pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: [pkgsrc-2024Q1] pkgsrc/lang
Module Name: pkgsrc
Committed By: bsiegert
Date: Mon Apr 22 12:36:40 UTC 2024
Modified Files:
pkgsrc/lang/php [pkgsrc-2024Q1]: phpversion.mk
pkgsrc/lang/php82 [pkgsrc-2024Q1]: distinfo
pkgsrc/lang/php82/patches [pkgsrc-2024Q1]: patch-configure
Log Message:
Pullup ticket #6847 - requested by taca
lang/php82: security fix
Revisions pulled up:
- lang/php/phpversion.mk 1.427
- lang/php82/distinfo 1.20
- lang/php82/patches/patch-configure 1.18
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Apr 13 02:49:41 UTC 2024
Modified Files:
pkgsrc/lang/php: phpversion.mk
pkgsrc/lang/php82: distinfo
pkgsrc/lang/php82/patches: patch-configure
Log Message:
lang/php82: update to 8.2.18
This release includes security fixes.
11 Apr 2024, PHP 8.2.18
- Core:
. Fixed bug GH-13612 (Corrupted memory in destructor with weak references).
(nielsdos)
. Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure). (Remi)
. Fixed bug GH-13670 (GC does not scale well with a lot of objects created in
destructor). (Arnaud)
- DOM:
. Add some missing ZPP checks. (nielsdos)
. Fix potential memory leak in XPath evaluation results. (nielsdos)
. Fix phpdoc for DOMDocument load methods. (VincentLanglet)
- FPM
. Fix incorrect check in fpm_shm_free(). (nielsdos)
- GD:
. Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests). (Michael Orlitzky)
- Gettext:
. Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5
with category set to LC_ALL. (David Carlier)
- MySQLnd:
. Fix GH-13452 (Fixed handshake response [mysqlnd]). (Saki Takamachi)
. Fix incorrect charset length in check_mb_eucjpms(). (nielsdos)
- Opcache:
. Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null).
(Arnaud, Dmitry)
. Fixed GH-13712 (Segmentation fault for enabled observers when calling trait
method of internal trait when opcache is loaded). (Bob)
- PDO:
. Fix various PDORow bugs. (Girgias)
- Random:
. Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown
modes). (timwolla)
. Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between
requests when MT_RAND_PHP is used). (timwolla)
- Session:
. Fixed bug GH-13680 (Segfault with session_decode and compilation error).
(nielsdos)
- Sockets:
. Fixed bug GH-13604 (socket_getsockname returns random characters in the end
of the socket name). (David Carlier)
- SPL:
. Fixed bug GH-13531 (Unable to resize SplfixedArray after being unserialized
in PHP 8.2.15). (nielsdos)
. Fixed bug GH-13685 (Unexpected null pointer in zend_string.h). (nielsdos)
- Standard:
. Fixed bug GH-11808 (Live filesystem modified by tests). (nielsdos)
. Fixed GH-13402 (Added validation of `\n` in $additional_headers of mail()).
(SakiTakamachi)
. Fixed bug GH-13203 (file_put_contents fail on strings over 4GB on Windows).
(divinity76)
. Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command
parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
. Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
. Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)
- XML:
. Fixed bug GH-13517 (Multiple test failures when building with
--with-expat). (nielsdos)
To generate a diff of this commit:
cvs rdiff -u -r1.426 -r1.426.2.1 pkgsrc/lang/php/phpversion.mk
cvs rdiff -u -r1.19 -r1.19.2.1 pkgsrc/lang/php82/distinfo
cvs rdiff -u -r1.17 -r1.17.2.1 pkgsrc/lang/php82/patches/patch-configure
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/lang/php/phpversion.mk
diff -u pkgsrc/lang/php/phpversion.mk:1.426 pkgsrc/lang/php/phpversion.mk:1.426.2.1
--- pkgsrc/lang/php/phpversion.mk:1.426 Sun Mar 17 19:19:38 2024
+++ pkgsrc/lang/php/phpversion.mk Mon Apr 22 12:36:39 2024
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.426 2024/03/17 19:19:38 jklos Exp $
+# $NetBSD: phpversion.mk,v 1.426.2.1 2024/04/22 12:36:39 bsiegert Exp $
#
# This file selects a PHP version, based on the user's preferences and
# the installed packages. It does not add a dependency on the PHP
@@ -92,7 +92,7 @@ PHP56_VERSION= 5.6.40
PHP74_VERSION= 7.4.33
PHP80_VERSION= 8.0.30
PHP81_VERSION= 8.1.27
-PHP82_VERSION= 8.2.17
+PHP82_VERSION= 8.2.18
PHP83_VERSION= 8.3.4
# Define API version or initial release of major version.
Index: pkgsrc/lang/php82/distinfo
diff -u pkgsrc/lang/php82/distinfo:1.19 pkgsrc/lang/php82/distinfo:1.19.2.1
--- pkgsrc/lang/php82/distinfo:1.19 Sun Mar 17 16:46:05 2024
+++ pkgsrc/lang/php82/distinfo Mon Apr 22 12:36:39 2024
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.19 2024/03/17 16:46:05 taca Exp $
+$NetBSD: distinfo,v 1.19.2.1 2024/04/22 12:36:39 bsiegert Exp $
-BLAKE2s (php-8.2.17.tar.xz) = 8aa7f3dd3e671ce1aadf71668e71a5edc3ab95fab0a1d6cdb19744f5d30d30da
-SHA512 (php-8.2.17.tar.xz) = 113cd8c6a481770aba7e21f1bc22500c93dfa41ff85a7b54e1abbfd5b5a32f51501c91eb45c29a5e2d8ec5f61861060c193a96e27224c97f8cad7979f378bde8
-Size (php-8.2.17.tar.xz) = 12092404 bytes
-SHA1 (patch-configure) = c80956e91c562a1035ba8ae93403f762e149ae47
+BLAKE2s (php-8.2.18.tar.xz) = 6571715c96a8064a61bd868f483f27a85ce0594cb540cd7c28a226abe1eb29c0
+SHA512 (php-8.2.18.tar.xz) = 8bdd6e5aa19dac80745d258a43f7330a3096d47dc66cbef0054b8f9eb9ace5e87d841a4001185a783241a416975753c922425e977f50b2716ce643b6a7bf351f
+Size (php-8.2.18.tar.xz) = 12089400 bytes
+SHA1 (patch-configure) = 80256ba9788c66d960954516394620c9f789d744
SHA1 (patch-ext_enchant_enchant.c) = 7d999de1b2fde2ea11e4a6e16e7b59c085924b9b
SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd
SHA1 (patch-ext_standard_php__fopen__wrapper.c) = 0a2c19c18f089448a8d842e99738b292ab9e5640
Index: pkgsrc/lang/php82/patches/patch-configure
diff -u pkgsrc/lang/php82/patches/patch-configure:1.17 pkgsrc/lang/php82/patches/patch-configure:1.17.2.1
--- pkgsrc/lang/php82/patches/patch-configure:1.17 Sun Mar 17 16:46:05 2024
+++ pkgsrc/lang/php82/patches/patch-configure Mon Apr 22 12:36:39 2024
@@ -1,12 +1,12 @@
-$NetBSD: patch-configure,v 1.17 2024/03/17 16:46:05 taca Exp $
+$NetBSD: patch-configure,v 1.17.2.1 2024/04/22 12:36:39 bsiegert Exp $
* Do not include "PKG_CONFIG*" in CONFIGURE_OPTIONS.
* Don't autodetect maintainer-zts.
* Shell portability.
---- configure.orig 2024-03-12 14:26:30.000000000 +0000
+--- configure.orig 2024-04-09 18:46:23.000000000 +0000
+++ configure
-@@ -4365,6 +4365,10 @@ EOF
+@@ -3732,6 +3732,10 @@ EOF
else
break
fi
@@ -14,10 +14,10 @@ $NetBSD: patch-configure,v 1.17 2024/03/
+ \'PKG_CONFIG\=*) CURRENT_ARG="'PKG_CONFIG=@TOOLS_PATH.pkg-config@'";;
+ \'PKG_CONFIG_LIBDIR\=*) CURRENT_ARG="'PKG_CONFIG_LIBDIR=@PHP_PKGCONFIG_PATH@'";;
+ esac
- printf "%s\n" "$CURRENT_ARG \\" >>config.nice
+ $as_echo "$CURRENT_ARG \\" >>config.nice
CONFIGURE_OPTIONS="$CONFIGURE_OPTIONS $CURRENT_ARG"
done
-@@ -7805,30 +7809,6 @@ EOF
+@@ -7023,30 +7027,6 @@ EOF
;;
esac
@@ -42,18 +42,18 @@ $NetBSD: patch-configure,v 1.17 2024/03/
-
- fi
- fi
-- { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
--printf "%s\n" "yes" >&6; }
+- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+-$as_echo "yes" >&6; }
-
PHP_VAR_SUBST="$PHP_VAR_SUBST APXS"
else
-@@ -82926,7 +82906,7 @@ printf "%s\n" "#define HAVE_TIDYBUFFIO_H
+@@ -78313,7 +78293,7 @@ $as_echo "#define HAVE_TIDYBUFFIO_H 1" >
fi
TIDY_LIBDIR=$TIDY_DIR/$PHP_LIBDIR
- if test "$TIDY_LIB_NAME" == 'tidyp'; then
+ if test "$TIDY_LIB_NAME" = 'tidyp'; then
- printf "%s\n" "#define HAVE_TIDYP_H 1" >>confdefs.h
+ $as_echo "#define HAVE_TIDYP_H 1" >>confdefs.h
Home |
Main Index |
Thread Index |
Old Index