Pullup ticket #6700 - requested by taca
lang/php80: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.379
- lang/php80/distinfo 1.26
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Oct 30 10:18:35 UTC 2022
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php80: distinfo
Log Message:
lang/php80: update to 8.0.25
8.0.25 (2022-10-27)
- GD:
. Fixed bug #81739: OOB read due to insufficient input validation in
imageloadfont(). (CVE-2022-31630) (cmb)
- Hash:
. Fixed bug #81738: buffer overflow in hash_update() on long parameter.
(CVE-2022-37454) (nicky at mouha dot be)
- Session:
. Fixed bug GH-9583 (session_create_id() fails with user defined save handler
that doesn't have a validateId() method). (Girgias)
- Streams:
. Fixed bug GH-9590 (stream_select does not abort upon exception or empty
valid fd set). (Arnaud)
(bsiegert)
diff -r1.374.2.4 -r1.374.2.5 pkgsrc/lang/php/phpversion.mk| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: phpversion.mk,v 1.374.2.4 2022/11/05 19:15:09 bsiegert Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.374.2.5 2022/11/05 19:21:29 bsiegert Exp $ | |
| 2 | # | 2 | # | |
| 3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
| 4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
| 5 | # package. | 5 | # package. | |
| 6 | # | 6 | # | |
| 7 | # === User-settable variables === | 7 | # === User-settable variables === | |
| 8 | # | 8 | # | |
| 9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
| 10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
| 11 | # the package. | 11 | # the package. | |
| 12 | # | 12 | # | |
| 13 | # Possible: 56 74 80 81 | 13 | # Possible: 56 74 80 81 | |
| 14 | # Default: 74 | 14 | # Default: 74 | |
| @@ -79,27 +79,27 @@ | @@ -79,27 +79,27 @@ | |||
| 79 | # initial release of major version. | 79 | # initial release of major version. | |
| 80 | # | 80 | # | |
| 81 | # Example: lib/php/20181200 | 81 | # Example: lib/php/20181200 | |
| 82 | # | 82 | # | |
| 83 | # Keywords: php | 83 | # Keywords: php | |
| 84 | # | 84 | # | |
| 85 | 85 | |||
| 86 | .if !defined(PHPVERSION_MK) | 86 | .if !defined(PHPVERSION_MK) | |
| 87 | PHPVERSION_MK= defined | 87 | PHPVERSION_MK= defined | |
| 88 | 88 | |||
| 89 | # Define each PHP's version. | 89 | # Define each PHP's version. | |
| 90 | PHP56_VERSION= 5.6.40 | 90 | PHP56_VERSION= 5.6.40 | |
| 91 | PHP74_VERSION= 7.4.32 | 91 | PHP74_VERSION= 7.4.32 | |
| 92 | PHP80_VERSION= 8.0.24 | 92 | PHP80_VERSION= 8.0.25 | |
| 93 | PHP81_VERSION= 8.1.12 | 93 | PHP81_VERSION= 8.1.12 | |
| 94 | 94 | |||
| 95 | # Define initial release of major version. | 95 | # Define initial release of major version. | |
| 96 | PHP56_RELDATE= 20140828 | 96 | PHP56_RELDATE= 20140828 | |
| 97 | PHP74_RELDATE= 20191128 | 97 | PHP74_RELDATE= 20191128 | |
| 98 | PHP80_RELDATE= 20201124 | 98 | PHP80_RELDATE= 20201124 | |
| 99 | PHP81_RELDATE= 20211125 | 99 | PHP81_RELDATE= 20211125 | |
| 100 | 100 | |||
| 101 | _VARGROUPS+= php | 101 | _VARGROUPS+= php | |
| 102 | _USER_VARS.php= PHP_VERSION_DEFAULT | 102 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
| 103 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 103 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
| 104 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 104 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
| 105 | PKG_PHP_MAJOR_VERS | 105 | PKG_PHP_MAJOR_VERS |
| @@ -1,18 +1,18 @@ | @@ -1,18 +1,18 @@ | |||
| 1 | $NetBSD: distinfo,v 1.24.2.1 2022/10/03 14:45:52 bsiegert Exp $ | 1 | $NetBSD: distinfo,v 1.24.2.2 2022/11/05 19:21:29 bsiegert Exp $ | |
| 2 | 2 | |||
| 3 | BLAKE2s (php-8.0.24.tar.xz) = a9f2ca0e37bcc5d2de1d76f228b05535ee18ea2e2164b2df67db7f67e89f635a | 3 | BLAKE2s (php-8.0.25.tar.xz) = 48709affae5ad92c7d8d239a91400c3b784daa28bb71af45e5b4d1091046399c | |
| 4 | SHA512 (php-8.0.24.tar.xz) = f4922c03b613aae35005b6b39630c0de7c25929b7f4edd9c5062a747a747df065ae9b52c17c34433ecb801bc54fce2fa34ae46165deb527f0fe2c86e5da73400 | 4 | SHA512 (php-8.0.25.tar.xz) = 43bb0637e424e2a637e05f3faf0ca2c5309f2d9cc03def9fc9af9b756003ea6efe730b608c70177c3c1b9cb03cef31c27cd6507cca9d9f0fd854aadb5e51aee3 | |
| 5 | Size (php-8.0.24.tar.xz) = 10895332 bytes | 5 | Size (php-8.0.25.tar.xz) = 10802888 bytes | |
| 6 | SHA1 (patch-build_libtool.m4) = e58a2bcebe9e9d7dc7255354fd9fe57878e3f8a6 | 6 | SHA1 (patch-build_libtool.m4) = e58a2bcebe9e9d7dc7255354fd9fe57878e3f8a6 | |
| 7 | SHA1 (patch-configure) = 6c3d2537eb4d1c2ed05e8e1e411701d316c67d8b | 7 | SHA1 (patch-configure) = 6c3d2537eb4d1c2ed05e8e1e411701d316c67d8b | |
| 8 | SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 | 8 | SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 | |
| 9 | SHA1 (patch-ext_enchant_enchant.c) = 74e0ec62928c84998ea41863088203f2511911fd | 9 | SHA1 (patch-ext_enchant_enchant.c) = 74e0ec62928c84998ea41863088203f2511911fd | |
| 10 | SHA1 (patch-ext_openssl_openssl.c) = 6d83ad075866c90e17a8085fc7b562f33aea8583 | 10 | SHA1 (patch-ext_openssl_openssl.c) = 6d83ad075866c90e17a8085fc7b562f33aea8583 | |
| 11 | SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd | 11 | SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd | |
| 12 | SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 | 12 | SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 | |
| 13 | SHA1 (patch-ext_xsl_php__xsl.h) = cf930c5d6d9dab29b12558d265c67d3534a006fd | 13 | SHA1 (patch-ext_xsl_php__xsl.h) = cf930c5d6d9dab29b12558d265c67d3534a006fd | |
| 14 | SHA1 (patch-main_streams_streams.c) = e70cfc7f7ef096d9705c1f7dafd9e90d435d5150 | 14 | SHA1 (patch-main_streams_streams.c) = e70cfc7f7ef096d9705c1f7dafd9e90d435d5150 | |
| 15 | SHA1 (patch-php.ini-development) = e6815f2774ba071baa510fd5490fb5fa377d2462 | 15 | SHA1 (patch-php.ini-development) = e6815f2774ba071baa510fd5490fb5fa377d2462 | |
| 16 | SHA1 (patch-php.ini-production) = 3ee4d2e2e4fb4dbcb5b64df86751f7feeef0e20d | 16 | SHA1 (patch-php.ini-production) = 3ee4d2e2e4fb4dbcb5b64df86751f7feeef0e20d | |
| 17 | SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 | 17 | SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 | |
| 18 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | 18 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 |