CVS commit: pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/lang
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Fri, 19 Aug 2016 03:29:00 +0000

Module Name:    pkgsrc
Committed By:   taca
Date:           Fri Aug 19 03:29:00 UTC 2016

Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php56: distinfo

Log Message:
Update php56 to 5.6.25 (PHP 5.6.25).

18 Aug 2016, PHP 5.6.25

- Bz2:
  . Fixed bug #72837 (integer overflow in bzdecompress caused heap
    corruption). (Stas)

- Core:
  . Fixed bug #70436 (Use After Free Vulnerability in unserialize()).
    (Taoguang Chen)
  . Fixed bug #72024 (microtime() leaks memory). (maroszek at gmx dot net)
  . Fixed bug #72581 (previous property undefined in Exception after
    deserialization). (Laruence)
  . Implemented FR #72614 (Support "nmake test" on building extensions by
    phpize). (Yuji Uchiyama)
  . Fixed bug #72641 (phpize (on Windows) ignores PHP_PREFIX).
    (Yuji Uchiyama)
  . Fixed bug #72663 (Create an Unexpected Object and Don't Invoke
    __wakeup() in Deserialization). (Stas)
  . Fixed bug #72681 (PHP Session Data Injection Vulnerability). (Stas)

- Calendar:
  . Fixed bug #67976 (cal_days_month() fails for final month of the French
    calendar). (cmb)
  . Fixed bug #71894 (AddressSanitizer: global-buffer-overflow in
    zif_cal_from_jd). (cmb)

- Curl:
  . Fixed bug #71144 (Segmentation fault when using cURL with ZTS).
    (maroszek at gmx dot net)
  . Fixed bug #71929 (Certification information (CERTINFO) data parsing error).
    (Pierrick)
  . Fixed bug #72807 (integer overflow in curl_escape caused heap
    corruption). (Stas)

- DOM:
  . Fixed bug #66502 (DOM document dangling reference). (Sean Heelan, cmb)

- Ereg:
  . Fixed bug #72838 (Integer overflow lead to heap corruption in
    sql_regcase). (Stas)

- EXIF:
  . Fixed bug #72627 (Memory Leakage In exif_process_IFD_in_TIFF). (Stas)
  . Fixed bug #72735 (Samsung picture thumb not read (zero size)). (Kalle, Remi)

- Filter:
  . Fixed bug #71745 (FILTER_FLAG_NO_RES_RANGE does not cover whole 127.0.0.0/8
    range). (bugs dot php dot net at majkl578 dot cz)

- FPM:
  . Fixed bug #72575 (using --allow-to-run-as-root should ignore missing user).
    (gooh)

- GD:
  . Fixed bug #43828 (broken transparency of imagearc for truecolor in
    blendingmode). (cmb)
  . Fixed bug #66555 (Always false condition in ext/gd/libgd/gdkanji.c). (cmb)
  . Fixed bug #68712 (suspicious if-else statements). (cmb)
  . Fixed bug #70315 (500 Server Error but page is fully rendered). (cmb)
  . Fixed bug #72596 (imagetypes function won't advertise WEBP support). (cmb)
  . Fixed bug #72604 (imagearc() ignores thickness for full arcs). (cmb)
  . Fixed bug #72697 (select_colors write out-of-bounds). (Stas)
  . Fixed bug #72709 (imagesetstyle() causes OOB read for empty $styles). (cmb)
  . Fixed bug #72730 (imagegammacorrect allows arbitrary write access). (Stas)

- Intl:
  . Partially fixed #72506 (idn_to_ascii for UTS #46 incorrect for long domain
    names). (cmb)

- mbstring:
  . Fixed bug #72691 (mb_ereg_search raises a warning if a match zero-width).
    (cmb)
  . Fixed bug #72693 (mb_ereg_search increments search position when a match
    zero-width). (cmb)
  . Fixed bug #72694 (mb_ereg_search_setpos does not accept a string's last
    position). (cmb)
  . Fixed bug #72710 (`mb_ereg` causes buffer overflow on regexp compile error).
    (ju1ius)

- PCRE:
  . Fixed bug #72688 (preg_match missing group names in matches). (cmb)

- PDO_pgsql:
  . Fixed bug #70313 (PDO statement fails to throw exception). (Matteo)

- Reflection:
  . Fixed bug #72222 (ReflectionClass::export doesn't handle array constants).
    (Nikita Nefedov)

- SNMP:
  . Fixed bug #72708 (php_snmp_parse_oid integer overflow in memory
    allocation). (djodjo at gmail dot com)

- Standard:
  . Fixed bug #72330 (CSV fields incorrectly split if escape char followed by
    UTF chars). (cmb)
  . Fixed bug #72836 (integer overflow in base64_decode). (Stas)
  . Fixed bug #72848 (integer overflow in quoted_printable_encode). (Stas)
  . Fixed bug #72849 (integer overflow in urlencode). (Stas)
  . Fixed bug #72850 (integer overflow in php_uuencode). (Stas)
  . Fixed bug #72716 (initialize buffer before read). (Stas)

- Streams:
  . Fixed bug #41021 (Problems with the ftps wrapper). (vhuk)
  . Fixed bug #54431 (opendir() does not work with ftps:// wrapper). (vhuk)
  . Fixed bug #72667 (opendir() with ftp:// attempts to open data stream for
    non-existent directories). (vhuk)
  . Fixed bug #72764 (ftps:// opendir wrapper data channel encryption fails
    with IIS FTP 7.5, 8.5). (vhuk)
  . Fixed bug #72771 (ftps:// wrapper is vulnerable to protocol downgrade
    attack). (Stas)

- SPL:
  . Fixed bug #72122 (IteratorIterator breaks '@' error suppression). (kinglozzer)
  . Fixed bug #72646 (SplFileObject::getCsvControl does not return the escape
    character). (cmb)
  . Fixed bug #72684 (AppendIterator segfault with closed generator). (Pierrick)

- SQLite3:
  . Implemented FR #72653 (SQLite should allow opening with empty filename).
    (cmb)

- Wddx:
  . Fixed bug #72142 (WDDX Packet Injection Vulnerability in
    wddx_serialize_value()). (Taoguang Chen)
  . Fixed bug #72749 (wddx_deserialize allows illegal memory access) (Stas)
  . Fixed bug #72750 (wddx_deserialize null dereference). (Stas)
  . Fixed bug #72790 (wddx_deserialize null dereference with invalid xml).
    (Stas)
  . Fixed bug #72799 (wddx_deserialize null dereference in
    php_wddx_pop_element). (Stas)


To generate a diff of this commit:
cvs rdiff -u -r1.148 -r1.149 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.32 -r1.33 pkgsrc/lang/php56/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/php/phpversion.mk
diff -u pkgsrc/lang/php/phpversion.mk:1.148 pkgsrc/lang/php/phpversion.mk:1.149
--- pkgsrc/lang/php/phpversion.mk:1.148 Sat Aug  6 11:32:14 2016
+++ pkgsrc/lang/php/phpversion.mk       Fri Aug 19 03:29:00 2016
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.148 2016/08/06 11:32:14 jdolecek Exp $
+# $NetBSD: phpversion.mk,v 1.149 2016/08/19 03:29:00 taca Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -82,7 +82,7 @@ PHPVERSION_MK=        defined
 
 # Define each PHP's version.
 PHP55_VERSION= 5.5.38
-PHP56_VERSION= 5.6.24
+PHP56_VERSION= 5.6.25
 PHP70_VERSION= 7.0.9
 PHP71_VERSION= 7.1.0beta2
 

Index: pkgsrc/lang/php56/distinfo
diff -u pkgsrc/lang/php56/distinfo:1.32 pkgsrc/lang/php56/distinfo:1.33
--- pkgsrc/lang/php56/distinfo:1.32     Sat Aug 13 17:34:41 2016
+++ pkgsrc/lang/php56/distinfo  Fri Aug 19 03:29:00 2016
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.32 2016/08/13 17:34:41 taca Exp $
+$NetBSD: distinfo,v 1.33 2016/08/19 03:29:00 taca Exp $
 
-SHA1 (php-5.6.24.tar.bz2) = c2b3ad1d968fbc615702ff0860efc3b35ca1fb70
-RMD160 (php-5.6.24.tar.bz2) = 6be7a7ea3a59dbbb618cb1251caf32f5332e5def
-SHA512 (php-5.6.24.tar.bz2) = 50bf22a1e4298049a3602906a47d4bbb52cf9e7bf8d01f6ebca76d15b4c87ef59ba94ac5d19889fb5f9a15f5da002b6304bb526327d5fe0409992a668a665ffc
-Size (php-5.6.24.tar.bz2) = 14905924 bytes
+SHA1 (php-5.6.25.tar.bz2) = 7d0274f6f0e8db35edc56d47d2d65fdf851820b9
+RMD160 (php-5.6.25.tar.bz2) = 04b56cc6c3f7b649dd37e2c8bdaea31f03fa4a5e
+SHA512 (php-5.6.25.tar.bz2) = 675a5244822f00abd93ec4ef31c539a4c305cab0aaf4735f6cbe037507853ba3f1691fcbaf1cf54dde106d918c22337bb600ed78c38351d4405da8ffdc5d50e0
+Size (php-5.6.25.tar.bz2) = 14923535 bytes
 SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8
 SHA1 (patch-configure) = 5d76f71aa903efa3c3491b908ff76419aa4af27c
 SHA1 (patch-ext_gd_config.m4) = b92ab4c7fe8aceaef7787a607a7d2eac258fee19

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/lang
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/lang
Indexes:

Home | Main Index | Thread Index | Old Index