CVS commit: [pkgsrc-2015Q2] pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2015Q2] pkgsrc/lang
From: "Matthias Scheler" <tron%netbsd.org@localhost>
Date: Wed, 12 Aug 2015 20:07:46 +0000

Module Name:    pkgsrc
Committed By:   tron
Date:           Wed Aug 12 20:07:45 UTC 2015

Modified Files:
        pkgsrc/lang/php [pkgsrc-2015Q2]: phpversion.mk
        pkgsrc/lang/php54 [pkgsrc-2015Q2]: distinfo

Log Message:
Pullup ticket #4790 - requested by taca
lang/php54: security update

Revisions pulled up:
- lang/php/phpversion.mk                                        1.106
- lang/php54/distinfo                                           1.62

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Aug  8 00:11:29 UTC 2015

   Modified Files:
        pkgsrc/lang/php: pear.mk phpversion.mk
        pkgsrc/lang/php54: distinfo

   Log Message:
   Update phpt54 to 5.4.44.

   06 Aug 2015 PHP 5.4.44

   - Core:
     . Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive
       method calls). (Stas)
     . Fixed bug #69892 (Different arrays compare indentical due to integer key
       truncation). (Nikita)
     . Fixed bug #70121 (unserialize() could lead to unexpected methods execution
       / NULL pointer deref). (Stas)

   - OpenSSL:
     . Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
       secure). (Stas)

   - Phar:
     . Improved fix for bug #69441. (Anatol Belski)
     . Fixed bug #70019 (Files extracted from archive may be placed outside of
       destination directory). (Anatol Belski)

   - SOAP:
     . Fixed bug #70081 (SoapClient info leak / null pointer dereference via
        multiple type confusions). (Stas)

   - SPL:
     . Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject
       items). (sean.heelan)
     . Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
       SPLArrayObject). (taoguangchen at icloud dot com)
     . Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
       SplObjectStorage). (taoguangchen at icloud dot com)
     . Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
       SplDoublyLinkedList). (taoguangchen at icloud dot com)


To generate a diff of this commit:
cvs rdiff -u -r1.102.2.3 -r1.102.2.4 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.60.2.1 -r1.60.2.2 pkgsrc/lang/php54/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: [pkgsrc-2015Q2] pkgsrc/lang
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: [pkgsrc-2015Q2] pkgsrc/lang
Indexes:

Home | Main Index | Thread Index | Old Index