lang/php73: update to 7.3.13
Update php73 to 7.3.13, including security fixes.
19 Dec 2019, PHP 7.3.13
- Bcmath:
. Fixed bug #78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046).
(cmb)
- Core:
. Fixed bug #78862 (link() silently truncates after a null byte on Windows).
(CVE-2019-11044). (cmb)
. Fixed bug #78863 (DirectoryIterator class silently truncates after a null
byte). (CVE-2019-11045). (cmb)
. Fixed bug #78943 (mail() may release string with refcount==1 twice).
(CVE-2019-11049). (cmb)
. Fixed bug #78787 (Segfault with trait overriding inherited private shadow
property). (Nikita)
. Fixed bug #78868 (Calling __autoload() with incorrect EG(fake_scope) value).
(Antony Dovgal, Dmitry)
. Fixed bug #78296 (is_file fails to detect file). (cmb)
- EXIF:
. Fixed bug #78793 (Use-after-free in exif parsing under memory sanitizer).
(CVE-2019-11050). (Nikita)
. Fixed bug #78910 (Heap-buffer-overflow READ in exif). (CVE-2019-11047).
(Nikita)
- GD:
. Fixed bug #78849 (GD build broken with -D SIGNED_COMPARE_SLOW). (cmb)
- MBString:
. Upgraded bundled Oniguruma to 6.9.4. (cmb)
- OPcache:
. Fixed potential ASLR related invalid opline handler issues. (cmb)
. Fixed $x = (bool)$x; with opcache (should emit undeclared variable notice).
(Tyson Andre)
- PCRE:
. Fixed bug #78853 (preg_match() may return integer > 1). (cmb)
- Standard:
. Fixed bug #78759 (array_search in $GLOBALS). (Nikita)
. Fixed bug #77638 (var_export'ing certain class instances segfaults). (cmb)
. Fixed bug #78840 (imploding $GLOBALS crashes). (cmb)
. Fixed bug #78833 (Integer overflow in pack causes out-of-bound access).
(cmb)
. Fixed bug #78814 (strip_tags allows / in tag name => whitelist bypass).
(cmb)
(taca)
diff -r1.280 -r1.281 pkgsrc/lang/php/phpversion.mk| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: phpversion.mk,v 1.280 2019/12/16 16:13:11 taca Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.281 2019/12/21 06:59:20 taca Exp $ | |
| 2 | # | 2 | # | |
| 3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
| 4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
| 5 | # package. | 5 | # package. | |
| 6 | # | 6 | # | |
| 7 | # === User-settable variables === | 7 | # === User-settable variables === | |
| 8 | # | 8 | # | |
| 9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
| 10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
| 11 | # the package. | 11 | # the package. | |
| 12 | # | 12 | # | |
| 13 | # Possible: 56 72 73 74 | 13 | # Possible: 56 72 73 74 | |
| 14 | # Default: 73 | 14 | # Default: 73 | |
| @@ -79,27 +79,27 @@ | @@ -79,27 +79,27 @@ | |||
| 79 | # initial release of major version. | 79 | # initial release of major version. | |
| 80 | # | 80 | # | |
| 81 | # Example: lib/php/20181200 | 81 | # Example: lib/php/20181200 | |
| 82 | # | 82 | # | |
| 83 | # Keywords: php | 83 | # Keywords: php | |
| 84 | # | 84 | # | |
| 85 | 85 | |||
| 86 | .if !defined(PHPVERSION_MK) | 86 | .if !defined(PHPVERSION_MK) | |
| 87 | PHPVERSION_MK= defined | 87 | PHPVERSION_MK= defined | |
| 88 | 88 | |||
| 89 | # Define each PHP's version. | 89 | # Define each PHP's version. | |
| 90 | PHP56_VERSION= 5.6.40 | 90 | PHP56_VERSION= 5.6.40 | |
| 91 | PHP72_VERSION= 7.2.25 | 91 | PHP72_VERSION= 7.2.25 | |
| 92 | PHP73_VERSION= 7.3.12 | 92 | PHP73_VERSION= 7.3.13 | |
| 93 | PHP74_VERSION= 7.4.0 | 93 | PHP74_VERSION= 7.4.0 | |
| 94 | 94 | |||
| 95 | # Define initial release of major version. | 95 | # Define initial release of major version. | |
| 96 | PHP56_RELDATE= 20140828 | 96 | PHP56_RELDATE= 20140828 | |
| 97 | PHP72_RELDATE= 20170718 | 97 | PHP72_RELDATE= 20170718 | |
| 98 | PHP73_RELDATE= 20181200 | 98 | PHP73_RELDATE= 20181200 | |
| 99 | PHP74_RELDATE= 20191128 | 99 | PHP74_RELDATE= 20191128 | |
| 100 | 100 | |||
| 101 | _VARGROUPS+= php | 101 | _VARGROUPS+= php | |
| 102 | _USER_VARS.php= PHP_VERSION_DEFAULT | 102 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
| 103 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 103 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
| 104 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 104 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
| 105 | PKG_PHP_MAJOR_VERS | 105 | PKG_PHP_MAJOR_VERS |
| @@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
| 1 | $NetBSD: distinfo,v 1.16 2019/12/16 15:58:19 taca Exp $ | 1 | $NetBSD: distinfo,v 1.17 2019/12/21 06:59:20 taca Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (php-7.3.12.tar.xz) = eee16ac54b148c6826c9ff29a58a114be42f1eeb | 3 | SHA1 (php-7.3.13.tar.xz) = 3c4b349c698b3f515d0f6acc4a72955c4eb075df | |
| 4 | RMD160 (php-7.3.12.tar.xz) = 236a3aa08bf7a6e69c2ca61596df04e782e496ab | 4 | RMD160 (php-7.3.13.tar.xz) = 72bed7868a6f1144ebfb04434accd92fbdeaec29 | |
| 5 | SHA512 (php-7.3.12.tar.xz) = e3022da2c9c216793c9f44d530a7217f51fd1d99a3dfb203eecc4a149fd29ab31facccfc2fb67af8241c9a83d3543020fcfce403dfc12142b03fa7458d600be3 | 5 | SHA512 (php-7.3.13.tar.xz) = d0624b3b841fed49d9cea56b17e7c8c7abf8e6572832b6f86c98f48c23f86690c310b460eae27a6fcd41fbfbc2e8a4b56f6bfb0c738fa1db36ce3795454d7798 | |
| 6 | Size (php-7.3.12.tar.xz) = 12095212 bytes | 6 | Size (php-7.3.13.tar.xz) = 12102012 bytes | |
| 7 | SHA1 (patch-configure) = 08b80528ba90c705398e8841c232382663479a3b | 7 | SHA1 (patch-configure) = 08b80528ba90c705398e8841c232382663479a3b | |
| 8 | SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 | 8 | SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 | |
| 9 | SHA1 (patch-ext_gd_config.m4) = eaecfb31b18700dd642c067ed82748d4f6be2335 | 9 | SHA1 (patch-ext_gd_config.m4) = eaecfb31b18700dd642c067ed82748d4f6be2335 | |
| 10 | SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd | 10 | SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd | |
| 11 | SHA1 (patch-ext_recode_recode.c) = 639bf762302c7a30c88d3f3fa862494e0f847bdb | 11 | SHA1 (patch-ext_recode_recode.c) = 639bf762302c7a30c88d3f3fa862494e0f847bdb | |
| 12 | SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 | 12 | SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 | |
| 13 | SHA1 (patch-ext_xsl_php__xsl.h) = a9877bff7bacc77926a4541a0ac171c00ad1a627 | 13 | SHA1 (patch-ext_xsl_php__xsl.h) = a9877bff7bacc77926a4541a0ac171c00ad1a627 | |
| 14 | SHA1 (patch-php.ini-development) = e6815f2774ba071baa510fd5490fb5fa377d2462 | 14 | SHA1 (patch-php.ini-development) = e6815f2774ba071baa510fd5490fb5fa377d2462 | |
| 15 | SHA1 (patch-php.ini-production) = 3ee4d2e2e4fb4dbcb5b64df86751f7feeef0e20d | 15 | SHA1 (patch-php.ini-production) = 3ee4d2e2e4fb4dbcb5b64df86751f7feeef0e20d | |
| 16 | SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 | 16 | SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 | |
| 17 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | 17 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | |
| 18 | SHA1 (patch-sapi_fpm_fpm_events_port.c) = b82b7caffffde1343190fae430a68eb411b5cf8a | 18 | SHA1 (patch-sapi_fpm_fpm_events_port.c) = b82b7caffffde1343190fae430a68eb411b5cf8a | |
| 19 | SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0 | 19 | SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0 |