pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/lang

Module Name:    pkgsrc
Committed By:   taca
Date:           Sat Aug 23 16:07:24 UTC 2014

Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php54: distinfo
Removed Files:
        pkgsrc/lang/php54/patches: patch-ext_gd_libgd_gdxpm.c
            patch-ext_spl_spl__array.c patch-ext_spl_spl__dllist.c

Log Message:
Update php54 to 5.4.32 (PHP 5.4.32).

07 Aug 2014, PHP 5.4.32

- Core:
  . Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597) (Remi)

- COM:
  . Fixed missing type checks in com_event_sink. (Yussuf Khalil, Stas)

- Fileinfo:
  . Fixed bug #67705 (extensive backtracking in rule regular expression).
    (CVE-2014-3538) (Remi)
  . Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587) (Remi)

- GD:
  . Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference).
    (CVE-2014-2497) (Remi)
  . Fixed bug #67730 (Null byte injection possible with imagexxx functions).
    (CVE-2014-5120) (Ryan Mauger)

- Milter:
  . Fixed bug #67715 (php-milter does not build and crashes randomly). (Mike)

- OpenSSL:
  . Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).

- Readline:
  . Fixed bug #55496 (Interactive mode doesn't force a newline before the
    prompt). (Bob, Johannes)
  . Fixed bug #67496 (Save command history when exiting interactive shell
    with control-c). (Dmitry Saprykin, Johannes)

- Sessions:
  . Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).

- SPL:
  . Fixed bug #67539 (ArrayIterator use-after-free due to object change during
    sorting). (research at insighti dot org, Laruence)
  . Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670) (Laruence)

- Core:
  . Fixed bug #67693 (incorrect push to the empty array) (Tjerk)

- ODBC:
  . Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte
    char fields). (Keyur)

- Zlib:
  . Fixed bug #67724 (chained zlib filters silently fail with large amounts of
    data). (Mike)


To generate a diff of this commit:
cvs rdiff -u -r1.69 -r1.70 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.45 -r1.46 pkgsrc/lang/php54/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php54/patches/patch-ext_gd_libgd_gdxpm.c \
    pkgsrc/lang/php54/patches/patch-ext_spl_spl__array.c \
    pkgsrc/lang/php54/patches/patch-ext_spl_spl__dllist.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home | Main Index | Thread Index | Old Index