pkgsrc-changes: CVS commit: [pkgsrc-2007Q1] pkgsrc/lang/php5

Subject: CVS commit: [pkgsrc-2007Q1] pkgsrc/lang/php5
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 06/14/2007 23:34:09
Module Name:	pkgsrc
Committed By:	salo
Date:		Thu Jun 14 23:34:09 UTC 2007

Modified Files:
	pkgsrc/lang/php5 [pkgsrc-2007Q1]: Makefile Makefile.common distinfo
Added Files:
	pkgsrc/lang/php5/patches [pkgsrc-2007Q1]: patch-am patch-an

Log Message:
Pullup ticket 2113 - requested by adrianp
security update for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.52, 1.53, 1.54, 1.55
- pkgsrc/lang/php5/Makefile.common		1.26
- pkgsrc/lang/php5/distinfo			1.41, 1.42, 1.43, 1.44
- pkgsrc/lang/php5/patches/patch-am		1.3
- pkgsrc/lang/php5/patches/patch-an		1.3, 1.4

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Wed Jun  6 19:33:13 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile Makefile.common distinfo

   Log Message:
   Update to php-5.2.3

   Security Fixes
   * Fixed an integer overflow inside chunk_split() (by Gerhard Wagner,
     CVE-2007-2872)
   * Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche,
     CVE-2007-2756)
   * Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan
     Esser, CVE-2007-1900)
   * Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath())
     (by bugs dot php dot net at chsc dot dk)
   * Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
   * Added mysql_set_charset() to allow runtime altering of connection
     encoding.

   * Upgraded bundled SQLite 3 to version 3.3.17. (Ilia)
   * Fixed gd build when used with freetype 1.x (Pierre, Tony)

   And a fair few bugs fixed, see: http://www.php.net/ChangeLog-5.php#5.2.3
   for all the details.
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Thu Jun  7 10:45:18 UTC 2007

   Added Files:
   	pkgsrc/lang/php5/patches: patch-am

   Log Message:
   Add in the correct patch to fix CVE-2007-2872
   Spotted by Takahiro Kambe
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Thu Jun  7 10:45:42 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo

   Log Message:
   Add in the correct patch to fix CVE-2007-2872
   Spotted by Takahiro Kambe
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Fri Jun  8 12:29:53 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo
   Added Files:
   	pkgsrc/lang/php5/patches: patch-an

   Log Message:
   Fix the install path for the CGI binary so it ends up where we want it.
   Pointed out by schmonz@ and taca@
   Bump PKGREVISION
---
   Module Name:		pkgsrc
   Committed By:	heinz
   Date:		Mon Jun 11 17:45:30 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo
   	pkgsrc/lang/php5/patches: patch-an

   Log Message:
   Added support for installation to DESTDIR. patch-an had removed correct
   support for this before, probably unintentionally.


To generate a diff of this commit:
cvs rdiff -r1.48.2.1 -r1.48.2.2 pkgsrc/lang/php5/Makefile
cvs rdiff -r1.24.2.1 -r1.24.2.2 pkgsrc/lang/php5/Makefile.common
cvs rdiff -r1.36.2.2 -r1.36.2.3 pkgsrc/lang/php5/distinfo
cvs rdiff -r0 -r1.2.12.1 pkgsrc/lang/php5/patches/patch-am \
    pkgsrc/lang/php5/patches/patch-an

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.