Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id CB1B77A166
	for <mhonarc+pkgsrc-changes@mail-index.netbsd.org>; Sun, 16 Oct 2016 11:58:44 +0000 (UTC)
Received: by mail.netbsd.org (Postfix, from userid 605)
	id 40DEA85E87; Sun, 16 Oct 2016 11:58:44 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id C33A384CEC
	for <pkgsrc-changes@NetBSD.org>; Sun, 16 Oct 2016 11:58:43 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1])
	by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025)
	with ESMTP id ywa0Bc2dy1xh for <pkgsrc-changes@netbsd.org>;
	Sun, 16 Oct 2016 11:58:42 +0000 (UTC)
Received: from cvs.NetBSD.org (unknown [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id 7525484CBD
	for <pkgsrc-changes@NetBSD.org>; Sun, 16 Oct 2016 11:58:42 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id 68364FBD2; Sun, 16 Oct 2016 11:58:42 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1476619122192800"
MIME-Version: 1.0
Date: Sun, 16 Oct 2016 11:58:42 +0000
From: "Takahiro Kambe" <taca@netbsd.org>
Subject: CVS commit: pkgsrc/lang
To: pkgsrc-changes@NetBSD.org
Reply-To: taca@netbsd.org
X-Mailer: log_accum
Message-Id: <20161016115842.68364FBD2@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: pkgsrc-changes.NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_1476619122192800
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	taca
Date:		Sun Oct 16 11:58:42 UTC 2016

Modified Files:
	pkgsrc/lang/php: phpversion.mk
	pkgsrc/lang/php56: distinfo

Log Message:
Update php56 to 5.6.27.

13 Oct 2016, PHP 5.6.27

- Core:
  . Fixed bug #73025 (Heap Buffer Overflow in virtual_popen of
    zend_virtual_cwd.c). (cmb)
  . Fixed bug #73058 (crypt broken when salt is 'too' long). (Anatol)
  . Fixed bug #72703 (Out of bounds global memory read in BF_crypt triggered by
    password_verify). (Anatol)
  . Fixed bug #73189 (Memcpy negative size parameter php_resolve_path). (Stas)
  . Fixed bug #73147 (Use After Free in unserialize()). (Stas)

- BCmath:
  . Fixed bug #73190 (memcpy negative parameter _bc_new_num_ex). (Stas)

- DOM:
  . Fixed bug #73150 (missing NULL check in dom_document_save_html). (Stas)

- Ereg:
  . Fixed bug #73284 (heap overflow in php_ereg_replace function). (Stas)

- Filter:
  . Fixed bug #72972 (Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and
    FILTER_FLAG_NO_PRIV_RANGE). (julien)
  . Fixed bug #67167 (Wrong return value from FILTER_VALIDATE_BOOLEAN,
    FILTER_NULL_ON_FAILURE). (levim, cmb)
  . Fixed bug #73054 (default option ignored when object passed to int filter).
    (cmb)

- GD:
  . Fixed bug #67325 (imagetruecolortopalette: white is duplicated in palette).
    (cmb)
  . Fixed bug #50194 (imagettftext broken on transparent background w/o
    alphablending). (cmb)
  . Fixed bug #73003 (Integer Overflow in gdImageWebpCtx of gd_webp.c). (trylab,
    cmb)
  . Fixed bug #53504 (imagettfbbox gives incorrect values for bounding box).
    (Mark Plomer, cmb)
  . Fixed bug #73157 (imagegd2() ignores 3rd param if 4 are given). (cmb)
  . Fixed bug #73155 (imagegd2() writes wrong chunk sizes on boundaries). (cmb)
  . Fixed bug #73159 (imagegd2(): unrecognized formats may result in corrupted
    files). (cmb)
  . Fixed bug #73161 (imagecreatefromgd2() may leak memory). (cmb)

- Intl:
  . Fixed bug #73218 (add mitigation for ICU int overflow). (Stas)

- Imap:
  . Fixed bug #73208 (integer overflow in imap_8bit caused heap corruption).
    (Stas)

- Mbstring:
  . Fixed bug #72994 (mbc_to_code() out of bounds read). (Laruence, cmb)
  . Fixed bug #66964 (mb_convert_variables() cannot detect recursion). (Yasuo)
  . Fixed bug #72992 (mbstring.internal_encoding doesn't inherit default_charset).
    (Yasuo)
  . Fixed bug #73082 (string length overflow in mb_encode_* function). (Stas)

- PCRE:
  . Fixed bug #73174 (heap overflow in php_pcre_replace_impl). (Stas)

- Opcache:
  . Fixed bug #72590 (Opcache restart with kill_all_lockers does not work).
    (Keyur) (julien backport)

- OpenSSL:
  . Fixed bug #73072 (Invalid path SNI_server_certs causes segfault).
    (Jakub Zelenka)
  . Fixed bug #73275 (crash in openssl_encrypt function). (Stas)
  . Fixed bug #73276 (crash in openssl_random_pseudo_bytes function). (Stas)

- Session:
  . Fixed bug #68015 (Session does not report invalid uid for files save handler).
    (Yasuo)
  . Fixed bug #73100 (session_destroy null dereference in ps_files_path_create).
    (cmb)

- SimpleXML:
  . Fixed bug #73293 (NULL pointer dereference in SimpleXMLElement::asXML()).
    (Stas)

- SPL:
  . Fixed bug #73073 (CachingIterator null dereference when convert to string).
    (Stas)

- Standard:
  . Fixed bug #73240 (Write out of bounds at number_format). (Stas)
  . Fixed bug #73017 (memory corruption in wordwrap function). (Stas)

- Stream:
  . Fixed bug #73069 (readfile() mangles files larger than 2G). (Laruence)

- Zip:
  . Fixed bug #70752 (Depacking with wrong password leaves 0 length files).
    (cmb)


To generate a diff of this commit:
cvs rdiff -u -r1.160 -r1.161 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.34 -r1.35 pkgsrc/lang/php56/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1476619122192800
Content-Disposition: inline
Content-Length: 1980
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/lang/php/phpversion.mk
diff -u pkgsrc/lang/php/phpversion.mk:1.160 pkgsrc/lang/php/phpversion.mk:1.161
--- pkgsrc/lang/php/phpversion.mk:1.160	Fri Oct 14 15:06:21 2016
+++ pkgsrc/lang/php/phpversion.mk	Sun Oct 16 11:58:42 2016
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.160 2016/10/14 15:06:21 jdolecek Exp $
+# $NetBSD: phpversion.mk,v 1.161 2016/10/16 11:58:42 taca Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -87,7 +87,7 @@
 PHPVERSION_MK=	defined
 
 # Define each PHP's version.
-PHP56_VERSION=	5.6.26
+PHP56_VERSION=	5.6.27
 PHP70_VERSION=	7.0.12
 PHP71_VERSION=	7.1.0RC3
 

Index: pkgsrc/lang/php56/distinfo
diff -u pkgsrc/lang/php56/distinfo:1.34 pkgsrc/lang/php56/distinfo:1.35
--- pkgsrc/lang/php56/distinfo:1.34	Fri Sep 16 16:09:24 2016
+++ pkgsrc/lang/php56/distinfo	Sun Oct 16 11:58:42 2016
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.34 2016/09/16 16:09:24 taca Exp $
+$NetBSD: distinfo,v 1.35 2016/10/16 11:58:42 taca Exp $
 
-SHA1 (php-5.6.26.tar.bz2) = d0e05dbc4d1be0e316cadee64f5bda83a16932a9
-RMD160 (php-5.6.26.tar.bz2) = eedd93ab6808d86055a7e5f41ca3b92ea7feee63
-SHA512 (php-5.6.26.tar.bz2) = fcac6ff1db2d3a897ce7253735216b3784568167d7e1c3738409c45f72bdce6708d42c6935c13c28f16da15218213b202e959fb68355b5c692fdc54a7393b553
-Size (php-5.6.26.tar.bz2) = 14927510 bytes
+SHA1 (php-5.6.27.tar.bz2) = d633816758b0ab0481b1dabda098a70f5ad3ef4b
+RMD160 (php-5.6.27.tar.bz2) = 04ee43239ece4dfaf28440429848e9020eab3f99
+SHA512 (php-5.6.27.tar.bz2) = d9118b7937eb111cebf1020296a3105dc4ae5aee9a5e655643b872d6948e68ceb3340e861810b8fcaa4a201c5aec6c1009a7e3cf3ff1678e0ea68aefb632f10b
+Size (php-5.6.27.tar.bz2) = 14977600 bytes
 SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8
 SHA1 (patch-configure) = 5d76f71aa903efa3c3491b908ff76419aa4af27c
 SHA1 (patch-ext_gd_config.m4) = b92ab4c7fe8aceaef7787a607a7d2eac258fee19


--_----------=_1476619122192800--