Pullup ticket #5897 - requested by taca lang/php72: security fix Revisions pulled up: - lang/php/phpversion.mk 1.243 - lang/php72/Makefile 1.16 - lang/php72/distinfo 1.35 --- Module Name: pkgsrc Committed By: taca Date: Sat Jan 12 14:59:03 UTC 2019 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php72: Makefile distinfo Log Message: lang/php72: update to 7.2.14 10 Jan 2019, PHP 7.2.14 - Core: . Fixed bug #77369 (memcpy with negative length via crafted DNS response). (Stas) . Fixed bug #71041 (zend_signal_startup() needs ZEND_API). (Valentin V. Bartenev) . Fixed bug #76046 (PHP generates "FE_FREE" opcode on the wrong line). (Nikita) - COM: . Fixed bug #77177 (Serializing or unserializing COM objects crashes). (cmb) - Date: . Fixed bug #77097 (DateTime::diff gives wrong diff when the actual diff is less than 1 second). (Derick) - Exif: . Fixed bug #77184 (Unsigned rational numbers are written out as signed rationals). (Colin Basnett) - GD: . Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to use-after-free). (cmb) . Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). (cmb) . Fixed bug #77195 (Incorrect error handling of imagecreatefromjpeg()). (cmb) . Fixed bug #77198 (auto cropping has insufficient precision). (cmb) . Fixed bug #77200 (imagecropauto(…, GD_CROP_SIDES) crops left but not right). (cmb) - IMAP: . Fixed bug #77020 (null pointer dereference in imap_mail). (cmb) - Mbstring: . Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). (Stas) . Fixed bug #77371 (heap buffer overflow in mb regex functions - compile_string_node). (Stas) . Fixed bug #77381 (heap buffer overflow in multibyte match_at). (Stas) . Fixed bug #77382 (heap buffer overflow due to incorrect length in expand_case_fold_string). (Stas) . Fixed bug #77385 (buffer overflow in fetch_token). (Stas) . Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). (Stas) . Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). (Stas) - OCI8: . Fixed bug #76804 (oci_pconnect with OCI_CRED_EXT not working). (KoenigsKind) . Added oci_set_call_timeout() for call timeouts. . Added oci_set_db_operation() for the DBOP end-to-end-tracing attribute. - Opcache: . Fixed bug #77215 (CFG assertion failure on multiple finalizing switch frees in one block). (Nikita) - PDO: . Handle invalid index passed to PDOStatement::fetchColumn() as error. (Sergei Morozov) - Phar: . Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). (Stas) - Sockets: . Fixed bug #77136 (Unsupported IPV6_RECVPKTINFO constants on macOS). (Mizunashi Mana) - SQLite3: . Fixed bug #77051 (Issue with re-binding on SQLite3). (BohwaZ) - Xmlrpc: . Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). (cmb) . Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). (Stas)diff -r1.241.2.1 -r1.241.2.2 pkgsrc/lang/php/phpversion.mk
(bsiegert)
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: phpversion.mk,v 1.241.2.1 2019/01/19 21:30:21 bsiegert Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.241.2.2 2019/01/19 21:44:08 bsiegert Exp $ | |
2 | # | 2 | # | |
3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
5 | # package. | 5 | # package. | |
6 | # | 6 | # | |
7 | # === User-settable variables === | 7 | # === User-settable variables === | |
8 | # | 8 | # | |
9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
11 | # the package. | 11 | # the package. | |
12 | # | 12 | # | |
13 | # Possible: 56 70 71 72 73 | 13 | # Possible: 56 70 71 72 73 | |
14 | # Default: 71 | 14 | # Default: 71 | |
@@ -80,27 +80,27 @@ | @@ -80,27 +80,27 @@ | |||
80 | # | 80 | # | |
81 | # Example: lib/php/20140828 | 81 | # Example: lib/php/20140828 | |
82 | # | 82 | # | |
83 | # Keywords: php | 83 | # Keywords: php | |
84 | # | 84 | # | |
85 | 85 | |||
86 | .if !defined(PHPVERSION_MK) | 86 | .if !defined(PHPVERSION_MK) | |
87 | PHPVERSION_MK= defined | 87 | PHPVERSION_MK= defined | |
88 | 88 | |||
89 | # Define each PHP's version. | 89 | # Define each PHP's version. | |
90 | PHP56_VERSION= 5.6.39 | 90 | PHP56_VERSION= 5.6.39 | |
91 | PHP70_VERSION= 7.0.33 | 91 | PHP70_VERSION= 7.0.33 | |
92 | PHP71_VERSION= 7.1.26 | 92 | PHP71_VERSION= 7.1.26 | |
93 | PHP72_VERSION= 7.2.13 | 93 | PHP72_VERSION= 7.2.14 | |
94 | PHP73_VERSION= 7.3.0 | 94 | PHP73_VERSION= 7.3.0 | |
95 | 95 | |||
96 | # Define initial release of major version. | 96 | # Define initial release of major version. | |
97 | PHP56_RELDATE= 20140828 | 97 | PHP56_RELDATE= 20140828 | |
98 | PHP70_RELDATE= 20151203 | 98 | PHP70_RELDATE= 20151203 | |
99 | PHP71_RELDATE= 20160303 | 99 | PHP71_RELDATE= 20160303 | |
100 | PHP72_RELDATE= 20170718 | 100 | PHP72_RELDATE= 20170718 | |
101 | PHP73_RELDATE= 20181200 | 101 | PHP73_RELDATE= 20181200 | |
102 | 102 | |||
103 | _VARGROUPS+= php | 103 | _VARGROUPS+= php | |
104 | _USER_VARS.php= PHP_VERSION_DEFAULT | 104 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
105 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 105 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
106 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 106 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ |
@@ -1,20 +1,19 @@ | @@ -1,20 +1,19 @@ | |||
1 | # $NetBSD: Makefile,v 1.15 2018/12/09 18:52:34 adam Exp $ | 1 | # $NetBSD: Makefile,v 1.15.2.1 2019/01/19 21:44:08 bsiegert Exp $ | |
2 | 2 | |||
3 | # | 3 | # | |
4 | # We can't omit PKGNAME here to handle PKG_OPTIONS. | 4 | # We can't omit PKGNAME here to handle PKG_OPTIONS. | |
5 | # | 5 | # | |
6 | PKGNAME= php-${PHP_VERSION:S/RC/rc/} | 6 | PKGNAME= php-${PHP_VERSION:S/RC/rc/} | |
7 | PKGREVISION= 2 | |||
8 | 7 | |||
9 | HOMEPAGE= http://www.php.net/ | 8 | HOMEPAGE= http://www.php.net/ | |
10 | COMMENT= PHP Hypertext Preprocessor version 7.2 | 9 | COMMENT= PHP Hypertext Preprocessor version 7.2 | |
11 | LICENSE= php | 10 | LICENSE= php | |
12 | 11 | |||
13 | TEST_TARGET= test | 12 | TEST_TARGET= test | |
14 | 13 | |||
15 | USE_TOOLS+= gmake lex pkg-config | 14 | USE_TOOLS+= gmake lex pkg-config | |
16 | LIBTOOL_OVERRIDE= # empty | 15 | LIBTOOL_OVERRIDE= # empty | |
17 | PHP_CHECK_INSTALLED= No | 16 | PHP_CHECK_INSTALLED= No | |
18 | 17 | |||
19 | PHP_VERSIONS_ACCEPTED= 72 | 18 | PHP_VERSIONS_ACCEPTED= 72 | |
20 | 19 |
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | $NetBSD: distinfo,v 1.34 2018/12/07 17:12:48 taca Exp $ | 1 | $NetBSD: distinfo,v 1.34.2.1 2019/01/19 21:44:08 bsiegert Exp $ | |
2 | 2 | |||
3 | SHA1 (php-7.2.13.tar.bz2) = eb74e4b52013fef8a349b2193605d344ed425503 | 3 | SHA1 (php-7.2.14.tar.bz2) = 97d0bfc6f75d82e8ef9425189ca5c544866f927e | |
4 | RMD160 (php-7.2.13.tar.bz2) = 1f362e20ce739e34d7e5c3f282e1842f1873aa73 | 4 | RMD160 (php-7.2.14.tar.bz2) = 886704673d55837144946731f6137549d4f963ac | |
5 | SHA512 (php-7.2.13.tar.bz2) = 95b9d09fec4af7df38736fabd291af5635a2caab9611c82a9a4988a849888f9847052ed69192c0f0b0103cf9d2888d5dd763471e1419d6e8da33ab77c9f95dbd | 5 | SHA512 (php-7.2.14.tar.bz2) = 1a3db5937c826a1dea39db24fcf122b931ecda89c5c8ca96f337fb696c48c39f81c540bfae40e0cc8837b5d378288da4f91dfa07435801517d75202e5c925453 | |
6 | Size (php-7.2.13.tar.bz2) = 15051814 bytes | 6 | Size (php-7.2.14.tar.bz2) = 15039077 bytes | |
7 | SHA1 (patch-configure) = 47f2ede97390cc7e46d04c2769dd97459b19450a | 7 | SHA1 (patch-configure) = 47f2ede97390cc7e46d04c2769dd97459b19450a | |
8 | SHA1 (patch-disable-filter-url) = e9e92d686ddd1d1a1ece10fe4feee4e368fe510c | 8 | SHA1 (patch-disable-filter-url) = e9e92d686ddd1d1a1ece10fe4feee4e368fe510c | |
9 | SHA1 (patch-ext_gd_config.m4) = eaecfb31b18700dd642c067ed82748d4f6be2335 | 9 | SHA1 (patch-ext_gd_config.m4) = eaecfb31b18700dd642c067ed82748d4f6be2335 | |
10 | SHA1 (patch-ext_phar_Makefile.frag) = 558869b60f8ed6674a3ba1d595a65f010df4c426 | 10 | SHA1 (patch-ext_phar_Makefile.frag) = 558869b60f8ed6674a3ba1d595a65f010df4c426 | |
11 | SHA1 (patch-ext_phar_phar_phar.php) = f630e3946b21b76d4fe857a43e00e25c9445f2c8 | 11 | SHA1 (patch-ext_phar_phar_phar.php) = f630e3946b21b76d4fe857a43e00e25c9445f2c8 | |
12 | SHA1 (patch-ext_recode_recode.c) = 639bf762302c7a30c88d3f3fa862494e0f847bdb | 12 | SHA1 (patch-ext_recode_recode.c) = 639bf762302c7a30c88d3f3fa862494e0f847bdb | |
13 | SHA1 (patch-ext_xsl_php__xsl.h) = a9877bff7bacc77926a4541a0ac171c00ad1a627 | 13 | SHA1 (patch-ext_xsl_php__xsl.h) = a9877bff7bacc77926a4541a0ac171c00ad1a627 | |
14 | SHA1 (patch-php.ini-development) = dd65962000ec06439fae3c9bf252fa46be4e33fd | 14 | SHA1 (patch-php.ini-development) = dd65962000ec06439fae3c9bf252fa46be4e33fd | |
15 | SHA1 (patch-php.ini-production) = ae61dffedf574b688fe576b0b2af748b7a28cd89 | 15 | SHA1 (patch-php.ini-production) = ae61dffedf574b688fe576b0b2af748b7a28cd89 | |
16 | SHA1 (patch-run-tests.php) = 86c4d3f03eb8e31b5a35820f426533c9478571fb | 16 | SHA1 (patch-run-tests.php) = 86c4d3f03eb8e31b5a35820f426533c9478571fb | |
17 | SHA1 (patch-sapi_cgi_Makefile.frag) = 18769900f588ff81cc34474542afa1d65c070e65 | 17 | SHA1 (patch-sapi_cgi_Makefile.frag) = 18769900f588ff81cc34474542afa1d65c070e65 | |
18 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | 18 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | |
19 | SHA1 (patch-sapi_fpm_fpm_events_port.c) = b82b7caffffde1343190fae430a68eb411b5cf8a | 19 | SHA1 (patch-sapi_fpm_fpm_events_port.c) = b82b7caffffde1343190fae430a68eb411b5cf8a |