pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2016Q4]: pkgsrc/lang Pullup ticket #5197 - requested by taca



details:   https://anonhg.NetBSD.org/pkgsrc/rev/9c0fdccb7b0c
branches:  pkgsrc-2016Q4
changeset: 408721:9c0fdccb7b0c
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Sat Jan 21 10:18:29 2017 +0000

description:
Pullup ticket #5197 - requested by taca
lang/php70: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.170
- lang/php70/distinfo                                           1.25

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Thu Jan 19 14:48:49 UTC 2017

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php70: distinfo

   Log Message:
   Update php70 to 7.0.15.

   PHP                                                                        NEWS
   |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
   19 Jan 2017 PHP 7.0.15

   - Core:
    . Fixed bug #73792 (invalid foreach loop hangs script). (Dmitry)
    . Fixed bug #73663 ("Invalid opcode 65/16/8" occurs with a variable created
      with list()). (Laruence)
    . Fixed bug #73585 (Logging of "Internal Zend error - Missing class
      information" missing class name). (Laruence)
    . Fixed bug #73753 (unserialized array pointer not advancing). (David Walker)
    . Fixed bug #73825 (Heap out of bounds read on unserialize in
      finish_nested_data()). (Stas)
    . Fixed bug #73831 (NULL Pointer Dereference while unserialize php object).
      (Stas)
    . Fixed bug #73832 (Use of uninitialized memory in unserialize()). (Stas)
    . Fixed bug #73092 (Unserialize use-after-free when resizing object's
      properties hash table). (Nikita)
    . Fixed bug #69425 (Use After Free in unserialize()). (Nikita)
    . Fixed bug #72731 (Type Confusion in Object Deserialization). (Nikita)

   - COM:
    . Fixed bug #73679 (DOTNET read access violation using invalid codepage).
      (Anatol)

   - DOM:
    . Fixed bug #67474 (getElementsByTagNameNS filter on default ns). (aboks)

   - EXIF:
    . Bug bug #73737 (FPE when parsing a tag format). (Stas)

   - GD:
    . Fixed bug #73869 (Signed Integer Overflow gd_io.c). (cmb)
    . Fixed bug #73868 (DOS vulnerability in gdImageCreateFromGd2Ctx()). (cmb)

   - GMP:
    . Fixed bug #70513 (GMP Deserialization Type Confusion Vulnerability).
      (Nikita)

   - Mysqli:
    . Fixed bug #73462 (Persistent connections don't set $connect_errno).
      (darkain)

   - Mysqlnd:
    . Fixed issue with decoding BIT columns when having more than one rows in the
      result set. 7.0+ problem. (Andrey)
    . Fixed bug #73800 (sporadic segfault with MYSQLI_OPT_INT_AND_FLOAT_NATIVE).
        (vanviegen)

   - PCRE:
    . Fixed bug #73612 (preg_*() may leak memory). (cmb)

   - PDO_Firebird:
    . Fixed bug #72931 (PDO_FIREBIRD with Firebird 3.0 not work on returning
      statement). (Dorin Marcoci)

   - Phar:
    . Fixed bug #73773 (Seg fault when loading hostile phar). (Stas)
    . Fixed bug #73768 (Memory corruption when loading hostile phar). (Stas)
    . Fixed bug #73764 (Crash while loading hostile phar archive). (Stas)

   - Phpdbg:
    . Fixed bug #73615 (phpdbg without option never load .phpdbginit at startup).
      (Bob)
    . Fixed issue getting executable lines from custom wrappers. (Bob)
    . Fixed bug #73704 (phpdbg shows the wrong line in files with shebang). (Bob)

   - Reflection:
    . Fixed bug #46103 (ReflectionObject memory leak). (Nikita)

   - Streams:
    . Fixed bug #73586 (php_user_filter::$stream is not set to the stream the
      filter is working on). (Dmitry)

   - SQLite3:
    . Reverted fix for bug #73530       (Unsetting result set may reset other result
      set). (cmb)

   - Standard:
    . Fixed bug #73594 (dns_get_record does not populate $additional out
      parameter). (Bruce Weirdan)
    . Fixed bug #70213 (Unserialize context shared on double class lookup).
      (Taoguang Chen)
    . Fixed bug #73154 (serialize object with __sleep function crash). (Nikita)
    . Fixed bug #70490 (get_browser function is very slow). (Nikita)
    . Fixed bug #73265 (Loading browscap.ini at startup causes high memory usage).
      (Nikita)
    . Fixed bug #31875 (get_defined_functions additional param to exclude
        disabled functions). (willianveiga)

   - Zlib:
    . Fixed bug #73373 (deflate_add does not verify that output was not truncated).
      (Matt Bonneau)

diffstat:

 lang/php/phpversion.mk |   4 ++--
 lang/php70/distinfo    |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (36 lines):

diff -r 67b319463703 -r 9c0fdccb7b0c lang/php/phpversion.mk
--- a/lang/php/phpversion.mk    Sat Jan 21 10:12:43 2017 +0000
+++ b/lang/php/phpversion.mk    Sat Jan 21 10:18:29 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.168.2.1 2017/01/21 10:12:43 bsiegert Exp $
+# $NetBSD: phpversion.mk,v 1.168.2.2 2017/01/21 10:18:29 bsiegert Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -88,7 +88,7 @@
 
 # Define each PHP's version.
 PHP56_VERSION= 5.6.29
-PHP70_VERSION= 7.0.14
+PHP70_VERSION= 7.0.15
 PHP71_VERSION= 7.1.1
 
 # Define initial release of major version.
diff -r 67b319463703 -r 9c0fdccb7b0c lang/php70/distinfo
--- a/lang/php70/distinfo       Sat Jan 21 10:12:43 2017 +0000
+++ b/lang/php70/distinfo       Sat Jan 21 10:18:29 2017 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.24 2016/12/20 07:22:19 maya Exp $
+$NetBSD: distinfo,v 1.24.2.1 2017/01/21 10:18:30 bsiegert Exp $
 
-SHA1 (php-7.0.14.tar.bz2) = 72769f56451b9f738e70888d7711dd5f3c5a1d79
-RMD160 (php-7.0.14.tar.bz2) = 75d21fdf581999814e7d96a91aa7ae08143d1275
-SHA512 (php-7.0.14.tar.bz2) = 549b2e03b92df93646e430406cc20791b12de329a1fa83f8c2d42c5894119cd67b88a047b503925a7574077a66d9a0a0ada1921cbe62dba32d51c850b7d589ee
-Size (php-7.0.14.tar.bz2) = 15239441 bytes
+SHA1 (php-7.0.15.tar.bz2) = e11aa3dab4986664a77b1e0e9f86c8e619a053b6
+RMD160 (php-7.0.15.tar.bz2) = fc01608a6080cd99528b78b3bd9329089b75bd62
+SHA512 (php-7.0.15.tar.bz2) = 5bd075bf5b2f9bdc55d4cbde504f22417862e9353941774ae43a9690c172fc6c98e497842512e701765292bb96b6e5e9a7a01b824ae7c072e26e18eb40fc2a45
+Size (php-7.0.15.tar.bz2) = 15305062 bytes
 SHA1 (patch-acinclude.m4) = 81a8f33a536500978ea5a9aa2d2875c61c843e56
 SHA1 (patch-configure) = a129e19ef87338f6e53ccc967c40ddcde7c7357c
 SHA1 (patch-ext_gd_config.m4) = bde93678626592cdcee619189bfc6532d0913a76



Home | Main Index | Thread Index | Old Index