Pullup ticket #6298 - requested by taca lang/php73: security fix Revisions pulled up: - lang/php73/distinfo 1.24-1.25 --- Module Name: pkgsrc Committed By: taca Date: Sat Jul 11 03:59:46 UTC 2020 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php73: distinfo Log Message: lang/php73: update to 7.3.20 Update php73 to 7.3.20. 09 Jul 2020, PHP 7.3.20 - Core: . Fixed bug #79650 (php-win.exe 100% cpu lockup). (cmb) . Fixed bug #79668 (get_defined_functions(true) may miss functions). = (cmb, Nikita) . Fixed possibly unsupported timercmp() usage. (cmb) - Exif: . Fixed bug #79687 (Sony picture - PHP Warning - Make, Model, MakerNo= tes). (cmb) - Filter: . Fixed bug #73527 (Invalid memory access in php_filter_strip). (cmb)= - GD: . Fixed bug #79676 (imagescale adds black border with IMG_BICUBIC). (= cmb) - OpenSSL: . Fixed bug #62890 (default_socket_timeout=3D-1 causes connection to = timeout). (cmb) - PDO SQLite: . Fixed bug #79664 (PDOStatement::getColumnMeta fails on empty result= set). (cmb) - SPL: . Fixed bug #79710 (Reproducible segfault in error_handler during GC involved an SplFileObject). (Nikita) - Standard: . Fixed bug #74267 (segfault with streams and invalid data). (cmb) . Fixed bug #79579 (ZTS build of PHP 7.3.17 doesn't handle ERANGE for= posix_getgrgid and others). (B=F6sz=F6rm=E9nyi Zolt=E1n) 09 Jul 2020, PHP 7.3.20 - Core: . Fixed bug #79650 (php-win.exe 100% cpu lockup). (cmb) . Fixed bug #79668 (get_defined_functions(true) may miss functions). = (cmb, Nikita) . Fixed possibly unsupported timercmp() usage. (cmb) - Exif: . Fixed bug #79687 (Sony picture - PHP Warning - Make, Model, MakerNo= tes). (cmb) - Filter: . Fixed bug #73527 (Invalid memory access in php_filter_strip). (cmb)= - GD: . Fixed bug #79676 (imagescale adds black border with IMG_BICUBIC). (= cmb) - OpenSSL: . Fixed bug #62890 (default_socket_timeout=3D-1 causes connection to = timeout). (cmb) - PDO SQLite: . Fixed bug #79664 (PDOStatement::getColumnMeta fails on empty result= set). (cmb) - SPL: . Fixed bug #79710 (Reproducible segfault in error_handler during GC involved an SplFileObject). (Nikita) - Standard: . Fixed bug #74267 (segfault with streams and invalid data). (cmb) . Fixed bug #79579 (ZTS build of PHP 7.3.17 doesn't handle ERANGE for= posix_getgrgid and others). (B=F6sz=F6rm=E9nyi Zolt=E1n) --- Module Name: pkgsrc Committed By: taca Date: Sat Aug 8 13:30:07 UTC 2020 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php73: distinfo Log Message: lang/php73: update to 7.3.21 Update php73 to 7.3.21 (PHP 7.3.21). 06 Aug 2020, PHP 7.3.21 - Apache: . Fixed bug #79030 (Upgrade apache2handler's php_apache_sapi_get_requ= est_time to return usec). (Herbert256) - Core: . Fixed bug #79877 (getimagesize function silently truncates after a = null byte) (cmb) . Fixed bug #79778 (Assertion failure if dumping closure with unresol= ved static variable). (Nikita) . Fixed bug #79792 (HT iterators not removed if empty array is destro= yed). (Nikita) - COM: . Fixed bug #63208 (BSTR to PHP string conversion not binary safe). (= cmb) . Fixed bug #63527 (DCOM does not work with Username, Password parame= ter). (cmb) - Curl: . Fixed bug #79741 (curl_setopt CURLOPT_POSTFIELDS asserts on object = with declared properties). (Nikita) - Fileinfo: . Fixed bug #79756 (finfo_file crash (FILEINFO_MIME)). (cmb) - FTP: . Fixed bug #55857 (ftp_size on large files). (cmb) - Mbstring: . Fixed bug #79787 (mb_strimwidth does not trim string). (XXiang) - Phar: . Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile function). (CVE-2020-7068) (cmb) - Standard: . Fixed bug #70362 (Can't copy() large 'data://' with open_basedir). = (cmb) . Fixed bug #79817 (str_replace() does not handle INDIRECT elements).= (Nikita) . Fixed bug #78008 (dns_check_record() always return true on Alpine).= (Andy Postnikov)diff -r1.300 -r1.300.2.1 pkgsrc/lang/php/phpversion.mk
(bsiegert)
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: phpversion.mk,v 1.300 2020/06/14 05:59:17 taca Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.300.2.1 2020/08/14 19:33:28 bsiegert Exp $ | |
2 | # | 2 | # | |
3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
5 | # package. | 5 | # package. | |
6 | # | 6 | # | |
7 | # === User-settable variables === | 7 | # === User-settable variables === | |
8 | # | 8 | # | |
9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
11 | # the package. | 11 | # the package. | |
12 | # | 12 | # | |
13 | # Possible: 56 72 73 74 | 13 | # Possible: 56 72 73 74 | |
14 | # Default: 73 | 14 | # Default: 73 | |
@@ -79,27 +79,27 @@ | @@ -79,27 +79,27 @@ | |||
79 | # initial release of major version. | 79 | # initial release of major version. | |
80 | # | 80 | # | |
81 | # Example: lib/php/20181200 | 81 | # Example: lib/php/20181200 | |
82 | # | 82 | # | |
83 | # Keywords: php | 83 | # Keywords: php | |
84 | # | 84 | # | |
85 | 85 | |||
86 | .if !defined(PHPVERSION_MK) | 86 | .if !defined(PHPVERSION_MK) | |
87 | PHPVERSION_MK= defined | 87 | PHPVERSION_MK= defined | |
88 | 88 | |||
89 | # Define each PHP's version. | 89 | # Define each PHP's version. | |
90 | PHP56_VERSION= 5.6.40 | 90 | PHP56_VERSION= 5.6.40 | |
91 | PHP72_VERSION= 7.2.31 | 91 | PHP72_VERSION= 7.2.31 | |
92 | PHP73_VERSION= 7.3.19 | 92 | PHP73_VERSION= 7.3.21 | |
93 | PHP74_VERSION= 7.4.7 | 93 | PHP74_VERSION= 7.4.7 | |
94 | 94 | |||
95 | # Define initial release of major version. | 95 | # Define initial release of major version. | |
96 | PHP56_RELDATE= 20140828 | 96 | PHP56_RELDATE= 20140828 | |
97 | PHP72_RELDATE= 20170718 | 97 | PHP72_RELDATE= 20170718 | |
98 | PHP73_RELDATE= 20181200 | 98 | PHP73_RELDATE= 20181200 | |
99 | PHP74_RELDATE= 20191128 | 99 | PHP74_RELDATE= 20191128 | |
100 | 100 | |||
101 | _VARGROUPS+= php | 101 | _VARGROUPS+= php | |
102 | _USER_VARS.php= PHP_VERSION_DEFAULT | 102 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
103 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 103 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
104 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 104 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
105 | PKG_PHP_MAJOR_VERS | 105 | PKG_PHP_MAJOR_VERS |
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | $NetBSD: distinfo,v 1.23 2020/06/14 05:56:51 taca Exp $ | 1 | $NetBSD: distinfo,v 1.23.2.1 2020/08/14 19:33:28 bsiegert Exp $ | |
2 | 2 | |||
3 | SHA1 (php-7.3.19.tar.xz) = 69da646afaf60af9d035a4f94d25a2b26216f887 | 3 | SHA1 (php-7.3.21.tar.xz) = 00fe0041c180f4f3185a4e4ade7f07207eda94e7 | |
4 | RMD160 (php-7.3.19.tar.xz) = aa4a349f4595a78466800f8287e45a7c2284a41f | 4 | RMD160 (php-7.3.21.tar.xz) = 7f6fc55ccf3e35ab8dd238b217d1b7d5d12cdf8c | |
5 | SHA512 (php-7.3.19.tar.xz) = f37800d9e1bf808ad1099f6190965cc75781e7bf6d2c341a7143aca435abc9974a2987cbfeb8c2b35805c946218343612906fde3cc84b195c2c586945869b760 | 5 | SHA512 (php-7.3.21.tar.xz) = fc2b9a40c92a6e79522a49cd025e56c0a52c2c2bd3f7379aaf004ca6b67957cf4ad059c40a5daac45665710abd07962562870430338f700f573856d797df3ff4 | |
6 | Size (php-7.3.19.tar.xz) = 12117968 bytes | 6 | Size (php-7.3.21.tar.xz) = 12123192 bytes | |
7 | SHA1 (patch-configure) = 08b80528ba90c705398e8841c232382663479a3b | 7 | SHA1 (patch-configure) = 08b80528ba90c705398e8841c232382663479a3b | |
8 | SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 | 8 | SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 | |
9 | SHA1 (patch-ext_gd_config.m4) = eaecfb31b18700dd642c067ed82748d4f6be2335 | 9 | SHA1 (patch-ext_gd_config.m4) = eaecfb31b18700dd642c067ed82748d4f6be2335 | |
10 | SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd | 10 | SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd | |
11 | SHA1 (patch-ext_recode_recode.c) = 639bf762302c7a30c88d3f3fa862494e0f847bdb | 11 | SHA1 (patch-ext_recode_recode.c) = 639bf762302c7a30c88d3f3fa862494e0f847bdb | |
12 | SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 | 12 | SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 | |
13 | SHA1 (patch-ext_xsl_php__xsl.h) = a9877bff7bacc77926a4541a0ac171c00ad1a627 | 13 | SHA1 (patch-ext_xsl_php__xsl.h) = a9877bff7bacc77926a4541a0ac171c00ad1a627 | |
14 | SHA1 (patch-php.ini-development) = e6815f2774ba071baa510fd5490fb5fa377d2462 | 14 | SHA1 (patch-php.ini-development) = e6815f2774ba071baa510fd5490fb5fa377d2462 | |
15 | SHA1 (patch-php.ini-production) = 3ee4d2e2e4fb4dbcb5b64df86751f7feeef0e20d | 15 | SHA1 (patch-php.ini-production) = 3ee4d2e2e4fb4dbcb5b64df86751f7feeef0e20d | |
16 | SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 | 16 | SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 | |
17 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | 17 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | |
18 | SHA1 (patch-sapi_fpm_fpm_events_port.c) = b82b7caffffde1343190fae430a68eb411b5cf8a | 18 | SHA1 (patch-sapi_fpm_fpm_events_port.c) = b82b7caffffde1343190fae430a68eb411b5cf8a | |
19 | SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0 | 19 | SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0 |