Path to this page:
Next | Query returned 3 messages, browsing 1 to 10 | previous
CVS Commit History:
2016-09-24 19:24:39 by Benny Siegert | Files touched by this commit (1) |
Log message:
Pullup ticket #5106 - requested by taca
lang/php70: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.157
- lang/php70/distinfo 1.19
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Sep 16 16:10:29 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: distinfo
Log message:
Update php70 to 7.0.11 (PHP 7.0.11).
15 Sep 2016 PHP 7.0.11
- Core:
. Fixed bug #72944 (Null pointer deref in zval_delref_p). (Dmitry)
. Fixed bug #72943 (assign_dim on string doesn't reset hval). (Laruence)
. Fixed bug #72911 (Memleak in zend_binary_assign_op_obj_helper). (Laruence)
. Fixed bug #72813 (Segfault with __get returned by ref). (Laruence)
. Fixed bug #72767 (PHP Segfaults when trying to expand an infinite operator).
(Nikita)
. Fixed bug #72854 (PHP Crashes on duplicate destructor call). (Nikita)
. Fixed bug #72857 (stream_socket_recvfrom read access violation). (Anatol)
- COM:
. Fixed bug #72922 (COM called from PHP does not return out parameters).
(Anatol)
- Dba:
. Fixed bug #70825 (Cannot fetch multiple values with group in ini file).
(cmb)
- FTP:
. Fixed bug #70195 (Cannot upload file using ftp_put to FTPES with
require_ssl_reuse). (Benedict Singer)
- GD:
. Fixed bug #72709 (imagesetstyle() causes OOB read for empty $styles). (cmb)
. Fixed bug #66005 (imagecopy does not support 1bit transparency on truecolor
images). (cmb)
. Fixed bug #72913 (imagecopy() loses single-color transparency on palette
images). (cmb)
. Fixed bug #68716 (possible resource leaks in _php_image_convert()). (cmb)
- iconv:
. Fixed bug #72320 (iconv_substr returns false for empty strings). (cmb)
- IMAP:
. Fixed bug #72852 (imap_mail null dereference). (Anatol)
- Intl:
. Fixed bug #65732 (grapheme_*() is not Unicode compliant on CR LF
sequence). (cmb)
. Fixed bug #73007 (add locale length check). (Stas)
- Mysqlnd:
. Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields). (Stas)
- OCI8
. Fixed invalid handle error with Implicit Result Sets. (Chris Jones)
. Fixed bug #72524 (Binding null values triggers ORA-24816 error). (Chris Jones)
- Opcache:
. Fixed bug #72949 (Typo in opcache error message). (cmb)
- PDO:
. Fixed bug #72788 (Invalid memory access when using persistent PDO
connection). (Keyur)
. Fixed bug #72791 (Memory leak in PDO persistent connection handling). (Keyur)
. Fixed bug #60665 (call to empty() on NULL result using PDO::FETCH_LAZY
returns false). (cmb)
- PDO_DBlib:
. Implemented stringify 'uniqueidentifier' fields.
(Alexander Zhuravlev, Adam Baratz)
- PDO_pgsql:
. Implemented FR #72633 (Postgres PDO lastInsertId() should work without
specifying a sequence). (Pablo Santiago Sa'nchez, Matteo)
. Fixed bug #72759 (Regression in pgo_pgsql). (Anatol)
- Phar:
. Fixed bug #72928 (Out of bound when verify signature of zip phar in
phar_parse_zipfile). (Stas)
. Fixed bug #73035 (Out of bound when verify signature of tar phar in
phar_parse_tarfile). (Stas)
- Reflection:
. Fixed bug #72846 (getConstant for a array constant with constant values
returns NULL/NFC/UKNOWN). (Laruence)
- Session:
. Fixed bug #72724 (PHP7: session-uploadprogress kills httpd). (Nikita)
. Fixed bug #72940 (SID always return "name=ID", even if session
cookie exist). (Yasuo)
- SimpleXML:
. Fixed bug #72971 (SimpleXML isset/unset do not respect namespace). (Nikita)
. Fixed bug #72957 (Null coalescing operator doesn't behave as expected with
SimpleXMLElement). (Nikita)
- SPL:
. Fixed bug #73029 (Missing type check when unserializing SplArray). (Stas)
- Standard:
. Fixed bug #55451 (substr_compare NULL length interpreted as 0). (Lauri
Kentta:)
. Fixed bug #72278 (getimagesize returning FALSE on valid jpg). (cmb)
. Fixed bug #65550 (get_browser() incorrectly parses entries with \
"+" sign).
(cmb)
- Streams:
. Fixed bug #72853 (stream_set_blocking doesn't work). (Laruence)
. Fixed bug #72764 (ftps:// opendir wrapper data channel encryption fails
with IIS FTP 7.5, 8.5). (vhuk)
. Fixed bug #71882 (Negative ftruncate() on php://memory exhausts memory).
(cmb)
- SQLite3:
. Downgraded bundled SQLite to 3.8.10.2. (Anatol);
- Sysvshm:
. Fixed bug #72858 (shm_attach null dereference). (Anatol)
- XML:
. Fixed bug #72085 (SEGV on unknown address zif_xml_parse). (cmb)
. Fixed bug #72714 (_xml_startElementHandler() segmentation fault). (cmb)
- Wddx:
. Fixed bug #72860 (wddx_deserialize use-after-free). (Stas)
. Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element). (Stas)
- ZIP:
. Fixed bug #68302 (impossible to compile php with zip support). (cmb)
|
2016-09-07 21:17:50 by Benny Siegert | Files touched by this commit (1) |
Log message:
Pullup ticket #5096 - requested by taca
lang/php70: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.150
- lang/php70/distinfo 1.18
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Aug 19 03:29:53 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: distinfo
Log message:
Update php70 to 7.0.10 (PHP 7.0.10).
18 Aug 2016 PHP 7.0.10
- Core:
. Fixed bug #72629 (Caught exception assignment to variables ignores
references). (Laruence)
. Fixed bug #72594 (Calling an earlier instance of an included anonymous
class fatals). (Laruence)
. Fixed bug #72581 (previous property undefined in Exception after
deserialization). (Laruence)
. Fixed bug #72496 (Cannot declare public method with signature incompatible
with parent private method). (Pedro Magalha~es)
. Fixed bug #72024 (microtime() leaks memory). (maroszek at gmx dot net)
. Fixed bug #71911 (Unable to set --enable-debug on building extensions by
phpize on Windows). (Yuji Uchiyama)
. Fixed bug causing ClosedGeneratorException being thrown into the calling
code instead of the Generator yielding from. (Bob)
. Implemented FR #72614 (Support "nmake test" on building \
extensions by
phpize). (Yuji Uchiyama)
. Fixed bug #72641 (phpize (on Windows) ignores PHP_PREFIX).
(Yuji Uchiyama)
. Fixed potential segfault in object storage freeing in shutdown sequence.
(Bob)
. Fixed bug #72663 (Create an Unexpected Object and Don't Invoke
__wakeup() in Deserialization). (Stas)
. Fixed bug #72681 (PHP Session Data Injection Vulnerability). (Stas)
. Fixed bug #72683 (getmxrr broken). (Anatol)
. Fixed bug #72742 (memory allocator fails to realloc small block to large
one). (Stas)
- Bz2:
. Fixed bug #72837 (integer overflow in bzdecompress caused heap
corruption). (Stas)
- Calendar:
. Fixed bug #67976 (cal_days_month() fails for final month of the French
calendar). (cmb)
. Fixed bug #71894 (AddressSanitizer: global-buffer-overflow in
zif_cal_from_jd). (cmb)
- COM:
. Fixed bug #72569 (DOTNET/COM array parameters broke in PHP7). (Anatol)
- CURL:
. Fixed bug #71709 (curl_setopt segfault with empty CURLOPT_HTTPHEADER).
(Pierrick)
. Fixed bug #71929 (CURLINFO_CERTINFO data parsing error). (Pierrick)
. Fixed bug #72674 (Heap overflow in curl_escape). (Stas)
- DOM:
. Fixed bug #66502 (DOM document dangling reference). (Sean Heelan, cmb)
- EXIF:
. Fixed bug #72735 (Samsung picture thumb not read (zero size)). (Kalle, Remi)
. Fixed bug #72627 (Memory Leakage In exif_process_IFD_in_TIFF). (Stas)
- Filter:
. Fixed bug #71745 (FILTER_FLAG_NO_RES_RANGE does not cover whole 127.0.0.0/8
range). (bugs dot php dot net at majkl578 dot cz)
- FPM:
. Fixed bug #72575 (using --allow-to-run-as-root should ignore missing user).
(gooh)
- GD:
. Fixed bug #72596 (imagetypes function won't advertise WEBP support). (cmb)
. Fixed bug #72604 (imagearc() ignores thickness for full arcs). (cmb)
. Fixed bug #70315 (500 Server Error but page is fully rendered). (cmb)
. Fixed bug #43828 (broken transparency of imagearc for truecolor in
blendingmode). (cmb)
. Fixed bug #66555 (Always false condition in ext/gd/libgd/gdkanji.c). (cmb)
. Fixed bug #68712 (suspicious if-else statements). (cmb)
. Fixed bug #72697 (select_colors write out-of-bounds). (Stas)
. Fixed bug #72730 (imagegammacorrect allows arbitrary write access). (Stas)
- Intl:
. Fixed bug #72639 (Segfault when instantiating class that extends
IntlCalendar and adds a property). (Laruence)
. Partially fixed #72506 (idn_to_ascii for UTS #46 incorrect for long domain
names). (cmb)
- mbstring:
. Fixed bug #72691 (mb_ereg_search raises a warning if a match zero-width).
(cmb)
. Fixed bug #72693 (mb_ereg_search increments search position when a match
zero-width). (cmb)
. Fixed bug #72694 (mb_ereg_search_setpos does not accept a string's last
position). (cmb)
. Fixed bug #72710 (`mb_ereg` causes buffer overflow on regexp compile error).
(ju1ius)
- Mcrypt:
. Fixed bug #72782 (Heap Overflow due to integer overflows). (Stas)
- Opcache:
. Fixed bug #72590 (Opcache restart with kill_all_lockers does not work).
(Keyur)
- PCRE:
. Fixed bug #72688 (preg_match missing group names in matches). (cmb)
- PDO_pgsql:
. Fixed bug #70313 (PDO statement fails to throw exception). (Matteo)
- Reflection:
. Fixed bug #72222 (ReflectionClass::export doesn't handle array constants).
(Nikita Nefedov)
- SimpleXML:
. Fixed bug #72588 (Using global var doesn't work while accessing SimpleXML
element). (Laruence)
- SNMP:
. Fixed bug #72708 (php_snmp_parse_oid integer overflow in memory
allocation). (djodjo at gmail dot com)
- SPL:
. Fixed bug #55701 (GlobIterator throws LogicException). (Valentin V?LCIU)
. Fixed bug #72646 (SplFileObject::getCsvControl does not return the escape
character). (cmb)
. Fixed bug #72684 (AppendIterator segfault with closed generator). (Pierrick)
- SQLite3:
. Fixed bug #72668 (Spurious warning when exception is thrown in user defined
function). (Laruence)
. Fixed bug #72571 (SQLite3::bindValue, SQLite3::bindParam crash). (Laruence)
. Implemented FR #72653 (SQLite should allow opening with empty filename).
(cmb)
. Updated to SQLite3 3.13.0. (cmb)
- Standard:
. Fixed bug #72622 (array_walk + array_replace_recursive create references
from nothing). (Laruence)
. Fixed bug #72152 (base64_decode $strict fails to detect null byte).
(Lauri Kentta:)
. Fixed bug #72263 (base64_decode skips a character after padding in strict
mode). (Lauri Kentta:)
. Fixed bug #72264 (base64_decode $strict fails with whitespace between
padding). (Lauri Kentta:)
. Fixed bug #72330 (CSV fields incorrectly split if escape char followed by
UTF chars). (cmb)
- Streams:
. Fixed bug #41021 (Problems with the ftps wrapper). (vhuk)
. Fixed bug #54431 (opendir() does not work with ftps:// wrapper). (vhuk)
. Fixed bug #72667 (opendir() with ftp:// attempts to open data stream for
non-existent directories). (vhuk)
. Fixed bug #72771 (ftps:// wrapper is vulnerable to protocol downgrade
attack). (Stas)
- XMLRPC:
. Fixed bug #72647 (xmlrpc_encode() unexpected output after referencing
array elements). (Laruence)
- Wddx:
. Fixed bug #72564 (boolean always deserialized as "true") (Remi)
. Fixed bug #72142 (WDDX Packet Injection Vulnerability in
wddx_serialize_value()). (Taoguang Chen)
. Fixed bug #72749 (wddx_deserialize allows illegal memory access) (Stas)
. Fixed bug #72750 (wddx_deserialize null dereference). (Stas)
. Fixed bug #72790 (wddx_deserialize null dereference with invalid xml).
(Stas)
. Fixed bug #72799 (wddx_deserialize null dereference in
php_wddx_pop_element). (Stas)
- Zip:
. Fixed bug #72660 (NULL Pointer dereference in zend_virtual_cwd).
(Laruence)
|
2016-07-28 17:29:47 by S.P.Zeidler | Files touched by this commit (1) | |
Log message:
Pullup ticket #5068 - requested by taca
lang/php70: security update
lang/php: subsequent adjustment
Revisions pulled up:
- lang/php/phpversion.mk 1.144
- lang/php70/distinfo 1.15
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 24 02:20:16 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: distinfo
Log message:
Update php70 to 7.0.9 (PHP 7.0.9).
21 Jul 2016 PHP 7.0.9
- Core:
. Fixed bug #72508 (strange references after recursive function call and
"switch" statement). (Laruence)
. Fixed bug #72513 (Stack-based buffer overflow vulnerability in
virtual_file_ex). (Stas)
. Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries
and applications). (Stas)
- bz2:
. Fixed bug #72613 (Inadequate error handling in bzread()). (Stas)
- CLI:
. Fixed bug #72484 (SCRIPT_FILENAME shows wrong path if the user specify
router.php). (Laruence)
- COM:
. Fixed bug #72498 (variant_date_from_timestamp null dereference). (Anatol)
- Curl:
. Fixed bug #72541 (size_t overflow lead to heap corruption). (Stas)
- Exif:
. Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).
(Stas)
. Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).
(Stas)
- GD:
. Fixed bug #43475 (Thick styled lines have scrambled patterns). (cmb)
. Fixed bug #53640 (XBM images require width to be multiple of 8). (cmb)
. Fixed bug #64641 (imagefilledpolygon doesn't draw horizontal line). (cmb)
. Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read
access). (Pierre)
. Fixed bug #72519 (imagegif/output out-of-bounds access). (Pierre)
. Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).
(Pierre)
. Fixed bug #72482 (Ilegal write/read access caused by gdImageAALine
overflow). (Pierre)
. Fixed bug #72494 (imagecropauto out-of-bounds access). (Pierre)
- Intl:
. Fixed bug #72533 (locale_accept_from_http out-of-bounds access). (Stas)
- Mbstring:
. Fixed bug #72405 (mb_ereg_replace - mbc_to_code (oniguruma) -
oob read access). (Laruence)
. Fixed bug #72399 (Use-After-Free in MBString (search_re)). (Laruence)
- mcrypt:
. Fixed bug #72551, bug #72552 (In correct casting from size_t to int lead to
heap overflow in mdecrypt_generic). (Stas)
- PDO_pgsql:
. Fixed bug #72570 (Segmentation fault when binding parameters on a query
without placeholders). (Matteo)
- PCRE:
. Fixed bug #72476 (Memleak in jit_stack). (Laruence)
. Fixed bug #72463 (mail fails with invalid argument). (Anatol)
- Readline:
. Fixed bug #72538 (readline_redisplay crashes php). (Laruence)
- Standard:
. Fixed bug #72505 (readfile() mangles files larger than 2G). (Cschneid)
. Fixed bug #72306 (Heap overflow through proc_open and $env parameter).
(Laruence)
- Session:
. Fixed bug #72531 (ps_files_cleanup_dir Buffer overflow). (Laruence)
. Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session
Deserialization). (Stas)
- SNMP:
. Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and
unserialize()). (Stas)
- Streams:
. Fixed bug #72439 (Stream socket with remote address leads to a segmentation
fault). (Laruence)
- XMLRPC:
. Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn
simplestring.c). (Stas)
- Zip:
. Fixed bug #72520 (Stack-based buffer overflow vulnerability in
php_stream_zip_opener). (Stas)
To generate a diff of this commit:
cvs rdiff -u -r1.143 -r1.144 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.14 -r1.15 pkgsrc/lang/php70/distinfo
|
Next | Query returned 3 messages, browsing 1 to 10 | previous