Update php56 to 5.6.23 (PHP 5.6.23), including security fixes. pkgsrc change: remove confiugre from SUBST_FILES.path. 23 Jun 2016, PHP 5.6.23 - Core: . Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/ json_utf8_to_utf16()). (Stas) . Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Stas) . Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL). (Stas) - GD: . Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas) . Fixed bug #72337 (invalid dimensions can lead to crash) (Pierre) . Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in heap overflow). (Pierre) . Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas) . Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow). (Pierre) - Intl: . Fixed bug #70484 (selectordinal doesn't work with named parameters). (Anatol) - mbstring: . Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas) - mcrypt: . Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas) - Phar: . Fixed bug #72321 (invalid free in phar_extract_file()). (hji at dyntopia dot com) - SPL: . Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (Stas) . Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and unserialize). (Dmitry) - OpenSSL: . Fixed bug #72140 (segfault after calling ERR_free_strings()). (Jakub Zelenka) - WDDX: . Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (Stas) - zip: . Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize). (Dmitry)diff -r1.139 -r1.140 pkgsrc/lang/php/phpversion.mk
(taca)
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: phpversion.mk,v 1.139 2016/06/24 15:23:00 taca Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.140 2016/06/24 15:25:20 taca Exp $ | |
2 | # | 2 | # | |
3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
5 | # package. | 5 | # package. | |
6 | # | 6 | # | |
7 | # === User-settable variables === | 7 | # === User-settable variables === | |
8 | # | 8 | # | |
9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
11 | # the package. | 11 | # the package. | |
12 | # | 12 | # | |
13 | # Possible: 55 56 70 | 13 | # Possible: 55 56 70 | |
14 | # Default: 55 | 14 | # Default: 55 | |
@@ -72,27 +72,27 @@ | @@ -72,27 +72,27 @@ | |||
72 | # Relative path to ${PREFIX} for PHP's extensions. It is derived from | 72 | # Relative path to ${PREFIX} for PHP's extensions. It is derived from | |
73 | # initial release of major version. | 73 | # initial release of major version. | |
74 | # | 74 | # | |
75 | # Example: lib/php/20090630 | 75 | # Example: lib/php/20090630 | |
76 | # | 76 | # | |
77 | # Keywords: php | 77 | # Keywords: php | |
78 | # | 78 | # | |
79 | 79 | |||
80 | .if !defined(PHPVERSION_MK) | 80 | .if !defined(PHPVERSION_MK) | |
81 | PHPVERSION_MK= defined | 81 | PHPVERSION_MK= defined | |
82 | 82 | |||
83 | # Define each PHP's version. | 83 | # Define each PHP's version. | |
84 | PHP55_VERSION= 5.5.37 | 84 | PHP55_VERSION= 5.5.37 | |
85 | PHP56_VERSION= 5.6.22 | 85 | PHP56_VERSION= 5.6.23 | |
86 | PHP70_VERSION= 7.0.7 | 86 | PHP70_VERSION= 7.0.7 | |
87 | 87 | |||
88 | # Define initial release of major version. | 88 | # Define initial release of major version. | |
89 | PHP55_RELDATE= 20130620 | 89 | PHP55_RELDATE= 20130620 | |
90 | PHP56_RELDATE= 20140828 | 90 | PHP56_RELDATE= 20140828 | |
91 | PHP70_RELDATE= 20151203 | 91 | PHP70_RELDATE= 20151203 | |
92 | 92 | |||
93 | _VARGROUPS+= php | 93 | _VARGROUPS+= php | |
94 | _USER_VARS.php= PHP_VERSION_DEFAULT | 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
97 | PKG_PHP_MAJOR_VERS | 97 | PKG_PHP_MAJOR_VERS | |
98 | 98 |
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: Makefile,v 1.11 2016/04/02 09:00:25 taca Exp $ | 1 | # $NetBSD: Makefile,v 1.12 2016/06/24 15:25:21 taca Exp $ | |
2 | 2 | |||
3 | # | 3 | # | |
4 | # We can't omit PKGNAME here to handle PKG_OPTIONS. | 4 | # We can't omit PKGNAME here to handle PKG_OPTIONS. | |
5 | # | 5 | # | |
6 | PKGNAME= php-${PHP_VERSION} | 6 | PKGNAME= php-${PHP_VERSION} | |
7 | CATEGORIES= lang | 7 | CATEGORIES= lang | |
8 | 8 | |||
9 | HOMEPAGE= http://www.php.net/ | 9 | HOMEPAGE= http://www.php.net/ | |
10 | COMMENT= PHP Hypertext Preprocessor version 5.6 | 10 | COMMENT= PHP Hypertext Preprocessor version 5.6 | |
11 | LICENSE= php | 11 | LICENSE= php | |
12 | 12 | |||
13 | TEST_TARGET= test | 13 | TEST_TARGET= test | |
14 | 14 | |||
@@ -23,27 +23,27 @@ PHP_VERSIONS_ACCEPTED= 56 | @@ -23,27 +23,27 @@ PHP_VERSIONS_ACCEPTED= 56 | |||
23 | CGIDIR= ${PREFIX}/libexec/cgi-bin | 23 | CGIDIR= ${PREFIX}/libexec/cgi-bin | |
24 | EGDIR= ${PREFIX}/share/examples/php | 24 | EGDIR= ${PREFIX}/share/examples/php | |
25 | MESSAGE_SUBST+= CGIDIR=${CGIDIR} | 25 | MESSAGE_SUBST+= CGIDIR=${CGIDIR} | |
26 | 26 | |||
27 | CONFIGURE_ENV+= lt_cv_path_SED=${SED:Q} | 27 | CONFIGURE_ENV+= lt_cv_path_SED=${SED:Q} | |
28 | MAKE_ENV+= INSTALL_ROOT=${DESTDIR} | 28 | MAKE_ENV+= INSTALL_ROOT=${DESTDIR} | |
29 | 29 | |||
30 | CONF_FILES= ${EGDIR}/php.ini-production ${PKG_SYSCONFDIR}/php.ini | 30 | CONF_FILES= ${EGDIR}/php.ini-production ${PKG_SYSCONFDIR}/php.ini | |
31 | PLIST_SUBST+= PHPEXTDIR="${PHP_EXTENSION_DIR}" | 31 | PLIST_SUBST+= PHPEXTDIR="${PHP_EXTENSION_DIR}" | |
32 | 32 | |||
33 | SUBST_CLASSES+= path | 33 | SUBST_CLASSES+= path | |
34 | SUBST_MESSAGE.path= Fixing common paths. | 34 | SUBST_MESSAGE.path= Fixing common paths. | |
35 | SUBST_STAGE.path= pre-configure | 35 | SUBST_STAGE.path= pre-configure | |
36 | SUBST_FILES.path= configure ext/phar/phar/phar.php | 36 | SUBST_FILES.path= ext/phar/phar/phar.php | |
37 | SUBST_FILES.path+= php.ini-development php.ini-production run-tests.php | 37 | SUBST_FILES.path+= php.ini-development php.ini-production run-tests.php | |
38 | SUBST_FILES.path+= sapi/cgi/Makefile.frag | 38 | SUBST_FILES.path+= sapi/cgi/Makefile.frag | |
39 | SUBST_SED.path= -e 's,@CGIDIR@,${CGIDIR},g' | 39 | SUBST_SED.path= -e 's,@CGIDIR@,${CGIDIR},g' | |
40 | SUBST_SED.path+= -e 's,@PREFIX@,${PREFIX},g' | 40 | SUBST_SED.path+= -e 's,@PREFIX@,${PREFIX},g' | |
41 | 41 | |||
42 | INSTALLATION_DIRS+= ${CGIDIR} ${PHP_EXTENSION_DIR} ${EGDIR} share/php | 42 | INSTALLATION_DIRS+= ${CGIDIR} ${PHP_EXTENSION_DIR} ${EGDIR} share/php | |
43 | 43 | |||
44 | # Darwin < 9 (Mac OS X < 10.5 "Leopard") doesn't have gethostuuid(2) | 44 | # Darwin < 9 (Mac OS X < 10.5 "Leopard") doesn't have gethostuuid(2) | |
45 | # and lacks the zone memory allocator | 45 | # and lacks the zone memory allocator | |
46 | .if !empty(MACHINE_PLATFORM:MDarwin-[0-8].*-*) | 46 | .if !empty(MACHINE_PLATFORM:MDarwin-[0-8].*-*) | |
47 | CFLAGS+= -DSQLITE_ENABLE_LOCKING_STYLE=0 -DSQLITE_WITHOUT_ZONEMALLOC | 47 | CFLAGS+= -DSQLITE_ENABLE_LOCKING_STYLE=0 -DSQLITE_WITHOUT_ZONEMALLOC | |
48 | .endif | 48 | .endif | |
49 | 49 |
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | $NetBSD: distinfo,v 1.27 2016/05/27 13:28:07 taca Exp $ | 1 | $NetBSD: distinfo,v 1.28 2016/06/24 15:25:21 taca Exp $ | |
2 | 2 | |||
3 | SHA1 (php-5.6.22.tar.bz2) = c51c80e56659467c2bcee4a6a2ad217760dda177 | 3 | SHA1 (php-5.6.23.tar.bz2) = 27a5b59f28e92cf8b7961ac400d1fa7e3e7e191c | |
4 | RMD160 (php-5.6.22.tar.bz2) = 0862fb4703c73e82c5c8e13538994756fd8a5cce | 4 | RMD160 (php-5.6.23.tar.bz2) = 9907d4f13917c3aa1e015baf299ddb8220ec92f0 | |
5 | SHA512 (php-5.6.22.tar.bz2) = 9d21104832a1053a350ff31196e2c41cef713a9dfe207491236219954cf2eea216049b2f40313fb2a8e9ef641aad0af3f69456bbcebdf8fee312b0dd4a7df320 | 5 | SHA512 (php-5.6.23.tar.bz2) = 92be3685926f302223465e9673496971f0ee1b05c7b3a09682d4ef93a27b4c17e5c53c36acab15d26f38508f6d65bebe11a6f0f0fc98b27eafe95b02b4d9897d | |
6 | Size (php-5.6.22.tar.bz2) = 14170522 bytes | 6 | Size (php-5.6.23.tar.bz2) = 14178077 bytes | |
7 | SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8 | 7 | SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8 | |
8 | SHA1 (patch-configure) = 5d76f71aa903efa3c3491b908ff76419aa4af27c | 8 | SHA1 (patch-configure) = 5d76f71aa903efa3c3491b908ff76419aa4af27c | |
9 | SHA1 (patch-ext_gd_config.m4) = 4b44853250eb4a638af4c663e618307ff25d2cbd | 9 | SHA1 (patch-ext_gd_config.m4) = 4b44853250eb4a638af4c663e618307ff25d2cbd | |
10 | SHA1 (patch-ext_imap_config.m4) = 9c6ed6966366c4fe1b7cfd34b5910e2ff0e68577 | 10 | SHA1 (patch-ext_imap_config.m4) = 9c6ed6966366c4fe1b7cfd34b5910e2ff0e68577 | |
11 | SHA1 (patch-ext_mssql_php__mssql.c) = c4fa9231dc539ffb027f1beb6f182f21ddb94a3c | 11 | SHA1 (patch-ext_mssql_php__mssql.c) = c4fa9231dc539ffb027f1beb6f182f21ddb94a3c | |
12 | SHA1 (patch-ext_pcre_pcrelib_config.h) = 26588e9932ee715e32c872a1c7e2f9c640bd9cf8 | 12 | SHA1 (patch-ext_pcre_pcrelib_config.h) = 26588e9932ee715e32c872a1c7e2f9c640bd9cf8 | |
13 | SHA1 (patch-ext_pdo__mysql_config.m4) = 9d25c673fc151e1b8ae137f2a0fc540189ef5398 | 13 | SHA1 (patch-ext_pdo__mysql_config.m4) = 9d25c673fc151e1b8ae137f2a0fc540189ef5398 | |
14 | SHA1 (patch-ext_pdo_config.m4) = f6deef3ac631769baa587dd7c27e55bd2e9ca6a5 | 14 | SHA1 (patch-ext_pdo_config.m4) = f6deef3ac631769baa587dd7c27e55bd2e9ca6a5 | |
15 | SHA1 (patch-ext_phar_Makefile.frag) = 1564c188e57d48f83de7c2420fdde183598539e2 | 15 | SHA1 (patch-ext_phar_Makefile.frag) = 1564c188e57d48f83de7c2420fdde183598539e2 | |
16 | SHA1 (patch-ext_phar_phar_phar.php) = 5a82d55c7965027115065412f9b68defb278db64 | 16 | SHA1 (patch-ext_phar_phar_phar.php) = 5a82d55c7965027115065412f9b68defb278db64 | |
17 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 85cd8f3e115705aa2eeab0e7229f24422e322a7f | 17 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 85cd8f3e115705aa2eeab0e7229f24422e322a7f | |
18 | SHA1 (patch-ext_standard_basic__functions.c) = 669fe55c975bf2d971f6fdcb5b3004f7e20304d2 | 18 | SHA1 (patch-ext_standard_basic__functions.c) = 669fe55c975bf2d971f6fdcb5b3004f7e20304d2 | |
19 | SHA1 (patch-ext_standard_php__dns.h) = 57c5d6d8ae60da58925abc2c51d66b56762fecda | 19 | SHA1 (patch-ext_standard_php__dns.h) = 57c5d6d8ae60da58925abc2c51d66b56762fecda |