Pullup ticket #6787 - requested by taca lang/php82: security fix Revisions pulled up: - lang/php/phpversion.mk 1.402,1.405 - lang/php82/distinfo 1.9-1.11 - lang/php82/patches/patch-build_libtool.m4 deleted - lang/php82/patches/patch-configure 1.9 --- Module Name: pkgsrc Committed By: taca Date: Fri Jul 7 12:49:17 UTC 2023 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php82: distinfo pkgsrc/lang/php82/patches: patch-configure Log Message: lang/php82: update to 8.2.8 PHP 8.2.8 (2023-07-06) - CLI: . Fixed bug GH-11246 (cli/get_set_process_title fails on MacOS). (James Lucas) - Core: . Fixed build for the riscv64 architecture/GCC 12. (Daniil Gentili) - Curl: . Fixed bug GH-11433 (Unable to set CURLOPT_ACCEPT_ENCODING to NULL). (nielsdos) - Date: . Fixed bug GH-11455 (Segmentation fault with custom object date properties). (nielsdos) - DOM: . Fixed bugs GH-11288 and GH-11289 and GH-11290 and GH-9142 (DOMExceptions and segfaults with replaceWith). (nielsdos) . Fixed bug GH-10234 (Setting DOMAttr::textContent results in an empty attribute value). (nielsdos) . Fix return value in stub file for DOMNodeList::item. (divinity76) . Fix spec compliance error with '*' namespace for DOMDocument::getElementsByTagNameNS. (nielsdos) . Fix DOMElement::append() and DOMElement::prepend() hierarchy checks. (nielsdos) . Fixed bug GH-11347 (Memory leak when calling a static method inside an xpath query). (nielsdos) . Fixed bug #67440 (append_node of a DOMDocumentFragment does not reconcile namespaces). (nielsdos) . Fixed bug #81642 (DOMChildNode::replaceWith() bug when replacing a node with itself). (nielsdos) . Fixed bug #77686 (Removed elements are still returned by getElementById). (nielsdos) . Fixed bug #70359 (print_r() on DOMAttr causes Segfault in php_libxml_node_free_list()). (nielsdos) . Fixed bug #78577 (Crash in DOMNameSpace debug info handlers). (nielsdos) . Fix lifetime issue with getAttributeNodeNS(). (nielsdos) . Fix "invalid state error" with cloned namespace declarations. (nielsdos) . Fixed bug #55294 and #47530 and #47847 (various namespace reconciliation issues). (nielsdos) . Fixed bug #80332 (Completely broken array access functionality with DOMNamedNodeMap). (nielsdos) - Opcache: . Fix allocation loop in zend_shared_alloc_startup(). (nielsdos) . Access violation on smm_shared_globals with ALLOC_FALLBACK. (KoudelkaB) . Fixed bug GH-11336 (php still tries to unlock the shared memory ZendSem with opcache.file_cache_only=1 but it was never locked). (nielsdos) - OpenSSL: . Fixed bug GH-9356 Incomplete validation of IPv6 Address fields in subjectAltNames (James Lucas, Jakub Zelenka). - PCRE: . Fix preg_replace_callback_array() pattern validation. (ilutov) - PGSQL: . Fixed intermittent segfault with pg_trace. (David Carlier) - Phar: . Fix cross-compilation check in phar generation for FreeBSD. (peter279k) - SPL: . Fixed bug GH-11338 (SplFileInfo empty getBasename with more than one slash). (nielsdos) - Standard: . Fix access on NULL pointer in array_merge_recursive(). (ilutov) . Fix exception handling in array_multisort(). (ilutov) - SQLite3: . Fixed bug GH-11451 (Invalid associative array containing duplicate keys). (nielsdos) --- Module Name: pkgsrc Committed By: taca Date: Sat Aug 5 08:45:39 UTC 2023 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php82: distinfo Removed Files: pkgsrc/lang/php82/patches: patch-build_libtool.m4 Log Message: lang/php82: update to 8.2.9 03 Aug 2023, PHP 8.2.9 - Build: . Fixed bug GH-11522 (PHP version check fails with '-' separator). (SVGAnimate) - CLI: . Fix interrupted CLI output causing the process to exit. (nielsdos) - Core: . Fixed oss-fuzz #60011 (Mis-compilation of by-reference nullsafe operator). (ilutov) . Fixed line number of JMP instruction over else block. (ilutov) . Fixed use-of-uninitialized-value with ??= on assert. (ilutov) . Fixed oss-fuzz #60411 (Fix double-compilation of arrow-functions). (ilutov) . Fixed build for FreeBSD before the 11.0 releases. (David Carlier) - Curl: . Fix crash when an invalid callback function is passed to CURLMOPT_PUSHFUNCTION. (nielsdos) - Date: . Fixed bug GH-11368 (Date modify returns invalid datetime). (Derick) . Fixed bug GH-11600 (Can't parse time strings which include (narrow) non-breaking space characters). (Derick) - DOM: . Fixed bug GH-11625 (DOMElement::replaceWith() doesn't replace node with DOMDocumentFragment but just deletes node or causes wrapping <></> depending on libxml2 version). (nielsdos) - Fileinfo: . Fixed bug GH-11298 (finfo returns wrong mime type for xz files). (Anatol) - FTP: . Fix context option check for "overwrite". (JonasQuinten) . Fixed bug GH-10562 (Memory leak and invalid state with consecutive ftp_nb_fget). (nielsdos) - GD: . Fix most of the external libgd test failures. (Michael Orlitzky) - Intl: . Fix memory leak in MessageFormatter::format() on failure. (Girgias) - Libxml: . Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading in XML without enabling it). (CVE-2023-3823) (nielsdos, ilutov) - MBString: . Fix GH-11300 (license issue: restricted unicode license headers). (nielsdos) - Opcache: . Fixed bug GH-10914 (OPCache with Enum and Callback functions results in segmentation fault). (nielsdos) . Prevent potential deadlock if accelerated globals cannot be allocated. (nielsdos) - PCNTL: . Fixed bug GH-11498 (SIGCHLD is not always returned from proc_open). (nielsdos) - PDO: . Fix GH-11587 (After php8.1, when PDO::ATTR_EMULATE_PREPARES is true and PDO::ATTR_STRINGIFY_FETCHES is true, decimal zeros are no longer filled). (SakiTakamachi) - PDO SQLite: . Fix GH-11492 (Make test failure: ext/pdo_sqlite/tests/bug_42589.phpt). (KapitanOczywisty, CViniciusSDias) - Phar: . Add missing check on EVP_VerifyUpdate() in phar util. (nielsdos) . Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read()). (CVE-2023-3824) (nielsdos) - PHPDBG: . Fixed bug GH-9669 (phpdbg -h options doesn't list the -z option). (adsr) - Session: . Removed broken url support for transferring session ID. (ilutov) - Standard: . Fix serialization of RC1 objects appearing in object graph twice. (ilutov) - Streams: . Fixed bug GH-11735 (Use-after-free when unregistering user stream wrapper from itself). (ilutov) - SQLite3: . Fix replaced error handling in SQLite3Stmt::__construct. (nielsdos) - XMLReader: . Fix GH-11548 (Argument corruption when calling XMLReader::open or XMLReader::XML non-statically with observer active). (Bob) --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 6 04:05:06 UTC 2023 Modified Files: pkgsrc/lang/php82: distinfo Log Message: lang/php82: fix distinfo Fix distinfo. Maybe, I fetched pre-install version. No DIST_SUBDIR update with expecting no one fetched pre-official distinfo file.diff -r1.401.2.2 -r1.401.2.3 pkgsrc/lang/php/phpversion.mk
(bsiegert)
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: phpversion.mk,v 1.401.2.2 2023/08/15 18:42:53 bsiegert Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.401.2.3 2023/08/15 18:52:58 bsiegert Exp $ | |
2 | # | 2 | # | |
3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
5 | # package. | 5 | # package. | |
6 | # | 6 | # | |
7 | # === User-settable variables === | 7 | # === User-settable variables === | |
8 | # | 8 | # | |
9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
11 | # the package. | 11 | # the package. | |
12 | # | 12 | # | |
13 | # Possible: 56 74 80 81 82 | 13 | # Possible: 56 74 80 81 82 | |
14 | # Default: 74 | 14 | # Default: 74 | |
@@ -81,27 +81,27 @@ | @@ -81,27 +81,27 @@ | |||
81 | # Example: lib/php/20181200 | 81 | # Example: lib/php/20181200 | |
82 | # | 82 | # | |
83 | # Keywords: php | 83 | # Keywords: php | |
84 | # | 84 | # | |
85 | 85 | |||
86 | .if !defined(PHPVERSION_MK) | 86 | .if !defined(PHPVERSION_MK) | |
87 | PHPVERSION_MK= defined | 87 | PHPVERSION_MK= defined | |
88 | 88 | |||
89 | # Define each PHP's version. | 89 | # Define each PHP's version. | |
90 | PHP56_VERSION= 5.6.40 | 90 | PHP56_VERSION= 5.6.40 | |
91 | PHP74_VERSION= 7.4.33 | 91 | PHP74_VERSION= 7.4.33 | |
92 | PHP80_VERSION= 8.0.30 | 92 | PHP80_VERSION= 8.0.30 | |
93 | PHP81_VERSION= 8.1.22 | 93 | PHP81_VERSION= 8.1.22 | |
94 | PHP82_VERSION= 8.2.7 | 94 | PHP82_VERSION= 8.2.9 | |
95 | 95 | |||
96 | # Define API version or initial release of major version. | 96 | # Define API version or initial release of major version. | |
97 | PHP56_RELDATE= 20140828 | 97 | PHP56_RELDATE= 20140828 | |
98 | PHP74_RELDATE= 20191128 | 98 | PHP74_RELDATE= 20191128 | |
99 | PHP80_RELDATE= 20201124 | 99 | PHP80_RELDATE= 20201124 | |
100 | PHP81_RELDATE= 20211125 | 100 | PHP81_RELDATE= 20211125 | |
101 | PHP82_RELDATE= 20220829 | 101 | PHP82_RELDATE= 20220829 | |
102 | 102 | |||
103 | _VARGROUPS+= php | 103 | _VARGROUPS+= php | |
104 | _USER_VARS.php= PHP_VERSION_DEFAULT | 104 | _USER_VARS.php= PHP_VERSION_DEFAULT | |
105 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | 105 | _PKG_VARS.php= PHP_VERSIONS_ACCEPTED PHP_VERSION_REQD | |
106 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | 106 | _SYS_VARS.php= PKG_PHP_VERSION PKG_PHP PHPPKGSRCDIR PHP_PKG_PREFIX \ | |
107 | PKG_PHP_MAJOR_VERS | 107 | PKG_PHP_MAJOR_VERS |
@@ -1,18 +1,17 @@ | @@ -1,18 +1,17 @@ | |||
1 | $NetBSD: distinfo,v 1.8 2023/06/09 13:16:03 taca Exp $ | 1 | $NetBSD: distinfo,v 1.8.2.1 2023/08/15 18:52:58 bsiegert Exp $ | |
2 | 2 | |||
3 | BLAKE2s (php-8.2.7.tar.xz) = e31531a7856586707df35d8d997b8cca8179b54fd42d8bfad71e35f06e52ac6f | 3 | BLAKE2s (php-8.2.9.tar.xz) = 7156a5143373e5fc257676e8494c2a6da346b0189360831acffcd268a19471da | |
4 | SHA512 (php-8.2.7.tar.xz) = 8533c0d7b6b0cbca8d01238342edebe1f123b093ab8f3cf5efab40b133989c3288214176b9e2a213b260b07b6bf140711f9b9580c2515a093f586bedc81d8a44 | 4 | SHA512 (php-8.2.9.tar.xz) = 26c53dc737d6144cc0a3ce9134f92f59eb29f62c44b7d6159b92a25bdb0fa80239d7f6b6b663adfe444e57e98b202381df9b35532f40168ea093ac56d4bced19 | |
5 | Size (php-8.2.7.tar.xz) = 12016940 bytes | 5 | Size (php-8.2.9.tar.xz) = 12035468 bytes | |
6 | SHA1 (patch-build_libtool.m4) = e58a2bcebe9e9d7dc7255354fd9fe57878e3f8a6 | 6 | SHA1 (patch-configure) = 614c907a17adb6d8145e2d6c8ab25d2e4ff8bace | |
7 | SHA1 (patch-configure) = 9e41843c0ba0420eba8974c6a5a78de314e5c988 | |||
8 | SHA1 (patch-ext_enchant_enchant.c) = 7d999de1b2fde2ea11e4a6e16e7b59c085924b9b | 7 | SHA1 (patch-ext_enchant_enchant.c) = 7d999de1b2fde2ea11e4a6e16e7b59c085924b9b | |
9 | SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd | 8 | SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd | |
10 | SHA1 (patch-ext_standard_php__fopen__wrapper.c) = 0a2c19c18f089448a8d842e99738b292ab9e5640 | 9 | SHA1 (patch-ext_standard_php__fopen__wrapper.c) = 0a2c19c18f089448a8d842e99738b292ab9e5640 | |
11 | SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 | 10 | SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 | |
12 | SHA1 (patch-ext_xsl_php__xsl.h) = cf930c5d6d9dab29b12558d265c67d3534a006fd | 11 | SHA1 (patch-ext_xsl_php__xsl.h) = cf930c5d6d9dab29b12558d265c67d3534a006fd | |
13 | SHA1 (patch-main_streams_streams.c) = d699ce7d3a300ffb39494b3f1fa5e0958f714483 | 12 | SHA1 (patch-main_streams_streams.c) = d699ce7d3a300ffb39494b3f1fa5e0958f714483 | |
14 | SHA1 (patch-php.ini-development) = 373d76cc7a022b578f1d5e296d1f0ac88bc26b72 | 13 | SHA1 (patch-php.ini-development) = 373d76cc7a022b578f1d5e296d1f0ac88bc26b72 | |
15 | SHA1 (patch-php.ini-production) = 5ab7fa6bf8403907160b0a62b56c1ee527f8eda6 | 14 | SHA1 (patch-php.ini-production) = 5ab7fa6bf8403907160b0a62b56c1ee527f8eda6 | |
16 | SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 | 15 | SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 | |
17 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | 16 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | |
18 | SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0 | 17 | SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0 |
@@ -1,59 +1,59 @@ | @@ -1,59 +1,59 @@ | |||
1 | $NetBSD: patch-configure,v 1.8 2023/06/09 13:16:03 taca Exp $ | 1 | $NetBSD: patch-configure,v 1.8.2.1 2023/08/15 18:52:58 bsiegert Exp $ | |
2 | 2 | |||
3 | * Do not include "PKG_CONFIG*" in CONFIGURE_OPTIONS. | 3 | * Do not include "PKG_CONFIG*" in CONFIGURE_OPTIONS. | |
4 | * Don't autodetect maintainer-zts. | 4 | * Don't autodetect maintainer-zts. | |
5 | * Shell portability. | 5 | * Shell portability. | |
6 | 6 | |||
7 | --- configure.orig 2023-06-06 21:28:56.000000000 +0000 | 7 | --- configure.orig 2023-05-09 06:25:31.000000000 +0000 | |
8 | +++ configure | 8 | +++ configure | |
9 | @@ -3732,6 +3732,10 @@ EOF | 9 | @@ -4323,6 +4323,10 @@ EOF | |
10 | else | 10 | else | |
11 | break | 11 | break | |
12 | fi | 12 | fi | |
13 | + case "$CURRENT_ARG" in | 13 | + case "$CURRENT_ARG" in | |
14 | + \'PKG_CONFIG\=*) CURRENT_ARG="'PKG_CONFIG=@TOOLS_PATH.pkg-config@'";; | 14 | + \'PKG_CONFIG\=*) CURRENT_ARG="'PKG_CONFIG=@TOOLS_PATH.pkg-config@'";; | |
15 | + \'PKG_CONFIG_LIBDIR\=*) CURRENT_ARG="'PKG_CONFIG_LIBDIR=@PHP_PKGCONFIG_PATH@'";; | 15 | + \'PKG_CONFIG_LIBDIR\=*) CURRENT_ARG="'PKG_CONFIG_LIBDIR=@PHP_PKGCONFIG_PATH@'";; | |
16 | + esac | 16 | + esac | |
17 | $as_echo "$CURRENT_ARG \\" >>config.nice | 17 | printf "%s\n" "$CURRENT_ARG \\" >>config.nice | |
18 | CONFIGURE_OPTIONS="$CONFIGURE_OPTIONS $CURRENT_ARG" | 18 | CONFIGURE_OPTIONS="$CONFIGURE_OPTIONS $CURRENT_ARG" | |
19 | done | 19 | done | |
20 | @@ -7022,30 +7026,6 @@ EOF | 20 | @@ -7553,30 +7557,6 @@ EOF | |
21 | ;; | 21 | ;; | |
22 | esac | 22 | esac | |
23 | 23 | |||
24 | - if test "$APACHE_VERSION" -lt 2004001; then | 24 | - if test "$APACHE_VERSION" -lt 2004001; then | |
25 | - APXS_MPM=`$APXS -q MPM_NAME` | 25 | - APXS_MPM=`$APXS -q MPM_NAME` | |
26 | - if test "$APXS_MPM" != "prefork" && test "$APXS_MPM" != "peruser" && test "$APXS_MPM" != "itk"; then | 26 | - if test "$APXS_MPM" != "prefork" && test "$APXS_MPM" != "peruser" && test "$APXS_MPM" != "itk"; then | |
27 | - | 27 | - | |
28 | - enable_zts=yes | 28 | - enable_zts=yes | |
29 | - if test "$pthreads_working" != "yes"; then | 29 | - if test "$pthreads_working" != "yes"; then | |
30 | - as_fn_error $? "ZTS currently requires working POSIX threads. We were unable to verify that your system supports Pthreads." "$LINENO" 5 | 30 | - as_fn_error $? "ZTS currently requires working POSIX threads. We were unable to verify that your system supports Pthreads." "$LINENO" 5 | |
31 | - fi | 31 | - fi | |
32 | - | 32 | - | |
33 | - fi | 33 | - fi | |
34 | - else | 34 | - else | |
35 | - APACHE_THREADED_MPM=`$APXS_HTTPD -V 2>/dev/null | grep 'threaded:.*yes'` | 35 | - APACHE_THREADED_MPM=`$APXS_HTTPD -V 2>/dev/null | grep 'threaded:.*yes'` | |
36 | - if test -n "$APACHE_THREADED_MPM"; then | 36 | - if test -n "$APACHE_THREADED_MPM"; then | |
37 | - | 37 | - | |
38 | - enable_zts=yes | 38 | - enable_zts=yes | |
39 | - if test "$pthreads_working" != "yes"; then | 39 | - if test "$pthreads_working" != "yes"; then | |
40 | - as_fn_error $? "ZTS currently requires working POSIX threads. We were unable to verify that your system supports Pthreads." "$LINENO" 5 | 40 | - as_fn_error $? "ZTS currently requires working POSIX threads. We were unable to verify that your system supports Pthreads." "$LINENO" 5 | |
41 | - fi | 41 | - fi | |
42 | - | 42 | - | |
43 | - fi | 43 | - fi | |
44 | - fi | 44 | - fi | |
45 | - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 | 45 | - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 | |
46 | -$as_echo "yes" >&6; } | 46 | -printf "%s\n" "yes" >&6; } | |
47 | - | 47 | - | |
48 | PHP_VAR_SUBST="$PHP_VAR_SUBST APXS" | 48 | PHP_VAR_SUBST="$PHP_VAR_SUBST APXS" | |
49 | 49 | |||
50 | else | 50 | else | |
51 | @@ -78373,7 +78353,7 @@ $as_echo "#define HAVE_TIDYBUFFIO_H 1" > | 51 | @@ -81017,7 +80997,7 @@ printf "%s\n" "#define HAVE_TIDYBUFFIO_H | |
52 | fi | 52 | fi | |
53 | 53 | |||
54 | TIDY_LIBDIR=$TIDY_DIR/$PHP_LIBDIR | 54 | TIDY_LIBDIR=$TIDY_DIR/$PHP_LIBDIR | |
55 | - if test "$TIDY_LIB_NAME" == 'tidyp'; then | 55 | - if test "$TIDY_LIB_NAME" == 'tidyp'; then | |
56 | + if test "$TIDY_LIB_NAME" = 'tidyp'; then | 56 | + if test "$TIDY_LIB_NAME" = 'tidyp'; then | |
57 | 57 | |||
58 | $as_echo "#define HAVE_TIDYP_H 1" >>confdefs.h | 58 | printf "%s\n" "#define HAVE_TIDYP_H 1" >>confdefs.h | |
59 | 59 |