Next | Query returned 3 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2015-06-24 03:16:39 by Hiramatsu Yoshifumi | Files touched by this commit (1) | Package updated
Log message:
Pullup ticket #4750 - requested by taca
lang/php54: security update

Revisions pulled up:
- pkgsrc/lang/php/phpversion.mk                                 1.102
- pkgsrc/lang/php54/distinfo                                    1.58

---
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Fri Jun 12 04:51:01 UTC 2015

   Modified Files:
           pkgsrc/lang/php: phpversion.mk
           pkgsrc/lang/php54: distinfo

   Log message:
   Update php54 to 5.4.42.

   11 Jun 2015 PHP 5.4.42

   - Core:
     . Imroved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in
       heap overflow). (Max Spelsberg)
     . Fixed bug #69646 (OS command injection vulnerability in escapeshellarg).
       (Anatol Belski)
     . Fixed bug #69719 (Incorrect handling of paths with NULs). (Stas)

   - Litespeed SAPI:
     . Fixed bug #68812 (Unchecked return value). (George Wang)

   - Mail:
     . Fixed bug #68776 (mail() does not have mail header injection prevention for
       additional headers). (Yasuo)

   - Postgres:
     . Fixed bug #69667 (segfault in php_pgsql_meta_data). (Remi)

   - Sqlite3:
     . Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415,
       CVE-2015-3416) (Kaplan)
   2015-05-19 19:52:32 by Matthias Scheler | Files touched by this commit (1) | Package updated
Log message:
Pullup ticket #4724 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.97
- lang/php54/distinfo                                           1.57

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat May 16 11:16:41 UTC 2015

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php54: distinfo

   Log message:
   Update php54 to 5.4.41.

   14 May 2015 PHP 5.4.41

   - Core:
     . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
     . Fixed bug #69403 (str_repeat() sign mismatch based memory corruption).
       (Stas)
     . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
     . Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)

   - FTP:
     . Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
       overflow). (Stas)

   - PCNTL:
     . Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)

   - PCRE
     . Upgraded pcrelib to 8.37.

   - Phar:
     . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry
       filename starts with null). (Stas)
   2015-04-21 23:50:09 by Matthias Scheler | Files touched by this commit (1) | Package updated
Log message:
Pullup ticket #4677 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.94
- lang/php54/distinfo                                           1.56

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Apr 17 16:39:56 UTC 2015

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php54: distinfo

   Log message:
   Update php54 to 5.4.40.

   16 Apr 2015 PHP 5.4.40

   - Apache2handler:
     . Fixed bug #69218 (potential remote code execution with apache 2.4
       apache2handler). (Gerrit Venema)

   - Core:
     . Additional fix for bug #69152 (Type confusion vulnerability in
       exception::getTraceAsString). (Stas)
     . Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion
       vulnerability). (Stas)
     . Fixed bug #69353 (Missing null byte checks for paths in various PHP
       extensions). (Stas)

   - cURL:
     . Fixed bug #69316 (Use-after-free in php_curl related to
       CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)

   - Ereg:
     . Fixed bug #68740 (NULL Pointer Dereference). (Laruence)

   - Fileinfo:
     . Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or
       segfault). (Anatol Belski)

   - GD:
     . Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (Remi)

   - Phar:
     . Fixed bug #68901 (use after free). (bugreports at internot dot info)
     . Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (Stas)
     . Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in
       phar_set_inode). (Stas)

   - Postgres:
     . Fixed bug #68741 (Null pointer deference) (CVE-2015-1352). (Xinchen Hui)

   - SOAP:
     . Fixed bug #69152 (Type Confusion Infoleak Vulnerability in unserialize()
       with SoapFault). (Dmitry)

   - Sqlite3:
     . Fixed bug #66550 (SQLite prepared statement use-after-free). (Sean Heelan)

Next | Query returned 3 messages, browsing 1 to 10 | previous