Update php55 to 5.6.13 including security fixes.
03 Sep 2015, PHP 5.6.13
- Core:
. Fixed bug #69900 (Too long timeout on pipes). (Anatol)
. Fixed bug #69487 (SAPI may truncate POST data). (cmb)
. Fixed bug #70198 (Checking liveness does not work as expected).
(Shafreeck Sea, Anatol Belski)
. Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (Stas)
. Fixed bug #70219 (Use after free vulnerability in session deserializer).
(taoguangchen at icloud dot com)
- CLI server:
. Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE).
(wusuopu, cmb)
. Fixed bug #70264 (CLI server directory traversal). (cmb)
- Date:
. Fixed bug #70266 (DateInterval::__construct.interval_spec is not supposed to
be optional). (cmb)
. Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after null byte).
(cmb)
- EXIF:
. Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte
value of 32 bytes). (Stas)
- hash:
. Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). (letsgolee
at naver dot com)
- MCrypt:
. Fixed bug #69833 (mcrypt fd caching not working). (Anatol)
- Opcache:
. Fixed bug #70237 (Empty while and do-while segmentation fault with opcode
on CLI enabled). (Dmitry, Laruence)
- PCRE:
. Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string
match). (cmb)
. Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).
(Anatol Belski)
- SOAP:
. Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE).
(Stas)
- SPL:
. Fixed bug #70290 (Null pointer deref (segfault) in spl_autoload via
ob_start). (hugh at allthethings dot co dot nz)
. Fixed bug #70303 (Incorrect constructor reflection for ArrayObject). (cmb)
. Fixed bug #70365 (Use-after-free vulnerability in unserialize() with
SplObjectStorage). (taoguangchen at icloud dot com)
. Fixed bug #70366 (Use-after-free vulnerability in unserialize() with
SplDoublyLinkedList). (taoguangchen at icloud dot com)
- Standard:
. Fixed bug #70052 (getimagesize() fails for very large and very small WBMP).
(cmb)
. Fixed bug #70157 (parse_ini_string() segmentation fault with
INI_SCANNER_TYPED). (Tjerk)
- XSLT:
. Fixed bug #69782 (NULL pointer dereference). (Stas)
- ZIP:
. Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when
creating directories). (neal at fb dot com)
(taca)
diff -r1.110 -r1.111 pkgsrc/lang/php/phpversion.mk| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: phpversion.mk,v 1.110 2015/09/06 12:26:37 taca Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.111 2015/09/06 12:27:43 taca Exp $ | |
| 2 | # | 2 | # | |
| 3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
| 4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
| 5 | # package. | 5 | # package. | |
| 6 | # | 6 | # | |
| 7 | # === User-settable variables === | 7 | # === User-settable variables === | |
| 8 | # | 8 | # | |
| 9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
| 10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
| 11 | # the package. | 11 | # the package. | |
| 12 | # | 12 | # | |
| 13 | # Possible: 54 55 56 | 13 | # Possible: 54 55 56 | |
| 14 | # Default: 54 | 14 | # Default: 54 | |
| @@ -73,27 +73,27 @@ | @@ -73,27 +73,27 @@ | |||
| 73 | # initial release of major version. | 73 | # initial release of major version. | |
| 74 | # | 74 | # | |
| 75 | # Example: lib/php/20090630 | 75 | # Example: lib/php/20090630 | |
| 76 | # | 76 | # | |
| 77 | # Keywords: php | 77 | # Keywords: php | |
| 78 | # | 78 | # | |
| 79 | 79 | |||
| 80 | .if !defined(PHPVERSION_MK) | 80 | .if !defined(PHPVERSION_MK) | |
| 81 | PHPVERSION_MK= defined | 81 | PHPVERSION_MK= defined | |
| 82 | 82 | |||
| 83 | # Define each PHP's version. | 83 | # Define each PHP's version. | |
| 84 | PHP54_VERSION= 5.4.45 | 84 | PHP54_VERSION= 5.4.45 | |
| 85 | PHP55_VERSION= 5.5.29 | 85 | PHP55_VERSION= 5.5.29 | |
| 86 | PHP56_VERSION= 5.6.12 | 86 | PHP56_VERSION= 5.6.13 | |
| 87 | 87 | |||
| 88 | # Define initial release of major version. | 88 | # Define initial release of major version. | |
| 89 | PHP54_RELDATE= 20120301 | 89 | PHP54_RELDATE= 20120301 | |
| 90 | PHP55_RELDATE= 20130620 | 90 | PHP55_RELDATE= 20130620 | |
| 91 | PHP56_RELDATE= 20140828 | 91 | PHP56_RELDATE= 20140828 | |
| 92 | 92 | |||
| 93 | _VARGROUPS+= php | 93 | _VARGROUPS+= php | |
| 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
| 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
| 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
| 97 | PKG_PHP_MAJOR_VERS | 97 | PKG_PHP_MAJOR_VERS | |
| 98 | 98 | |||
| 99 | .include "../../mk/bsd.prefs.mk" | 99 | .include "../../mk/bsd.prefs.mk" |
| @@ -1,18 +1,18 @@ | @@ -1,18 +1,18 @@ | |||
| 1 | $NetBSD: distinfo,v 1.14 2015/08/08 00:13:36 taca Exp $ | 1 | $NetBSD: distinfo,v 1.15 2015/09/06 12:27:43 taca Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (php-5.6.12.tar.bz2) = ea9ac92e424f5b2bbfefe31c06864e3cb4c098e5 | 3 | SHA1 (php-5.6.13.tar.bz2) = 0fc2f582a6670efc512dc872da6638796ed64525 | |
| 4 | RMD160 (php-5.6.12.tar.bz2) = c1528c753b961970a8af6a7ac8eb684956ac80ae | 4 | RMD160 (php-5.6.13.tar.bz2) = a7f243e72b185f6da2a859bb80a59790c2c2aaba | |
| 5 | Size (php-5.6.12.tar.bz2) = 14094148 bytes | 5 | Size (php-5.6.13.tar.bz2) = 14077633 bytes | |
| 6 | SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8 | 6 | SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8 | |
| 7 | SHA1 (patch-aclocal.m4) = 49117c42e03bd3ed57d967d33ba543f936013b4f | 7 | SHA1 (patch-aclocal.m4) = 49117c42e03bd3ed57d967d33ba543f936013b4f | |
| 8 | SHA1 (patch-build_libtool.m4) = f459cda09cbdad9780568d271091fb17bbc5d965 | 8 | SHA1 (patch-build_libtool.m4) = f459cda09cbdad9780568d271091fb17bbc5d965 | |
| 9 | SHA1 (patch-configure) = d3d44c814deb0264fd4fc41908c2ff31fde00b0d | 9 | SHA1 (patch-configure) = d3d44c814deb0264fd4fc41908c2ff31fde00b0d | |
| 10 | SHA1 (patch-ext_gd_config.m4) = 4b44853250eb4a638af4c663e618307ff25d2cbd | 10 | SHA1 (patch-ext_gd_config.m4) = 4b44853250eb4a638af4c663e618307ff25d2cbd | |
| 11 | SHA1 (patch-ext_imap_config.m4) = 9c6ed6966366c4fe1b7cfd34b5910e2ff0e68577 | 11 | SHA1 (patch-ext_imap_config.m4) = 9c6ed6966366c4fe1b7cfd34b5910e2ff0e68577 | |
| 12 | SHA1 (patch-ext_mssql_php__mssql.c) = c4fa9231dc539ffb027f1beb6f182f21ddb94a3c | 12 | SHA1 (patch-ext_mssql_php__mssql.c) = c4fa9231dc539ffb027f1beb6f182f21ddb94a3c | |
| 13 | SHA1 (patch-ext_opcache_config.m4) = 031db201f68a120615561a5abd3e84aff58b523d | 13 | SHA1 (patch-ext_opcache_config.m4) = 031db201f68a120615561a5abd3e84aff58b523d | |
| 14 | SHA1 (patch-ext_pdo__mysql_config.m4) = 9d25c673fc151e1b8ae137f2a0fc540189ef5398 | 14 | SHA1 (patch-ext_pdo__mysql_config.m4) = 9d25c673fc151e1b8ae137f2a0fc540189ef5398 | |
| 15 | SHA1 (patch-ext_pdo_config.m4) = f6deef3ac631769baa587dd7c27e55bd2e9ca6a5 | 15 | SHA1 (patch-ext_pdo_config.m4) = f6deef3ac631769baa587dd7c27e55bd2e9ca6a5 | |
| 16 | SHA1 (patch-ext_phar_Makefile.frag) = 1564c188e57d48f83de7c2420fdde183598539e2 | 16 | SHA1 (patch-ext_phar_Makefile.frag) = 1564c188e57d48f83de7c2420fdde183598539e2 | |
| 17 | SHA1 (patch-ext_phar_phar_phar.php) = 5a82d55c7965027115065412f9b68defb278db64 | 17 | SHA1 (patch-ext_phar_phar_phar.php) = 5a82d55c7965027115065412f9b68defb278db64 | |
| 18 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 85cd8f3e115705aa2eeab0e7229f24422e322a7f | 18 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 85cd8f3e115705aa2eeab0e7229f24422e322a7f |