./lang/php54, PHP Hypertext Preprocessor version 5.4

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2014Q3, Version: 5.4.36, Package name: php-5.4.36, Maintainer: pkgsrc-users

PHP is an HTML-embedded scripting language. It is modular, with
some object-oriented features. Much of its syntax is borrowed from
C, Java and Perl with a couple of unique PHP-specific features
thrown in. The language is designed to allow web developers to
write dynamically generated pages quickly.

This package provides PHP version 5.4.x.


Required to run:
[textproc/libxml2]


Package options: inet6, ssl

Master sites: (Expand)

SHA1: 6d832bdf631ee4684910d5546734ff92a434f358
RMD160: 1d23d9863ce0211bef58e709396e0f7f66d6bbc3
Filesize: 11613.702 KB

Version history: (Expand)


CVS history: (Expand)


   2014-12-21 11:26:39 by Matthias Scheler | Files touched by this commit (1) | Package updated
Log message:
Pullup ticket #4577 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.79
- lang/php54/distinfo                                           1.50

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Fri Dec 19 16:08:35 UTC 2014

   Modified Files:
           pkgsrc/lang/php: phpversion.mk
           pkgsrc/lang/php54: distinfo

   Log message:
   Update php54 to 5.4.36, including security fix.

   18 Dec 2014 PHP 5.4.36

   - Core:
     . Upgraded crypt_blowfish to version 1.3. (Leigh)
     . Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
     . Fixed bug #68594 (Use after free vulnerability in unserialize()).
       (CVE-2014-8142) (Stefan Esser)

   13 Nov 2014 PHP 5.4.35

   - Core:
     . Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in
       zend_hash_copy). (Dmitry)

   - Fileinfo:
     . Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers).
       (CVE-2014-3710) (Remi)

   - GMP:
    . Fixed bug #63595 (GMP memory management conflicts with other libraries
      using GMP). (Remi)

   - PDO_pgsql:
     . Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)
   2014-11-19 12:08:47 by Matthias Scheler | Files touched by this commit (1) | Package updated
Log message:
Pullup ticket #4550 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.76
- lang/php54/distinfo                                           1.49

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Nov 15 14:49:45 UTC 2014

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php54: distinfo

   Log message:
   Update php54 to 5.4.35 (PHP 5.4.35).

   13 Nov 2014 PHP 5.4.35

   - Core:
     . Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in
       zend_hash_copy). (Dmitry)

   - Fileinfo:
     . Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers).
       (CVE-2014-3710) (Remi)

   - GMP:
    . Fixed bug #63595 (GMP memory management conflicts with other libraries
      using GMP). (Remi)

   - PDO_pgsql:
     . Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)
   2014-10-25 16:08:57 by Matthias Scheler | Files touched by this commit (1) | Package updated
Log message:
Pullup ticket #4525 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.75
- lang/php54/distinfo                                           1.48

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Oct 18 14:29:04 UTC 2014

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php54: distinfo

   Log message:
   Update to php54 5.4.34.

   16 Oct 2014, PHP 5.4.34

   - Fileinfo:
     . Fixed bug #66242 (libmagic: don't assume char is signed). (ArdB)

   - Core:
     . Fixed bug #67985 (Incorrect last used array index copied to new array after
       unset). (Tjerk)
     . Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)).
       (CVE-2014-3669) (Stas)

   - cURL:
     . Fixed bug #68089 (NULL byte injection - cURL lib). (Stas)

   - EXIF:
     . Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
       (Stas)

   - OpenSSL:
     . Reverted fixes for bug #41631, due to regressions. (Stas)

   - XMLRPC:
     . Fixed bug #68027 (Global buffer overflow in mkgmtime() function).
       (CVE-2014-3668) (Stas)