CVS commit: pkgsrc/lang

["Takahiro Kambe" <taca%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   taca
Date:           Fri Jan 23 16:10:34 UTC 2015

Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php55: distinfo

Log Message:
Update php55 to 5.5.21.

22 Jan 2014, PHP 5.5.21

- Core:
  . Upgraded crypt_blowfish to version 1.3. (Leigh)
  . Fixed bug #60704 (unlink() bug with some files path).
  . Fixed bug #65419 (Inside trait, self::class != __CLASS__). (Julien)
  . Fixed bug #65576 (Constructor from trait conflicts with inherited
    constructor). (dunglas at gmail dot com)
  . Fixed bug #55541 (errors spawn MessageBox, which blocks test automation).
    (Anatol)
  . Fixed bug #68297 (Application Popup provides too few information). (Anatol)
  . Fixed bug #65769 (localeconv() broken in TS builds). (Anatol)
  . Fixed bug #65230 (setting locale randomly broken). (Anatol)
  . Fixed bug #66764 (configure doesn't define EXPANDED_DATADIR / PHP_DATADIR
    correctly). (Ferenc)
  . Fixed bug #68583 (Crash in timeout thread). (Anatol)
  . Fixed bug #68594 (Use after free vulnerability in unserialize()).
    (CVE-2014-8142) (Stefan Esser)
  . Fixed bug #68676 (Explicit Double Free). (Kalle)
  . Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize()).
    (CVE-2015-0231) (Stefan Esser)

- CGI:
  . Fixed bug #68618 (out of bounds read crashes php-cgi).(CVE-2014-9427)
    (Stas)

- CLI server:
  . Fixed bug #68745 (Invalid HTTP requests make web server segfault). (Adam)

- cURL:
  . Fixed bug #67643 (curl_multi_getcontent returns '' when
    CURLOPT_RETURNTRANSFER isn't set). (Jille Timmermans)

- EXIF:
  . Fixed bug #68799: Free called on unitialized pointer. (CVE-2015-0232)
    (Stas)

- Fileinfo:
  . Fixed bug #68671 (incorrect expression in libmagic).
    (Joshua Rogers, Anatol Belski)
  . Removed readelf.c and related code from libmagic sources
    (Remi, Anatol)
  . Fixed bug #68735 (fileinfo out-of-bounds memory access).
    (Anatol)

- FPM:
  . Fixed bug #68751 (listen.allowed_clients is broken). (Remi)

- GD:
  . Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (Jan Bee, Remi)

- Mbstring:
  . Fixed bug #68504 (--with-libmbfl configure option not present on Windows).
    (Ashesh Vashi)

- Mcrypt:
  . Fixed possible read after end of buffer and use after free. (Dmitry)

- Opcache:
  . Fixed bug #67111 (Memory leak when using "continue 2" inside two foreach
    loops). (Nikita)

- OpenSSL:
  . Fixed bug #55618 (use case-insensitive cert name matching). (Daniel Lowrey)

- Pcntl:
  . Fixed bug #60509 (pcntl_signal doesn't decrease ref-count of old handler
    when setting SIG_DFL). (Julien)

- PCRE:
  . Fixed bug #66679 (Alignment Bug in PCRE 8.34 upstream).
    (Rainer Jung, Anatol Belski)

- pgsql:
  . Fixed bug #68697 (lo_export return -1 on failure). (Ondřej Surý)

- PDO:
  . Fixed bug #68371 (PDO#getAttribute() cannot be called with platform-specific
    attribute names). (Matteo)

- PDO_mysql:
  . Fixed bug #68424 (Add new PDO mysql connection attr to control multi
    statements option). (peter dot wolanin at acquia dot com)

- SPL:
  . Fixed bug #66405 (RecursiveDirectoryIterator::CURRENT_AS_PATHNAME
    breaks the RecursiveIterator). (Paul Garvin)
  . Fixed bug #65213 (cannot cast SplFileInfo to boolean) (Tjerk)
  . Fixed bug #68479 (Added escape parameter to SplFileObject::fputcsv). (Salathe)

- SQLite:
  . Fixed bug #68120 (Update bundled libsqlite to 3.8.7.2). (Anatol)

- Streams:
  . Fixed bug #68532 (convert.base64-encode omits padding bytes).
    (blaesius at krumedia dot de)


To generate a diff of this commit:
cvs rdiff -u -r1.83 -r1.84 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.32 -r1.33 pkgsrc/lang/php55/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.