Path to this page:
Next | Query returned 3 messages, browsing 1 to 10 | previous
CVS Commit History:
2015-03-01 17:19:23 by Matthias Scheler | Files touched by this commit (4) | |
Log message:
Pullup ticket #4631 - requested by taca
lang/php54: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.86
- lang/php54/Makefile 1.27
- lang/php54/distinfo 1.53
- lang/php54/patches/patch-ext_date_php_date.c deleted
- lang/php54/patches/patch-ext_date_tests_bug68942_2.phpt deleted
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Feb 19 09:37:36 UTC 2015
Modified Files:
pkgsrc/lang/php54: Makefile distinfo
Removed Files:
pkgsrc/lang/php54/patches: patch-ext_date_php_date.c
patch-ext_date_tests_bug68942_2.phpt
Log message:
Update php54 to 5.4.38 (PHP 5.4.38).
19 Feb 2015 PHP 5.4.38
- Core:
. Removed support for multi-line headers, as the are deprecated by RFC 7230.
(Stas)
. Added NULL byte protection to exec, system and passthru. (Yasuo)
. Fixed bug #68925 (Mitigation for CVE-2015-0235 â GHOST: glibc \
gethostbyname
buffer overflow). (Stas)
. Fixed bug #67827 (broken detection of system crypt sha256/sha512 support).
(ncopa at alpinelinux dot org)
. Fixed bug #68942 (Use after free vulnerability in unserialize() with
DateTimeZone). (Stas)
- Enchant:
. Fixed bug #6855 (heap buffer overflow in enchant_broker_request_dict()).
(Antony)
- SOAP:
. Fixed bug #67427 (SoapServer cannot handle large messages)
(brandt at docoloc dot de)
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Feb 19 13:15:00 UTC 2015
Modified Files:
pkgsrc/lang/php: phpversion.mk
Log message:
Forgot to commit with php54 update.
|
2015-02-18 19:41:36 by Matthias Scheler | Files touched by this commit (4) |
Log message:
Pullup ticket #4617 - requested by sevan
lang/php54: security patch
Revisions pulled up:
- lang/php54/Makefile 1.26
- lang/php54/distinfo 1.52
- lang/php54/patches/patch-ext_date_php_date.c 1.1
- lang/php54/patches/patch-ext_date_tests_bug68942_2.phpt 1.1
---
Module Name: pkgsrc
Committed By: sevan
Date: Wed Feb 18 11:04:04 UTC 2015
Modified Files:
pkgsrc/lang/php54: Makefile distinfo
Added Files:
pkgsrc/lang/php54/patches: patch-ext_date_php_date.c
patch-ext_date_tests_bug68942_2.phpt
Log message:
Fix CVE-2015-0273 php: #68942 Use after free vulnerability in
unserialize() with DateTimeZone
Reviewed by wiz@
|
2015-01-27 19:30:15 by Matthias Scheler | Files touched by this commit (1) | |
Log message:
Pullup ticket #4597 - requested by taca
lang/php54: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.82-1.83
- lang/php54/distinfo 1.51
---
Module Name: pkgsrc
Committed By: dholland
Date: Thu Jan 1 11:51:41 UTC 2015
Modified Files:
pkgsrc/lang/php: phpversion.mk
Log message:
Use PKG_FAIL_REASON for errors.
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jan 23 16:09:26 UTC 2015
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php54: distinfo
Log message:
Update to php54 to 5.4.37.
22 Jan 2015 PHP 5.4.37
- Core:
. Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize()).
(CVE-2015-0231) (Stefan Esser)
- CGI:
. Fixed bug #68618 (out of bounds read crashes php-cgi). (CVE-2014-9427)
(Stas)
- EXIF:
. Fixed bug #68799: Free called on unitialized pointer. (CVE-2015-0232) (Stas)
- Fileinfo:
. Removed readelf.c and related code from libmagic sources
(Remi, Anatol)
. Fixed bug #68735 (fileinfo out-of-bounds memory access).
(Anatol)
- OpenSSL:
. Fixed bug #55618 (use case-insensitive cert name matching).
(Daniel Lowrey)
|
Next | Query returned 3 messages, browsing 1 to 10 | previous