Update php55 to 5.5.29 including security fixes.
03 Sep 2015, PHP 5.5.29
- Core:
. Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (Stas)
. Fixed bug #70219 (Use after free vulnerability in session deserializer).
(taoguangchen at icloud dot com)
- EXIF:
. Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte
value of 32 bytes). (Stas)
- hash:
. Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). (letsgolee
at naver dot com)
- PCRE:
. Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).
(Anatol Belski)
- SOAP:
. Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE).
(Stas)
- SPL:
. Fixed bug #70365 (Use-after-free vulnerability in unserialize() with
SplObjectStorage). (taoguangchen at icloud dot com)
. Fixed bug #70366 (Use-after-free vulnerability in unserialize() with
SplDoublyLinkedList). (taoguangchen at icloud dot com)
- XSLT:
. Fixed bug #69782 (NULL pointer dereference). (Stas)
- ZIP:
. Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when
creating directories). (neal at fb dot com)
(taca)
diff -r1.109 -r1.110 pkgsrc/lang/php/phpversion.mk| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: phpversion.mk,v 1.109 2015/09/06 12:25:11 taca Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.110 2015/09/06 12:26:37 taca Exp $ | |
| 2 | # | 2 | # | |
| 3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
| 4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
| 5 | # package. | 5 | # package. | |
| 6 | # | 6 | # | |
| 7 | # === User-settable variables === | 7 | # === User-settable variables === | |
| 8 | # | 8 | # | |
| 9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
| 10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
| 11 | # the package. | 11 | # the package. | |
| 12 | # | 12 | # | |
| 13 | # Possible: 54 55 56 | 13 | # Possible: 54 55 56 | |
| 14 | # Default: 54 | 14 | # Default: 54 | |
| @@ -72,27 +72,27 @@ | @@ -72,27 +72,27 @@ | |||
| 72 | # Relative path to ${PREFIX} for PHP's extensions. It is derived from | 72 | # Relative path to ${PREFIX} for PHP's extensions. It is derived from | |
| 73 | # initial release of major version. | 73 | # initial release of major version. | |
| 74 | # | 74 | # | |
| 75 | # Example: lib/php/20090630 | 75 | # Example: lib/php/20090630 | |
| 76 | # | 76 | # | |
| 77 | # Keywords: php | 77 | # Keywords: php | |
| 78 | # | 78 | # | |
| 79 | 79 | |||
| 80 | .if !defined(PHPVERSION_MK) | 80 | .if !defined(PHPVERSION_MK) | |
| 81 | PHPVERSION_MK= defined | 81 | PHPVERSION_MK= defined | |
| 82 | 82 | |||
| 83 | # Define each PHP's version. | 83 | # Define each PHP's version. | |
| 84 | PHP54_VERSION= 5.4.45 | 84 | PHP54_VERSION= 5.4.45 | |
| 85 | PHP55_VERSION= 5.5.28 | 85 | PHP55_VERSION= 5.5.29 | |
| 86 | PHP56_VERSION= 5.6.12 | 86 | PHP56_VERSION= 5.6.12 | |
| 87 | 87 | |||
| 88 | # Define initial release of major version. | 88 | # Define initial release of major version. | |
| 89 | PHP54_RELDATE= 20120301 | 89 | PHP54_RELDATE= 20120301 | |
| 90 | PHP55_RELDATE= 20130620 | 90 | PHP55_RELDATE= 20130620 | |
| 91 | PHP56_RELDATE= 20140828 | 91 | PHP56_RELDATE= 20140828 | |
| 92 | 92 | |||
| 93 | _VARGROUPS+= php | 93 | _VARGROUPS+= php | |
| 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
| 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
| 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
| 97 | PKG_PHP_MAJOR_VERS | 97 | PKG_PHP_MAJOR_VERS | |
| 98 | 98 |
| @@ -1,18 +1,18 @@ | @@ -1,18 +1,18 @@ | |||
| 1 | $NetBSD: distinfo,v 1.44 2015/08/08 00:12:22 taca Exp $ | 1 | $NetBSD: distinfo,v 1.45 2015/09/06 12:26:37 taca Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (php-5.5.28.tar.bz2) = a6a4e54e93381a582dd1a945151448029c329065 | 3 | SHA1 (php-5.5.29.tar.bz2) = 4f6ef228e515f67232c1ab982d7b013dbb1a9008 | |
| 4 | RMD160 (php-5.5.28.tar.bz2) = 52b8fef8979033674e20d7e6a10f4f5353f01c09 | 4 | RMD160 (php-5.5.29.tar.bz2) = 75f386974c61acdd345814b959223204bab9377e | |
| 5 | Size (php-5.5.28.tar.bz2) = 13249927 bytes | 5 | Size (php-5.5.29.tar.bz2) = 13698565 bytes | |
| 6 | SHA1 (patch-acinclude.m4) = 9e9c433e4cb96e469f7cf14b2064a0f41fc4568a | 6 | SHA1 (patch-acinclude.m4) = 9e9c433e4cb96e469f7cf14b2064a0f41fc4568a | |
| 7 | SHA1 (patch-aclocal.m4) = 46f192351e541453b1e32299acd1b4cfefc93cb2 | 7 | SHA1 (patch-aclocal.m4) = 46f192351e541453b1e32299acd1b4cfefc93cb2 | |
| 8 | SHA1 (patch-build_libtool.m4) = 3811edd697fd21eadc4f65cba35c6297141e8ff2 | 8 | SHA1 (patch-build_libtool.m4) = 3811edd697fd21eadc4f65cba35c6297141e8ff2 | |
| 9 | SHA1 (patch-configure) = e81731b426b31656de72a4e4b3ad341b5ac34f82 | 9 | SHA1 (patch-configure) = e81731b426b31656de72a4e4b3ad341b5ac34f82 | |
| 10 | SHA1 (patch-ext_gd_config.m4) = 91c9798333d4776856a0a9e20196986856b758b2 | 10 | SHA1 (patch-ext_gd_config.m4) = 91c9798333d4776856a0a9e20196986856b758b2 | |
| 11 | SHA1 (patch-ext_imap_config.m4) = 01681e8b54ee586ec4db72a5da2d0aec3fa89fcc | 11 | SHA1 (patch-ext_imap_config.m4) = 01681e8b54ee586ec4db72a5da2d0aec3fa89fcc | |
| 12 | SHA1 (patch-ext_mssql_php__mssql.c) = 4ef1837850443e9db2e71620a3ddaed5ab5c435b | 12 | SHA1 (patch-ext_mssql_php__mssql.c) = 4ef1837850443e9db2e71620a3ddaed5ab5c435b | |
| 13 | SHA1 (patch-ext_opcache_config.m4) = 7c0d98feaeec8a0ca61f6f77a1906aa2d601be3f | 13 | SHA1 (patch-ext_opcache_config.m4) = 7c0d98feaeec8a0ca61f6f77a1906aa2d601be3f | |
| 14 | SHA1 (patch-ext_pdo__mysql_config.m4) = 3526e737da25129710218e7141d5a05ae0a51390 | 14 | SHA1 (patch-ext_pdo__mysql_config.m4) = 3526e737da25129710218e7141d5a05ae0a51390 | |
| 15 | SHA1 (patch-ext_pdo_config.m4) = 26a4ad02e5c6b7a54c3c54a6d026a3ccfed62c59 | 15 | SHA1 (patch-ext_pdo_config.m4) = 26a4ad02e5c6b7a54c3c54a6d026a3ccfed62c59 | |
| 16 | SHA1 (patch-ext_phar_Makefile.frag) = f465bb5acd4bb87bb403baa98b61ac707800fd30 | 16 | SHA1 (patch-ext_phar_Makefile.frag) = f465bb5acd4bb87bb403baa98b61ac707800fd30 | |
| 17 | SHA1 (patch-ext_phar_phar_phar.php) = 011f2d68048dbc63f5efcab4e23062daa9e8e08c | 17 | SHA1 (patch-ext_phar_phar_phar.php) = 011f2d68048dbc63f5efcab4e23062daa9e8e08c | |
| 18 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = b384b9daa466f2a8a3e6cfd4ea6cff81f9342941 | 18 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = b384b9daa466f2a8a3e6cfd4ea6cff81f9342941 |