Path to this page:
Next | Query returned 3 messages, browsing 1 to 10 | previous
CVS Commit History:
2016-06-28 21:35:58 by Benny Siegert | Files touched by this commit (2) |
Log message:
Pullup ticket #5050 - requested by taca
lang/php55: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.139
- lang/php55/Makefile 1.27
- lang/php55/distinfo 1.54
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Jun 24 15:23:00 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php55: Makefile distinfo
Log message:
Update php55 to 5.5.37 (PHP 5.5.37), including security fixes.
pkgsrc change: remove confiugre from SUBST_FILES.path.
23 Jun 2016, PHP 5.5.37
- Core:
. Fixed bug #72268 (Integer Overflow in nl2br()). (Stas)
. Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/
json_utf8_to_utf16()). (Stas)
. Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Stas)
. Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL). (Stas)
- GD:
. Fixed bug #66387 (Stack overflow with imagefilltoborder) (CVE-2015-8874).
(cmb)
. Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas)
. Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in
heap overflow). (Pierre)
. Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas)
. Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting
in heap overflow). (Pierre)
- mbstring:
. Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas)
- mcrypt:
. Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)
- SPL:
. Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (Stas)
. Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and
unserialize). (Dmitry)
- WDDX:
. Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (Stas)
- zip:
. Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC
algorithm and unserialize). (Dmitry)
|
2016-06-04 21:45:19 by Benny Siegert | Files touched by this commit (1) |
Log message:
Pullup ticket #5034 - requested by taca
lang/php55: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.136
- lang/php55/distinfo 1.53
---
Module Name: pkgsrc
Committed By: taca
Date: Fri May 27 13:25:44 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php55: distinfo
Log message:
Update php55 to 5.5.36 (PHP 5.5.36), including security fix.
26 May 2016, PHP 5.5.36
- Core:
. Fixed bug #72114 (Integer underflow / arbitrary null write in
fread/gzread). (Stas)
. Fixed bug #72135 (Integer Overflow in php_html_entities). (Stas)
- GD:
. Fixed bug #72227 (imagescale out-of-bounds read). (Stas)
- Intl:
. Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (Stas)
- Phar:
. Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()).
(CVE-2016-4343) (Stas)
|
2016-05-08 10:10:06 by Benny Siegert | Files touched by this commit (2) |
Log message:
Pullup ticket #4972 - requested by taca
lang/php55: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.132-1.133
- lang/php55/distinfo 1.52
- lang/php55/patches/patch-ext_standard_php__dns.h 1.2
---
Module Name: pkgsrc
Committed By: wiz
Date: Fri Apr 22 09:46:50 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
Log message:
Detect php-7.0 (define _PHP_VERSION_70_INSTALLED).
Addresses PR 50957.
---
Module Name: pkgsrc
Committed By: taca
Date: Mon May 2 13:06:21 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php55: distinfo
pkgsrc/lang/php55/patches: patch-ext_standard_php__dns.h
Log message:
Update php55 to 5.5.35.
pkgsrc change: Fix build problem on Linux noted by Matthias Ferdinand on
pkgsrc-users@.
28 Apr 2016, PHP 5.5.35
- BCMath:
. Fix bug #72093 (bcpowmod accepts negative scale and corrupts _one_
definition). (Stas)
- Exif:
. Fix bug #72094 (Out of bounds heap read access in exif header
processing). (Stas)
- GD:
. Fix bug #71912 (libgd: signedness vulnerability). (Stas)
- Intl:
. Fix bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative
offset). (Stas)
- XML:
. Fix bug #72099 (xml_parse_into_struct segmentation fault). (Stas)
|
Next | Query returned 3 messages, browsing 1 to 10 | previous