Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by narn.NetBSD.org (Postfix) with ESMTP id 7DEC463BB35
	for <mhonarc+pkgsrc-changes@mail-index.netbsd.org>; Fri,  5 Dec 2008 13:07:39 +0000 (UTC)
Received: by mail.netbsd.org (Postfix, from userid 0)
	id 32FD163B13B; Fri,  5 Dec 2008 13:07:39 +0000 (UTC)
Received: from cvs.netbsd.org (unknown [IPv6:2001:4f8:4:7:2e0:81ff:fe25:eab4])
	by mail.netbsd.org (Postfix) with ESMTP id 0993463B115
	for <pkgsrc-changes@NetBSD.org>; Fri,  5 Dec 2008 13:07:37 +0000 (UTC)
Received: by cvs.netbsd.org (Postfix, from userid 500)
	id E8771175D0; Fri,  5 Dec 2008 13:07:37 +0000 (UTC)
From: Adrian Portelli <adrianp@netbsd.org>
Subject: CVS commit: pkgsrc/lang/php5
To: pkgsrc-changes@NetBSD.org
Reply-To: adrianp@netbsd.org
Message-Id: <20081205130737.E8771175D0@cvs.netbsd.org>
Date: Fri,  5 Dec 2008 13:07:37 +0000 (UTC)
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: pkgsrc-changes
Precedence: list


Module Name:	pkgsrc
Committed By:	adrianp
Date:		Fri Dec  5 13:07:37 UTC 2008

Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.common PLIST distinfo
Removed Files:
	pkgsrc/lang/php5/patches: patch-ak

Log Message:
Update to 5.2.7.

Security Enhancements and Fixes in PHP 5.2.7:

Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371)
Fixed missing initialization of BG(page_uid) and BG(page_gid), reported by Maksymilian Arciemowicz.
Fixed incorrect php_value order for Apache configuration, reported by Maksymilian Arciemowicz.
Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658).
Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659).
Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666.
Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).(Fixes CVE-2008-3660)
Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer overflow). (Fixes CVE-2008-2829)
Key enhancements in PHP 5.2.7 include:

Fixed several memory leaks inside the readline and sqlite extensions
A number of corrections relating to date parsing inside the date extension
Fixed bugs relating to data retrieval in the PDO extension
A series of crashes in various areas of code were resolved
Several corrections were made to the strip_tags() function in terms of < and <?XML handling
A number of bugs were fixed in extract() function when EXTR_REFS flag is being used
Added the ability to log PHP errors to the SAPI (Ex. Apache log) logging facility
Over 170 bug fixes.


To generate a diff of this commit:
cvs rdiff -r1.66 -r1.67 pkgsrc/lang/php5/Makefile
cvs rdiff -r1.30 -r1.31 pkgsrc/lang/php5/Makefile.common
cvs rdiff -r1.16 -r1.17 pkgsrc/lang/php5/PLIST
cvs rdiff -r1.53 -r1.54 pkgsrc/lang/php5/distinfo
cvs rdiff -r1.4 -r0 pkgsrc/lang/php5/patches/patch-ak

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.