

- MySQLnd:
  . Fix GH-13452 (Fixed handshake response [mysqlnd]). (Saki Takamachi)
  . Fix incorrect charset length in check_mb_eucjpms(). (nielsdos)

- Opcache:
  . Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null).
    (Arnaud, Dmitry)
  . Fixed GH-13712 (Segmentation fault for enabled observers when calling trait
    method of internal trait when opcache is loaded). (Bob)

- Random:
  . Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown
    modes). (timwolla)
  . Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between
    requests when MT_RAND_PHP is used). (timwolla)

- Session:
  . Fixed bug GH-13680 (Segfault with session_decode and compilation error).
    (nielsdos)

- SPL:
  . Fixed bug GH-13685 (Unexpected null pointer in zend_string.h). (nielsdos)

- Standard:
  . Fixed bug GH-11808 (Live filesystem modified by tests). (nielsdos)
  . Fixed GH-13402 (Added validation of `\n` in $additional_headers of mail()).
    (SakiTakamachi)
  . Fixed bug GH-13203 (file_put_contents fail on strings over 4GB on Windows).
    (divinity76)
  . Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command
    parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
  . Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
    partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
  . Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
    opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)
    Fixed bug GHSA-fjp9-9hwx-59fq (mb_encode_mimeheader runs endlessly for some
    inputs). (CVE-2024-2757) (Alex Dowad)
   2024-03-17 17:48:20 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/php83: update to 8.3.4

PHP 8.3.4 (2024-03-14)

- Core:
  . Fix ZTS persistent resource crashes on shutdown. (nielsdos)

- Curl:
  . Fix failing tests due to string changes in libcurl 8.6.0. (Ayesh)

- DOM:
  . Fix unlikely memory leak in case of namespace removal with extremely deep
    trees. (nielsdos)
  . Fix reference access in dimensions for DOMNodeList and DOMNodeMap.
    (nielsdos)

- Fileinfo:
  . Fixed bug GH-13344 (finfo::buffer(): Failed identify data 0:(null),
    backport). (nielsdos)

- FPM:
  . Fixed bug #75712 (getenv in php-fpm should not read $_ENV, $_SERVER).
    (Jakub Zelenka)

- GD:
  . Fixed bug GH-12019 (detection of image formats in system gd library).
    (Michael Orlitzky)

- MySQLnd:
  . Fixed bug GH-11950 ([mysqlnd] Fixed not to set CR_MALFORMED_PACKET to error
    if CR_SERVER_GONE_ERROR is already set). (Saki Takamachi)

- PDO:
  . Fix various PDORow bugs. (Girgias)

- PGSQL:
  . Fixed bug GH-13354 (pg_execute/pg_send_query_params/pg_send_execute
    with null value passed by reference). (George Barbarosie)

- SPL:
  . Fixed bug GH-13531 (Unable to resize SplfixedArray after being unserialized
    in PHP 8.2.15). (nielsdos)

- Standard:
  . Fixed bug GH-13279 (Instable array during in-place modification in uksort).
    (ilutov)
  . Fixed array key as hash to string (case insensitive) comparison typo
    for the second operand buffer size (albeit unused for now). (A. Slepykh)

- XML:
  . Fixed bug GH-13517 (Multiple test failures when building with
    --with-expat). (nielsdos)
   2024-02-16 14:15:20 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
lang/php83: update to 8.3.3

15 Feb 2024, PHP 8.3.3

- Core:
  . Fixed timer leak in zend-max-execution-timers builds. (withinboredom)
  . Fixed bug GH-12349 (linking failure on ARM with mold). (Jan Palus)
  . Fixed bug GH-13097 (Anonymous class reference in trigger_error / thrown
    Exception). (nielsdos)
  . Fixed bug GH-13177 (PHP 8.3.2: final private constructor not allowed
    when used in trait). (nielsdos)
  . Fixed bug GH-13215 (GCC 14 build failure). (Remi)

- Curl:
  . Fix missing error check in curl_multi_init(). (divinity76)

- FPM:
  . Fixed bug GH-12996 (Incorrect SCRIPT_NAME with Apache ProxyPassMatch when
    plus in path). (Jakub Zelenka)

- GD:
  . Fixed bug GH-10344 (imagettfbbox(): Could not find/open font UNC path).
    (nielsdos)
  . Fixed bug GH-10614 (imagerotate will turn the picture all black, when
    rotated 90). (nielsdos)

- LibXML:
  . Fix crashes with entity references and predefined entities. (nielsdos)

- MySQLnd:
  . Fixed bug GH-12107 (When running a stored procedure (that returns a result
    set) twice, PHP crashes). (nielsdos)

- Opcache:
  . Fixed bug GH-13145 (strtok() is not comptime). (ilutov)
  . Fixed type inference of range(). (ilutov)
  . Fixed bug GH-13232 (Segmentation fault will be reported when JIT is off but
    JIT_debug is still on). (nielsdos)

- OpenSSL:
  . Fixed LibreSSL undefined reference when OPENSSL_NO_ENGINE not set.
   (David Carlier).

- PDO_Firebird:
  . Fix GH-13119 (Changed to convert float and double values ​​into strings using
    `H` format). (SakiTakamachi)

- Phar:
  . Fixed bug #71465 (PHAR doesn't know about litespeed). (nielsdos)
  . Fixed bug GH-13037 (PharData incorrectly extracts zip file). (nielsdos)

- Random:
  . Fixed bug GH-13138 (Randomizer::pickArrayKeys() does not detect broken
    engines). (timwolla)

- Session:
  . Fixed bug GH-12504 (Corrupted session written when there's a fatal error
    in autoloader). (nielsdos)

- Standard:
  . Fixed bug GH-13094 (range(9.9, '0') causes segmentation fault). (nielsdos)

- Streams:
  . Fixed bug GH-13071 (Copying large files using mmap-able source streams may
    exhaust available memory and fail). (nielsdos)
   2024-01-21 08:53:53 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
lang/php83: update to 8.3.2

8.3.2 (2024-01-18)

- Core:
  . Fixed bug GH-12953 (false positive SSA integrity verification failed when
    loading composer classmaps with more than 11k elements). (nielsdos)
  . Fixed bug GH-12999 (zend_strnlen build when strnlen is unsupported).
    (rainerjung)
  . Fixed bug GH-12966 (missing cross-compiling 3rd argument so Autoconf
    doesn't emit warnings). (Peter Kokot)
  . Fixed bug GH-12854 (8.3 - as final trait-used method does not correctly
    report visibility in Reflection). (nielsdos)

- Cli:
  . Fix incorrect timeout in built-in web server when using router script and
    max_input_time. (ilutov)

- DOM:
  . Fixed bug GH-12870 (Creating an xmlns attribute results in a DOMException).
    (nielsdos)
  . Fix crash when toggleAttribute() is used without a document. (nielsdos)
  . Fix crash in adoptNode with attribute references. (nielsdos)
  . Fixed bug GH-13012 (DOMNode::isEqualNode() is incorrect when attribute
    order is different). (nielsdos)

- FFI:
  . Fixed bug GH-9698 (stream_wrapper_register crashes with FFI\CData).
    (Jakub Zelenka)
  . Fixed bug GH-12905 (FFI::new interacts badly with observers). (nielsdos)

- Intl:
  . Fixed GH-12943 (IntlDateFormatter::__construct accepts 'C' as valid locale).
    (David Carlier)

- Hash:
  . Fixed bug GH-12936 (hash() function hangs endlessly if using sha512 on
    strings >= 4GiB). (nielsdos)

- ODBC:
  . Fix crash on Apache shutdown with persistent connections. (nielsdos)

- Opcache:
  . Fixed oss-fuzz #64727 (JIT undefined array key warning may overwrite DIM
    with NULL when DIM is the same var as result). (ilutov)
  . Added workaround for SELinux mprotect execheap issue.
    See https://bugzilla.kernel.org/show_bug.cgi?id=218258. (ilutov)

- OpenSSL:
  . Fixed bug GH-12987 (openssl_csr_sign might leak new cert on error).
    (Jakub Zelenka)

- PDO:
  . Fix GH-12969 (Fixed PDO::getAttribute() to get PDO::ATTR_STRINGIFY_FETCHES).
    (SakiTakamachi)

- PDO_ODBC:
  . Fixed bug GH-12767 (Unable to turn on autocommit mode with setAttribute()).
    (SakiTakamachi)

- PGSQL:
  . Fixed auto_reset_persistent handling and allow_persistent type. (David Carlier)
  . Fixed bug GH-12974 (Apache crashes on shutdown when using pg_pconnect()).
    (nielsdos)

- Phar:
  . Fixed bug #77432 (Segmentation fault on including phar file). (nielsdos)

- PHPDBG:
  . Fixed bug GH-12962 (Double free of init_file in phpdbg_prompt.c). (nielsdos)

- SimpleXML:
  . Fix getting the address of an uninitialized property of a SimpleXMLElement
    resulting in a crash. (nielsdos)
  . Fixed bug GH-12929 (SimpleXMLElement with stream_wrapper_register can
    segfault). (nielsdos)

- Tidy:
  . Fixed bug GH-12980 (tidynode.props.attribute is missing
    "Boolean Attributes" and empty attributes). (nielsdos)
   2024-01-05 03:08:41 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
lang/php83: update to 8.3.1

PHP 8.3.1 (2023-12-21)

- Core:
  . Fixed bug GH-12758 / GH-12768 (Invalid opline in OOM handlers within
    ZEND_FUNC_GET_ARGS and ZEND_BIND_STATIC). (Florian Engelhardt)
  . Fix various missing NULL checks. (nielsdos, dstogov)
  . Fixed bug GH-12835 (Leak of call->extra_named_params on internal __call).
    (ilutov)
  . Fixed bug GH-12826 (Weird pointers issue in nested loops). (nielsdos)

- FPM:
  . Fixed bug GH-12705 (Segmentation fault in fpm_status_export_to_zval).
    (Patrick Prasse)

- FTP:
  . Fixed bug GH-9348 (FTP & SSL session reuse). (nielsdos)

- LibXML:
  . Fixed test failures for libxml2 2.12.0. (nielsdos)

- MySQLnd:
  . Avoid using uninitialised struct. (mikhainin)
  . Fixed bug GH-12791 (Possible dereference of NULL in MySQLnd debug code).
    (nielsdos)

- Opcache:
  . Fixed JIT bug (Function JIT emits "Uninitialized string offset" warning
    at the same time as invalid offset Error). (Girgias)
  . Fixed JIT bug (JIT emits "Attempt to assign property of non-object"
    warning at the same time as Error is being thrown). (Girgias)

- PDO PGSQL:
  . Fixed the default value of $fetchMode in PDO::pgsqlGetNotify() (kocsismate)

- SOAP:
  . Fixed bug GH-12838 ([SOAP] Temporary WSDL cache files not being deleted).
    (nielsdos)

- Standard
  . Fixed GH-12745 (http_build_query() default null argument for $arg_separator
    is implicitly coerced to string). (Girgias)
   2023-11-30 17:14:51 by Takahiro Kambe | Files touched by this commit (21)
Log message:
lang/php83: add version 8.3.0

PHP is a widely-used open source general-purpose scripting language
that is especially suited for web development and can be embedded
into HTML.  It is modular, and object-oriented.  Much of its syntax
is borrowed from C, Java and Perl with a couple of unique PHP-specific
features thrown in.  The language is designed to allow web developers
to write dynamically generated pages quickly.

PHP 8.3 comes with numerous improvements and new features such as

* Typed Class Constants
* Fetch class constant dynamically syntax
* Readonly Amendments
* Override Attribute
* New Randomizer method Random\Randomizer::getBytesFromString
* New function json_validate
* And much much more...