Wed Oct 21 19:23:29 2020 UTC ()
Pullup ticket #6334 - requested by taca
lang/php74: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.310
- lang/php74/distinfo                                           1.13

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Oct  4 03:12:46 UTC 2020

   Modified Files:
   	pkgsrc/lang/php: phpversion.mk
   	pkgsrc/lang/php74: distinfo

   Log Message:
   lang/php74: update to 7.4.11

   Update php74 to 7.4.11.

   01 Oct 2020, PHP 7.4.11

   - Core:
     . Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-`
       cookies can be sent). (CVE-2020-7070) (Stas)
     . Fixed bug #79979 (passing value to by-ref param via CUFA crashes). (cmb,
       Nikita)
     . Fixed bug #80037 (Typed property must not be accessed before initialization
       when __get() declared). (Nikita)
     . Fixed bug #80048 (Bug #69100 has not been fixed for Windows). (cmb)
     . Fixed bug #80049 (Memleak when coercing integers to string via variadic
       argument). (Nikita)

   - Calendar:
     . Fixed bug #80007 (Potential type confusion in unixtojd() parameter parsing).
       (Andy Postnikov)

   - COM:
     . Fixed bug #64130 (COM obj parameters passed by reference are not updated).
       (cmb)

   - OPcache:
     . Fixed bug #80002 (calc free space for new interned string is wrong).
       (t-matsuno)
     . Fixed bug #80046 (FREE for SWITCH_STRING optimized away). (Nikita)
     . Fixed bug #79825 (opcache.file_cache causes SIGSEGV when custom opcode
       handlers changed). (SammyK)

   - OpenSSL:
     . Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12
       bytes IV). (CVE-2020-7069) (Jakub Zelenka)

   - PDO:
     . Fixed bug #80027 (Terrible performance using $query->fetch on queries with
       many bind parameters (Matteo)

   - Standard:
     . Fixed bug #79986 (str_ireplace bug with diacritics characters). (cmb)
     . Fixed bug #80077 (getmxrr test bug). (Rainer Jung)
     . Fixed bug #72941 (Modifying bucket->data by-ref has no effect any longer).
       (cmb)
     . Fixed bug #80067 (Omitting the port in bindto setting errors). (cmb)

   To generate a diff of this commit:
   cvs rdiff -u -r1.309 -r1.310 pkgsrc/lang/php/phpversion.mk
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/lang/php74/distinfo


(spz)
diff -r1.308.2.1 -r1.308.2.2 pkgsrc/lang/php/phpversion.mk
diff -r1.12 -r1.12.2.1 pkgsrc/lang/php74/distinfo
cvs diff -r1.308.2.1 -r1.308.2.2 pkgsrc/lang/php/phpversion.mk (expand / switch to unified diff)

--- pkgsrc/lang/php/phpversion.mk 2020/10/21 19:13:41 1.308.2.1
+++ pkgsrc/lang/php/phpversion.mk 2020/10/21 19:23:29 1.308.2.2
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: phpversion.mk,v 1.308.2.1 2020/10/21 19:13:41 spz Exp $ 1# $NetBSD: phpversion.mk,v 1.308.2.2 2020/10/21 19:23:29 spz Exp $
2# 2#
3# This file selects a PHP version, based on the user's preferences and 3# This file selects a PHP version, based on the user's preferences and
4# the installed packages. It does not add a dependency on the PHP 4# the installed packages. It does not add a dependency on the PHP
5# package. 5# package.
6# 6#
7# === User-settable variables === 7# === User-settable variables ===
8# 8#
9# PHP_VERSION_DEFAULT 9# PHP_VERSION_DEFAULT
10# The PHP version to choose when more than one is acceptable to 10# The PHP version to choose when more than one is acceptable to
11# the package. 11# the package.
12# 12#
13# Possible: 56 72 73 74 13# Possible: 56 72 73 74
14# Default: 73 14# Default: 73
@@ -80,27 +80,27 @@ @@ -80,27 +80,27 @@
80# 80#
81# Example: lib/php/20181200 81# Example: lib/php/20181200
82# 82#
83# Keywords: php 83# Keywords: php
84# 84#
85 85
86.if !defined(PHPVERSION_MK) 86.if !defined(PHPVERSION_MK)
87PHPVERSION_MK= defined 87PHPVERSION_MK= defined
88 88
89# Define each PHP's version. 89# Define each PHP's version.
90PHP56_VERSION= 5.6.40 90PHP56_VERSION= 5.6.40
91PHP72_VERSION= 7.2.33 91PHP72_VERSION= 7.2.33
92PHP73_VERSION= 7.3.23 92PHP73_VERSION= 7.3.23
93PHP74_VERSION= 7.4.10 93PHP74_VERSION= 7.4.11
94 94
95# Define initial release of major version. 95# Define initial release of major version.
96PHP56_RELDATE= 20140828 96PHP56_RELDATE= 20140828
97PHP72_RELDATE= 20170718 97PHP72_RELDATE= 20170718
98PHP73_RELDATE= 20181200 98PHP73_RELDATE= 20181200
99PHP74_RELDATE= 20191128 99PHP74_RELDATE= 20191128
100 100
101_VARGROUPS+= php 101_VARGROUPS+= php
102_USER_VARS.php= PHP_VERSION_DEFAULT 102_USER_VARS.php= PHP_VERSION_DEFAULT
103_PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD 103_PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD
104_SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ 104_SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \
105 PKG_PHP_MAJOR_VERS 105 PKG_PHP_MAJOR_VERS
106 106
cvs diff -r1.12 -r1.12.2.1 pkgsrc/lang/php74/distinfo (expand / switch to unified diff)

--- pkgsrc/lang/php74/distinfo 2020/09/04 15:01:05 1.12
+++ pkgsrc/lang/php74/distinfo 2020/10/21 19:23:29 1.12.2.1
@@ -1,17 +1,17 @@ @@ -1,17 +1,17 @@
1$NetBSD: distinfo,v 1.12 2020/09/04 15:01:05 taca Exp $ 1$NetBSD: distinfo,v 1.12.2.1 2020/10/21 19:23:29 spz Exp $
2 2
3SHA1 (php-7.4.10.tar.xz) = d8c46de00a61eb7ef29e55e571bb6c525dd45f59 3SHA1 (php-7.4.11.tar.xz) = 79e7bed05b2878e1f25d6a59dae0ea075645ffde
4RMD160 (php-7.4.10.tar.xz) = e48f95addc513d9cdb515d4e6d0d4728281eec1f 4RMD160 (php-7.4.11.tar.xz) = 85f9886e0cc6837d70b386306bf12602b9cd9637
5SHA512 (php-7.4.10.tar.xz) = c7beb2d821f4e28b0444c8653c360d210a924e0638cc4b4ebc71bf2c22ef83caedfc880275329c3ffa644adc5858ccff59d35bf36255d57218774089d3376a21 5SHA512 (php-7.4.11.tar.xz) = 9bdd29a4a6c1ac55ed75d8fb2203ae5ef41992c518cb7e3b84cf74db62b03cfbe0ef4ea5614a684a37fcd2ae727376022ce49ed3ff32fc3a728e2f1e2474fb92
6Size (php-7.4.10.tar.xz) = 10298480 bytes 6Size (php-7.4.11.tar.xz) = 10302076 bytes
7SHA1 (patch-configure) = 5e9c9c06f6d819d5ba2832d648f41363f40f3108 7SHA1 (patch-configure) = 5e9c9c06f6d819d5ba2832d648f41363f40f3108
8SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 8SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640
9SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd 9SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd
10SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 10SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7
11SHA1 (patch-ext_xsl_php__xsl.h) = a9877bff7bacc77926a4541a0ac171c00ad1a627 11SHA1 (patch-ext_xsl_php__xsl.h) = a9877bff7bacc77926a4541a0ac171c00ad1a627
12SHA1 (patch-php.ini-development) = e6815f2774ba071baa510fd5490fb5fa377d2462 12SHA1 (patch-php.ini-development) = e6815f2774ba071baa510fd5490fb5fa377d2462
13SHA1 (patch-php.ini-production) = 3ee4d2e2e4fb4dbcb5b64df86751f7feeef0e20d 13SHA1 (patch-php.ini-production) = 3ee4d2e2e4fb4dbcb5b64df86751f7feeef0e20d
14SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 14SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8
15SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 15SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3
16SHA1 (patch-sapi_fpm_fpm_events_port.c) = b82b7caffffde1343190fae430a68eb411b5cf8a 16SHA1 (patch-sapi_fpm_fpm_events_port.c) = b82b7caffffde1343190fae430a68eb411b5cf8a
17SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0 17SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0