Update php56 to 5.6.23 (PHP 5.6.23), including security fixes.
pkgsrc change: remove confiugre from SUBST_FILES.path.
23 Jun 2016, PHP 5.6.23
- Core:
. Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/
json_utf8_to_utf16()). (Stas)
. Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Stas)
. Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL). (Stas)
- GD:
. Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas)
. Fixed bug #72337 (invalid dimensions can lead to crash) (Pierre)
. Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in
heap overflow). (Pierre)
. Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas)
. Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting
in heap overflow). (Pierre)
- Intl:
. Fixed bug #70484 (selectordinal doesn't work with named parameters).
(Anatol)
- mbstring:
. Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas)
- mcrypt:
. Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)
- Phar:
. Fixed bug #72321 (invalid free in phar_extract_file()).
(hji at dyntopia dot com)
- SPL:
. Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (Stas)
. Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and
unserialize). (Dmitry)
- OpenSSL:
. Fixed bug #72140 (segfault after calling ERR_free_strings()).
(Jakub Zelenka)
- WDDX:
. Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (Stas)
- zip:
. Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC
algorithm and unserialize). (Dmitry)
(taca)
diff -r1.139 -r1.140 pkgsrc/lang/php/phpversion.mk| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: phpversion.mk,v 1.139 2016/06/24 15:23:00 taca Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.140 2016/06/24 15:25:20 taca Exp $ | |
| 2 | # | 2 | # | |
| 3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
| 4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
| 5 | # package. | 5 | # package. | |
| 6 | # | 6 | # | |
| 7 | # === User-settable variables === | 7 | # === User-settable variables === | |
| 8 | # | 8 | # | |
| 9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
| 10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
| 11 | # the package. | 11 | # the package. | |
| 12 | # | 12 | # | |
| 13 | # Possible: 55 56 70 | 13 | # Possible: 55 56 70 | |
| 14 | # Default: 55 | 14 | # Default: 55 | |
| @@ -72,27 +72,27 @@ | @@ -72,27 +72,27 @@ | |||
| 72 | # Relative path to ${PREFIX} for PHP's extensions. It is derived from | 72 | # Relative path to ${PREFIX} for PHP's extensions. It is derived from | |
| 73 | # initial release of major version. | 73 | # initial release of major version. | |
| 74 | # | 74 | # | |
| 75 | # Example: lib/php/20090630 | 75 | # Example: lib/php/20090630 | |
| 76 | # | 76 | # | |
| 77 | # Keywords: php | 77 | # Keywords: php | |
| 78 | # | 78 | # | |
| 79 | 79 | |||
| 80 | .if !defined(PHPVERSION_MK) | 80 | .if !defined(PHPVERSION_MK) | |
| 81 | PHPVERSION_MK= defined | 81 | PHPVERSION_MK= defined | |
| 82 | 82 | |||
| 83 | # Define each PHP's version. | 83 | # Define each PHP's version. | |
| 84 | PHP55_VERSION= 5.5.37 | 84 | PHP55_VERSION= 5.5.37 | |
| 85 | PHP56_VERSION= 5.6.22 | 85 | PHP56_VERSION= 5.6.23 | |
| 86 | PHP70_VERSION= 7.0.7 | 86 | PHP70_VERSION= 7.0.7 | |
| 87 | 87 | |||
| 88 | # Define initial release of major version. | 88 | # Define initial release of major version. | |
| 89 | PHP55_RELDATE= 20130620 | 89 | PHP55_RELDATE= 20130620 | |
| 90 | PHP56_RELDATE= 20140828 | 90 | PHP56_RELDATE= 20140828 | |
| 91 | PHP70_RELDATE= 20151203 | 91 | PHP70_RELDATE= 20151203 | |
| 92 | 92 | |||
| 93 | _VARGROUPS+= php | 93 | _VARGROUPS+= php | |
| 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
| 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
| 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
| 97 | PKG_PHP_MAJOR_VERS | 97 | PKG_PHP_MAJOR_VERS | |
| 98 | 98 |
| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: Makefile,v 1.11 2016/04/02 09:00:25 taca Exp $ | 1 | # $NetBSD: Makefile,v 1.12 2016/06/24 15:25:21 taca Exp $ | |
| 2 | 2 | |||
| 3 | # | 3 | # | |
| 4 | # We can't omit PKGNAME here to handle PKG_OPTIONS. | 4 | # We can't omit PKGNAME here to handle PKG_OPTIONS. | |
| 5 | # | 5 | # | |
| 6 | PKGNAME= php-${PHP_VERSION} | 6 | PKGNAME= php-${PHP_VERSION} | |
| 7 | CATEGORIES= lang | 7 | CATEGORIES= lang | |
| 8 | 8 | |||
| 9 | HOMEPAGE= http://www.php.net/ | 9 | HOMEPAGE= http://www.php.net/ | |
| 10 | COMMENT= PHP Hypertext Preprocessor version 5.6 | 10 | COMMENT= PHP Hypertext Preprocessor version 5.6 | |
| 11 | LICENSE= php | 11 | LICENSE= php | |
| 12 | 12 | |||
| 13 | TEST_TARGET= test | 13 | TEST_TARGET= test | |
| 14 | 14 | |||
| @@ -23,27 +23,27 @@ PHP_VERSIONS_ACCEPTED= 56 | @@ -23,27 +23,27 @@ PHP_VERSIONS_ACCEPTED= 56 | |||
| 23 | CGIDIR= ${PREFIX}/libexec/cgi-bin | 23 | CGIDIR= ${PREFIX}/libexec/cgi-bin | |
| 24 | EGDIR= ${PREFIX}/share/examples/php | 24 | EGDIR= ${PREFIX}/share/examples/php | |
| 25 | MESSAGE_SUBST+= CGIDIR=${CGIDIR} | 25 | MESSAGE_SUBST+= CGIDIR=${CGIDIR} | |
| 26 | 26 | |||
| 27 | CONFIGURE_ENV+= lt_cv_path_SED=${SED:Q} | 27 | CONFIGURE_ENV+= lt_cv_path_SED=${SED:Q} | |
| 28 | MAKE_ENV+= INSTALL_ROOT=${DESTDIR} | 28 | MAKE_ENV+= INSTALL_ROOT=${DESTDIR} | |
| 29 | 29 | |||
| 30 | CONF_FILES= ${EGDIR}/php.ini-production ${PKG_SYSCONFDIR}/php.ini | 30 | CONF_FILES= ${EGDIR}/php.ini-production ${PKG_SYSCONFDIR}/php.ini | |
| 31 | PLIST_SUBST+= PHPEXTDIR="${PHP_EXTENSION_DIR}" | 31 | PLIST_SUBST+= PHPEXTDIR="${PHP_EXTENSION_DIR}" | |
| 32 | 32 | |||
| 33 | SUBST_CLASSES+= path | 33 | SUBST_CLASSES+= path | |
| 34 | SUBST_MESSAGE.path= Fixing common paths. | 34 | SUBST_MESSAGE.path= Fixing common paths. | |
| 35 | SUBST_STAGE.path= pre-configure | 35 | SUBST_STAGE.path= pre-configure | |
| 36 | SUBST_FILES.path= configure ext/phar/phar/phar.php | 36 | SUBST_FILES.path= ext/phar/phar/phar.php | |
| 37 | SUBST_FILES.path+= php.ini-development php.ini-production run-tests.php | 37 | SUBST_FILES.path+= php.ini-development php.ini-production run-tests.php | |
| 38 | SUBST_FILES.path+= sapi/cgi/Makefile.frag | 38 | SUBST_FILES.path+= sapi/cgi/Makefile.frag | |
| 39 | SUBST_SED.path= -e 's,@CGIDIR@,${CGIDIR},g' | 39 | SUBST_SED.path= -e 's,@CGIDIR@,${CGIDIR},g' | |
| 40 | SUBST_SED.path+= -e 's,@PREFIX@,${PREFIX},g' | 40 | SUBST_SED.path+= -e 's,@PREFIX@,${PREFIX},g' | |
| 41 | 41 | |||
| 42 | INSTALLATION_DIRS+= ${CGIDIR} ${PHP_EXTENSION_DIR} ${EGDIR} share/php | 42 | INSTALLATION_DIRS+= ${CGIDIR} ${PHP_EXTENSION_DIR} ${EGDIR} share/php | |
| 43 | 43 | |||
| 44 | # Darwin < 9 (Mac OS X < 10.5 "Leopard") doesn't have gethostuuid(2) | 44 | # Darwin < 9 (Mac OS X < 10.5 "Leopard") doesn't have gethostuuid(2) | |
| 45 | # and lacks the zone memory allocator | 45 | # and lacks the zone memory allocator | |
| 46 | .if !empty(MACHINE_PLATFORM:MDarwin-[0-8].*-*) | 46 | .if !empty(MACHINE_PLATFORM:MDarwin-[0-8].*-*) | |
| 47 | CFLAGS+= -DSQLITE_ENABLE_LOCKING_STYLE=0 -DSQLITE_WITHOUT_ZONEMALLOC | 47 | CFLAGS+= -DSQLITE_ENABLE_LOCKING_STYLE=0 -DSQLITE_WITHOUT_ZONEMALLOC | |
| 48 | .endif | 48 | .endif | |
| 49 | 49 |
| @@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
| 1 | $NetBSD: distinfo,v 1.27 2016/05/27 13:28:07 taca Exp $ | 1 | $NetBSD: distinfo,v 1.28 2016/06/24 15:25:21 taca Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (php-5.6.22.tar.bz2) = c51c80e56659467c2bcee4a6a2ad217760dda177 | 3 | SHA1 (php-5.6.23.tar.bz2) = 27a5b59f28e92cf8b7961ac400d1fa7e3e7e191c | |
| 4 | RMD160 (php-5.6.22.tar.bz2) = 0862fb4703c73e82c5c8e13538994756fd8a5cce | 4 | RMD160 (php-5.6.23.tar.bz2) = 9907d4f13917c3aa1e015baf299ddb8220ec92f0 | |
| 5 | SHA512 (php-5.6.22.tar.bz2) = 9d21104832a1053a350ff31196e2c41cef713a9dfe207491236219954cf2eea216049b2f40313fb2a8e9ef641aad0af3f69456bbcebdf8fee312b0dd4a7df320 | 5 | SHA512 (php-5.6.23.tar.bz2) = 92be3685926f302223465e9673496971f0ee1b05c7b3a09682d4ef93a27b4c17e5c53c36acab15d26f38508f6d65bebe11a6f0f0fc98b27eafe95b02b4d9897d | |
| 6 | Size (php-5.6.22.tar.bz2) = 14170522 bytes | 6 | Size (php-5.6.23.tar.bz2) = 14178077 bytes | |
| 7 | SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8 | 7 | SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8 | |
| 8 | SHA1 (patch-configure) = 5d76f71aa903efa3c3491b908ff76419aa4af27c | 8 | SHA1 (patch-configure) = 5d76f71aa903efa3c3491b908ff76419aa4af27c | |
| 9 | SHA1 (patch-ext_gd_config.m4) = 4b44853250eb4a638af4c663e618307ff25d2cbd | 9 | SHA1 (patch-ext_gd_config.m4) = 4b44853250eb4a638af4c663e618307ff25d2cbd | |
| 10 | SHA1 (patch-ext_imap_config.m4) = 9c6ed6966366c4fe1b7cfd34b5910e2ff0e68577 | 10 | SHA1 (patch-ext_imap_config.m4) = 9c6ed6966366c4fe1b7cfd34b5910e2ff0e68577 | |
| 11 | SHA1 (patch-ext_mssql_php__mssql.c) = c4fa9231dc539ffb027f1beb6f182f21ddb94a3c | 11 | SHA1 (patch-ext_mssql_php__mssql.c) = c4fa9231dc539ffb027f1beb6f182f21ddb94a3c | |
| 12 | SHA1 (patch-ext_pcre_pcrelib_config.h) = 26588e9932ee715e32c872a1c7e2f9c640bd9cf8 | 12 | SHA1 (patch-ext_pcre_pcrelib_config.h) = 26588e9932ee715e32c872a1c7e2f9c640bd9cf8 | |
| 13 | SHA1 (patch-ext_pdo__mysql_config.m4) = 9d25c673fc151e1b8ae137f2a0fc540189ef5398 | 13 | SHA1 (patch-ext_pdo__mysql_config.m4) = 9d25c673fc151e1b8ae137f2a0fc540189ef5398 | |
| 14 | SHA1 (patch-ext_pdo_config.m4) = f6deef3ac631769baa587dd7c27e55bd2e9ca6a5 | 14 | SHA1 (patch-ext_pdo_config.m4) = f6deef3ac631769baa587dd7c27e55bd2e9ca6a5 | |
| 15 | SHA1 (patch-ext_phar_Makefile.frag) = 1564c188e57d48f83de7c2420fdde183598539e2 | 15 | SHA1 (patch-ext_phar_Makefile.frag) = 1564c188e57d48f83de7c2420fdde183598539e2 | |
| 16 | SHA1 (patch-ext_phar_phar_phar.php) = 5a82d55c7965027115065412f9b68defb278db64 | 16 | SHA1 (patch-ext_phar_phar_phar.php) = 5a82d55c7965027115065412f9b68defb278db64 | |
| 17 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 85cd8f3e115705aa2eeab0e7229f24422e322a7f | 17 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 85cd8f3e115705aa2eeab0e7229f24422e322a7f | |
| 18 | SHA1 (patch-ext_standard_basic__functions.c) = 669fe55c975bf2d971f6fdcb5b3004f7e20304d2 | 18 | SHA1 (patch-ext_standard_basic__functions.c) = 669fe55c975bf2d971f6fdcb5b3004f7e20304d2 | |
| 19 | SHA1 (patch-ext_standard_php__dns.h) = 57c5d6d8ae60da58925abc2c51d66b56762fecda | 19 | SHA1 (patch-ext_standard_php__dns.h) = 57c5d6d8ae60da58925abc2c51d66b56762fecda |