Pullup ticket #5036 - requested by taca
lang/php70: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.138
- lang/php70/distinfo 1.10-1.12
- lang/php70/patches/patch-sapi_cli_Makefile.frag 1.1-1.2
---
Module Name: pkgsrc
Committed By: taca
Date: Fri May 27 13:29:58 UTC 2016
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php70: distinfo
Log Message:
Update php70 to 7.0.7 (PHP 7.0.7), including security fix.
26 May 2016 PHP 7.0.7
- Core:
. Fixed bug #72162 (use-after-free - error_reporting). (Laruence)
. Add compiler option to disable special case function calls. (Joe)
. Fixed bug #72101 (crash on complex code). (Dmitry)
. Fixed bug #72100 (implode() inserts garbage into resulting string when
joins very big integer). (Mikhail Galanin)
. Fixed bug #72057 (PHP Hangs when using custom error handler and typehint).
(Nikita Nefedov)
. Fixed bug #72038 (Function calls with values to a by-ref parameter don't
always throw a notice). (Bob)
. Fixed bug #71737 (Memory leak in closure with parameter named $this).
(Nikita)
. Fixed bug #72059 (?? is not allowed on constant expressions). (Bob, Marcio)
. Fixed bug #72159 (Imported Class Overrides Local Class Name). (Nikita)
- Curl:
. Fixed bug #68658 (Define CURLE_SSL_CACERT_BADFILE). (Pierrick)
- DBA:
. Fixed bug #72157 (use-after-free caused by dba_open). (Shm, Laruence)
- GD:
. Fixed bug #72227 (imagescale out-of-bounds read). (Stas)
- Intl:
. Fixed #72241 (get_icu_value_internal out-of-bounds read). (Stas)
- JSON:
. Fixed bug #72069 (Behavior \JsonSerializable different from json_encode).
(Laruence)
- Mbstring:
. Fixed bug #72164 (Null Pointer Dereference - mb_ereg_replace). (Laruence)
- OCI8:
. Fixed bug #71600 (oci_fetch_all segfaults when selecting more than eight
columns). (Tian Yang)
- Opcache:
. Fixed bug #72014 (Including a file with anonymous classes multiple times
leads to fatal error). (Laruence)
- OpenSSL:
. Fixed bug #72165 (Null pointer dereference - openssl_csr_new). (Anatol)
- PCNTL:
. Fixed bug #72154 (pcntl_wait/pcntl_waitpid array internal structure
overwrite). (Laruence)
- POSIX:
. Fixed bug #72133 (php_posix_group_to_array crashes if gr_passwd is NULL).
(esminis at esminis dot lt)
- Postgres:
. Fixed bug #72028 (pg_query_params(): NULL converts to empty string).
(Laruence)
. Fixed bug #71062 (pg_convert() doesn't accept ISO 8601 for datatype
timestamp). (denver at timothy dot io)
. Fixed bug #72151 (mysqli_fetch_object changed behaviour). (Anatol)
- Reflection:
. Fixed bug #72174 (ReflectionProperty#getValue() causes __isset call).
(Nikita)
- Session:
. Fixed bug #71972 (Cyclic references causing session_start(): Failed to
decode session object). (Laruence)
- Sockets:
. Added socket_export_stream() function for getting a stream compatible
resource from a socket resource. (Chris Wright, Bob)
- SPL:
. Fixed bug #72051 (The reference in CallbackFilterIterator doesn't work as
expected). (Laruence)
- SQLite3:
. Fixed bug #68849 (bindValue is not using the right data type). (Anatol)
- Standard:
. Fixed bug #72075 (Referencing socket resources breaks stream_select).
(Laruence)
. Fixed bug #72031 (array_column() against an array of objects discards all
values matching null). (Nikita)
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat May 28 08:02:26 UTC 2016
Modified Files:
pkgsrc/lang/php70: distinfo
Added Files:
pkgsrc/lang/php70/patches: patch-sapi_cli_Makefile.frag
Log Message:
Mark php binary with paxctl +m because of JIT code.
Needed on NetBSD-current with PaX MPROTECT.
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat May 28 08:13:15 UTC 2016
Modified Files:
pkgsrc/lang/php70: distinfo
pkgsrc/lang/php70/patches: patch-sapi_cli_Makefile.frag
Log Message:
Add upstream bug report URL.
(bsiegert)
diff -r1.131.2.5 -r1.131.2.6 pkgsrc/lang/php/phpversion.mk| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: phpversion.mk,v 1.131.2.5 2016/06/04 19:50:02 bsiegert Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.131.2.6 2016/06/04 19:56:36 bsiegert Exp $ | |
| 2 | # | 2 | # | |
| 3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
| 4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
| 5 | # package. | 5 | # package. | |
| 6 | # | 6 | # | |
| 7 | # === User-settable variables === | 7 | # === User-settable variables === | |
| 8 | # | 8 | # | |
| 9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
| 10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
| 11 | # the package. | 11 | # the package. | |
| 12 | # | 12 | # | |
| 13 | # Possible: 55 56 70 | 13 | # Possible: 55 56 70 | |
| 14 | # Default: 55 | 14 | # Default: 55 | |
| @@ -73,27 +73,27 @@ | @@ -73,27 +73,27 @@ | |||
| 73 | # initial release of major version. | 73 | # initial release of major version. | |
| 74 | # | 74 | # | |
| 75 | # Example: lib/php/20090630 | 75 | # Example: lib/php/20090630 | |
| 76 | # | 76 | # | |
| 77 | # Keywords: php | 77 | # Keywords: php | |
| 78 | # | 78 | # | |
| 79 | 79 | |||
| 80 | .if !defined(PHPVERSION_MK) | 80 | .if !defined(PHPVERSION_MK) | |
| 81 | PHPVERSION_MK= defined | 81 | PHPVERSION_MK= defined | |
| 82 | 82 | |||
| 83 | # Define each PHP's version. | 83 | # Define each PHP's version. | |
| 84 | PHP55_VERSION= 5.5.36 | 84 | PHP55_VERSION= 5.5.36 | |
| 85 | PHP56_VERSION= 5.6.22 | 85 | PHP56_VERSION= 5.6.22 | |
| 86 | PHP70_VERSION= 7.0.6 | 86 | PHP70_VERSION= 7.0.7 | |
| 87 | 87 | |||
| 88 | # Define initial release of major version. | 88 | # Define initial release of major version. | |
| 89 | PHP55_RELDATE= 20130620 | 89 | PHP55_RELDATE= 20130620 | |
| 90 | PHP56_RELDATE= 20140828 | 90 | PHP56_RELDATE= 20140828 | |
| 91 | PHP70_RELDATE= 20151203 | 91 | PHP70_RELDATE= 20151203 | |
| 92 | 92 | |||
| 93 | _VARGROUPS+= php | 93 | _VARGROUPS+= php | |
| 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
| 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
| 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
| 97 | PKG_PHP_MAJOR_VERS | 97 | PKG_PHP_MAJOR_VERS | |
| 98 | 98 | |||
| 99 | .include "../../mk/bsd.prefs.mk" | 99 | .include "../../mk/bsd.prefs.mk" |
| @@ -1,25 +1,26 @@ | @@ -1,25 +1,26 @@ | |||
| 1 | $NetBSD: distinfo,v 1.8.2.1 2016/05/08 14:27:23 bsiegert Exp $ | 1 | $NetBSD: distinfo,v 1.8.2.2 2016/06/04 19:56:36 bsiegert Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (php-7.0.6.tar.bz2) = c7fb6b98124f5d367b18893e34aebb184d4fa715 | 3 | SHA1 (php-7.0.7.tar.bz2) = 7d1d718288e34edce686bd834de5313d199cebd3 | |
| 4 | RMD160 (php-7.0.6.tar.bz2) = b81bea4b3c6ecfc125b71d1c9407b4c1e854aa75 | 4 | RMD160 (php-7.0.7.tar.bz2) = d894c6897095736b5a278ee5a91b9a4cd80b6bac | |
| 5 | SHA512 (php-7.0.6.tar.bz2) = 7f44cc5df3b9bb4394ac39069fdc2993086dd8e159e97275bf5fa4dd399d416e9ea1b057cdf855bae1c0f9c2129af1914495d9d2512ce90a7dd3ce4206aa9286 | 5 | SHA512 (php-7.0.7.tar.bz2) = e6d5ce0eb665aa9beb13f5a3e6fa074ff92ccdd5112c4f2a7dfb1220f55624f2284a0bcfec45b92572762905ab2ac7890e98803860378fdb06752e22f363dbcf | |
| 6 | Size (php-7.0.6.tar.bz2) = 14102594 bytes | 6 | Size (php-7.0.7.tar.bz2) = 14106181 bytes | |
| 7 | SHA1 (patch-acinclude.m4) = b682280fd89950c082c2226bdb7364b0dc475bad | 7 | SHA1 (patch-acinclude.m4) = b682280fd89950c082c2226bdb7364b0dc475bad | |
| 8 | SHA1 (patch-configure) = a129e19ef87338f6e53ccc967c40ddcde7c7357c | 8 | SHA1 (patch-configure) = a129e19ef87338f6e53ccc967c40ddcde7c7357c | |
| 9 | SHA1 (patch-ext_gd_config.m4) = a7ec1bd0d876657d4b5e597b9aa1e97c2d2801e3 | 9 | SHA1 (patch-ext_gd_config.m4) = a7ec1bd0d876657d4b5e597b9aa1e97c2d2801e3 | |
| 10 | SHA1 (patch-ext_imap_config.m4) = f4e10ab81697b72019313f63bc630627a08efd92 | 10 | SHA1 (patch-ext_imap_config.m4) = f4e10ab81697b72019313f63bc630627a08efd92 | |
| 11 | SHA1 (patch-ext_pcre_pcrelib_config.h) = 0cb05c3b3bfafd8119cf43162c0f4db7f5b37ba8 | 11 | SHA1 (patch-ext_pcre_pcrelib_config.h) = 0cb05c3b3bfafd8119cf43162c0f4db7f5b37ba8 | |
| 12 | SHA1 (patch-ext_pdo__mysql_config.m4) = b1ef91be5a729040197e9af50da0f5fd1f6c90a8 | 12 | SHA1 (patch-ext_pdo__mysql_config.m4) = b1ef91be5a729040197e9af50da0f5fd1f6c90a8 | |
| 13 | SHA1 (patch-ext_pdo_config.m4) = 522281775cc0e70a135b1f813158988ef1f3e244 | 13 | SHA1 (patch-ext_pdo_config.m4) = 522281775cc0e70a135b1f813158988ef1f3e244 | |
| 14 | SHA1 (patch-ext_phar_Makefile.frag) = 558869b60f8ed6674a3ba1d595a65f010df4c426 | 14 | SHA1 (patch-ext_phar_Makefile.frag) = 558869b60f8ed6674a3ba1d595a65f010df4c426 | |
| 15 | SHA1 (patch-ext_phar_phar_phar.php) = f630e3946b21b76d4fe857a43e00e25c9445f2c8 | 15 | SHA1 (patch-ext_phar_phar_phar.php) = f630e3946b21b76d4fe857a43e00e25c9445f2c8 | |
| 16 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 8a529a1b3f7c97731f2e719d006f67c3a7259bb5 | 16 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 8a529a1b3f7c97731f2e719d006f67c3a7259bb5 | |
| 17 | SHA1 (patch-ext_standard_basic__functions.c) = f97a2748c7b15fbd9a2d3c21e56079088cc05d56 | 17 | SHA1 (patch-ext_standard_basic__functions.c) = f97a2748c7b15fbd9a2d3c21e56079088cc05d56 | |
| 18 | SHA1 (patch-ext_standard_php__dns.h) = 3687ceac4dff4605263b53acb761b071f7446ccb | 18 | SHA1 (patch-ext_standard_php__dns.h) = 3687ceac4dff4605263b53acb761b071f7446ccb | |
| 19 | SHA1 (patch-makedist) = 2ac0e0391c031c4fcf4993e2269cde4c6bfddfd5 | 19 | SHA1 (patch-makedist) = 2ac0e0391c031c4fcf4993e2269cde4c6bfddfd5 | |
| 20 | SHA1 (patch-php.ini-development) = dd65962000ec06439fae3c9bf252fa46be4e33fd | 20 | SHA1 (patch-php.ini-development) = dd65962000ec06439fae3c9bf252fa46be4e33fd | |
| 21 | SHA1 (patch-php.ini-production) = ae61dffedf574b688fe576b0b2af748b7a28cd89 | 21 | SHA1 (patch-php.ini-production) = ae61dffedf574b688fe576b0b2af748b7a28cd89 | |
| 22 | SHA1 (patch-run-tests.php) = 86c4d3f03eb8e31b5a35820f426533c9478571fb | 22 | SHA1 (patch-run-tests.php) = 86c4d3f03eb8e31b5a35820f426533c9478571fb | |
| 23 | SHA1 (patch-sapi_cgi_Makefile.frag) = 18769900f588ff81cc34474542afa1d65c070e65 | 23 | SHA1 (patch-sapi_cgi_Makefile.frag) = 18769900f588ff81cc34474542afa1d65c070e65 | |
| 24 | SHA1 (patch-sapi_cli_Makefile.frag) = 4ad9e9ad951ac02314b4c262a0a61e9fd275456e | |||
| 24 | SHA1 (patch-sapi_fpm_fpm_events_port.c) = 0f10fdb32fb7cab58e2abda49fb1fc658c410150 | 25 | SHA1 (patch-sapi_fpm_fpm_events_port.c) = 0f10fdb32fb7cab58e2abda49fb1fc658c410150 | |
| 25 | SHA1 (patch-sapi_fpm_php-fpm.conf.in) = b3c4fd499cbfd2dffd9176abb54e298ea542a5d7 | 26 | SHA1 (patch-sapi_fpm_php-fpm.conf.in) = b3c4fd499cbfd2dffd9176abb54e298ea542a5d7 |
$NetBSD: patch-sapi_cli_Makefile.frag,v 1.2.2.2 2016/06/04 19:56:36 bsiegert Exp $
Needed on NetBSD with PaX MPROTEXT, otherwise core dump with:
#1 0x00000000004d0d87 in _pcre_jit_exec ()
#2 0x00000000004a53f1 in php_pcre_exec ()
https://bugs.php.net/bug.php?id=72281
--- sapi/cli/Makefile.frag.orig 2016-04-28 18:12:27.000000000 +0000
+++ sapi/cli/Makefile.frag
@@ -2,6 +2,9 @@ cli: $(SAPI_CLI_PATH)
$(SAPI_CLI_PATH): $(PHP_GLOBAL_OBJS) $(PHP_BINARY_OBJS) $(PHP_CLI_OBJS)
$(BUILD_CLI)
+ @if test -f /usr/sbin/paxctl; then \
+ paxctl +m $(SAPI_CLI_PATH); \
+ fi
install-cli: $(SAPI_CLI_PATH)
@echo "Installing PHP CLI binary: $(INSTALL_ROOT)$(bindir)/"