Next | Query returned 3 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2015-03-03 21:58:46 by Matthias Scheler | Files touched by this commit (6) | Package updated
Log message:
Pullup ticket #4632 - requested by taca
lang/php55: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.87
- lang/php55/Makefile                                           1.19
- lang/php55/PLIST                                              1.5
- lang/php55/distinfo                                           1.35
- lang/php55/patches/patch-ext_date_php_date.c                  deleted
- lang/php55/patches/patch-ext_date_tests_bug68942.phpt         deleted
- lang/php55/patches/patch-ext_date_tests_bug68942_2.phpt       deleted

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Feb 19 13:35:24 UTC 2015

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php55: Makefile PLIST distinfo
   Removed Files:
   	pkgsrc/lang/php55/patches: patch-ext_date_php_date.c
   	    patch-ext_date_tests_bug68942.phpt
   	    patch-ext_date_tests_bug68942_2.phpt

   Log message:
   Update php55 to 5.5.22 (PHP 5.5.22).

   19 Feb 2015, PHP 5.5.22

   - Core:
     . Fixed bug #67068 (getClosure returns somethings that's not a closure).
       (Danack at basereality dot com)
     . Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc \ 
gethostbyname
       buffer overflow). (Stas)
     . Fixed bug #68942 (Use after free vulnerability in unserialize() with
       DateTimeZone). (CVE-2015-0273) (Stas)
     . Added NULL byte protection to exec, system and passthru. (Yasuo)
     . Removed support for multi-line headers, as the are deprecated by RFC 7230.
       (Stas)

   - Date:
     . Fixed bug #45081 (strtotime incorrectly interprets SGT time zone). (Derick)

   - Dba:
     . Fixed bug #68711 (useless comparisons). (bugreports at internot dot info)

   - Enchant:
     . Fixed bug #6855 (heap buffer overflow in enchant_broker_request_dict()).
       (Antony)

   - Fileinfo:
     . Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers)

   - FPM:
     . Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle)
     . Fixed bug #68571 (core dump when webserver close the socket).
       (redfoxli069 at gmail dot com, Laruence)

   - Libxml:
     . Fixed bug #64938 (libxml_disable_entity_loader setting is shared
       between threads). (Martin Jansen)

   - OpenSSL:
     . Fixed bug #55618 (use case-insensitive cert name matching).
       (Daniel Lowrey)

   - PDO_mysql:
     . Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of
       named pipes). (steffenb198@aol.com)

   - Phar:
     . Fixed bug #68901 (use after free). (bugreports at internot dot info)

   - Pgsql:
     . Fixed Bug #65199 'pg_copy_from() modifies input array variable). (Yasuo)

   - Sqlite3:
     . Fixed bug #68260 (SQLite3Result::fetchArray declares wrong
       required_num_args). (Julien)

   - Mysqli:
     . Fixed bug #68114 (linker error on some OS X machines with fixed
       width decimal support) (Keyur Govande)
     . Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient
       has rounding errors) (Keyur Govande)

   - Session:
     . Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo)
     . Fixed Bug #66623 (no EINTR check on flock) (Yasuo)
     . Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo)

   - Standard:
     . Fixed bug #65272 (flock() out parameter not set correctly in windows).
       (Daniel Lowrey)
     . Fixed bug #69033 (Request may get env. variables from previous requests
       if PHP works as FastCGI)

   - Streams:
     . Fixed bug which caused call after final close on streams filter. (Bob)
   2015-02-18 19:54:20 by Matthias Scheler | Files touched by this commit (5)
Log message:
Pullup ticket #4617 - requested by sevan
lang/php55: security patch

Revisions pulled up:
- lang/php55/Makefile                                           1.18
- lang/php55/distinfo                                           1.34
- lang/php55/patches/patch-ext_date_php_date.c                  1.1
- lang/php55/patches/patch-ext_date_tests_bug68942.phpt         1.1
- lang/php55/patches/patch-ext_date_tests_bug68942_2.phpt       1.1

---
   Module Name:    pkgsrc
   Committed By:   sevan
   Date:           Wed Feb 18 11:14:16 UTC 2015

   Modified Files:
           pkgsrc/lang/php55: Makefile distinfo
   Added Files:
           pkgsrc/lang/php55/patches: patch-ext_date_php_date.c
               patch-ext_date_tests_bug68942.phpt
               patch-ext_date_tests_bug68942_2.phpt

   Log message:
   Fix CVE-2015-0273 php: #68942 Use after free vulnerability in
   unserialize() with DateTimeZone

   Reviewed by wiz@
   2015-01-27 20:37:21 by Matthias Scheler | Files touched by this commit (1) | Package updated
Log message:
Pullup ticket #4598 - requested by taca
lang/php55: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.84
- lang/php55/distinfo                                           1.33

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Jan 23 16:10:34 UTC 2015

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php55: distinfo

   Log message:
   Update php55 to 5.5.21.

   22 Jan 2014, PHP 5.5.21

   - Core:
     . Upgraded crypt_blowfish to version 1.3. (Leigh)
     . Fixed bug #60704 (unlink() bug with some files path).
     . Fixed bug #65419 (Inside trait, self::class !=3D __CLASS__). (Julie=
   n)
     . Fixed bug #65576 (Constructor from trait conflicts with inherited
       constructor). (dunglas at gmail dot com)
     . Fixed bug #55541 (errors spawn MessageBox, which blocks test automa=
   tion).
       (Anatol)
     . Fixed bug #68297 (Application Popup provides too few information). =
   (Anatol)
     . Fixed bug #65769 (localeconv() broken in TS builds). (Anatol)
     . Fixed bug #65230 (setting locale randomly broken). (Anatol)
     . Fixed bug #66764 (configure doesn't define EXPANDED_DATADIR / PHP_D=
   ATADIR
       correctly). (Ferenc)
     . Fixed bug #68583 (Crash in timeout thread). (Anatol)
     . Fixed bug #68594 (Use after free vulnerability in unserialize()).
       (CVE-2014-8142) (Stefan Esser)
     . Fixed bug #68676 (Explicit Double Free). (Kalle)
     . Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize=
   ()).
       (CVE-2015-0231) (Stefan Esser)

   - CGI:
     . Fixed bug #68618 (out of bounds read crashes php-cgi).(CVE-2014-942=
   7)
       (Stas)

   - CLI server:
     . Fixed bug #68745 (Invalid HTTP requests make web server segfault). =
   (Adam)

   - cURL:
     . Fixed bug #67643 (curl_multi_getcontent returns '' when
       CURLOPT_RETURNTRANSFER isn't set). (Jille Timmermans)

   - EXIF:
     . Fixed bug #68799: Free called on unitialized pointer. (CVE-2015-023=
   2)
       (Stas)

   - Fileinfo:
     . Fixed bug #68671 (incorrect expression in libmagic).
       (Joshua Rogers, Anatol Belski)
     . Removed readelf.c and related code from libmagic sources
       (Remi, Anatol)
     . Fixed bug #68735 (fileinfo out-of-bounds memory access).
       (Anatol)

   - FPM:
     . Fixed bug #68751 (listen.allowed_clients is broken). (Remi)

   - GD:
     . Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (Jan Bee, R=
   emi)

   - Mbstring:
     . Fixed bug #68504 (--with-libmbfl configure option not present on Wi=
   ndows).
       (Ashesh Vashi)

   - Mcrypt:
     . Fixed possible read after end of buffer and use after free. (Dmitry=
   )

   - Opcache:
     . Fixed bug #67111 (Memory leak when using "continue 2" inside two fo=
   reach
       loops). (Nikita)

   - OpenSSL:
     . Fixed bug #55618 (use case-insensitive cert name matching). (Daniel=
    Lowrey)

   - Pcntl:
     . Fixed bug #60509 (pcntl_signal doesn't decrease ref-count of old ha=
   ndler
       when setting SIG_DFL). (Julien)

   - PCRE:
     . Fixed bug #66679 (Alignment Bug in PCRE 8.34 upstream).
       (Rainer Jung, Anatol Belski)

   - pgsql:
     . Fixed bug #68697 (lo_export return -1 on failure). (Ond=F8ej Sur=FD=
   )

   - PDO:
     . Fixed bug #68371 (PDO#getAttribute() cannot be called with platform=
   -specific
       attribute names). (Matteo)

   - PDO_mysql:
     . Fixed bug #68424 (Add new PDO mysql connection attr to control mult=
   i
       statements option). (peter dot wolanin at acquia dot com)

   - SPL:
     . Fixed bug #66405 (RecursiveDirectoryIterator::CURRENT_AS_PATHNAME
       breaks the RecursiveIterator). (Paul Garvin)
     . Fixed bug #65213 (cannot cast SplFileInfo to boolean) (Tjerk)
     . Fixed bug #68479 (Added escape parameter to SplFileObject::fputcsv)=
   . (Salathe)

   - SQLite:
     . Fixed bug #68120 (Update bundled libsqlite to 3.8.7.2). (Anatol)

   - Streams:
     . Fixed bug #68532 (convert.base64-encode omits padding bytes).
       (blaesius at krumedia dot de)

Next | Query returned 3 messages, browsing 1 to 10 | previous