---
- branch: MAIN
  date: Fri Mar 20 08:13:55 UTC 2020
  files:
  - new: '1.291'
    old: '1.290'
    path: pkgsrc/lang/php/phpversion.mk
    pathrev: pkgsrc/lang/php/phpversion.mk@1.291
    type: modified
  - new: '1.6'
    old: '1.5'
    path: pkgsrc/lang/php74/distinfo
    pathrev: pkgsrc/lang/php74/distinfo@1.6
    type: modified
  id: 20200320T081355Z.3f2a8dc222fe7e94b557e68ad099784e861811c9
  log: |
    lang/php74: update to 7.4.4

    Update php74 to 7.4.4.

    19 Mar 2020, PHP 7.4.4

    - Core:
      . Fixed bug #79329 (get_headers() silently truncates after a null byte)
        (CVE-2020-7066) (cmb)
      . Fixed bug #79244 (php crashes during parsing INI file). (Laruence)
      . Fixed bug #63206 (restore_error_handler does not restore previous errors
        mask). (Mark Plomer)

    - COM:
      . Fixed bug #66322 (COMPersistHelper::SaveToFile can save to wrong location).
        (cmb)
      . Fixed bug #79242 (COM error constants don't match com_exception codes on
        x86). (cmb)
      . Fixed bug #79247 (Garbage collecting variant objects segfaults). (cmb)
      . Fixed bug #79248 (Traversing empty VT_ARRAY throws com_exception). (cmb)
      . Fixed bug #79299 (com_print_typeinfo prints duplicate variables). (Litiano
        Moura)
      . Fixed bug #79332 (php_istreams are never freed). (cmb)
      . Fixed bug #79333 (com_print_typeinfo() leaks memory). (cmb)

    - CURL:
      . Fixed bug #79019 (Copied cURL handles upload empty file). (cmb)
      . Fixed bug #79013 (Content-Length missing when posting a curlFile with
        curl). (cmb)

    - DOM:
      . Fixed bug #77569: (Write Access Violation in DomImplementation). (Nikita,
        cmb)
      . Fixed bug #79271 (DOMDocumentType::$childNodes is NULL). (cmb)

    - Enchant:
      . Fixed bug #79311 (enchant_dict_suggest() fails on big endian architecture).
        (cmb)

    - EXIF:
      . Fixed bug #79282 (Use-of-uninitialized-value in exif) (CVE-2020-7064)
        (Nikita)

    - Fileinfo:
      . Fixed bug #79283 (Segfault in libmagic patch contains a buffer
        overflow) (cmb)

    - FPM:
      . Fixed bug #77653 (operator displayed instead of the real error message).
        (Jakub Zelenka)
      . Fixed bug #79014 (PHP-FPM & Primary script unknown). (Jakub Zelenka)

    - MBstring:
      . Fixed bug #79371 (mb_strtolower (UTF-32LE): stack-buffer-overflow at
        php_unicode_tolower_full) (CVE-2020-7065) (cmb)

    - MySQLi:
      . Fixed bug #64032 (mysqli reports different client_version). (cmb)

    - MySQLnd:
      . Implemented FR #79275 (Support auth_plugin_caching_sha2_password on
        Windows). (cmb)

    - Opcache:
      . Fixed bug #79252 (preloading causes php-fpm to segfault during exit).
        (Nikita)

    - PCRE:
      . Fixed bug #79188 (Memory corruption in preg_replace/preg_replace_callback
        and unicode). (Nikita)
      . Fixed bug #79241 (Segmentation fault on preg_match()). (Nikita)
      . Fixed bug #79257 (Duplicate named groups (?J) prefer last alternative even
        if not matched). (Nikita)

    - PDO_ODBC:
      . Fixed bug #79038 (PDOStatement::nextRowset() leaks column values). (cmb)

    - Reflection:
      . Fixed bug #79062 (Property with heredoc default value returns false for
        getDocComment). (Nikita)

    - SQLite3:
      . Fixed bug #79294 (::columnType() may fail after SQLite3Stmt::reset()). (cmb)

    - Standard:
      . Fixed bug #79254 (getenv() w/o arguments not showing changes). (cmb)
      . Fixed bug #79265 (Improper injection of Host header when using fopen for
        http requests). (Miguel Xavier Penha Neto)

    - Zip:
      . Fixed bug #79315 (ZipArchive::addFile doesn't honor start/length
        parameters). (Remi)
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/lang'
  unixtime: '1584692035'
  user: taca