Pullup ticket #6849 - requested by taca
lang/php81: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.429
- lang/php81/distinfo 1.32
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Apr 13 02:53:35 UTC 2024
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php81: distinfo
Log Message:
lang/php81: update to 8.1.27
This release includes security fixes.
11 Apr 2024, PHP 8.1.28
- Standard:
. Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command
parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
. Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
. Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)
(bsiegert)
diff -r1.426.2.2 -r1.426.2.3 pkgsrc/lang/php/phpversion.mk| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: phpversion.mk,v 1.426.2.2 2024/04/22 12:49:08 bsiegert Exp $ | 1 | # $NetBSD: phpversion.mk,v 1.426.2.3 2024/04/22 12:56:30 bsiegert Exp $ | |
| 2 | # | 2 | # | |
| 3 | # This file selects a PHP version, based on the user's preferences and | 3 | # This file selects a PHP version, based on the user's preferences and | |
| 4 | # the installed packages. It does not add a dependency on the PHP | 4 | # the installed packages. It does not add a dependency on the PHP | |
| 5 | # package. | 5 | # package. | |
| 6 | # | 6 | # | |
| 7 | # === User-settable variables === | 7 | # === User-settable variables === | |
| 8 | # | 8 | # | |
| 9 | # PHP_VERSION_DEFAULT | 9 | # PHP_VERSION_DEFAULT | |
| 10 | # The PHP version to choose when more than one is acceptable to | 10 | # The PHP version to choose when more than one is acceptable to | |
| 11 | # the package. | 11 | # the package. | |
| 12 | # | 12 | # | |
| 13 | # Possible: 56 74 80 81 82 83 | 13 | # Possible: 56 74 80 81 82 83 | |
| 14 | # Default: 82 | 14 | # Default: 82 | |
| @@ -81,27 +81,27 @@ | @@ -81,27 +81,27 @@ | |||
| 81 | # | 81 | # | |
| 82 | # Example: lib/php/20181200 | 82 | # Example: lib/php/20181200 | |
| 83 | # | 83 | # | |
| 84 | # Keywords: php | 84 | # Keywords: php | |
| 85 | # | 85 | # | |
| 86 | 86 | |||
| 87 | .if !defined(PHPVERSION_MK) | 87 | .if !defined(PHPVERSION_MK) | |
| 88 | PHPVERSION_MK= defined | 88 | PHPVERSION_MK= defined | |
| 89 | 89 | |||
| 90 | # Define each PHP's version. | 90 | # Define each PHP's version. | |
| 91 | PHP56_VERSION= 5.6.40 | 91 | PHP56_VERSION= 5.6.40 | |
| 92 | PHP74_VERSION= 7.4.33 | 92 | PHP74_VERSION= 7.4.33 | |
| 93 | PHP80_VERSION= 8.0.30 | 93 | PHP80_VERSION= 8.0.30 | |
| 94 | PHP81_VERSION= 8.1.27 | 94 | PHP81_VERSION= 8.1.28 | |
| 95 | PHP82_VERSION= 8.2.18 | 95 | PHP82_VERSION= 8.2.18 | |
| 96 | PHP83_VERSION= 8.3.4 | 96 | PHP83_VERSION= 8.3.4 | |
| 97 | 97 | |||
| 98 | # Define API version or initial release of major version. | 98 | # Define API version or initial release of major version. | |
| 99 | PHP56_RELDATE= 20140828 | 99 | PHP56_RELDATE= 20140828 | |
| 100 | PHP74_RELDATE= 20191128 | 100 | PHP74_RELDATE= 20191128 | |
| 101 | PHP80_RELDATE= 20201124 | 101 | PHP80_RELDATE= 20201124 | |
| 102 | PHP81_RELDATE= 20211125 | 102 | PHP81_RELDATE= 20211125 | |
| 103 | PHP82_RELDATE= 20220829 | 103 | PHP82_RELDATE= 20220829 | |
| 104 | PHP83_RELDATE= 20231123 | 104 | PHP83_RELDATE= 20231123 | |
| 105 | 105 | |||
| 106 | _VARGROUPS+= php | 106 | _VARGROUPS+= php | |
| 107 | _USER_VARS.php= PHP_VERSION_DEFAULT | 107 | _USER_VARS.php= PHP_VERSION_DEFAULT |
| @@ -1,17 +1,17 @@ | @@ -1,17 +1,17 @@ | |||
| 1 | $NetBSD: distinfo,v 1.31 2024/01/05 02:10:34 taca Exp $ | 1 | $NetBSD: distinfo,v 1.31.2.1 2024/04/22 12:56:30 bsiegert Exp $ | |
| 2 | 2 | |||
| 3 | BLAKE2s (php-8.1.27.tar.xz) = adeaa2ba18ec7bf532947556261be717e6be2a6c8dc191a839eadcb6b682dc62 | 3 | BLAKE2s (php-8.1.28.tar.xz) = 3c9676ad6d04d5006f3135f377f22fab86b3f1f6804977b290e4bf9685d214c0 | |
| 4 | SHA512 (php-8.1.27.tar.xz) = 07fb2b8e10e2487635e26bfd8a27949a26b85f76bc3984ad8599224bb7a7f9498d84299335ae5a0bba16599275e9747ab141f73f4f2076ddf49ebec8e76fd0ed | 4 | SHA512 (php-8.1.28.tar.xz) = d56ecac164e00e9514cd3c6c8c453598b323118dc7d7ae7cc14ba0847d50a2e455b2391f52e0d81af325b02d8f73a7d2ed66bf66d068dac4a496d777c83a398f | |
| 5 | Size (php-8.1.27.tar.xz) = 11915228 bytes | 5 | Size (php-8.1.28.tar.xz) = 11848504 bytes | |
| 6 | SHA1 (patch-configure) = bf9d652aa5b5509b08ce7cdb6168936ca7b80584 | 6 | SHA1 (patch-configure) = bf9d652aa5b5509b08ce7cdb6168936ca7b80584 | |
| 7 | SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 | 7 | SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640 | |
| 8 | SHA1 (patch-ext_enchant_enchant.c) = 7924acc5fdadea89b3a385cf744ef982795bf89d | 8 | SHA1 (patch-ext_enchant_enchant.c) = 7924acc5fdadea89b3a385cf744ef982795bf89d | |
| 9 | SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd | 9 | SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd | |
| 10 | SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 | 10 | SHA1 (patch-ext_tidy_config.m4) = 380f4e8927582b2781faf58b17ad81b6dc967ba7 | |
| 11 | SHA1 (patch-ext_xsl_php__xsl.h) = cf930c5d6d9dab29b12558d265c67d3534a006fd | 11 | SHA1 (patch-ext_xsl_php__xsl.h) = cf930c5d6d9dab29b12558d265c67d3534a006fd | |
| 12 | SHA1 (patch-main_streams_streams.c) = d699ce7d3a300ffb39494b3f1fa5e0958f714483 | 12 | SHA1 (patch-main_streams_streams.c) = d699ce7d3a300ffb39494b3f1fa5e0958f714483 | |
| 13 | SHA1 (patch-php.ini-development) = 373d76cc7a022b578f1d5e296d1f0ac88bc26b72 | 13 | SHA1 (patch-php.ini-development) = 373d76cc7a022b578f1d5e296d1f0ac88bc26b72 | |
| 14 | SHA1 (patch-php.ini-production) = 5ab7fa6bf8403907160b0a62b56c1ee527f8eda6 | 14 | SHA1 (patch-php.ini-production) = 5ab7fa6bf8403907160b0a62b56c1ee527f8eda6 | |
| 15 | SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 | 15 | SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8 | |
| 16 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | 16 | SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3 | |
| 17 | SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0 | 17 | SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0 |