--- - branch: MAIN date: Sun Jul 24 02:18:02 UTC 2016 files: - new: '1.143' old: '1.142' path: pkgsrc/lang/php/phpversion.mk pathrev: pkgsrc/lang/php/phpversion.mk@1.143 type: modified - new: '1.29' old: '1.28' path: pkgsrc/lang/php56/distinfo pathrev: pkgsrc/lang/php56/distinfo@1.29 type: modified id: 20160724T021802Z.d1230331a4df192ecb465530a749b60313cee679 log: "Update php56 to 5.6.24 (PHP 5.6.24).\n\n21 Jul 2016, PHP 5.6.24\n\n- Core:\n \ . Fixed bug #71936 (Segmentation fault destroying HTTP_RAW_POST_DATA).\n (mike dot laspina at gmail dot com, Remi)\n . Fixed bug #72496 (Cannot declare public method with signature incompatible\n with parent private method). (Pedro Magalhães)\n \ . Fixed bug #72138 (Integer Overflow in Length of String-typed ZVAL). (Stas)\n \ . Fixed bug #72513 (Stack-based buffer overflow vulnerability in\n virtual_file_ex). (loianhtuan at gmail dot com)\n . Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session\n Deserialization). (taoguangchen at icloud dot com)\n \ . Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and\n \ applications). (CVE-2016-5385) (Stas)\n\n- bz2:\n . Fixed bug #72447 (Type Confusion in php_bz2_filter_create()). (gogil at\n stealien dot com).\n . Fixed bug #72613 (Inadequate error handling in bzread()). (Stas)\n\n- EXIF:\n \ . Fixed bug #50845 (exif_read_data() returns corrupted exif headers).\n (Bartosz DziewoÅ\x84ski)\n- EXIF:\n . Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).\n \ (Stas)\n . Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).\n \ (Stas)\n\n- GD:\n . Fixed bug #43475 (Thick styled lines have scrambled patterns). (cmb)\n . Fixed bug #53640 (XBM images require width to be multiple of 8). (cmb)\n \ . Fixed bug #64641 (imagefilledpolygon doesn't draw horizontal line). (cmb)\n \ . Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read\n \ access). (Pierre)\n . Fixed bug #72519 (imagegif/output out-of-bounds access). (Pierre)\n . Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).\n \ (CVE-2016-6207) (Pierre)\n\n- Intl:\n . Fixed bug #72533 (locale_accept_from_http out-of-bounds access). (Stas)\n\n- ODBC:\n . Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns)\n\n- OpenSSL:\n . Fixed bug #71915 (openssl_random_pseudo_bytes is not fork-safe).\n (Jakub Zelenka)\n . Fixed bug #72336 (openssl_pkey_new does not fail for invalid DSA params).\n (Jakub Zelenka)\n\n- SNMP:\n . Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and\n unserialize()). (taoguangchen at icloud dot com)\n\n- SPL:\n \ . Fixed bug #55701 (GlobIterator throws LogicException). (Valentin VÄ\x82LCIU)\n\n- SQLite3:\n . Fixed bug #70628 (Clearing bindings on an SQLite3 statement doesn't work).\n (cmb)\n\n- Streams:\n . Fixed bug #72439 (Stream socket with remote address leads to a segmentation\n fault). (Laruence)\n\n- Xmlrpc:\n . Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c).\n \ (Stas)\n\n- Zip:\n . Fixed bug #72520 (Stack-based buffer overflow vulnerability in\n php_stream_zip_opener). (loianhtuan at gmail dot com)\n" module: pkgsrc subject: 'CVS commit: pkgsrc/lang' unixtime: '1469326682' user: taca