pkgsrc Source-Changes / commit log search

2024-05-26 13:20:24 UTC Now

2014-08-25 15:59:27 UTC pkgsrc-2014Q2 commitmail json YAML

Pullup ticket #4486 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk patch
- lang/php54/Makefile 1.25
- lang/php54/distinfo 1.45-1.46
- lang/php54/patches/patch-aclocal.m4 1.2
- lang/php54/patches/patch-build_libtool.m4 1.2
- lang/php54/patches/patch-configure 1.9
- lang/php54/patches/patch-ext_gd_libgd_gdxpm.c deleted
- lang/php54/patches/patch-ext_spl_spl__array.c deleted
- lang/php54/patches/patch-ext_spl_spl__dllist.c deleted

---
Module Name: pkgsrc
Committed By: taca
Date: Sat Jul 26 00:12:54 UTC 2014

Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php54: Makefile distinfo
pkgsrc/lang/php54/patches: patch-aclocal.m4 patch-build_libtool.m4
patch-configure

Log Message:
Update php54 to 5.4.31.

24 Jul 2014, PHP 5.4.31

- Core:
. Fixed bug #67428 (header('Location: foo') will override a 308-399 response
code). (Adam)
. Fixed bug #67436 (Autoloader isn't called if two method definitions don't
match). (Bob)
. Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 10.0).
(Ferenc)
. Fixed bug #67151 (strtr with empty array crashes). (Nikita)
. Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server
2012). (Christian Wenz)

- CLI server:
. Implemented FR #67429 (CLI server is missing some new HTTP response codes).
(Adam)
. Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
(Adam)

- FPM:
. Fixed bug #67530 (error_log=syslog ignored). (Remi)
. Fixed bug #67531 (syslog cannot be set in pool configuration). (Remi)

- Intl:
. Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).
(Stas)

- pgsql:
. Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756),
which affected builds against libpq < 7.3. (Adam)

- Phar:
. Fixed bug #67587 (Redirection loop on nginx with FPM). (Christian Weiske)

- Streams:
. Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects). (Adam)

---
Module Name: pkgsrc
Committed By: taca
Date: Sat Aug 23 16:07:24 UTC 2014

Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php54: distinfo
Removed Files:
pkgsrc/lang/php54/patches: patch-ext_gd_libgd_gdxpm.c
patch-ext_spl_spl__array.c patch-ext_spl_spl__dllist.c

Log Message:
Update php54 to 5.4.32 (PHP 5.4.32).

07 Aug 2014, PHP 5.4.32

- Core:
. Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597) (Remi)

- COM:
. Fixed missing type checks in com_event_sink. (Yussuf Khalil, Stas)

- Fileinfo:
. Fixed bug #67705 (extensive backtracking in rule regular expression).
(CVE-2014-3538) (Remi)
. Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587) (Remi)

- GD:
. Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference).
(CVE-2014-2497) (Remi)
. Fixed bug #67730 (Null byte injection possible with imagexxx functions).
(CVE-2014-5120) (Ryan Mauger)

- Milter:
. Fixed bug #67715 (php-milter does not build and crashes randomly). (Mike)

- OpenSSL:
. Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).

- Readline:
. Fixed bug #55496 (Interactive mode doesn't force a newline before the
prompt). (Bob, Johannes)
. Fixed bug #67496 (Save command history when exiting interactive shell
with control-c). (Dmitry Saprykin, Johannes)

- Sessions:
. Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).

- SPL:
. Fixed bug #67539 (ArrayIterator use-after-free due to object change during
sorting). (research at insighti dot org, Laruence)
. Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670) (Laruence)

- Core:
. Fixed bug #67693 (incorrect push to the empty array) (Tjerk)

- ODBC:
. Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte
char fields). (Keyur)

- Zlib:
. Fixed bug #67724 (chained zlib filters silently fail with large amounts of
data). (Mike)

(tron)