Navigation:
Browse pkgsrc
(this page) 2019-06-04 22:47:09 by S.P.Zeidler | Files touched by this commit (1) |  |
Log message:
Pullup ticket #5975 - requested by taca
lang/php73: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.260
- lang/php73/distinfo 1.8
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sat Jun 1 15:36:02 UTC 2019
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php73: distinfo
Log message:
lang/php73: update to 7.3.6
Update to php73 to 7.3.6.
30 May 2019, PHP 7.3.6
- cURL:
. Implemented FR #72189 (Add missing CURL_VERSION_* constants). (Javier
Spagnoletti)
- EXIF:
. Fixed bug #77988 (heap-buffer-overflow on php_jpg_get16).
(CVE-2019-11040) (Stas)
- FPM:
. Fixed bug #77934 (php-fpm kill -USR2 not working). (Jakub Zelenka)
. Fixed bug #77921 (static.php.net doesn't work anymore). (Peter Kokot)
- GD:
. Fixed bug #77943 (imageantialias($image, false); does not work). (cmb)
. Fixed bug #77973 (Uninitialized read in gdImageCreateFromXbm).
(CVE-2019-11038) (cmb)
- Iconv:
. Fixed bug #78069 (Out-of-bounds read in iconv.c:_php_iconv_mime_decode()
due to integer overflow). (CVE-2019-11039). (maris dot adam)
- JSON:
. Fixed bug #77843 (Use after free with json serializer). (Nikita)
- Opcache:
. Fixed possible crashes, because of inconsistent PCRE cache and opcache
SHM reset. (Alexey Kalinin, Dmitry)
- PDO_MySQL:
. Fixed bug #77944 (Wrong meta pdo_type for bigint on LLP64). (cmb)
- Reflection:
. Fixed bug #75186 (Inconsistent reflection of Closure:::__invoke()). (Nikita)
- Session:
. Fixed bug #77911 (Wrong warning for session.sid_bits_per_character). (cmb)
- SOAP:
. Fixed bug #77945 (Segmentation fault when constructing SoapClient with
WSDL_CACHE_BOTH). (Nikita)
- SPL:
. Fixed bug #77024 (SplFileObject::__toString() may return array). (Craig
Duncan)
- SQLite:
. Fixed bug #77967 (Bypassing open_basedir restrictions via file uris). (Stas)
- Standard:
. Fixed bug #77931 (Warning for array_map mentions wrong type). (Nikita)
. Fixed bug #78003 (strip_tags output change since PHP 7.3). (cmb)
To generate a diff of this commit:
cvs rdiff -u -r1.259 -r1.260 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/php73/distinfo
|
| 2019-05-14 07:24:49 by S.P.Zeidler | Files touched by this commit (1) | |
Log message:
Pullup ticket #5965 - requested by taca
lang/php73: security update
Revisions pulled up:
- lang/php/phpversion.mk 1.256
- lang/php73/distinfo 1.7
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu May 2 13:45:28 UTC 2019
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php73: distinfo
Log message:
lang/php73: update to 7.3.5
Update php73 to 7.3.5.
02 May 2019, PHP 7.3.5
- Core:
. Fixed bug #77903 (ArrayIterator stops iterating after offsetSet call).
(Nikita)
- CLI:
. Fixed bug #77794 (Incorrect Date header format in built-in server).
(kelunik)
- EXIF
. Fixed bug #77950 (Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG).
(CVE-2019-11036) (Stas)
- Interbase:
. Fixed bug #72175 (Impossibility of creating multiple connections to
Interbase with php 7.x). (Nikita)
- Intl:
. Fixed bug #77895 (IntlDateFormatter::create fails in strict mode if $locale
= null). (Nikita)
- litespeed:
. LiteSpeed SAPI 7.3.1, better process management, new API function
litespeed_finish_request(). (George Wang)
- LDAP:
. Fixed bug #77869 (Core dump when using server controls) (mcmic)
- Mail
. Fixed bug #77821 (Potential heap corruption in TSendMail()). (cmb)
- mbstring:
. Implemented FR #72777 (Implement regex stack limits for mbregex functions).
(Yasuo Ohgaki, Stas)
- MySQLi:
. Fixed bug #77773 (Unbuffered queries leak memory - MySQLi / mysqlnd).
(Nikita)
- PCRE:
. Fixed bug #77827 (preg_match does not ignore \r in regex flags). (requinix,
cmb)
- PDO:
. Fixed bug #77849 (Disable cloning of PDO handle/connection objects).
(camporter)
- phpdbg:
. Fixed bug #76801 (too many open files). (alekitto)
. Fixed bug #77800 (phpdbg segfaults on listing some conditional breakpoints).
(krakjoe)
. Fixed bug #77805 (phpdbg build fails when readline is shared). (krakjoe)
- Reflection:
. Fixed bug #77772 (ReflectionClass::getMethods(null) doesn't work). (Nikita)
. Fixed bug #77882 (Different behavior: always calls destructor). (Nikita)
- Standard:
. Fixed bug #77793 (Segmentation fault in extract() when overwriting
reference with itself). (Nikita)
. Fixed bug #77844 (Crash due to null pointer in parse_ini_string with
INI_SCANNER_TYPED). (Nikita)
. Fixed bug #77853 (Inconsistent substr_compare behaviour with empty
haystack). (Nikita)
To generate a diff of this commit:
cvs rdiff -u -r1.255 -r1.256 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.6 -r1.7 pkgsrc/lang/php73/distinfo
|
| 2019-04-10 13:21:15 by Benny Siegert | Files touched by this commit (1) | |
Log message:
Pullup ticket #5938 - requested by taca
lang/php73: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.254
- lang/php73/distinfo 1.6
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Apr 7 16:32:47 UTC 2019
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php73: distinfo
Log message:
lang/php73: update to 7.3.4
04 April 2019, PHP 7.3.4
- Core:
. Fixed bug #77738 (Nullptr deref in zend_compile_expr). (Laruence)
. Fixed bug #77660 (Segmentation fault on break 2147483648). (Laruence)
. Fixed bug #77652 (Anonymous classes can lose their interface information).
(Nikita)
. Fixed bug #77345 (Stack Overflow caused by circular reference in garbage
collection). (Alexandru Patranescu, Nikita, Dmitry)
. Fixed bug #76956 (Wrong value for 'syslog.filter' documented in php.ini).
(cmb)
- Apache2Handler:
. Fixed bug #77648 (BOM in sapi/apache2handler/php_functions.c). (cmb)
- Bcmath:
. Fixed bug #77742 (bcpow() implementation related to gcc compiler
optimization). (Nikita)
- CLI Server:
. Fixed bug #77722 (Incorrect IP set to $_SERVER['REMOTE_ADDR'] on the
localhost). (Nikita)
- COM:
. Fixed bug #77578 (Crash when php unload). (cmb)
- EXIF:
. Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s). (Stas)
. Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value). (Stas)
- FPM:
. Fixed bug #77677 (FPM fails to build on AIX due to missing WCOREDUMP).
(Kevin Adler)
- GD:
. Fixed bug #77700 (Writing truecolor images as GIF ignores interlace flag).
(cmb)
- MySQLi:
. Fixed bug #77597 (mysqli_fetch_field hangs scripts). (Nikita)
- Opcache:
. Fixed bug #77743 (Incorrect pi node insertion for jmpznz with identical
successors). (Nikita)
- Phar:
. Fxied bug #77697 (Crash on Big_Endian platform). (Laruence)
- phpdbg:
. Fixed bug #77767 (phpdbg break cmd aliases listed in help do not match
actual aliases). (Miriam Lauter)
- sodium:
. Fixed bug #77646 (sign_detached() strings not terminated). (Frank)
- SQLite3:
. Added sqlite3.defensive INI directive. (BohwaZ)
- Standard:
. Fixed bug #77664 (Segmentation fault when using undefined constant in
custom wrapper). (Laruence)
. Fixed bug #77669 (Crash in extract() when overwriting extracted array).
(Nikita)
. Fixed bug #76717 (var_export() does not create a parsable value for
PHP_INT_MIN). (Nikita)
. Fixed bug #77765 (FTP stream wrapper should set the directory as
executable). (Vlad Temian)
|
New packages: