Navigation:
Browse pkgsrc
(this page)
lang php53
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ]| 2014-08-18 16:44:30 by Matthias Scheler | Files touched by this commit (1) |
Log message: Remove superfluous patch file. Problem pointed out by Patrick Welche on ticket #4475. |
2014-08-18 14:48:05 by Matthias Scheler | Files touched by this commit (6) |  |
Log message:
Pullup ticket #4475 - requested by prlw1
lang/php53: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.69 via patch
- lang/php53/Makefile 1.49
- lang/php53/Makefile.php 1.41
- lang/php53/distinfo 1.75-1.76
- lang/php53/patches/patch-Zend_zend_language_parser.h deleted
- lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.c deleted
- lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.re deleted
---
Module Name: pkgsrc
Committed By: prlw1
Date: Mon Jul 28 16:12:57 UTC 2014
Modified Files:
pkgsrc/lang/php53: distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-Zend_zend_language_parser.h
Log message:
Fix build of www/ap-php with PHP 5.3.
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Aug 15 16:09:16 UTC 2014
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php53: Makefile Makefile.php distinfo
Removed Files:
pkgsrc/lang/php53/patches: patch-Zend_zend_language_parser.h
patch-ext_date_lib_parse__iso__intervals.c
patch-ext_date_lib_parse__iso__intervals.re
Log message:
Update php53 to 5.3.29, final PHP 5.3 release.
14 Aug 2014, PHP 5.3.29
- Core:
. Fixed bug #66127 (Segmentation fault with ArrayObject unset). (Stas)
. Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas)
. Fixed bug #67249 (printf out-of-bounds read). (Stas)
. Fixed bug #67250 (iptcparse out-of-bounds read). (Stas)
. Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas)
. Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence)
. Fixed bug #67390 (insecure temporary file use in the configure script).
(Remi) (CVE-2014-3981)
. Fixed bug #67399 (putenv with empty variable may lead to crash). (Stas)
. Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type
Confusion) (CVE-2014-3515). (Stefan Esser)
. Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability).
(Stefan Esser)
- COM:
. Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas).
- Date:
. Fixed bug #66060 (Heap buffer over-read in DateInterval). (CVE-2013-6712)
(Remi)
. Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas)
. Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). (Stas)
- Exif:
. Fixed bug #65873 (Integer overflow in exif_read_data()). (Stas)
- Fileinfo:
. Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol)
. Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary
check). (CVE-2014-0207)
. Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS).
(CVE-2014-0238)
. Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting
in performance degradation). (CVE-2014-0237)
. Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal
string size). (Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary
check). (Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check).
(Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary
check). (Francisco Alonso, Jan Kaluza, Remi)
- Intl:
. Fixed bug #67349 (Locale::parseLocale Double Free). (Stas)
. Fixed bug #67397 (Buffer overflow in locale_get_display_name and
uloc_getDisplayName (libicu 4.8.1)). (Stas)
- Network:
. Fixed bug #67432 (Fix potential segfault in dns_check_record()).
(CVE-2014-4049). (Sara)
- OpenSSL:
. Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).
- Session:
. Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).
|
New packages: