Update php55 to 5.5.38 (PHP 5.5.38).
Quote from release note:
Note that according to our release schedule, PHP 5.5.38 is the last release
of the PHP 5.5 branch. There may be additional release if we discover
important security issues that warrant it, otherwise this release will be
the final one in the PHP 5.5 branch. If your PHP installation is based on
PHP 5.5, it may be a good time to start making the plans for the upgrade to
PHP 5.6 or PHP 7.0.
21 Jul 2016, PHP 5.5.38
- BZip2:
. Fixed bug #72613 (Inadequate error handling in bzread()). (Stas)
- Core:
. Fixed bug #70480 (php_url_parse_ex() buffer overflow read). (Stas)
. Fixed bug #72513 (Stack-based buffer overflow vulnerability in
virtual_file_ex). (loianhtuan at gmail dot com)
. Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session
Deserialization). (taoguangchen at icloud dot com)
. Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and
applications). (CVE-2016-5385) (Stas)
- EXIF:
. Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).
(Stas)
. Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).
(Stas)
- GD:
. Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read
access). (Pierre)
. Fixed bug #72519 (imagegif/output out-of-bounds access). (Pierre)
. Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).
(CVE-2016-6207) (Pierre)
- Intl:
. Fixed bug #72533 (locale_accept_from_http out-of-bounds access). (Stas)
- ODBC:
. Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns)
- SNMP:
. Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and
unserialize()). (taoguangchen at icloud dot com)
- Xmlrpc:
. Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c).
(Stas)
- Zip:
. Fixed bug #72520 (Stack-based buffer overflow vulnerability in
php_stream_zip_opener). (loianhtuan at gmail dot com)
(taca)
diff -r1.141 -r1.142 pkgsrc/lang/php/phpversion.mk| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: phpversion.mk,v 1.141 2016/06/24 15:27:57 taca Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.142 2016/07/24 02:15:15 taca Exp $ | |
| 2 | # | 2 | # | |
| 3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
| 4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
| 5 | # package. | 5 | # package. | |
| 6 | # | 6 | # | |
| 7 | # === User-settable variables === | 7 | # === User-settable variables === | |
| 8 | # | 8 | # | |
| 9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
| 10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
| 11 | # the package. | 11 | # the package. | |
| 12 | # | 12 | # | |
| 13 | # Possible: 55 56 70 | 13 | # Possible: 55 56 70 | |
| 14 | # Default: 55 | 14 | # Default: 55 | |
| @@ -71,27 +71,27 @@ | @@ -71,27 +71,27 @@ | |||
| 71 | # PHP_EXTENSION_DIR | 71 | # PHP_EXTENSION_DIR | |
| 72 | # Relative path to ${PREFIX} for PHP's extensions. It is derived from | 72 | # Relative path to ${PREFIX} for PHP's extensions. It is derived from | |
| 73 | # initial release of major version. | 73 | # initial release of major version. | |
| 74 | # | 74 | # | |
| 75 | # Example: lib/php/20090630 | 75 | # Example: lib/php/20090630 | |
| 76 | # | 76 | # | |
| 77 | # Keywords: php | 77 | # Keywords: php | |
| 78 | # | 78 | # | |
| 79 | 79 | |||
| 80 | .if !defined(PHPVERSION_MK) | 80 | .if !defined(PHPVERSION_MK) | |
| 81 | PHPVERSION_MK= defined | 81 | PHPVERSION_MK= defined | |
| 82 | 82 | |||
| 83 | # Define each PHP's version. | 83 | # Define each PHP's version. | |
| 84 | PHP55_VERSION= 5.5.37 | 84 | PHP55_VERSION= 5.5.38 | |
| 85 | PHP56_VERSION= 5.6.23 | 85 | PHP56_VERSION= 5.6.23 | |
| 86 | PHP70_VERSION= 7.0.8 | 86 | PHP70_VERSION= 7.0.8 | |
| 87 | 87 | |||
| 88 | # Define initial release of major version. | 88 | # Define initial release of major version. | |
| 89 | PHP55_RELDATE= 20130620 | 89 | PHP55_RELDATE= 20130620 | |
| 90 | PHP56_RELDATE= 20140828 | 90 | PHP56_RELDATE= 20140828 | |
| 91 | PHP70_RELDATE= 20151203 | 91 | PHP70_RELDATE= 20151203 | |
| 92 | 92 | |||
| 93 | _VARGROUPS+= php | 93 | _VARGROUPS+= php | |
| 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | 94 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
| 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 95 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
| 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 96 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
| 97 | PKG_PHP_MAJOR_VERS | 97 | PKG_PHP_MAJOR_VERS |
| @@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
| 1 | $NetBSD: distinfo,v 1.54 2016/06/24 15:23:00 taca Exp $ | 1 | $NetBSD: distinfo,v 1.55 2016/07/24 02:15:15 taca Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (php-5.5.37.tar.bz2) = f999bf46a6b3a1adee8239c40e13e8ce06fd470a | 3 | SHA1 (php-5.5.38.tar.bz2) = ac79d48510e4bfe8f376d009e3ecb5b734bbc3a1 | |
| 4 | RMD160 (php-5.5.37.tar.bz2) = 349fbe9ea88423a2f6b0b8b47468401c3537ff8c | 4 | RMD160 (php-5.5.38.tar.bz2) = 2f1f0ff08c963975c6a624ecc83432cf48be3b39 | |
| 5 | SHA512 (php-5.5.37.tar.bz2) = d2da921f3efd858e1cb8004873e377ca9c5821d5269d5b8e7c9be830b183f4d18f737b14653f65a43c0957bdca994e09a476d77e3a29a11e357abc24618c4c0f | 5 | SHA512 (php-5.5.38.tar.bz2) = dd9e578013023cc8e9ab86ef129bf414682bca318c83816ff2f15be5f81863475737b48508d78542d4fe9dc7e31418bd9c0188b2d72745f069322f3ca4da9560 | |
| 6 | Size (php-5.5.37.tar.bz2) = 13699851 bytes | 6 | Size (php-5.5.38.tar.bz2) = 13701262 bytes | |
| 7 | SHA1 (patch-acinclude.m4) = 9e9c433e4cb96e469f7cf14b2064a0f41fc4568a | 7 | SHA1 (patch-acinclude.m4) = 9e9c433e4cb96e469f7cf14b2064a0f41fc4568a | |
| 8 | SHA1 (patch-aclocal.m4) = 46f192351e541453b1e32299acd1b4cfefc93cb2 | 8 | SHA1 (patch-aclocal.m4) = 46f192351e541453b1e32299acd1b4cfefc93cb2 | |
| 9 | SHA1 (patch-build_libtool.m4) = 3811edd697fd21eadc4f65cba35c6297141e8ff2 | 9 | SHA1 (patch-build_libtool.m4) = 3811edd697fd21eadc4f65cba35c6297141e8ff2 | |
| 10 | SHA1 (patch-configure) = e81731b426b31656de72a4e4b3ad341b5ac34f82 | 10 | SHA1 (patch-configure) = e81731b426b31656de72a4e4b3ad341b5ac34f82 | |
| 11 | SHA1 (patch-ext_gd_config.m4) = 91c9798333d4776856a0a9e20196986856b758b2 | 11 | SHA1 (patch-ext_gd_config.m4) = 91c9798333d4776856a0a9e20196986856b758b2 | |
| 12 | SHA1 (patch-ext_imap_config.m4) = 01681e8b54ee586ec4db72a5da2d0aec3fa89fcc | 12 | SHA1 (patch-ext_imap_config.m4) = 01681e8b54ee586ec4db72a5da2d0aec3fa89fcc | |
| 13 | SHA1 (patch-ext_mssql_php__mssql.c) = 4ef1837850443e9db2e71620a3ddaed5ab5c435b | 13 | SHA1 (patch-ext_mssql_php__mssql.c) = 4ef1837850443e9db2e71620a3ddaed5ab5c435b | |
| 14 | SHA1 (patch-ext_opcache_config.m4) = 7c0d98feaeec8a0ca61f6f77a1906aa2d601be3f | 14 | SHA1 (patch-ext_opcache_config.m4) = 7c0d98feaeec8a0ca61f6f77a1906aa2d601be3f | |
| 15 | SHA1 (patch-ext_pdo__mysql_config.m4) = 3526e737da25129710218e7141d5a05ae0a51390 | 15 | SHA1 (patch-ext_pdo__mysql_config.m4) = 3526e737da25129710218e7141d5a05ae0a51390 | |
| 16 | SHA1 (patch-ext_pdo_config.m4) = 26a4ad02e5c6b7a54c3c54a6d026a3ccfed62c59 | 16 | SHA1 (patch-ext_pdo_config.m4) = 26a4ad02e5c6b7a54c3c54a6d026a3ccfed62c59 | |
| 17 | SHA1 (patch-ext_phar_Makefile.frag) = f465bb5acd4bb87bb403baa98b61ac707800fd30 | 17 | SHA1 (patch-ext_phar_Makefile.frag) = f465bb5acd4bb87bb403baa98b61ac707800fd30 | |
| 18 | SHA1 (patch-ext_phar_phar_phar.php) = 011f2d68048dbc63f5efcab4e23062daa9e8e08c | 18 | SHA1 (patch-ext_phar_phar_phar.php) = 011f2d68048dbc63f5efcab4e23062daa9e8e08c | |
| 19 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = b384b9daa466f2a8a3e6cfd4ea6cff81f9342941 | 19 | SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = b384b9daa466f2a8a3e6cfd4ea6cff81f9342941 |