head 1.80; access; symbols pkgsrc-2014Q4:1.78.0.2 pkgsrc-2014Q4-base:1.78 pkgsrc-2014Q3:1.76.0.2 pkgsrc-2014Q3-base:1.76 pkgsrc-2014Q2:1.74.0.2 pkgsrc-2014Q2-base:1.74 pkgsrc-2014Q1:1.72.0.2 pkgsrc-2014Q1-base:1.72 pkgsrc-2013Q4:1.70.0.2 pkgsrc-2013Q4-base:1.70 pkgsrc-2013Q3:1.68.0.2 pkgsrc-2013Q3-base:1.68 pkgsrc-2013Q2:1.65.0.2 pkgsrc-2013Q2-base:1.65 pkgsrc-2013Q1:1.60.0.2 pkgsrc-2013Q1-base:1.60 pkgsrc-2012Q4:1.54.0.2 pkgsrc-2012Q4-base:1.54 pkgsrc-2012Q3:1.51.0.2 pkgsrc-2012Q3-base:1.51 pkgsrc-2012Q2:1.45.0.2 pkgsrc-2012Q2-base:1.45 pkgsrc-2012Q1:1.36.0.2 pkgsrc-2012Q1-base:1.36 pkgsrc-2011Q4:1.28.0.2 pkgsrc-2011Q4-base:1.28 pkgsrc-2011Q3:1.22.0.2 pkgsrc-2011Q3-base:1.22 pkgsrc-2011Q2:1.17.0.2 pkgsrc-2011Q2-base:1.17 pkgsrc-2011Q1:1.13.0.2 pkgsrc-2011Q1-base:1.13 pkgsrc-2010Q4:1.9.0.2 pkgsrc-2010Q4-base:1.9 pkgsrc-2010Q3:1.6.0.2 pkgsrc-2010Q3-base:1.6 pkgsrc-2010Q2:1.5.0.2 pkgsrc-2010Q2-base:1.5 pkgsrc-2010Q1:1.2.0.2 pkgsrc-2010Q1-base:1.2 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.80 date 2015.03.15.15.00.46; author taca; state dead; branches; next 1.79; commitid 4KsKfLt2nQH6kIdy; 1.79 date 2015.03.05.11.16.28; author he; state Exp; branches; next 1.78; commitid WomeZ4uwKfSTopcy; 1.78 date 2014.11.21.14.13.51; author joerg; state Exp; branches; next 1.77; commitid GSgDh5aU9qS7J3Zx; 1.77 date 2014.10.23.16.18.47; author taca; state Exp; branches; next 1.76; commitid g3Pwju8WwUFJllVx; 1.76 date 2014.08.15.16.09.16; author taca; state Exp; branches 1.76.2.1; next 1.75; commitid kkNOECh9dZ41wtMx; 1.75 date 2014.07.28.16.12.57; author prlw1; state Exp; branches; next 1.74; commitid 1brA70oQJf0a7aKx; 1.74 date 2014.06.13.14.09.34; author fhajny; state Exp; branches 1.74.2.1; next 1.73; commitid Rm7LwJRK6G6iQmEx; 1.73 date 2014.05.11.11.20.47; author he; state Exp; branches; next 1.72; commitid 5c0oCCn9C46707Ax; 1.72 date 2014.03.23.09.55.59; author spz; state Exp; branches 1.72.2.1; next 1.71; commitid MHJGdrH6kkLS6Otx; 1.71 date 2014.03.12.19.52.04; author asau; state Exp; branches; next 1.70; commitid OLWiYTMSBSqyLrsx; 1.70 date 2013.12.13.15.30.35; author taca; state Exp; branches; next 1.69; commitid w7XMqUa62Xa4bZgx; 1.69 date 2013.12.05.16.16.40; author taca; state Exp; branches; next 1.68; commitid s5PmHmHHViTFGXfx; 1.68 date 2013.08.16.00.38.13; author taca; state Exp; branches 1.68.2.1; next 1.67; commitid zx0t6WfCm0gW3C1x; 1.67 date 2013.08.14.15.42.56; author taca; state Exp; branches; next 1.66; commitid BgvKZEeZS3Ym8r1x; 1.66 date 2013.07.12.00.07.04; author taca; state Exp; branches; next 1.65; commitid C1FAqta7bpf817Xw; 1.65 date 2013.06.09.22.23.24; author taca; state Exp; branches 1.65.2.1; next 1.64; commitid ksYLttxJQ0YXsZSw; 1.64 date 2013.06.07.13.53.52; author taca; state Exp; branches; next 1.63; commitid GhQjQm1MplqyIGSw; 1.63 date 2013.05.16.16.19.14; author taca; state Exp; branches; next 1.62; commitid CuMOKpnbzNBjeSPw; 1.62 date 2013.04.12.16.59.51; author taca; state Exp; branches; next 1.61; 1.61 date 2013.04.12.11.56.46; author taca; state Exp; branches; next 1.60; 1.60 date 2013.03.16.01.58.18; author taca; state Exp; branches 1.60.2.1; next 1.59; 1.59 date 2013.02.28.21.28.20; author imil; state Exp; branches; next 1.58; 1.58 date 2013.02.22.03.06.16; author taca; state Exp; branches; next 1.57; 1.57 date 2013.02.17.13.10.13; author taca; state Exp; branches; next 1.56; 1.56 date 2013.01.17.16.18.24; author taca; state Exp; branches; next 1.55; 1.55 date 2013.01.07.14.23.57; author taca; state Exp; branches; next 1.54; 1.54 date 2012.11.23.13.20.03; author taca; state Exp; branches; next 1.53; 1.53 date 2012.10.20.00.29.40; author taca; state Exp; branches; next 1.52; 1.52 date 2012.10.19.14.57.02; author taca; state Exp; branches; next 1.51; 1.51 date 2012.09.15.00.08.10; author taca; state Exp; branches; next 1.50; 1.50 date 2012.09.14.15.52.08; author taca; state Exp; branches; next 1.49; 1.49 date 2012.08.17.15.32.31; author taca; state Exp; branches; next 1.48; 1.48 date 2012.07.31.12.23.12; author fhajny; state Exp; branches; next 1.47; 1.47 date 2012.07.25.13.20.30; author fhajny; state Exp; branches; next 1.46; 1.46 date 2012.07.20.12.28.17; author taca; state Exp; branches; next 1.45; 1.45 date 2012.06.16.01.27.24; author taca; state Exp; branches 1.45.2.1; next 1.44; 1.44 date 2012.06.12.14.45.51; author taca; state Exp; branches; next 1.43; 1.43 date 2012.06.03.21.23.10; author abs; state Exp; branches; next 1.42; 1.42 date 2012.05.31.15.58.10; author taca; state Exp; branches; next 1.41; 1.41 date 2012.05.09.06.52.51; author taca; state Exp; branches; next 1.40; 1.40 date 2012.05.06.14.31.20; author taca; state Exp; branches; next 1.39; 1.39 date 2012.05.06.14.27.46; author taca; state Exp; branches; next 1.38; 1.38 date 2012.05.04.01.48.41; author taca; state Exp; branches; next 1.37; 1.37 date 2012.04.26.14.26.33; author taca; state Exp; branches; next 1.36; 1.36 date 2012.04.05.03.17.26; author taca; state Exp; branches 1.36.2.1; next 1.35; 1.35 date 2012.02.03.03.10.34; author taca; state Exp; branches; next 1.34; 1.34 date 2012.02.02.16.19.44; author taca; state Exp; branches; next 1.33; 1.33 date 2012.02.02.16.00.40; author taca; state Exp; branches; next 1.32; 1.32 date 2012.02.02.15.44.09; author taca; state Exp; branches; next 1.31; 1.31 date 2012.01.20.03.22.08; author taca; state Exp; branches; next 1.30; 1.30 date 2012.01.12.12.58.47; author taca; state Exp; branches; next 1.29; 1.29 date 2012.01.11.14.53.35; author taca; state Exp; branches; next 1.28; 1.28 date 2012.01.04.02.31.47; author taca; state Exp; branches 1.28.2.1; next 1.27; 1.27 date 2012.01.03.16.23.14; author taca; state Exp; branches; next 1.26; 1.26 date 2011.10.20.14.30.55; author taca; state Exp; branches; next 1.25; 1.25 date 2011.10.20.13.32.20; author taca; state Exp; branches; next 1.24; 1.24 date 2011.10.20.12.38.24; author taca; state Exp; branches; next 1.23; 1.23 date 2011.10.06.05.34.00; author jklos; state Exp; branches; next 1.22; 1.22 date 2011.09.12.16.24.32; author taca; state Exp; branches 1.22.2.1; next 1.21; 1.21 date 2011.08.23.22.22.27; author taca; state Exp; branches; next 1.20; 1.20 date 2011.08.22.09.40.00; author taca; state Exp; branches; next 1.19; 1.19 date 2011.08.20.14.41.04; author taca; state Exp; branches; next 1.18; 1.18 date 2011.08.20.13.55.09; author taca; state Exp; branches; next 1.17; 1.17 date 2011.06.22.09.54.35; author taca; state Exp; branches; next 1.16; 1.16 date 2011.06.20.13.38.19; author taca; state Exp; branches; next 1.15; 1.15 date 2011.06.15.14.42.03; author taca; state Exp; branches; next 1.14; 1.14 date 2011.05.16.13.08.45; author taca; state Exp; branches; next 1.13; 1.13 date 2011.03.19.07.01.18; author taca; state Exp; branches 1.13.2.1; next 1.12; 1.12 date 2011.02.21.16.38.40; author taca; state Exp; branches; next 1.11; 1.11 date 2011.01.30.17.58.06; author rumko; state Exp; branches; next 1.10; 1.10 date 2011.01.13.13.52.53; author wiz; state Exp; branches; next 1.9; 1.9 date 2011.01.07.09.20.16; author taca; state Exp; branches 1.9.2.1; next 1.8; 1.8 date 2010.12.13.13.16.37; author taca; state Exp; branches; next 1.7; 1.7 date 2010.11.25.03.43.50; author taca; state Exp; branches; next 1.6; 1.6 date 2010.07.24.22.23.37; author tron; state Exp; branches 1.6.2.1; next 1.5; 1.5 date 2010.06.13.22.44.51; author wiz; state Exp; branches 1.5.2.1; next 1.4; 1.4 date 2010.05.28.15.31.04; author joerg; state Exp; branches; next 1.3; 1.3 date 2010.04.16.15.19.23; author taca; state Exp; branches; next 1.2; 1.2 date 2010.03.27.06.23.13; author taca; state Exp; branches 1.2.2.1; next 1.1; 1.1 date 2010.03.16.15.31.58; author taca; state Exp; branches 1.1.1.1; next ; 1.76.2.1 date 2014.10.25.15.55.51; author tron; state Exp; branches; next ; commitid U5wbyCR7Q888aBVx; 1.74.2.1 date 2014.08.18.12.48.05; author tron; state Exp; branches; next ; commitid 7SnIE4gmhbdejQMx; 1.72.2.1 date 2014.06.01.13.20.22; author spz; state Exp; branches; next ; commitid xaPSMrxvEC4KZOCx; 1.68.2.1 date 2013.12.16.17.05.48; author tron; state Exp; branches; next ; commitid 4qtPL6YLsRCTBnhx; 1.65.2.1 date 2013.07.15.22.32.24; author tron; state Exp; branches; next 1.65.2.2; commitid Sj7vdPy68bMQmCXw; 1.65.2.2 date 2013.08.25.16.52.09; author tron; state Exp; branches; next ; commitid J0EbEPfS1kpqaR2x; 1.60.2.1 date 2013.04.15.22.18.29; author tron; state Exp; branches; next 1.60.2.2; 1.60.2.2 date 2013.06.10.10.39.28; author tron; state Exp; branches; next 1.60.2.3; commitid WQgYd6cjlcF1y3Tw; 1.60.2.3 date 2013.06.10.13.12.29; author tron; state Exp; branches; next ; commitid AaXagIZlvJnwo4Tw; 1.45.2.1 date 2012.07.23.18.24.34; author tron; state Exp; branches; next ; 1.36.2.1 date 2012.05.04.08.39.30; author spz; state Exp; branches; next 1.36.2.2; 1.36.2.2 date 2012.05.07.09.40.48; author sbd; state Exp; branches; next ; 1.28.2.1 date 2012.01.12.11.29.04; author tron; state Exp; branches; next 1.28.2.2; 1.28.2.2 date 2012.01.12.19.53.15; author tron; state Exp; branches; next 1.28.2.3; 1.28.2.3 date 2012.01.21.09.02.55; author sbd; state Exp; branches; next 1.28.2.4; 1.28.2.4 date 2012.02.04.08.32.54; author sbd; state Exp; branches; next ; 1.22.2.1 date 2011.10.22.07.01.25; author sbd; state Exp; branches; next ; 1.13.2.1 date 2011.05.17.08.17.07; author sbd; state Exp; branches; next ; 1.9.2.1 date 2011.02.11.06.18.05; author sbd; state Exp; branches; next 1.9.2.2; 1.9.2.2 date 2011.02.23.19.12.54; author tron; state Exp; branches; next 1.9.2.3; 1.9.2.3 date 2011.03.22.06.55.44; author sbd; state Exp; branches; next ; 1.6.2.1 date 2010.12.23.10.10.54; author sbd; state Exp; branches; next 1.6.2.2; 1.6.2.2 date 2011.01.08.15.29.47; author tron; state Exp; branches; next ; 1.5.2.1 date 2010.07.25.11.56.17; author spz; state Exp; branches; next ; 1.2.2.1 date 2010.04.25.18.04.31; author tron; state Exp; branches; next ; 1.1.1.1 date 2010.03.16.15.31.58; author taca; state Exp; branches; next ; desc @@ 1.80 log @Remove php53 now. It is not supported any more including security fix. @ text @$NetBSD: distinfo,v 1.79 2015/03/05 11:16:28 he Exp $ SHA1 (php-5.3.29.tar.bz2) = 6e9e492c6d5853d063ddb9a4dbef60b8e5d87444 RMD160 (php-5.3.29.tar.bz2) = e57beb4fdda41bca81b5856161bc97f3c5e3e9da Size (php-5.3.29.tar.bz2) = 11396771 bytes SHA1 (suhosin-patch-5.3.29-0.9.10.patch.bz2) = b81a9b24f758cef4319759e09d011c7a350232a7 RMD160 (suhosin-patch-5.3.29-0.9.10.patch.bz2) = 7685501fd40426068c58dfbe844d12f1af299d80 Size (suhosin-patch-5.3.29-0.9.10.patch.bz2) = 32437 bytes SHA1 (patch-Zend_zend__ini.h) = dc019ec8f30c8525f6ba24f771f38e4fea23dd30 SHA1 (patch-aa) = fd930d0d9b1c60e8c7c514cfb6864b61ce4d158d SHA1 (patch-ab) = 36789fea71e316d5c4358e597df1928d94f8ea6a SHA1 (patch-ac) = b194eaed2d81877166b13db58b37c5ddff0210a6 SHA1 (patch-aclocal.m4) = 473b76c8575331604d30e24a08c527e15b166778 SHA1 (patch-ad) = 6b42868f41335ddfa5a8c1e982819166b05e4ad2 SHA1 (patch-ae) = 3a354cb5c1253eb375041d8ee8549c2f663e6c74 SHA1 (patch-af) = 4f5aac4c52ce576f4489cb1f06fdb672745a8fdb SHA1 (patch-ag) = 84af84bc1144ac8a1fce931edcedd4a3ad0f2fda SHA1 (patch-ah) = 697156508da2d837a1ea1a41f036eab4fb87e94b SHA1 (patch-ai) = 9659f73eef1b4fcca9b844bdaa785ac6d5e582a1 SHA1 (patch-aj) = 181658ae523bd60f67750566711fc078b49191b7 SHA1 (patch-al) = fe534d7d50a529e3c7d0ffed76afdb70bb55a521 SHA1 (patch-build_libtool.m4) = 6835b90ebd34739440c8eb94ed19ebacdf2ba6a5 SHA1 (patch-ext_exif_exif.c) = c78249a8ffae00bbdece2af9058e4ecf11cb0fa6 SHA1 (patch-ext_gd_libgd_gdxpm.c) = 9a175417fad9ac23037a24122f8d1258b9eebbcb SHA1 (patch-ext_standard_basic__functions.c) = 017fd25e646af4d7eb2a0bd13b3c8da34eaee8c5 SHA1 (patch-ext_standard_var__unserializer.c) = eb590c1d5349320e45bbdaf97c875b11eb275cfb SHA1 (patch-ext_standard_var__unserializer.re) = 23478a8a26c2c106efc4f0727743e2fffdebaf54 SHA1 (patch-ext_xmlrpc_libxmlrpc_xmlrpc.c) = 9fd4004b4d94fcbf8d4104027018b46794bee127 SHA1 (patch-main_php.h) = 3f206a423a906932cb7f4662188580a9ce9fd79d SHA1 (patch-main_streams_cast.c) = d68b69c9418a8780b1610b8755487771f7c46a5a SHA1 (patch-php__mssql.c) = 524c4e5d7ede0e503049bf1febec58e0c4a29aa4 SHA1 (patch-sapi_fpm_fpm_events_port.c) = ad45bcebadf923ee8cb3f2ad4d78d21dd178a8e3 SHA1 (patch-sapi_fpm_fpm_fpm__sockets.c) = 0cd3dce6dc6c46b67052d96b76e8b54b5e2fde0d SHA1 (patch-sapi_fpm_php-fpm.conf.in) = 86137a37e74badf99c46d1ba7ca5d85f42bedfce @ 1.79 log @Well, the fpm_sockets.c patch doesn't belong in php-fpm, but rather in the PHP package proper, and there's three of them. Copy and adapt as necessary. No revision bump here: only build fix for NetBSD with TCP_INFO. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.78 2014/11/21 14:13:51 joerg Exp $ @ 1.78 log @Fix build on !Linux ARM platforms. Ignore the existance of CRAY for now, if someone really have one which is broken in this regard, it should use normal offsetof... @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.77 2014/10/23 16:18:47 taca Exp $ d33 1 @ 1.77 log @Add patch for CVE-2014-3668, CVE-2014-3669 and CVE-2014-3670. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.76 2014/08/15 16:09:16 taca Exp $ d9 1 d29 1 @ 1.76 log @Update php53 to 5.3.29, final PHP 5.3 release. 14 Aug 2014, PHP 5.3.29 - Core: . Fixed bug #66127 (Segmentation fault with ArrayObject unset). (Stas) . Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas) . Fixed bug #67249 (printf out-of-bounds read). (Stas) . Fixed bug #67250 (iptcparse out-of-bounds read). (Stas) . Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas) . Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence) . Fixed bug #67390 (insecure temporary file use in the configure script). (Remi) (CVE-2014-3981) . Fixed bug #67399 (putenv with empty variable may lead to crash). (Stas) . Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion) (CVE-2014-3515). (Stefan Esser) . Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability). (Stefan Esser) - COM: . Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas). - Date: . Fixed bug #66060 (Heap buffer over-read in DateInterval). (CVE-2013-6712) (Remi) . Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas) . Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). (Stas) - Exif: . Fixed bug #65873 (Integer overflow in exif_read_data()). (Stas) - Fileinfo: . Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol) . Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary check). (CVE-2014-0207) . Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS). (CVE-2014-0238) . Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in performance degradation). (CVE-2014-0237) . Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal string size). (Francisco Alonso, Jan Kaluza, Remi) . Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary check). (Francisco Alonso, Jan Kaluza, Remi) . Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check). (Francisco Alonso, Jan Kaluza, Remi) . Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary check). (Francisco Alonso, Jan Kaluza, Remi) - Intl: . Fixed bug #67349 (Locale::parseLocale Double Free). (Stas) . Fixed bug #67397 (Buffer overflow in locale_get_display_name and uloc_getDisplayName (libicu 4.8.1)). (Stas) - Network: . Fixed bug #67432 (Fix potential segfault in dns_check_record()). (CVE-2014-4049). (Sara) - OpenSSL: . Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas). - Session: . Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.75 2014/07/28 16:12:57 prlw1 Exp $ d22 1 d25 3 @ 1.76.2.1 log @Pullup ticket #4526 - requested by taca graphics/php-exif: security patch lang/php53: security patch net/php-xmlrpc: security patch Revisions pulled up: - graphics/php-exif/Makefile 1.13 - lang/php53/Makefile 1.50 - lang/php53/distinfo 1.77 - lang/php53/patches/patch-ext_exif_exif.c 1.3 - lang/php53/patches/patch-ext_standard_var__unserializer.c 1.1 - lang/php53/patches/patch-ext_standard_var__unserializer.re 1.1 - lang/php53/patches/patch-ext_xmlrpc_libxmlrpc_xmlrpc.c 1.1 - net/php-xmlrpc/Makefile 1.17 --- Module Name: pkgsrc Committed By: taca Date: Thu Oct 23 16:18:48 UTC 2014 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-ext_exif_exif.c patch-ext_standard_var__unserializer.c patch-ext_standard_var__unserializer.re patch-ext_xmlrpc_libxmlrpc_xmlrpc.c Log Message: Add patch for CVE-2014-3668, CVE-2014-3669 and CVE-2014-3670. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Thu Oct 23 16:20:04 UTC 2014 Modified Files: pkgsrc/graphics/php-exif: Makefile Log Message: Bump PKGREVISION for php53-exif update. It also bump php54-exif and php55-exit as a side effect. --- Module Name: pkgsrc Committed By: taca Date: Thu Oct 23 16:20:38 UTC 2014 Modified Files: pkgsrc/net/php-xmlrpc: Makefile Log Message: Bump PKGREVISION for php53-xmlrpc update. It also bump php54-xmlrpc and php55-xmlrpc as a side effect. @ text @d1 1 a1 1 $NetBSD$ a21 1 SHA1 (patch-ext_exif_exif.c) = c78249a8ffae00bbdece2af9058e4ecf11cb0fa6 a23 3 SHA1 (patch-ext_standard_var__unserializer.c) = eb590c1d5349320e45bbdaf97c875b11eb275cfb SHA1 (patch-ext_standard_var__unserializer.re) = 23478a8a26c2c106efc4f0727743e2fffdebaf54 SHA1 (patch-ext_xmlrpc_libxmlrpc_xmlrpc.c) = 9fd4004b4d94fcbf8d4104027018b46794bee127 @ 1.75 log @Fix build of www/ap-php with PHP 5.3. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.74 2014/06/13 14:09:34 fhajny Exp $ d3 6 a8 7 SHA1 (php-5.3.28.tar.bz2) = f985ca1f6a5f49ebfb25a08f1837a44c563b31f8 RMD160 (php-5.3.28.tar.bz2) = e4910c0c365f39a5009807801bd5ee6e25be020d Size (php-5.3.28.tar.bz2) = 11051714 bytes SHA1 (suhosin-patch-5.3.25-0.9.10.patch.bz2) = ce5883b05daf91e8a44fffbfa4d3989ac3311dd1 RMD160 (suhosin-patch-5.3.25-0.9.10.patch.bz2) = 6c4d0cfe070802481121be465b66d3cefe44da83 Size (suhosin-patch-5.3.25-0.9.10.patch.bz2) = 32447 bytes SHA1 (patch-Zend_zend_language_parser.h) = b2bcf33a44d39baa2caf00b7907b5b69a3af4ad6 a21 2 SHA1 (patch-ext_date_lib_parse__iso__intervals.c) = 1243e4cda1d6446ee4f8b6cab61556fa07837139 SHA1 (patch-ext_date_lib_parse__iso__intervals.re) = 75d4abd666c17d7d5f8a4ee9e489bf2565f83524 @ 1.74 log @Fix problems on SunOS with the combination of FPM, event ports and catch_workers_output=yes. See https://bugs.php.net/bug.php?id=65800. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.73 2014/05/11 11:20:47 he Exp $ d9 1 @ 1.74.2.1 log @Pullup ticket #4475 - requested by prlw1 lang/php53: security update Revisions pulled up: - lang/php/phpversion.mk 1.69 via patch - lang/php53/Makefile 1.49 - lang/php53/Makefile.php 1.41 - lang/php53/distinfo 1.75-1.76 - lang/php53/patches/patch-Zend_zend_language_parser.h deleted - lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.c deleted - lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.re deleted --- Module Name: pkgsrc Committed By: prlw1 Date: Mon Jul 28 16:12:57 UTC 2014 Modified Files: pkgsrc/lang/php53: distinfo Added Files: pkgsrc/lang/php53/patches: patch-Zend_zend_language_parser.h Log Message: Fix build of www/ap-php with PHP 5.3. --- Module Name: pkgsrc Committed By: taca Date: Fri Aug 15 16:09:16 UTC 2014 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php53: Makefile Makefile.php distinfo Removed Files: pkgsrc/lang/php53/patches: patch-Zend_zend_language_parser.h patch-ext_date_lib_parse__iso__intervals.c patch-ext_date_lib_parse__iso__intervals.re Log Message: Update php53 to 5.3.29, final PHP 5.3 release. 14 Aug 2014, PHP 5.3.29 - Core: . Fixed bug #66127 (Segmentation fault with ArrayObject unset). (Stas) . Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas) . Fixed bug #67249 (printf out-of-bounds read). (Stas) . Fixed bug #67250 (iptcparse out-of-bounds read). (Stas) . Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas) . Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence) . Fixed bug #67390 (insecure temporary file use in the configure script). (Remi) (CVE-2014-3981) . Fixed bug #67399 (putenv with empty variable may lead to crash). (Stas) . Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion) (CVE-2014-3515). (Stefan Esser) . Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability). (Stefan Esser) - COM: . Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas). - Date: . Fixed bug #66060 (Heap buffer over-read in DateInterval). (CVE-2013-6712) (Remi) . Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas) . Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). (Stas) - Exif: . Fixed bug #65873 (Integer overflow in exif_read_data()). (Stas) - Fileinfo: . Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol) . Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary check). (CVE-2014-0207) . Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS). (CVE-2014-0238) . Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in performance degradation). (CVE-2014-0237) . Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal string size). (Francisco Alonso, Jan Kaluza, Remi) . Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary check). (Francisco Alonso, Jan Kaluza, Remi) . Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check). (Francisco Alonso, Jan Kaluza, Remi) . Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary check). (Francisco Alonso, Jan Kaluza, Remi) - Intl: . Fixed bug #67349 (Locale::parseLocale Double Free). (Stas) . Fixed bug #67397 (Buffer overflow in locale_get_display_name and uloc_getDisplayName (libicu 4.8.1)). (Stas) - Network: . Fixed bug #67432 (Fix potential segfault in dns_check_record()). (CVE-2014-4049). (Sara) - OpenSSL: . Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas). - Session: . Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas). @ text @d1 1 a1 1 $NetBSD$ d3 6 a8 6 SHA1 (php-5.3.29.tar.bz2) = 6e9e492c6d5853d063ddb9a4dbef60b8e5d87444 RMD160 (php-5.3.29.tar.bz2) = e57beb4fdda41bca81b5856161bc97f3c5e3e9da Size (php-5.3.29.tar.bz2) = 11396771 bytes SHA1 (suhosin-patch-5.3.29-0.9.10.patch.bz2) = b81a9b24f758cef4319759e09d011c7a350232a7 RMD160 (suhosin-patch-5.3.29-0.9.10.patch.bz2) = 7685501fd40426068c58dfbe844d12f1af299d80 Size (suhosin-patch-5.3.29-0.9.10.patch.bz2) = 32437 bytes d22 2 @ 1.73 log @Apply a patch to fix CVE-2014-2497, taken from https://bugs.php.net/patch-display.php?bug_id=66901 Bump PKGREVISION for php-gd correspondingly. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.72 2014/03/23 09:55:59 spz Exp $ d28 1 @ 1.72 log @build fix for graphics/php53-gd following the freetype2 update @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.71 2014/03/12 19:52:04 asau Exp $ d24 1 @ 1.72.2.1 log @Pullup ticket #4422 - requested by taca graphics/php-gd: version bump lang/php: version bump lang/php53: security update lang/php54: security update lang/php55: security update Revisions pulled up: - graphics/php-gd/Makefile 1.36 - lang/php/phpversion.mk 1.59-1.62 - lang/php53/distinfo 1.73 - lang/php53/patches/patch-ext_gd_libgd_gdxpm.c 1.1 - lang/php54/Makefile 1.21 - lang/php54/Makefile.php 1.7 - lang/php54/distinfo 1.37-1.39 - lang/php54/patches/patch-configure 1.7 - lang/php54/patches/patch-ext_fileinfo_data__file.c deleted - lang/php54/patches/patch-ext_gd_libgd_gdxpm.c 1.1 - lang/php54/patches/patch-php.ini-development 1.3 - lang/php54/patches/patch-php.ini-production 1.3 - lang/php55/Makefile 1.12 - lang/php55/distinfo 1.18-1.21 - lang/php55/patches/patch-configure 1.6 - lang/php55/patches/patch-ext_fileinfo_data__file.c deleted - lang/php55/patches/patch-ext_gd_libgd_gdxpm.c 1.1 - lang/php55/patches/patch-ext_sqlite3_libsqlite_sqlite3.c 1.2 - lang/php55/patches/patch-php.ini-development 1.4 - lang/php55/patches/patch-php.ini-production 1.4 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Fri Apr 4 03:05:00 UTC 2014 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php55: Makefile distinfo pkgsrc/lang/php55/patches: patch-php.ini-development patch-php.ini-production Removed Files: pkgsrc/lang/php55/patches: patch-ext_fileinfo_data__file.c Log Message: Update php55 to 5.5.11. CVE-2013-7345 is already fixed in 5.5.10nb2. 03 Apr 2014, PHP 5.5.11 - Core: . Allow zero length comparison in substr_compare() (Tjerk) . Fixed bug #60602 (proc_open() changes environment array) (Tjerk) - SPL: . Added feature #65545 (SplFileObject::fread()) (Tjerk) - cURL: . Fixed bug #66109 (Can't reset CURLOPT_CUSTOMREQUEST to default behaviour) (Tjerk) . Fix compilation on libcurl versions between 7.10.5 and 7.12.2, inclusive. (Adam) - FPM: . Added clear_env configuration directive to disable clearenv() call. (Github PR# 598, Paul Annesley) - Fileinfo: . Fixed bug #66946 (fileinfo: extensive backtracking in awk rule regular expression). (CVE-2013-7345) (Remi) - GD: . Fixed bug #66714 (imageconvolution breakage). (Brad Daily) . Fixed bug #66869 (Invalid 2nd argument crashes imageaffinematrixget) (Pierre) . Fixed bug #66887 (imagescale - poor quality of scaled image). (Remi) . Fixed bug #66890 (imagescale segfault). (Remi) . Fixed bug #66893 (imagescale ignore method argument). (Remi) - Hash: . hash_pbkdf2() now works correctly if the $length argument is not specified. (Nikita) - Intl: . Fixed bug #66873 (A reproductible crash in UConverter when given invalid encoding) (Stas) - Mail: . Fixed bug #66535 (Don't add newline after X-PHP-Originating-Script) (Tjerk) - MySQLi: . Fixed bug #66762 (Segfault in mysqli_stmt::bind_result() when link closed) (Remi) - OPCache . Added function opcache_is_script_cached(). (Danack) . Added information about interned strings usage. (Terry, Julien, Dmitry) - Openssl: . Fixed bug #66833 (Default disgest algo is still MD5, switch to SHA1). (Remi) - GMP . Fixed bug #66872 (invalid argument crashes gmp_testbit) (Pierre) - SQLite: . Updated bundled libsqlite to 3.8.3.1 (Anatol) To generate a diff of this commit: cvs rdiff -u -r1.58 -r1.59 pkgsrc/lang/php/phpversion.mk cvs rdiff -u -r1.11 -r1.12 pkgsrc/lang/php55/Makefile cvs rdiff -u -r1.17 -r1.18 pkgsrc/lang/php55/distinfo cvs rdiff -u -r1.1 -r0 \ pkgsrc/lang/php55/patches/patch-ext_fileinfo_data__file.c cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php55/patches/patch-php.ini-development \ pkgsrc/lang/php55/patches/patch-php.ini-production ------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Sat Apr 5 03:43:40 UTC 2014 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php54: Makefile Makefile.php distinfo pkgsrc/lang/php54/patches: patch-php.ini-development patch-php.ini-production Removed Files: pkgsrc/lang/php54/patches: patch-ext_fileinfo_data__file.c Log Message: Update php54 to 5.4.27. CVE-2013-7345 is already fixed in 5.4.26nb2. 03 Apr 2014, PHP 5.4.27 - Core: . Fixed bug #60602 (proc_open() changes environment array) (Tjerk) - Fileinfo: . Fixed bug #66946 (fileinfo: extensive backtracking in awk rule regular expression). (CVE-2013-7345) (Remi) - FPM: . Added clear_env configuration directive to disable clearenv() call. (Github PR# 598, Paul Annesley) - GMP . fixed bug#66872 (invalid argument crashes gmp_testbit) (Pierre) - Mail: . Fixed bug #66535 (Don't add newline after X-PHP-Originating-Script) (Tjerk) - MySQLi: . Fixed bug #66762 (Segfault in mysqli_stmt::bind_result() when link closed) (Remi) - Openssl: . Fixed bug #66833 (Default disgest algo is still MD5, switch to SHA1). (Remi) To generate a diff of this commit: cvs rdiff -u -r1.59 -r1.60 pkgsrc/lang/php/phpversion.mk cvs rdiff -u -r1.20 -r1.21 pkgsrc/lang/php54/Makefile cvs rdiff -u -r1.6 -r1.7 pkgsrc/lang/php54/Makefile.php cvs rdiff -u -r1.36 -r1.37 pkgsrc/lang/php54/distinfo cvs rdiff -u -r1.1 -r0 \ pkgsrc/lang/php54/patches/patch-ext_fileinfo_data__file.c cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php54/patches/patch-php.ini-development \ pkgsrc/lang/php54/patches/patch-php.ini-production ------------------------------------------------------------------- Module Name: pkgsrc Committed By: jperkin Date: Mon Apr 14 10:17:19 UTC 2014 Modified Files: pkgsrc/lang/php55: distinfo Added Files: pkgsrc/lang/php55/patches: patch-ext_sqlite3_libsqlite_sqlite3.c Log Message: Don't define _XOPEN_SOURCE on SunOS, it conflicts with the environment from the PHP build. To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 pkgsrc/lang/php55/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/lang/php55/patches/patch-ext_sqlite3_libsqlite_sqlite3.c ------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu May 1 15:52:33 UTC 2014 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php55: distinfo pkgsrc/lang/php55/patches: patch-configure patch-ext_sqlite3_libsqlite_sqlite3.c Log Message: Update php55 to 5.5.12. 01 May 2014, PHP 5.5.12 - Core: . Fixed bug #61019 (Out of memory on command stream_get_contents). (Mike) . Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace UNIX sockets). (Mike) . Fixed bug #66182 (exit in stream filter produces segfault). (Mike) . Fixed bug #66736 (fpassthru broken). (Mike) . Fixed bug #67024 (getimagesize should recognize BMP files with negative height). (Gabor Buella) . Fixed bug #67043 (substr_compare broke by previous change) (Tjerk) - cURL: . Fixed bug #66562 (curl_exec returns differently than curl_multi_getcontent). (Freek Lijten) - Date: . Fixed bug #66721 (__wakeup of DateTime segfaults when invalid object data is supplied). (Boro Sitnikovski) - Embed: . Fixed bug #65715 (php5embed.lib isn't provided anymore). (Anatol). - Fileinfo: . Fixed bug #66987 (Memory corruption in fileinfo ext / bigendian). (Remi) - FPM: . Fixed bug #66482 (unknown entry 'priority' in php-fpm.conf). . Fixed bug #67060 (possible privilege escalation due to insecure default configuration). (CVE-2014-0185) (christian at hoffie dot info) - JSON: . Fixed bug #66021 (Blank line inside empty array/object when JSON_PRETTY_PRINT is set). (Kevin Israel) - LDAP: . Fixed issue with null bytes in LDAP bindings. (Matthew Daley) - mysqli: . Fixed problem in mysqli_commit()/mysqli_rollback() with second parameter (extra comma) and third parameters (lack of escaping). (Andrey) - OpenSSL: . Fix bug #66942 (memory leak in openssl_seal()). (Chuan Ma) . Fix bug #66952 (memory leak in openssl_open()). (Chuan Ma) - SimpleXML: . Fixed bug #66084 (simplexml_load_string() mangles empty node name) (Anatol) - SQLite: . Fixed bug #66967 (Updated bundled libsqlite to 3.8.4.3). (Anatol) - XSL: . Fixed bug #53965 ( cannot find files with relative paths when loaded with "file://"). (Anatol) - Apache2 Handler SAPI: . Fixed Apache log issue caused by APR's lack of support for %zu (APR issue https://issues.apache.org/bugzilla/show_bug.cgi?id=56120). (Jeff Trawick) To generate a diff of this commit: cvs rdiff -u -r1.60 -r1.61 pkgsrc/lang/php/phpversion.mk cvs rdiff -u -r1.19 -r1.20 pkgsrc/lang/php55/distinfo cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/php55/patches/patch-configure cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/php55/patches/patch-ext_sqlite3_libsqlite_sqlite3.c ------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Fri May 2 13:04:12 UTC 2014 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php54: distinfo pkgsrc/lang/php54/patches: patch-configure Log Message: Update php54 to 5.4.28. 01 May 2014, PHP 5.4.28 - Core: . Fixed bug #61019 (Out of memory on command stream_get_contents). (Mike) . Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace UNIX sockets). (Mike) . Fixed bug #66171 (Symlinks and session handler allow open_basedir bypass). (Jann Horn, Stas) . Fixed bug #66182 (exit in stream filter produces segfault). (Mike) . Fixed bug #66736 (fpassthru broken). (Mike) . Fixed bug #67024 (getimagesize should recognize BMP files with negative height). (Gabor Buella) - cURL: . Fixed bug #66562 (curl_exec returns differently than curl_multi_getcontent). (Freek Lijten) - Date: . Fixed bug #66721 (__wakeup of DateTime segfaults when invalid object data is supplied). (Boro Sitnikovski) - Embed: . Fixed bug #65715 (php5embed.lib isn't provided anymore). (Anatol) - Fileinfo: . Fixed bug #66987 (Memory corruption in fileinfo ext / bigendian). (Remi) - FPM: . Fixed bug #66482 (unknown entry 'priority' in php-fpm.conf). . Fixed bug #67060 (sapi/fpm: possible privilege escalation due to insecure default configuration) (CVE-2014-0185). (Stas) - JSON: . Fixed bug #66021 (Blank line inside empty array/object when JSON_PRETTY_PRINT is set). (Kevin Israel) - LDAP: . Fixed issue with null bytes in LDAP bindings. (Matthew Daley) - OpenSSL: . Fix bug #66942 (memory leak in openssl_seal()). (Chuan Ma) . Fix bug #66952 (memory leak in openssl_open()). (Chuan Ma) - SimpleXML: . Fixed bug #66084 (simplexml_load_string() mangles empty node name) (Anatol) - XSL: . Fixed bug #53965 ( cannot find files with relative paths when loaded with "file://"). (Anatol) - Apache2 Handler SAPI: . Fixed Apache log issue caused by APR's lack of support for %zu (APR issue https://issues.apache.org/bugzilla/show_bug.cgi?id=56120). (Jeff Trawick) To generate a diff of this commit: cvs rdiff -u -r1.61 -r1.62 pkgsrc/lang/php/phpversion.mk cvs rdiff -u -r1.37 -r1.38 pkgsrc/lang/php54/distinfo cvs rdiff -u -r1.6 -r1.7 pkgsrc/lang/php54/patches/patch-configure ------------------------------------------------------------------- Module Name: pkgsrc Committed By: he Date: Sun May 11 11:20:48 UTC 2014 Modified Files: pkgsrc/graphics/php-gd: Makefile pkgsrc/lang/php53: distinfo pkgsrc/lang/php54: distinfo pkgsrc/lang/php55: distinfo Added Files: pkgsrc/lang/php53/patches: patch-ext_gd_libgd_gdxpm.c pkgsrc/lang/php54/patches: patch-ext_gd_libgd_gdxpm.c pkgsrc/lang/php55/patches: patch-ext_gd_libgd_gdxpm.c Log Message: Apply a patch to fix CVE-2014-2497, taken from https://bugs.php.net/patch-display.php?bug_id=66901 Bump PKGREVISION for php-gd correspondingly. To generate a diff of this commit: cvs rdiff -u -r1.35 -r1.36 pkgsrc/graphics/php-gd/Makefile cvs rdiff -u -r1.72 -r1.73 pkgsrc/lang/php53/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/lang/php53/patches/patch-ext_gd_libgd_gdxpm.c cvs rdiff -u -r1.38 -r1.39 pkgsrc/lang/php54/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/lang/php54/patches/patch-ext_gd_libgd_gdxpm.c cvs rdiff -u -r1.20 -r1.21 pkgsrc/lang/php55/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/lang/php55/patches/patch-ext_gd_libgd_gdxpm.c @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.72 2014/03/23 09:55:59 spz Exp $ a23 1 SHA1 (patch-ext_gd_libgd_gdxpm.c) = 9a175417fad9ac23037a24122f8d1258b9eebbcb @ 1.71 log @Stop treating FreeBSD 10 as FreeBSD 1. This lets multiple PHP modules to build on FreeBSD. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.70 2013/12/13 15:30:35 taca Exp $ d11 1 a11 1 SHA1 (patch-ac) = e8a7218d74f2f4093acca2160693c9a245e4cfc7 @ 1.70 log @Update php53 to 5.3.28 (PHP 5.3.28). 12 Dec 2013, PHP 5.3.28 - Openssl: . Fixed handling null bytes in subjectAltName (CVE-2013-4073). (Christian Heimes) . Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.69 2013/12/05 16:16:40 taca Exp $ d10 1 a10 1 SHA1 (patch-ab) = 5e8f0b91426656cb7f9272d17586ce40ab0fb547 d12 1 d21 1 @ 1.69 log @Add fix for CVE-2013-6712, ext/date DoS vulnerability. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.68 2013/08/16 00:38:13 taca Exp $ d3 3 a5 3 SHA1 (php-5.3.27.tar.bz2) = 4f95682940ebe1bc1a93812d593460625a2aae64 RMD160 (php-5.3.27.tar.bz2) = c2887004859f32b25229ffe52d86270c8de194b7 Size (php-5.3.27.tar.bz2) = 11432791 bytes a21 1 SHA1 (patch-ext_openssl_openssl.c) = f45f4322ac875db7b0bb86efb7cfda1f659ac6cc @ 1.68 log @Since openssl's security problem has assigned CVE-2013-4248, update comment in the patch file. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.67 2013/08/14 15:42:56 taca Exp $ d20 2 @ 1.68.2.1 log @Pullup ticket #4269 - requested by taca lang/php53: security update lang/php54: security update lang/php55: security update Revisions pulled up: - lang/php/phpversion.mk 1.46-1.52 - lang/php53/Makefile 1.44-1.45 - lang/php53/Makefile.php 1.38 - lang/php53/distinfo 1.69-1.70 - lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.c 1.1 - lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.re 1.1 - lang/php53/patches/patch-ext_openssl_openssl.c deleted - lang/php54/Makefile 1.15-1.16 - lang/php54/distinfo 1.28-1.31 - lang/php54/patches/patch-ext_date_lib_parse__iso__intervals.c 1.1 - lang/php54/patches/patch-ext_date_lib_parse__iso__intervals.re 1.1 - lang/php55/Makefile 1.6-1.7 - lang/php55/PLIST 1.2 - lang/php55/distinfo 1.7-1.12 - lang/php55/patches/patch-configure 1.3 - lang/php55/patches/patch-ext_date_lib_parse__iso__intervals.c 1.1 - lang/php55/patches/patch-ext_date_lib_parse__iso__intervals.re 1.1 - lang/php55/patches/patch-ext_opcache_config.m4 1.1 - lang/php55/patches/patch-ext_sockets_sockaddr__conv.c 1.1 - lang/php55/patches/patch-sockaddr__conv.c deleted - net/php-sockets/Makefile 1.12 --- Module Name: pkgsrc Committed By: joerg Date: Tue Oct 15 14:43:51 UTC 2013 Modified Files: pkgsrc/lang/php55: distinfo Added Files: pkgsrc/lang/php55/patches: patch-sockaddr__conv.c Log Message: Add patch that would fix the build of net/php-sockets for PHP 5.5, if I knew how to get it applied. --- Module Name: pkgsrc Committed By: taca Date: Tue Oct 15 15:46:37 UTC 2013 Modified Files: pkgsrc/lang/php55: distinfo pkgsrc/net/php-sockets: Makefile Added Files: pkgsrc/lang/php55/patches: patch-ext_sockets_sockaddr__conv.c Removed Files: pkgsrc/lang/php55/patches: patch-sockaddr__conv.c Log Message: Fix php-socket with php55. - Use USE_PHP_EXT_PATCHES in net/php-sockets. - Make AI_V4MAPPED noop if platform dosen't have it. It is poor assumption that AI_V4MAPPED is always defined and V4 mapped address is always available. --- Module Name: pkgsrc Committed By: taca Date: Fri Oct 18 12:25:12 UTC 2013 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php54: distinfo Log Message: Update php54 to 5.4.21 (PHP 5.4.21). 17 Oct 2013, PHP 5.4.21 - Core: . Fixed bug #65322 (compile time errors won't trigger auto loading). (Nikita) - CLI server: . Fixed bug #65633 (built-in server treat some http headers as case-sensitive). (Adam) - Datetime: . Fixed bug #64157 (DateTime::createFromFormat() reports confusing error message). (Boro Sitnikovski) - DBA extension: . Fixed bug #65708 (dba functions cast $key param to string in-place, bypassing copy on write). (Adam) - Filter: . Add RFC 6598 IPs to reserved addresses. (Sebastian Nohn) . Fixed bug #64441 (FILTER_VALIDATE_URL rejects fully qualified domain names). (Syra) - IMAP: . Fixed bug #65721 (configure script broken in 5.5.4 and 5.4.20 when enabling imap). (ryotakatsuki at gmail dot com) - Standard: . Fixed bug #61548 (content-type must appear at the end of headers for 201 Location to work in http). (Mike) - Build system: . Fixed bug #62396 ('make test' crashes starting with 5.3.14 (missing gzencode())). (Mike) --- Module Name: pkgsrc Committed By: taca Date: Fri Oct 18 15:49:08 UTC 2013 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php55: distinfo pkgsrc/lang/php55/patches: patch-configure Added Files: pkgsrc/lang/php55/patches: patch-ext_opcache_config.m4 Log Message: Update php55 to 5.5.5. 17 Oct 2013, PHP 5.5.5 - Core: . Fixed bug #64979 (Wrong behavior of static variables in closure generators). (Nikita) . Fixed bug #65322 (compile time errors won't trigger auto loading). (Nikita) . Fixed bug #65821 (By-ref foreach on property access of string offset segfaults). (Nikita) - CLI server: . Fixed bug #65633 (built-in server treat some http headers as case-sensitive). (Adam) . Fixed bug #65818 (Segfault with built-in webserver and chunked transfer encoding). (Felipe) . Added application/pdf to PHP CLI Web Server mime types (Chris Jones) - Datetime: . Fixed bug #64157 (DateTime::createFromFormat() reports confusing error message). (Boro Sitnikovski) . Fixed bug #65502 (DateTimeImmutable::createFromFormat returns DateTime). (Boro Sitnikovski) . Fixed bug #65548 (Comparison for DateTimeImmutable doesn't work). (Boro Sitnikovski) - DBA extension: . Fixed bug #65708 (dba functions cast $key param to string in-place, bypassing copy on write). (Adam) - Filter: . Add RFC 6598 IPs to reserved addresses. (Sebastian Nohn) . Fixed bug #64441 (FILTER_VALIDATE_URL rejects fully qualified domain names). (Syra) - FTP: . Fixed bug #65667 (ftp_nb_continue produces segfault). (Philip Hofstetter) - GD . Ensure that the defined interpolation method is used with the generic scaling methods. (Pierre) - IMAP: . Fixed bug #65721 (configure script broken in 5.5.4 and 5.4.20 when enabling imap). (ryotakatsuki at gmail dot com) - OPcache: . Added support for GNU Hurd. (Svante Signell) . Added function opcache_compile_file() to load PHP scripts into cache without execution. (Julien) . Fixed bug #65845 (Error when Zend Opcache Optimizer is fully enabled). (Dmitry) . Fixed bug #65665 (Exception not properly caught when opcache enabled). (Laruence) . Fixed bug #65510 (5.5.2 crashes in _get_zval_ptr_ptr_var). (Dmitry) . Fixed issue #135 (segfault in interned strings if initial memory is too low). (Julien) - Sockets: . Fixed bug #65808 (the socket_connect() won't work with IPv6 address). (Mike) - SPL: . Fix bug #64782 (SplFileObject constructor make $context optional / give it a default value). (Nikita) - Standard: . Fixed bug #61548 (content-type must appear at the end of headers for 201 Location to work in http). (Mike) - XMLReader: . Fixed bug #51936 (Crash with clone XMLReader). (Mike) . Fixed bug #64230 (XMLReader does not suppress errors). (Mike) - Build system: . Fixed bug #51076 (race condition in shtool's mkdir -p implementation). (Mike, Raphael Geissert) . Fixed bug #62396 ('make test' crashes starting with 5.3.14 (missing gzencode())). (Mike) --- Module Name: pkgsrc Committed By: taca Date: Fri Nov 15 16:33:14 UTC 2013 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php55: PLIST distinfo Log Message: Update php55 package to 5.5.6. 14 Nov 2013, PHP 5.5.6 - Core: . Fixed bug #65947 (basename is no more working after fgetcsv in certain situation). (Laruence) . Improved performance of array_merge() and func_get_args() by eliminating useless copying. (Dmitry) . Fixed bug #65939 (Space before ";" breaks php.ini parsing). (brainstorm at nopcode dot org) . Fixed bug #65911 (scope resolution operator - strange behavior with $this). (Bob Weinand) . Fixed bug #65936 (dangling context pointer causes crash). (Tony) - FPM: . Changed default listen() backlog to 65535. (Tony) - MySQLi: . Fixed bug #66043 (Segfault calling bind_param() on mysqli). (Laruence) - OPcache . Increased limit for opcache.max_accelerated_files to 1,000,000. (Chris) . Fixed issue #115 (path issue when using phar). (Dmitry) . Fixed issue #149 (Phar mount points not working with OPcache enabled). (Dmitry) - ODBC . Fixed bug #65950 (Field name truncation if the field name is bigger than 32 characters). (patch submitted by: michael dot y at zend dot com, Yasuo) - PDO: . Fixed bug #66033 (Segmentation Fault when constructor of PDO statement throws an exception). (Laruence) . Fixed bug 65946 (sql_parser permanently converts values bound to strings) - Standard: . Fixed bug #64760 (var_export() does not use full precision for floating-point numbers) (Yasuo) --- Module Name: pkgsrc Committed By: taca Date: Sat Nov 16 09:45:26 UTC 2013 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php54: distinfo Log Message: Update php54 to 5.4.22. Version 5.4.22 14-Nov-2013 * Core: - Fixed bug #65911 (scope resolution operator - strange behavior with $this). CLI server: - Fixed bug #65818 (Segfault with built-in webserver and chunked transfer encoding). * Exif: - Fixed crash on unknown encoding. * FTP: - Fixed bug #65667 (ftp_nb_continue produces segfault). * ODBC: - Fixed bug #65950 (Field name truncation if the field name is bigger than 32 characters). * Sockets: - Fixed bug #65808 (the socket_connect() won't work with IPv6 address). * Standard: - Fixed bug #64760 (var_export() does not use full precision for floating-point numbers). * XMLReader: - Fixed bug #51936 (Crash with clone XMLReader). - Fixed bug #64230 (XMLReader does not suppress errors). --- Module Name: pkgsrc Committed By: taca Date: Thu Dec 5 16:16:40 UTC 2013 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-ext_date_lib_parse__iso__intervals.c patch-ext_date_lib_parse__iso__intervals.re Log Message: Add fix for CVE-2013-6712, ext/date DoS vulnerability. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Thu Dec 5 16:17:15 UTC 2013 Modified Files: pkgsrc/lang/php54: Makefile distinfo Added Files: pkgsrc/lang/php54/patches: patch-ext_date_lib_parse__iso__intervals.c patch-ext_date_lib_parse__iso__intervals.re Log Message: Add fix for CVE-2013-6712, ext/date DoS vulnerability. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Thu Dec 5 16:17:48 UTC 2013 Modified Files: pkgsrc/lang/php55: Makefile distinfo Added Files: pkgsrc/lang/php55/patches: patch-ext_date_lib_parse__iso__intervals.c patch-ext_date_lib_parse__iso__intervals.re Log Message: Add fix for CVE-2013-6712, ext/date DoS vulnerability. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Fri Dec 13 15:30:35 UTC 2013 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php53: Makefile Makefile.php distinfo Removed Files: pkgsrc/lang/php53/patches: patch-ext_openssl_openssl.c Log Message: Update php53 to 5.3.28 (PHP 5.3.28). 12 Dec 2013, PHP 5.3.28 - Openssl: . Fixed handling null bytes in subjectAltName (CVE-2013-4073). (Christian Heimes) . Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser). --- Module Name: pkgsrc Committed By: taca Date: Fri Dec 13 15:32:21 UTC 2013 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php54: Makefile distinfo Log Message: Update php54 to 5.4.23 (PHP 5.4.23). 28 Nov 2013, PHP 5.4.23 - Core: . Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string). (Laruence) . Fixed bug #65947 (basename is no more working after fgetcsv in certain situation). (Laruence) - JSON . Fixed whitespace part of bug #64874 ("json_decode handles whitespace and case-sensitivity incorrectly"). (Andrea Faulds) - MySQLi: . Fixed bug #66043 (Segfault calling bind_param() on mysqli). (Laruence) - mysqlnd: . Fixed bug #66124 (mysqli under mysqlnd loses precision when bind_param with 'i'). (Andrey) . Fixed bug #66141 (mysqlnd quote function is wrong with NO_BACKSLASH_ESCAPES after failed query). (Andrey) - OpenSSL: . Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser). - PDO . Fixed bug 65946 (sql_parser permanently converts values bound to strings) --- Module Name: pkgsrc Committed By: taca Date: Fri Dec 13 15:33:22 UTC 2013 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php55: Makefile distinfo Log Message: Update php55 to 5.5.7 (PHP 5.5.7). 12 Dec 2013, PHP 5.5.7 - CLI server: . Added some MIME types to the CLI web server (Chris Jones) . Implemented FR #65917 (getallheaders() is not supported by the built-in web server) - also implements apache_response_headers() (Andrea Faulds) - Core: . Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string). (Laruence) - OPCache . Fixed bug #66176 (Invalid constant substitution). (Dmitry) . Fixed bug #65915 (Inconsistent results with require return value). (Dmitry) . Fixed bug #65559 (Opcache: cache not cleared if changes occur while running). (Dmitry) - OpenSSL: . Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser). - readline . Fixed Bug #65714 (PHP cli forces the tty to cooked mode). (Remi) @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (php-5.3.28.tar.bz2) = f985ca1f6a5f49ebfb25a08f1837a44c563b31f8 RMD160 (php-5.3.28.tar.bz2) = e4910c0c365f39a5009807801bd5ee6e25be020d Size (php-5.3.28.tar.bz2) = 11051714 bytes d20 1 a20 2 SHA1 (patch-ext_date_lib_parse__iso__intervals.c) = 1243e4cda1d6446ee4f8b6cab61556fa07837139 SHA1 (patch-ext_date_lib_parse__iso__intervals.re) = 75d4abd666c17d7d5f8a4ee9e489bf2565f83524 @ 1.67 log @Add fix fo openssl, CVE-2013-4073. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.66 2013/07/12 00:07:04 taca Exp $ d20 1 a20 1 SHA1 (patch-ext_openssl_openssl.c) = 1018d60764162ef663089e94d1e133e097f4534c @ 1.66 log @Update php53 to 5.3.27 (PHP 5.3.27). 11-Jul-2013 Core: * Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC). * Fixed bug #64960 (Segfault in gc_zval_possible_root). * Fixed bug #64934 (Apache2 TS crash with get_browser()). * Fixed bug #63186 (compile failure on netbsd). DateTime: * Fixed bug #53437 (Crash when using unserialized DatePeriod instance). PDO_firebird: * Fixed bug #64037 (Firebird return wrong value for numeric field). * Fixed bug #62024 (Cannot insert second row with null using parametrized query). PDO_pgsql: * Fixed bug #64949 (Buffer overflow in _pdo_pgsql_error). pgsql: * Fixed bug #64609 (pg_convert enum type support). SPL: * Fixed bug #64997 (Segfault while using RecursiveIteratorIterator on 64-bits systems). XML: * Fixed bug #65236 (heap corruption in xml parser). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.65 2013/06/09 22:23:24 taca Exp $ d20 1 @ 1.65 log @Fix suhosi patch part. Thanks to Volkmar Seifert notified me the problem via private e-mail. (I should modify my local mk.conf to handle better...) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.64 2013/06/07 13:53:52 taca Exp $ d3 3 a5 3 SHA1 (php-5.3.26.tar.bz2) = d2f97da600b640d618a8790dab22b519aa87b056 RMD160 (php-5.3.26.tar.bz2) = a902aef59683dc7b051c81111b2995f8d5ebad93 Size (php-5.3.26.tar.bz2) = 11430170 bytes d9 15 a23 15 SHA1 (patch-aa) = b0dc6cd0b2103d5858280202506b33322a98496e SHA1 (patch-ab) = 7e9aab00e1d5f18e320ef5e513c0ff6833a5b69a SHA1 (patch-ac) = b6eb40116f3770464120b6ea9061624609b9564e SHA1 (patch-ad) = 1608c58860a43b4e31df8646b5ded253ec9aa881 SHA1 (patch-ae) = e590db60a60f4e5ef2da4e5edb786335a67a3d56 SHA1 (patch-af) = 1618b23fd6d090ce5aa929208416028724278bfc SHA1 (patch-ag) = 37225805be13ec76d8ac17833da8115e99b78745 SHA1 (patch-ah) = b20c29c64b3099f77855a5ec28960dc1c4f65c83 SHA1 (patch-ai) = d4766893a2c47a4e4a744248dda265b0a9a66a1f SHA1 (patch-aj) = 8698b3caa6299843c7483473b0cb18ceffa3dada SHA1 (patch-al) = fbbee5502e0cd1c47c6e7c15e0d54746414ec32e SHA1 (patch-ext_standard_basic__functions.c) = 18596d281017760293189d87d19de9c5c772232d SHA1 (patch-main_streams_cast.c) = c169ccb73dc660e40eff9f9e168374f35eedadad SHA1 (patch-php__mssql.c) = b46c688ff2d8da33ca2f9beb0eb9182b6edf7e23 SHA1 (patch-sapi_fpm_php-fpm.conf.in) = 6453d0cea05c0f86dcabc95a656532a0ed084aed @ 1.65.2.1 log @Pullup ticket #4183 - requested by taca lang/php53: security update Revisions pulled up: - lang/php/phpversion.mk 1.36 - lang/php53/Makefile.common 1.27 - lang/php53/Makefile.php 1.35 - lang/php53/distinfo 1.66 - lang/php53/patches/patch-aa 1.3 - lang/php53/patches/patch-ab 1.7 - lang/php53/patches/patch-ac 1.6 - lang/php53/patches/patch-ad 1.2 - lang/php53/patches/patch-ae 1.2 - lang/php53/patches/patch-af 1.4 - lang/php53/patches/patch-ag 1.3 - lang/php53/patches/patch-ah 1.2 - lang/php53/patches/patch-ai 1.2 - lang/php53/patches/patch-aj 1.3 - lang/php53/patches/patch-al 1.2 - lang/php53/patches/patch-ext_standard_basic__functions.c 1.2 - lang/php53/patches/patch-main_streams_cast.c 1.2 - lang/php53/patches/patch-php__mssql.c 1.2 - lang/php53/patches/patch-sapi_fpm_php-fpm.conf.in 1.2 --- Module Name: pkgsrc Committed By: taca Date: Fri Jul 12 00:07:04 UTC 2013 Modified Files: pkgsrc/lang/php53: Makefile.common Makefile.php distinfo pkgsrc/lang/php53/patches: patch-aa patch-ab patch-ac patch-ad patch-ae patch-af patch-ag patch-ah patch-ai patch-aj patch-al patch-ext_standard_basic__functions.c patch-main_streams_cast.c patch-php__mssql.c patch-sapi_fpm_php-fpm.conf.in Log Message: Update php53 to 5.3.27 (PHP 5.3.27). 11-Jul-2013 Core: * Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC). * Fixed bug #64960 (Segfault in gc_zval_possible_root). * Fixed bug #64934 (Apache2 TS crash with get_browser()). * Fixed bug #63186 (compile failure on netbsd). DateTime: * Fixed bug #53437 (Crash when using unserialized DatePeriod instance). PDO_firebird: * Fixed bug #64037 (Firebird return wrong value for numeric field). * Fixed bug #62024 (Cannot insert second row with null using parametrized query). PDO_pgsql: * Fixed bug #64949 (Buffer overflow in _pdo_pgsql_error). pgsql: * Fixed bug #64609 (pg_convert enum type support). SPL: * Fixed bug #64997 (Segfault while using RecursiveIteratorIterator on 64-bits systems). XML: * Fixed bug #65236 (heap corruption in xml parser). --- Module Name: pkgsrc Committed By: taca Date: Fri Jul 12 00:09:14 UTC 2013 Modified Files: pkgsrc/lang/php: phpversion.mk Log Message: Update PHP53_VERSION to 5.3.27. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (php-5.3.27.tar.bz2) = 4f95682940ebe1bc1a93812d593460625a2aae64 RMD160 (php-5.3.27.tar.bz2) = c2887004859f32b25229ffe52d86270c8de194b7 Size (php-5.3.27.tar.bz2) = 11432791 bytes d9 15 a23 15 SHA1 (patch-aa) = fd930d0d9b1c60e8c7c514cfb6864b61ce4d158d SHA1 (patch-ab) = 5e8f0b91426656cb7f9272d17586ce40ab0fb547 SHA1 (patch-ac) = e8a7218d74f2f4093acca2160693c9a245e4cfc7 SHA1 (patch-ad) = 6b42868f41335ddfa5a8c1e982819166b05e4ad2 SHA1 (patch-ae) = 3a354cb5c1253eb375041d8ee8549c2f663e6c74 SHA1 (patch-af) = 4f5aac4c52ce576f4489cb1f06fdb672745a8fdb SHA1 (patch-ag) = 84af84bc1144ac8a1fce931edcedd4a3ad0f2fda SHA1 (patch-ah) = 697156508da2d837a1ea1a41f036eab4fb87e94b SHA1 (patch-ai) = 9659f73eef1b4fcca9b844bdaa785ac6d5e582a1 SHA1 (patch-aj) = 181658ae523bd60f67750566711fc078b49191b7 SHA1 (patch-al) = fe534d7d50a529e3c7d0ffed76afdb70bb55a521 SHA1 (patch-ext_standard_basic__functions.c) = 017fd25e646af4d7eb2a0bd13b3c8da34eaee8c5 SHA1 (patch-main_streams_cast.c) = d68b69c9418a8780b1610b8755487771f7c46a5a SHA1 (patch-php__mssql.c) = 524c4e5d7ede0e503049bf1febec58e0c4a29aa4 SHA1 (patch-sapi_fpm_php-fpm.conf.in) = 86137a37e74badf99c46d1ba7ca5d85f42bedfce @ 1.65.2.2 log @Pullup ticket #4220 - requested by taca lang/php53: security patch Revisions pulled up: - lang/php53/Makefile 1.43 via patch - lang/php53/distinfo 1.67-1.68 - lang/php53/patches/patch-ext_openssl_openssl.c 1.1-1.2 --- Module Name: pkgsrc Committed By: taca Date: Wed Aug 14 15:42:56 UTC 2013 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-ext_openssl_openssl.c Log Message: Add fix fo openssl, CVE-2013-4073. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Fri Aug 16 00:38:13 UTC 2013 Modified Files: pkgsrc/lang/php53: distinfo pkgsrc/lang/php53/patches: patch-ext_openssl_openssl.c Log Message: Since openssl's security problem has assigned CVE-2013-4248, update comment in the patch file. @ text @a19 1 SHA1 (patch-ext_openssl_openssl.c) = f45f4322ac875db7b0bb86efb7cfda1f659ac6cc @ 1.64 log @Update php53 to 5.3.26. 06 Jun 2013, PHP 5.3.26 - Core: . Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode, CVE 2013-2110). (Stas) - Calendar: . Fixed bug #64895 (Integer overflow in SndToJewish). (Remi) - FPM: . Fixed some possible memory or resource leaks and possible null dereference detected by code coverity scan. (Remi) . Log a warning when a syscall fails. (Remi) - MySQLi: . Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB pointer has closed). (Laruence) - Phar . Fixed bug #64214 (PHAR PHPTs intermittently crash when run on DFS, SMB or with non std tmp dir). (Pierre) - Streams: . Fixed bug #64770 (stream_select() fails with pipes returned by proc_open() on Windows x64). (Anatol) - Zend Engine: . Fixed bug #64821 (Custom Exception crash when internal properties overridden). (Anatol) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.63 2013/05/16 16:19:14 taca Exp $ d6 3 @ 1.63 log @Update php53 to 5.3.25 (PHP 5.3.25). 09 May 2013, PHP 5.3.25 - Core: . Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap: segfault). (Laruence) . Fixed bug #64458 (dns_get_record result with string of length -1). (Stas) . Fixed bugs #47675 and #64577 (fd leak on Solaris). (Rasmus) - Streams: . Fixed Windows x64 version of stream_socket_pair() and improved error handling. (Anatol Belski) - Zip: . Fixed bug #64342 (ZipArchive::addFile() has to check for file existence). (Anatol) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.62 2013/04/12 16:59:51 taca Exp $ d3 3 a5 6 SHA1 (php-5.3.25.tar.bz2) = 8f948bf74a56f0bca70b2f37de6b585af6602b11 RMD160 (php-5.3.25.tar.bz2) = 09889369bd711e37ce8d4c79b1ae6513614a2e24 Size (php-5.3.25.tar.bz2) = 11429225 bytes SHA1 (suhosin-patch-5.3.25-0.9.10.patch.bz2) = ce5883b05daf91e8a44fffbfa4d3989ac3311dd1 RMD160 (suhosin-patch-5.3.25-0.9.10.patch.bz2) = 6c4d0cfe070802481121be465b66d3cefe44da83 Size (suhosin-patch-5.3.25-0.9.10.patch.bz2) = 32447 bytes @ 1.62 log @Update php53 to 5.3.24. 11 Apr 2013, PHP 5.3.24 - Core . Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']). (Anatol) . Fixed bug #63914 (zend_do_fcall_common_helper_SPEC does not handle exceptions properly). (Jeff Welch) . Fixed bug #62343 (Show class_alias In get_declared_classes()) (Dmitry) - PCRE: . Merged PCRE 8.32). (Anatol) - mysqlnd . Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses wrong alloc for stmt->param_bind). (Andrey) - DateTime . Fixed bug #62852 (Unserialize Invalid Date causes crash). (Anatol) - Zip: . Bug #64452 (Zip crash intermittently). (Anatol) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.61 2013/04/12 11:56:46 taca Exp $ d3 6 a8 3 SHA1 (php-5.3.24.tar.bz2) = ff591a89d77123c7823adf94fea4aca7de5a3dc6 RMD160 (php-5.3.24.tar.bz2) = 09e6ee41912f38d203869b79e15c6ec0168dc93d Size (php-5.3.24.tar.bz2) = 11428201 bytes a20 1 SHA1 (patch-main_main.c) = 3e8f62eed3daadf2c93adeade234e378e792be04 @ 1.61 log @Re-enable suhosin PKG_OPTIONS with updated patch file (by me). It was accidently dropped by previous update of PHP. No PKGREVISION bump since it fixes broken status with suhosin PKG_OPTIONS. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.60 2013/03/16 01:58:18 taca Exp $ d3 3 a5 6 SHA1 (php-5.3.23.tar.bz2) = fe9d84ada4747629f31051f9c689629261558056 RMD160 (php-5.3.23.tar.bz2) = a537ed70a94ebbc8c1ee12a897f2f78b98a1dee4 Size (php-5.3.23.tar.bz2) = 11410987 bytes SHA1 (suhosin-patch-5.3.23-0.9.10.patch.bz2) = 4db2a9266013c9647d14a6e5875c3081fce263ca RMD160 (suhosin-patch-5.3.23-0.9.10.patch.bz2) = 82f3c4f80cef7e7d44fb23bec9fa349c4cba6762 Size (suhosin-patch-5.3.23-0.9.10.patch.bz2) = 32474 bytes d7 1 a7 1 SHA1 (patch-ab) = 718248326c74ffa8a0f7df47b641fed39b838ba1 @ 1.60 log @Update php53 to 5.3.23. 14 Mar 2013, PHP 5.3.23 - SOAP . Improved check that soap.wsdl_cache_dir conforms to open_basedir (Dmitry) . Disabled external entities loading. (Dmitry) - SPL: . Fixed bug #64264 (SPLFixedArray toArray problem). (Laruence) . Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS). (patch by kriss@@krizalys.com, Laruence) . Fixed bug #52861 (unset fails with ArrayObject and deep arrays). (Mike Willbanks) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.59 2013/02/28 21:28:20 imil Exp $ d6 3 @ 1.60.2.1 log @Pullup ticket #4118 - requested by taca lang/php53: build fix Revisions pulled up: - lang/php53/Makefile.php 1.30 - lang/php53/distinfo 1.61 --- Module Name: pkgsrc Committed By: taca Date: Fri Apr 12 11:56:46 UTC 2013 Modified Files: pkgsrc/lang/php53: Makefile.php distinfo Log Message: Re-enable suhosin PKG_OPTIONS with updated patch file (by me). It was accidently dropped by previous update of PHP. No PKGREVISION bump since it fixes broken status with suhosin PKG_OPTIONS. @ text @d1 1 a1 1 $NetBSD$ a5 3 SHA1 (suhosin-patch-5.3.23-0.9.10.patch.bz2) = 4db2a9266013c9647d14a6e5875c3081fce263ca RMD160 (suhosin-patch-5.3.23-0.9.10.patch.bz2) = 82f3c4f80cef7e7d44fb23bec9fa349c4cba6762 Size (suhosin-patch-5.3.23-0.9.10.patch.bz2) = 32474 bytes @ 1.60.2.2 log @Pullup ticket #4156 - requested by taca lang/php53: security update Revisions pulled up: - lang/php53/Makefile.common 1.24-1.26 - lang/php53/Makefile.php 1.33 via patch - lang/php53/distinfo 1.63-1.64 via patch - lang/php53/patches/patch-main_main.c deleted --- Module Name: pkgsrc Committed By: taca Date: Fri Apr 12 16:59:51 UTC 2013 Modified Files: pkgsrc/lang/php53: Makefile.common Makefile.php distinfo pkgsrc/lang/php53/patches: patch-ab Log Message: Update php53 to 5.3.24. 11 Apr 2013, PHP 5.3.24 - Core . Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']). (Anatol) . Fixed bug #63914 (zend_do_fcall_common_helper_SPEC does not handle exceptions properly). (Jeff Welch) . Fixed bug #62343 (Show class_alias In get_declared_classes()) (Dmitry) - PCRE: . Merged PCRE 8.32). (Anatol) - mysqlnd . Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses wrong alloc for stmt->param_bind). (Andrey) - DateTime . Fixed bug #62852 (Unserialize Invalid Date causes crash). (Anatol) - Zip: . Bug #64452 (Zip crash intermittently). (Anatol) --- Module Name: pkgsrc Committed By: taca Date: Thu May 16 16:19:14 UTC 2013 Modified Files: pkgsrc/lang/php53: Makefile.common Makefile.php distinfo Removed Files: pkgsrc/lang/php53/patches: patch-main_main.c Log Message: Update php53 to 5.3.25 (PHP 5.3.25). 09 May 2013, PHP 5.3.25 - Core: . Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap: segfault). (Laruence) . Fixed bug #64458 (dns_get_record result with string of length -1). (Stas) . Fixed bugs #47675 and #64577 (fd leak on Solaris). (Rasmus) - Streams: . Fixed Windows x64 version of stream_socket_pair() and improved error handling. (Anatol Belski) - Zip: . Fixed bug #64342 (ZipArchive::addFile() has to check for file existence). (Anatol) --- Module Name: pkgsrc Committed By: taca Date: Fri Jun 7 13:53:52 UTC 2013 Modified Files: pkgsrc/lang/php53: Makefile.common distinfo Log Message: Update php53 to 5.3.26. 06 Jun 2013, PHP 5.3.26 - Core: . Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode, CVE 2013-2110). (Stas) - Calendar: . Fixed bug #64895 (Integer overflow in SndToJewish). (Remi) - FPM: . Fixed some possible memory or resource leaks and possible null dereference detected by code coverity scan. (Remi) . Log a warning when a syscall fails. (Remi) - MySQLi: . Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB pointer has closed). (Laruence) - Phar . Fixed bug #64214 (PHAR PHPTs intermittently crash when run on DFS, SMB or with non std tmp dir). (Pierre) - Streams: . Fixed bug #64770 (stream_select() fails with pipes returned by proc_open() on Windows x64). (Anatol) - Zend Engine: . Fixed bug #64821 (Custom Exception crash when internal properties overridden). (Anatol) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.60.2.1 2013/04/15 22:18:29 tron Exp $ d3 6 a8 3 SHA1 (php-5.3.26.tar.bz2) = d2f97da600b640d618a8790dab22b519aa87b056 RMD160 (php-5.3.26.tar.bz2) = a902aef59683dc7b051c81111b2995f8d5ebad93 Size (php-5.3.26.tar.bz2) = 11430170 bytes d10 1 a10 1 SHA1 (patch-ab) = 7e9aab00e1d5f18e320ef5e513c0ff6833a5b69a d21 1 a21 1 SHA1 (patch-main_main.c) = da39a3ee5e6b4b0d3255bfef95601890afd80709 @ 1.60.2.3 log @Pullup ticket #4158 - requested by taca lang/php53: fix build with "suhosi" option Revisions pulled up: - lang/php53/Makefile.php 1.34 - lang/php53/distinfo 1.65 --- Module Name: pkgsrc Committed By: taca Date: Sun Jun 9 22:23:24 UTC 2013 Modified Files: pkgsrc/lang/php53: Makefile.php distinfo Log Message: Fix suhosi patch part. Thanks to Volkmar Seifert notified me the problem via private e-mail. (I should modify my local mk.conf to handle better...) @ text @d1 1 a1 1 $NetBSD$ a5 3 SHA1 (suhosin-patch-5.3.25-0.9.10.patch.bz2) = ce5883b05daf91e8a44fffbfa4d3989ac3311dd1 RMD160 (suhosin-patch-5.3.25-0.9.10.patch.bz2) = 6c4d0cfe070802481121be465b66d3cefe44da83 Size (suhosin-patch-5.3.25-0.9.10.patch.bz2) = 32447 bytes @ 1.59 log @Uncomment the pid parameter for php-fpm.conf so the pidfile is created and rc.d script can really start / stop php-fpm. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.58 2013/02/22 03:06:16 taca Exp $ d3 3 a5 6 SHA1 (php-5.3.22.tar.bz2) = 8a0948040d70bd7ebf1f3001c4462649b43d5ab0 RMD160 (php-5.3.22.tar.bz2) = dc51c94f4201aeb3bef03df8d1def780a1ab60f5 Size (php-5.3.22.tar.bz2) = 11366482 bytes SHA1 (suhosin-patch-5.3.21-0.9.10.patch.bz2) = 7df6bb0f39fe4111a96a7d6ce694f954f1796c48 RMD160 (suhosin-patch-5.3.21-0.9.10.patch.bz2) = 4f2039676592c94fd923cdf7a35255d663ab56df Size (suhosin-patch-5.3.21-0.9.10.patch.bz2) = 33131 bytes d7 1 a7 1 SHA1 (patch-ab) = d08bb50cf074a6065ef0d1d67a713b7573cb2f5b @ 1.58 log @Update php53 to 5.3.22. PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 21 Feb 2013, PHP 5.3.22 - Zend Engine: . Fixed bug #64099 (Wrong TSRM usage in zend_Register_class alias). (Johannes) . Fixed bug #63899 (Use after scope error in zend_compile). (Laruence) - Core . Fixed bug #63943 (Bad warning text from strpos() on empty needle). (Laruence) - Date: . Fixed bug #55397 (comparsion of incomplete DateTime causes SIGSEGV). (Laruence, Derick) - FPM: . Fixed bug #63999 (php with fpm fails to build on Solaris 10 or 11). (Adam) - SOAP . Added check that soap.wsdl_cache_dir conforms to open_basedir (CVE-2013-1635). (Dmitry) . Disabled external entities loading (CVE-2013-1643). (Dmitry) - SPL: . Fixed bug #64106 (Segfault on SplFixedArray[][x] = y when extended). (Nikita Popov) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.57 2013/02/17 13:10:13 taca Exp $ d24 1 a24 1 SHA1 (patch-sapi_fpm_fpm__fpm_sockets.h) = 59b3afaef3ab5931ff51df4c2042ee3983f0489a @ 1.57 log @Fix build problem of graphics/php-gd with png 1.6.0. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.56 2013/01/17 16:18:24 taca Exp $ d3 3 a5 3 SHA1 (php-5.3.21.tar.bz2) = d67d2569b4782cf2faa049f22b08819ad8b15009 RMD160 (php-5.3.21.tar.bz2) = 84aa653af6fbe66c02a572ad1add3daf6e46bb1e Size (php-5.3.21.tar.bz2) = 11362683 bytes @ 1.56 log @Update php53 to 5.3.21. * pkgsrc change: use locally recreated suhosin patch file. 17 Jan 2013, PHP 5.3.21 - Zend Engine: . Fixed bug #63762 (Sigsegv when Exception::$trace is changed by user). (Johannes) - cURL extension: . Fixed bug (segfault due to libcurl connection caching). (Pierrick) . Fixed bug #63795 (CURL >= 7.28.0 no longer support value 1 for CURLOPT_SSL_VERIFYHOST). (Pierrick) . Fixed bug #63352 (Can't enable hostname validation when using curl stream wrappers). (Pierrick) . Fixed bug #55438 (Curlwapper is not sending http header randomly). (phpnet@@lostreality.org, Pierrick) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.55 2013/01/07 14:23:57 taca Exp $ d11 1 a11 1 SHA1 (patch-ac) = 1720f154232241c19d0c6e08a824e33252f1b690 @ 1.55 log @Update php53 to 5.3.20. 20 Dec 2012, PHP 5.3.20 - Zend Engine: . Fixed bug #63635 (Segfault in gc_collect_cycles). (Dmitry) . Fixed bug #63512 (parse_ini_file() with INI_SCANNER_RAW removes quotes from value). (Pierrick) . Fixed bug #63468 (wrong called method as callback with inheritance). (Laruence) - Core: . Fixed bug #63451 (config.guess file does not have AIX 7 defined, shared objects are not created). (kemcline at au1 dot ibm dot com) . Fixed bug #63377 (Segfault on output buffer). (miau dot jp at gmail dot com, Laruence) - Apache2 Handler SAPI: . Enabled Apache 2.4 configure option for Windows (Pierre, Anatoliy) - Date: . Fixed bug #63435 (Datetime::format('u') sometimes wrong by 1 microsecond). (Remi) - Fileinfo: . Fixed bug #63248 (Load multiple magic files from a directory under Windows). (Anatoliy) . Fixed bug #63590 (Different results in TS and NTS under Windows). (Anatoliy) - FPM: . Fixed bug #63581 (Possible null dereference and buffer overflow). (Remi) - Imap: . Fixed bug #63126 (DISABLE_AUTHENTICATOR ignores array). (Remi) - MySQLnd: . Fixed bug #63398 (Segfault when polling closed link). (Laruence) - Reflection: . Fixed Bug #63614 (Fatal error on Reflection). (Laruence) - SOAP . Fixed bug #63271 (SOAP wsdl cache is not enabled after initial requests). (John Jawed, Dmitry) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.54 2012/11/23 13:20:03 taca Exp $ d3 6 a8 6 SHA1 (php-5.3.20.tar.bz2) = 64d505884bc43ae3bf1f50c1d4b1cc4a8b749962 RMD160 (php-5.3.20.tar.bz2) = e50668e3376b8790cf47f3b6cd91e4a7004f5cd5 Size (php-5.3.20.tar.bz2) = 11358034 bytes SHA1 (suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes @ 1.54 log @Update php53 to 5.3.19. 22 Nov 2012, PHP 5.3.19 - Core . Fixed bug #63241 (PHP fails to open Windows deduplicated files). (daniel dot stelter-gliese at innogames dot de) . Fixed bug #62444 (Handle leak in is_readable on windows). (krazyest at seznam dot cz) - Libxml . Fixed bug #63389 (Missing context check on libxml_set_streams_context() causes memleak). (Laruence) - Mbstring: . Fixed bug #63447 (max_input_vars doesn't filter variables when mbstring.encoding_translation = On). (Laruence) - MySQL: . Fixed compilation failure on mixed 32/64 bit systems. (Andrey) - OCI8: . Fixed bug #63265 (Add ORA-00028 to the PHP_OCI_HANDLE_ERROR macro) (Chris Jones) - PCRE: . Fixed bug #63055 (Segfault in zend_gc with SF2 testsuite). (Dmitry, Laruence) . Fixed bug #63284 (Upgrade PCRE to 8.31). (Anatoliy) - PDO: . Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec). (Martin Osvald, Remi) - PDO_pgsql: . Fixed bug #62593 (Emulate prepares behave strangely with PARAM_BOOL). (Will Fitch) - Streams: . Fixed bug #63240 (stream_get_line() return contains delimiter string). (Tjerk, Gustavo) - Phar: . Fixed bug #63297 (Phar fails to write an openssl based signature). (Anatoliy) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.53 2012/10/20 00:29:40 taca Exp $ d3 3 a5 3 SHA1 (php-5.3.19.tar.bz2) = 083614a8c510cab081dd08c59ba3436cfd96fbef RMD160 (php-5.3.19.tar.bz2) = 0083b282091490789379d2443fd91d320f3e95a4 Size (php-5.3.19.tar.bz2) = 11359557 bytes @ 1.53 log @Fix build problem when suhosin option enabled with a little dirty way. Since this problem was build problem with suhosin option, no PKGREVISION bump. Thanks Amitai Schlair who noted this problem via private mail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.52 2012/10/19 14:57:02 taca Exp $ d3 3 a5 3 SHA1 (php-5.3.18.tar.bz2) = 561b7ed1ad147346d97f4cac78159e5918a7b5b9 RMD160 (php-5.3.18.tar.bz2) = f1b0059816fb817d159532239c02ddefac0085f4 Size (php-5.3.18.tar.bz2) = 11335289 bytes @ 1.52 log @Update php53 to 5.3.18. 18 Oct 2012, PHP 5.3.18 - Core: . Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry) . Fixed bug #63093 (Segfault while load extension failed in zts-build). (Laruence) . Fixed bug #62976 (Notice: could not be converted to int when comparing some builtin classes). (Laruence) . Fixed bug #61767 (Shutdown functions not called in certain error situation). (Dmitry) . Fixed bug #61442 (exception threw in __autoload can not be catched). (Laruence) . Fixed bug #60909 (custom error handler throwing Exception + fatal error = no shutdown function). (Dmitry) - cURL: . Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will cause cpu Soaring). (Pierrick) - FPM: . Fixed bug #62954 (startup problems fpm / php-fpm). (fat) . Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat) . Fixed bug #63085 (Systemd integration and daemonize). (remi, fat) . Fixed bug #62947 (Unneccesary warnings on FPM). (fat) . Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat) . Fixed bug #62216 (Add PID to php-fpm init.d script). (fat) - Intl: . Fix bug #62915 (defective cloning in several intl classes). (Gustavo) - SOAP . Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). (Dmitry) - SPL: . Bug #62987 (Assigning to ArrayObject[null][something] overrides all undefined variables). (Laruence) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.51 2012/09/15 00:08:10 taca Exp $ d6 3 @ 1.51 log @Re-enable suhosin PKG_OPTION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.50 2012/09/14 15:52:08 taca Exp $ d3 3 a5 6 SHA1 (php-5.3.17.tar.bz2) = d6f0192d2c1dae2921923762bde5ae356ceda5b5 RMD160 (php-5.3.17.tar.bz2) = 40d0eee40b7c5218985ac490f2efa21d67f1279d Size (php-5.3.17.tar.bz2) = 11326372 bytes SHA1 (suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes @ 1.50 log @Update php53 to 5.3.17 (PHP 5.3.17). 13 Sep 2012, PHP 5.3.17 - Core: . Fixed bug (segfault while build with zts and GOTO vm-kind). (Laruence) . Fixed bug #62955 (Only one directive is loaded from "Per Directory Values" Windows registry). (aserbulov at parallels dot com) . Fixed bug #62763 (register_shutdown_function and extending class). (Laruence) . Fixed bug #62744 (dangling pointers made by zend_disable_class). (Laruence) . Fixed bug #62716 (munmap() is called with the incorrect length). (slangley@@google.com) . Fixed bug ##62460 (php binaries installed as binary.dSYM). (Reeze Xia) - CURL: . Fixed bug #62839 (curl_copy_handle segfault with CURLOPT_FILE). (Pierrick) - DateTime: . Fixed bug #62852 (Unserialize invalid DateTime causes crash). (reeze.xia@@gmail.com) - Intl: . Fix null pointer dereferences in some classes of ext/intl. (Gustavo) - MySQLnd: . Fixed bug #62885 (mysqli_poll - Segmentation fault). (Laruence) - PDO: . Fixed bug #62685 (Wrong return datatype in PDO::inTransaction()). (Laruence) - Session: . Fixed bug (segfault due to retval is not initialized). (Laruence) - SPL: . Fixed bug #62904 (Crash when cloning an object which inherits SplFixedArray) (Laruence) - Enchant: . Fixed bug #62838 (enchant_dict_quick_check() destroys zval, but fails to initialize it). (Tony, Mateusz Goik). 16 Aug 2012, PHP 5.3.16 - Core: . Fixed bug #60194 (--with-zend-multibyte and --enable-debug reports LEAK with run-test.php). (Laruence) - CURL: . Fixed bug #62499 (curl_setopt($ch, CURLOPT_COOKIEFILE, "") returns false). (r.hampartsumyan@@gmail.com, Laruence) - DateTime: . Fixed Bug #62500 (Segfault in DateInterval class when extended). (Laruence) - Reflection: . Fixed bug #62715 (ReflectionParameter::isDefaultValueAvailable() wrong result). (Laruence) - SPL: . Fixed bug #62616 (ArrayIterator::count() from IteratorIterator instance gives Segmentation fault). (Laruence, Gustavo) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.49 2012/08/17 15:32:31 taca Exp $ d6 3 @ 1.49 log @Update php53 to 5.3.16 (PHP 5.3.16). PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 16 Aug 2012, PHP 5.3.16 - Core: . Fixed bug #60194 (--with-zend-multibyte and --enable-debug reports LEAK with run-test.php). (Laruence) - CURL: . Fixed bug #62499 (curl_setopt($ch, CURLOPT_COOKIEFILE, "") returns false). (r.hampartsumyan@@gmail.com, Laruence) - DateTime: . Fixed Bug #62500 (Segfault in DateInterval class when extended). (Laruence) - Reflection: . Fixed bug #62715 (ReflectionParameter::isDefaultValueAvailable() wrong result). (Laruence) - SPL: . Fixed bug #62616 (ArrayIterator::count() from IteratorIterator instance gives Segmentation fault). (Laruence, Gustavo) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.48 2012/07/31 12:23:12 fhajny Exp $ d3 3 a5 6 SHA1 (php-5.3.16.tar.bz2) = a8356b18f6413a87451bd70110b814c847b69f00 RMD160 (php-5.3.16.tar.bz2) = 41ea044b961c4fdf04a1bd31a5b08cac8b271561 Size (php-5.3.16.tar.bz2) = 11314384 bytes SHA1 (suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes @ 1.48 log @Fix a silly bug in latest PHP. Arbitrary symbol cannot be 'sun', which is taken on all SunOS platforms. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.47 2012/07/25 13:20:30 fhajny Exp $ d3 3 a5 3 SHA1 (php-5.3.15.tar.bz2) = 05cf819352062ea3fbcccd3f15aa02c8c3f87440 RMD160 (php-5.3.15.tar.bz2) = b82b9f57c4bdc3b451a0c179f131497ebbbfd94f Size (php-5.3.15.tar.bz2) = 11307865 bytes d15 1 a15 1 SHA1 (patch-ag) = c49cdff097d1e54ebe93b5afb550e89b0cc2468e d21 1 a21 1 SHA1 (patch-main_main.c) = 3535bd480d176a488405555d03f3bf7e2ce22ad5 d24 1 a24 2 SHA1 (patch-sapi_fpm_fpm__fpm_sockets.c) = 0961ebe67c2139ccd5090f91544c089877f479dd SHA1 (patch-sapi_fpm_fpm__fpm_sockets.h) = f486c3e8628530a62bfb11a4313a26ee8f598069 @ 1.47 log @Fix file descriptor leak on SunOS. Bump PKGREVISION. See https://bugs.php.net/bug.php?id=47675 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.46 2012/07/20 12:28:17 taca Exp $ d24 2 @ 1.46 log @Update php53 pacakge to 5.3.15 (PHP 5.3.15). 19-July-2012 o Zend Engine * Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon) o COM * Fixed bug #62146 com_dotnet cannot be built shared o Core * Fixed potential overflow in _php_stream_scandir, CVE-2012-2688 * Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent) * Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt) o Fileinfo * Fixed magic file regex support o FPM * Fixed bug #61045 (fpm don't send error log to fastcgi clients) * Fixed bug #61835 (php-fpm is not allowed to run as root) * Fixed bug #61295 (php-fpm should not fail with commented 'user' for non-root start) * Fixed bug #61026 (FPM pools can listen on the same address) * Fixed bug #62033 (php-fpm exits with status 0 on some failures to start) * Fixed bug #62153 (when using unix sockets, multiples FPM instances can be launched without errors) * Fixed bug #62160 (Add process.priority to set nice(2) priorities) * Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests) * Fixed bug #62205 (php-fpm segfaults (null passed to strstr)) o Intl * Fixed bug #62083 (grapheme_extract() memory leaks) * Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice) * Fixed bug #62070 (Collator::getSortKey() returns garbage) * Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern) * Fixed bug #60785 (memory leak in IntlDateFormatter constructor) o JSON * Reverted fix for bug #61537 o Phar * Fixed bug #62227 (Invalid phar stream path causes crash) o Reflection * Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault) * Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant) o SPL * Fixed bug #62262 (RecursiveArrayIterator does not implement Countable) o SQLite * Fixed open_basedir bypass, CVE-2012-3365 o XML Write * Fixed bug #62064 (memory leak in the XML Writer module) o Zip * Upgraded libzip to 0.10 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.45 2012/06/16 01:27:24 taca Exp $ d21 1 @ 1.45 log @Update php53 to 5.3.14 (PHP 5.3.14). Version 5.3.14 06-June-2012 * CLI SAPI - Fixed bug #61546 (functions related to current script failed when chdir() in cli sapi) * Core - Fixed CVE-2012-2143 - Fixed bug #62005 (unexpected behavior when incrementally assigning to a member of a null object) - Fixed bug #61730 (Segfault from array_walk modifying an array passed by reference) - Fixed missing bound check in iptcparse() - Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64) - Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename set to null) - Fixed bug #61713 (Logic error in charset detection for htmlentities) - Fixed bug #61991 (long overflow in realpath_cache_get()) - Changed php://fd to be available only for CLI. * CURL - Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction) * COM - Fixed bug #62146 com_dotnet cannot be built shared * Fileinfo - Fixed bug #61812 (Uninitialised value used in libmagic) * Iconv - Fixed a bug that iconv extension fails to link to the correct library when another extension makes use of a library that links to the iconv library. See https://bugs.gentoo.org/show_bug.cgi?id=364139 for detail * Intl - Fixed bug #62082 (Memory corruption in internal function get_icu_disp_value_src_php() * JSON - Fixed bug #61537 (json_encode() incorrectly truncates/discards information) * PDO - Fixed bug #61755 (A parsing bug in the prepared statements can lead to access violations) * Phar - Fixed bug #61065 (Secunia SA44335) * Streams - Fixed bug #61961 (file_get_contents leaks when access empty file with maxlen set) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.44 2012/06/12 14:45:51 taca Exp $ d3 3 a5 3 SHA1 (php-5.3.14.tar.bz2) = 71f3840395eb35f730d8dd255513e4ebdae4b1b0 RMD160 (php-5.3.14.tar.bz2) = 07a798ee7f8ce1818be09e7aee0f6014160145f9 Size (php-5.3.14.tar.bz2) = 11408016 bytes d18 1 a18 1 SHA1 (patch-aj) = d611d13fcc28c5d2b9e9586832ce4b8ae5707b48 @ 1.45.2.1 log @Pullup ticket #3866 - requested by taca archivers/php-bz2: security update archivers/php-zip: security update archivers/php-zlib: security update converters/php-iconv: security update converters/php-mbstring: security update databases/php-dba: security update databases/php-ldap: security update databases/php-mssql: security update databases/php-mysql: security update databases/php-mysqli: security update databases/php-pdo: security update databases/php-pdo_dblib: security update databases/php-pdo_mysql: security update databases/php-pdo_pgsql: security update databases/php-pdo_sqlite: security update databases/php-pgsql: security update databases/php-sqlite: security update devel/php-gettext: security update devel/php-gmp: security update devel/php-pcntl: security update devel/php-posix: security update devel/php-shmop: security update devel/php-sysvmsg: security update devel/php-sysvsem: security update devel/php-sysvshm: security update graphics/php-exif: security update graphics/php-gd: security update lang/php53: security update lang/php54: security update mail/php-imap: security update math/php-bcmath: security update net/php-ftp: security update net/php-snmp: security update net/php-soap: security update net/php-sockets: security update net/php-xmlrpc: security update security/php-mcrypt: security update textproc/php-dom: security update textproc/php-enchant: security update textproc/php-intl: security update textproc/php-json: security update textproc/php-pspell: security update textproc/php-wddx: security update textproc/php-xsl: security update time/php-calendar: security update www/ap-php: security update www/php-curl: security update www/php-fpm: security update www/php-tidy: security update Revisions pulled up: - archivers/php-zip/Makefile 1.15 - databases/php-dba/Makefile 1.15 - databases/php-mssql/Makefile 1.14 - databases/php-pdo_dblib/Makefile 1.15 - databases/php-pdo_sqlite/Makefile 1.12 - databases/php-sqlite/Makefile 1.16 - devel/php-gettext/Makefile 1.11 - devel/php-shmop/Makefile 1.11 - graphics/php-exif/Makefile 1.11 - graphics/php-gd/Makefile 1.28 - lang/php53/Makefile.common 1.15 - lang/php53/Makefile.php 1.19 - lang/php53/distinfo 1.46 - lang/php53/patches/patch-aj 1.2 - lang/php54/Makefile.common 1.2 - lang/php54/distinfo 1.2 - lang/php54/patches/patch-run-tests.php 1.2 - net/php-soap/Makefile 1.4 - net/php-xmlrpc/Makefile 1.15 - textproc/php-dom/Makefile 1.4 - textproc/php-intl/Makefile 1.13 - textproc/php-pspell/Makefile 1.13 - textproc/php-wddx/Makefile 1.17 - textproc/php-xsl/Makefile 1.5 - www/ap-php/Makefile 1.27 - www/php-curl/Makefile 1.18 --- Module Name: pkgsrc Committed By: taca Date: Fri Jul 20 12:28:18 UTC 2012 Modified Files: pkgsrc/lang/php53: Makefile.common Makefile.php distinfo pkgsrc/lang/php53/patches: patch-aj Log Message: Update php53 pacakge to 5.3.15 (PHP 5.3.15). 19-July-2012 o Zend Engine * Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon) o COM * Fixed bug #62146 com_dotnet cannot be built shared o Core * Fixed potential overflow in _php_stream_scandir, CVE-2012-2688 * Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent) * Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt) o Fileinfo * Fixed magic file regex support o FPM * Fixed bug #61045 (fpm don't send error log to fastcgi clients) * Fixed bug #61835 (php-fpm is not allowed to run as root) * Fixed bug #61295 (php-fpm should not fail with commented 'user' for non-root start) * Fixed bug #61026 (FPM pools can listen on the same address) * Fixed bug #62033 (php-fpm exits with status 0 on some failures to start) * Fixed bug #62153 (when using unix sockets, multiples FPM instances can be launched without errors) * Fixed bug #62160 (Add process.priority to set nice(2) priorities) * Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests) * Fixed bug #62205 (php-fpm segfaults (null passed to strstr)) o Intl * Fixed bug #62083 (grapheme_extract() memory leaks) * Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice) * Fixed bug #62070 (Collator::getSortKey() returns garbage) * Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern) * Fixed bug #60785 (memory leak in IntlDateFormatter constructor) o JSON * Reverted fix for bug #61537 o Phar * Fixed bug #62227 (Invalid phar stream path causes crash) o Reflection * Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault) * Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant) o SPL * Fixed bug #62262 (RecursiveArrayIterator does not implement Countable) o SQLite * Fixed open_basedir bypass, CVE-2012-3365 o XML Write * Fixed bug #62064 (memory leak in the XML Writer module) o Zip * Upgraded libzip to 0.10 --- Module Name: pkgsrc Committed By: taca Date: Fri Jul 20 12:29:05 UTC 2012 Modified Files: pkgsrc/lang/php54: Makefile.common distinfo pkgsrc/lang/php54/patches: patch-run-tests.php Log Message: Update php54 package to 5.4.5 (PHP 5.4.5). 19-July-2012 o Core * Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt) * Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent) * Fixed bug #62373 (serialize() generates wrong reference to the object). * Fixed bug #62357 (compile failure: (S) Arguments missing for built-in function __memcmp) * Fixed bug #61998 (Using traits with method aliases appears to result in crash during execution) * Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon) * Fixed potential overflow in _php_stream_scandir (CVE-2012-2688) o EXIF * Fixed information leak in ext exi o FPM * Fixed bug #62205 (php-fpm segfaults (null passed to strstr) * Fixed bug #62160 (Add process.priority to set nice(2) priorities) * Fixed bug #62153 (when using unix sockets, multiples FPM instances) * Fixed bug #62033 (php-fpm exits with status 0 on some failures to start) * Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm) * Fixed bug #61835 (php-fpm is not allowed to run as root) * Fixed bug #61295 (php-fpm should not fail with commented 'user' * Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests) * Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat) for non-root start) * Fixed bug #61026 (FPM pools can listen on the same address). (fat) can be launched without errors) o Iconv * Fixed bug #55042 (Erealloc in iconv.c unsafe) o Intl * Fixed bug #62083 (grapheme_extract() memory leaks) * Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice) * Fixed bug #62070 (Collator::getSortKey() returns garbage) * Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern) * Fixed bug #60785 (memory leak in IntlDateFormatter constructor) * ResourceBundle constructor now accepts NULL for the first two arguments o JSON * Fixed bug #61359 (json_encode() calls too many reallocs) o libxml * Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM SAPI) o Phar * Fixed bug #62227 (Invalid phar stream path causes crash) o Readline * Fixed bug #62186 (readline fails to compile - void function should not return a value) o Reflection * Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault) * Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant) o Sockets * Fixed bug #62025 (__ss_family was changed on AIX 5.3) o SPL * Fixed bug #62433 (Inconsistent behavior of RecursiveDirectoryIterator to dot files) * Fixed bug #62262 (RecursiveArrayIterator does not implement Countable) o XML Writer * Fixed bug #62064 (memory leak in the XML Writer module) o Zip * Upgraded libzip to 0.10. { --- Module Name: pkgsrc Committed By: taca Date: Fri Jul 20 12:30:38 UTC 2012 Modified Files: pkgsrc/archivers/php-zip: Makefile pkgsrc/databases/php-dba: Makefile pkgsrc/databases/php-mssql: Makefile pkgsrc/databases/php-pdo_dblib: Makefile pkgsrc/databases/php-pdo_sqlite: Makefile pkgsrc/databases/php-sqlite: Makefile pkgsrc/devel/php-gettext: Makefile pkgsrc/devel/php-shmop: Makefile pkgsrc/graphics/php-exif: Makefile pkgsrc/graphics/php-gd: Makefile pkgsrc/net/php-soap: Makefile pkgsrc/net/php-xmlrpc: Makefile pkgsrc/textproc/php-dom: Makefile pkgsrc/textproc/php-intl: Makefile pkgsrc/textproc/php-pspell: Makefile pkgsrc/textproc/php-wddx: Makefile pkgsrc/textproc/php-xsl: Makefile pkgsrc/www/ap-php: Makefile pkgsrc/www/php-curl: Makefile Log Message: - Reset PKG_REVISION by both php53 and php54 are updated. - Remove supporting php5 (PHP 5.2.x) supporting codes. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (php-5.3.15.tar.bz2) = 05cf819352062ea3fbcccd3f15aa02c8c3f87440 RMD160 (php-5.3.15.tar.bz2) = b82b9f57c4bdc3b451a0c179f131497ebbbfd94f Size (php-5.3.15.tar.bz2) = 11307865 bytes d18 1 a18 1 SHA1 (patch-aj) = 8698b3caa6299843c7483473b0cb18ceffa3dada @ 1.44 log @Add fix for http://secunia.com/advisories/44335/, also CVE-2012-2386. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.43 2012/06/03 21:23:10 abs Exp $ d3 3 a5 3 SHA1 (php-5.3.13.tar.bz2) = 8a52dae3fc9e27814c15fc0ebd744bee38305248 RMD160 (php-5.3.13.tar.bz2) = 1ad55e7bd1262471c66d2236fbba76c137960029 Size (php-5.3.13.tar.bz2) = 11396389 bytes a19 1 SHA1 (patch-ext_phar_tar.c) = a19b4e6c2e663dbd254dbb1d5bb25de57d6cef27 a20 1 SHA1 (patch-ext_standard_crypt__freesec.c) = 5851993e4197bec2b61d6e58601173d564fed112 @ 1.43 log @Work around (FSVO work around) VAX's lack of inf. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.42 2012/05/31 15:58:10 taca Exp $ d20 1 @ 1.42 log @Add a patch to fix for CVE_2012-2143 from PHP's repository. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.41 2012/05/09 06:52:51 taca Exp $ d20 1 @ 1.41 log @Update php53 pacakge to 5.3.13 (PHP 5.3.13). 08 May 2012, PHP 5.3.13 - CGI . Improve fix for PHP-CGI query string parameter vulnerability, CVE-2012-2311. (Stas) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.40 2012/05/06 14:31:20 taca Exp $ d20 1 @ 1.40 log @Fix miss spelling in comment: s/CVS-/CVE-/. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.39 2012/05/06 14:27:46 taca Exp $ d3 6 a8 6 SHA1 (php-5.3.12/php-5.3.12.tar.bz2) = 1aef7c01207637671299e3eb2d74eb81dd6a8f83 RMD160 (php-5.3.12/php-5.3.12.tar.bz2) = 5d91c2d16b54632aa123677f63776b312872997c Size (php-5.3.12/php-5.3.12.tar.bz2) = 11394871 bytes SHA1 (php-5.3.12/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (php-5.3.12/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (php-5.3.12/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes a21 1 SHA1 (patch-sapi_cgi_cgi__main.c) = 13fb85106ab2612f733caef3a42280fdca45ad6e @ 1.39 log @Additional fix for CVS-2012-1823; it wasn't fixed by PHP 5.3.12. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.38 2012/05/04 01:48:41 taca Exp $ d22 1 a22 1 SHA1 (patch-sapi_cgi_cgi__main.c) = f96320decb6bb0140d383c1d95486de68a1b4c1c @ 1.38 log @Update php53 package to 5.3.12. 03 Mar 2012, PHP 5.3.12 - Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.37 2012/04/26 14:26:33 taca Exp $ d22 1 @ 1.37 log @Update php53 package to 5.3.11. For full changes, please refer . Security Enhancements: * Fixed bug #54374 (Insufficient validating of upload name leading to corrupted $_FILES indices). (CVE-2012-1172). * Add open_basedir checks to readline_write_history and readline_read_history. * Fixed bug #61043 (Regression in magic_quotes_gpc fix for CVE-2012-0831). Key enhancements in these releases include: * Added debug info handler to DOM objects. * Fixed bug #61172 (Add Apache 2.4 support). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.36 2012/04/05 03:17:26 taca Exp $ d3 6 a8 6 SHA1 (php-5.3.11/php-5.3.11.tar.bz2) = b7df71d926643b97a08ba0b103d010cbac01d5a1 RMD160 (php-5.3.11/php-5.3.11.tar.bz2) = cdad550e94cb911fa68b99acba2a5925d0848cf3 Size (php-5.3.11/php-5.3.11.tar.bz2) = 11396215 bytes SHA1 (php-5.3.11/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (php-5.3.11/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (php-5.3.11/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes @ 1.36 log @Add a patch to fix possible newline injection problem of header() function from PHP 5.4.0. This is a small security fix. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.35 2012/02/03 03:10:34 taca Exp $ d3 6 a8 6 SHA1 (php-5.3.10/php-5.3.10.tar.bz2) = 689d8463b5d9e24b9bf297e35826f2ebdb69afda RMD160 (php-5.3.10/php-5.3.10.tar.bz2) = acab30a19b340f21a64e06b524906f2b064dd1c9 Size (php-5.3.10/php-5.3.10.tar.bz2) = 11707402 bytes SHA1 (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes a19 1 SHA1 (patch-main_SAPI.c) = 8fd664c97cb9fa295ad8a1f42ed3e1b878554065 @ 1.36.2.1 log @Pullup ticket #3769 - requested by taca lang/php53: security update Revisions pulled up: - lang/php53/Makefile 1.25 - lang/php53/Makefile.common 1.11-1.12 - lang/php53/Makefile.php 1.14-1.15 - lang/php53/distinfo 1.37-1.38 - lang/php53/patches/patch-main_SAPI.c deleted ------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Apr 26 14:26:33 UTC 2012 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo Removed Files: pkgsrc/lang/php53/patches: patch-main_SAPI.c Log Message: Update php53 package to 5.3.11. For full changes, please refer . Security Enhancements: * Fixed bug #54374 (Insufficient validating of upload name leading to corrupted $_FILES indices). (CVE-2012-1172). * Add open_basedir checks to readline_write_history and readline_read_history. * Fixed bug #61043 (Regression in magic_quotes_gpc fix for CVE-2012-0831). Key enhancements in these releases include: * Added debug info handler to DOM objects. * Fixed bug #61172 (Add Apache 2.4 support). To generate a diff of this commit: cvs rdiff -u -r1.24 -r1.25 pkgsrc/lang/php53/Makefile cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/php53/Makefile.common cvs rdiff -u -r1.13 -r1.14 pkgsrc/lang/php53/Makefile.php cvs rdiff -u -r1.36 -r1.37 pkgsrc/lang/php53/distinfo cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php53/patches/patch-main_SAPI.c ------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Fri May 4 01:48:41 UTC 2012 Modified Files: pkgsrc/lang/php53: Makefile.common Makefile.php distinfo Log Message: Update php53 package to 5.3.12. 03 Mar 2012, PHP 5.3.12 - Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus) To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 pkgsrc/lang/php53/Makefile.common cvs rdiff -u -r1.14 -r1.15 pkgsrc/lang/php53/Makefile.php cvs rdiff -u -r1.37 -r1.38 pkgsrc/lang/php53/distinfo @ text @d1 1 a1 1 $NetBSD$ d3 6 a8 6 SHA1 (php-5.3.12/php-5.3.12.tar.bz2) = 1aef7c01207637671299e3eb2d74eb81dd6a8f83 RMD160 (php-5.3.12/php-5.3.12.tar.bz2) = 5d91c2d16b54632aa123677f63776b312872997c Size (php-5.3.12/php-5.3.12.tar.bz2) = 11394871 bytes SHA1 (php-5.3.12/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (php-5.3.12/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (php-5.3.12/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes d20 1 @ 1.36.2.2 log @Pullup ticket #3774 - requested by taca lang/php53 security update Revisions pulled up: - lang/php53/Makefile 1.26 - lang/php53/distinfo 1.39-1.40 - lang/php53/patches/patch-sapi_cgi_cgi__main.c 1.1-1.2 --- Module Name: pkgsrc Committed By: taca Date: Sun May 6 14:27:46 UTC 2012 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-sapi_cgi_cgi__main.c Log Message: Additional fix for CVS-2012-1823; it wasn't fixed by PHP 5.3.12. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Sun May 6 14:31:21 UTC 2012 Modified Files: pkgsrc/lang/php53: distinfo pkgsrc/lang/php53/patches: patch-sapi_cgi_cgi__main.c Log Message: Fix miss spelling in comment: s/CVS-/CVE-/. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.36.2.1 2012/05/04 08:39:30 spz Exp $ a21 1 SHA1 (patch-sapi_cgi_cgi__main.c) = 13fb85106ab2612f733caef3a42280fdca45ad6e @ 1.35 log @Update php53 package to 5.3.10. Below security fix is already included in php-5.3.9nb2 package. 02 Feb 2012, PHP 5.3.10 - Core: . Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830. (Stas, Dmitry) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.34 2012/02/02 16:19:44 taca Exp $ d20 1 @ 1.34 log @And more fix for memory leaks by revision 323013 from PHP's repository. Hopefully, these 18 minutes is allowed to avoid to PKGREVISION bump. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.33 2012/02/02 16:00:40 taca Exp $ d3 6 a8 6 SHA1 (php-5.3.9/php-5.3.9.tar.bz2) = fe0626735c3d9dd370cef9bdcfe9506629449f51 RMD160 (php-5.3.9/php-5.3.9.tar.bz2) = 428ed51982637f092c43369cf5cfb284d58da3f6 Size (php-5.3.9/php-5.3.9.tar.bz2) = 11704944 bytes SHA1 (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes a19 1 SHA1 (patch-main_php__variables.c) = 94a3fe7d0c52bf98bf91666448bd5a629f25802d @ 1.33 log @Add fix for "Critical PHP Remote Vulnerability Introduced in Fix for PHP Hashtable Collision DOS" by revision 323007 from PHP's repository. http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/ Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.32 2012/02/02 15:44:09 taca Exp $ d20 1 a20 1 SHA1 (patch-main_php__variables.c) = 2938bda56e51ddefd8b589035fc68ded9b83ab57 @ 1.32 log @Trying to fix build problem on NetBSD current recently. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.31 2012/01/20 03:22:08 taca Exp $ d20 1 @ 1.31 log @Use official suhosin-patch for PHP 5.3.9 instead of local one based on for PHP5.3.7. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.30 2012/01/12 12:58:47 taca Exp $ d20 1 @ 1.30 log @Fix build problem of databases/php-mssql. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.29 2012/01/11 14:53:35 taca Exp $ d6 3 a8 3 SHA1 (php-5.3.9/suhosin-patch-5.3.7-0.9.10-local.patch.gz) = 29ca7a59dc829c6e50ffb18d74330e5f2a515cbd RMD160 (php-5.3.9/suhosin-patch-5.3.7-0.9.10-local.patch.gz) = 0617b31095e693f1a7471ce40f0e8e83b4ac1c8a Size (php-5.3.9/suhosin-patch-5.3.7-0.9.10-local.patch.gz) = 40541 bytes @ 1.29 log @Update php53 pacakge to 5.3.9; PHP 5.3.9. suhosin-patch is provided as modified one; only copyright year. PHP 5.3.9 Released! [10-Jan-2012] The PHP development team would like to announce the immediate availability of PHP 5.3.9. This release focuses on improving the stability of the PHP 5.3.x branch with over 90 bug fixes, some of which are security related. Security Enhancements and Fixes in PHP 5.3.9: * Added max_input_vars directive to prevent attacks based on hash collisions. (CVE-2011-4885) * Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (CVE-2011-4566) Key enhancements in PHP 5.3.9 include: * Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of). * Fixed bug #55609 (mysqlnd cannot be built shared) * Many changes to the FPM SAPI module For a full list of changes in PHP 5.3.9, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/. All users are strongly encouraged to upgrade to PHP 5.3.9. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.28 2012/01/04 02:31:47 taca Exp $ a20 1 SHA1 (patch-php__mssql.h) = fa9e349127121cf478691c108ac611563e445c40 @ 1.28 log @Wrong distinfo was accidently generated. Noted by David Wetzel on netbsd-users. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.27 2012/01/03 16:23:14 taca Exp $ d3 6 a8 7 SHA1 (php-5.3.8/php-5.3.8.tar.bz2) = 8f29029e092f262876bfdd2ce56f6867e2b74b85 RMD160 (php-5.3.8/php-5.3.8.tar.bz2) = f18a18e2dfd7ea7885760eec2a05b3c4a15ad9db Size (php-5.3.8/php-5.3.8.tar.bz2) = 11190060 bytes SHA1 (php-5.3.8/suhosin-patch-5.3.7-0.9.10.patch.gz) = 3c38e873584b8f9e325a813cc9b197a342595099 RMD160 (php-5.3.8/suhosin-patch-5.3.7-0.9.10.patch.gz) = 19f789bf49a5fed2cd88b199fd8ac5d1ffa9bdc8 Size (php-5.3.8/suhosin-patch-5.3.7-0.9.10.patch.gz) = 41175 bytes SHA1 (patch-Zend_zend__builtin__functions.c) = 3d734b2137cd0b31ed54725f18059aba67f0de5b a19 4 SHA1 (patch-as) = 5faa039f0ab7663e82787973e937aea685ba2dac SHA1 (patch-main_main.c) = f99875ecd8a74db8454af36a840c8a7f24a58c7a SHA1 (patch-main_php__globals.h) = 0bf4b91293ef61649b3259ae5b2d9f4d921058d7 SHA1 (patch-main_php__variables.c) = 36956e69bfa3fcb87cd851b5e1d1a13cf470ef32 @ 1.28.2.1 log @Pullup ticket #3641 - requested by taca archivers/php-bz2: security update archivers/php-zip: security update archivers/php-zlib: security update converters/php-iconv: security update converters/php-mbstring: security update databases/php-dba: security update databases/php-ldap: security update databases/php-mysql: security update databases/php-mysqli: security update databases/php-pdo: security update databases/php-pdo_dblib: security update databases/php-pdo_mysql: security update databases/php-pdo_pgsql: security update databases/php-pdo_sqlite: security update databases/php-pgsql: security update databases/php-sqlite: security update devel/php-gettext: security update devel/php-gmp: security update devel/php-pcntl: security update devel/php-posix: security update devel/php-shmop: security update devel/php-sysvmsg: security update devel/php-sysvsem: security update devel/php-sysvshm: security update graphics/php-exif: security update graphics/php-gd: security update mail/php-imap: security update math/php-bcmath: security update net/php-ftp: security update net/php-snmp: security update net/php-soap: security update net/php-sockets: security update net/php-xmlrpc: security update security/php-mcrypt: security update textproc/php-dom: security update textproc/php-json: security update textproc/php-pspell: security update textproc/php-wddx: security update textproc/php-xsl: security update time/php-calendar: security update www/php-curl: security update www/php-tidy: security update Revisions pulled up: - lang/php53/Makefile 1.20 - lang/php53/Makefile.common 1.9 - lang/php53/Makefile.php 1.11 - lang/php53/distinfo 1.29 - lang/php53/patches/patch-Zend_zend__builtin__functions.c deleted - lang/php53/patches/patch-as deleted - lang/php53/patches/patch-main_main.c deleted - lang/php53/patches/patch-main_php__globals.h deleted - lang/php53/patches/patch-main_php__variables.c deleted --- Module Name: pkgsrc Committed By: taca Date: Wed Jan 11 14:53:35 UTC 2012 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo Removed Files: pkgsrc/lang/php53/patches: patch-Zend_zend__builtin__functions.c patch-as patch-main_main.c patch-main_php__globals.h patch-main_php__variables.c Log Message: Update php53 pacakge to 5.3.9; PHP 5.3.9. suhosin-patch is provided as modified one; only copyright year. PHP 5.3.9 Released! [10-Jan-2012] The PHP development team would like to announce the immediate availability of PHP 5.3.9. This release focuses on improving the stability of the PHP 5.3.x branch with over 90 bug fixes, some of which are security related. Security Enhancements and Fixes in PHP 5.3.9: * Added max_input_vars directive to prevent attacks based on hash collisions. (CVE-2011-4885) * Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (CVE-2011-4566) Key enhancements in PHP 5.3.9 include: * Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of). * Fixed bug #55609 (mysqlnd cannot be built shared) * Many changes to the FPM SAPI module For a full list of changes in PHP 5.3.9, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/. All users are strongly encouraged to upgrade to PHP 5.3.9. @ text @d1 1 a1 1 $NetBSD$ d3 7 a9 6 SHA1 (php-5.3.9/php-5.3.9.tar.bz2) = fe0626735c3d9dd370cef9bdcfe9506629449f51 RMD160 (php-5.3.9/php-5.3.9.tar.bz2) = 428ed51982637f092c43369cf5cfb284d58da3f6 Size (php-5.3.9/php-5.3.9.tar.bz2) = 11704944 bytes SHA1 (php-5.3.9/suhosin-patch-5.3.7-0.9.10-local.patch.gz) = 29ca7a59dc829c6e50ffb18d74330e5f2a515cbd RMD160 (php-5.3.9/suhosin-patch-5.3.7-0.9.10-local.patch.gz) = 0617b31095e693f1a7471ce40f0e8e83b4ac1c8a Size (php-5.3.9/suhosin-patch-5.3.7-0.9.10-local.patch.gz) = 40541 bytes d21 4 @ 1.28.2.2 log @Pullup ticket #3641 - requested by taca databases/php-mssql: security update meta-pkgs/php53-extensions: security update Revisions pulled up: - lang/php53/distinfo 1.30 - lang/php53/patches/patch-php__mssql.h deleted - meta-pkgs/php53-extensions/Makefile 1.5 --- Module Name: pkgsrc Committed By: taca Date: Thu Jan 12 12:58:47 UTC 2012 Modified Files: pkgsrc/lang/php53: distinfo Removed Files: pkgsrc/lang/php53/patches: patch-php__mssql.h Log Message: Fix build problem of databases/php-mssql. --- Module Name: pkgsrc Committed By: taca Date: Thu Jan 12 16:59:54 UTC 2012 Modified Files: pkgsrc/meta-pkgs/php53-extensions: Makefile Log Message: Fix build problem along with update of php53; overhaul. * Don't specify upper limit version to depend. Since PHP extensions are prefixed with PHP_PKG_PREFIX, it is no need to specify. * Relax lower limit version to depend for php extensions which aren't bundled in PHP 5.3.9 distribution file; reflecting recent change of lang/php/ext.mk To be safer, bump PKGREVISION. @ text @d21 1 @ 1.28.2.3 log @Pullup ticket #3659 - requested by taca lang/php53 suhosin-patch update. Revisions pulled up: - lang/php53/Makefile 1.21 - lang/php53/Makefile.php 1.12 - lang/php53/distinfo 1.31 --- Module Name: pkgsrc Committed By: taca Date: Fri Jan 20 03:22:08 UTC 2012 Modified Files: pkgsrc/lang/php53: Makefile Makefile.php distinfo Log Message: Use official suhosin-patch for PHP 5.3.9 instead of local one based on for PHP5.3.7. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.28.2.2 2012/01/12 19:53:15 tron Exp $ d6 3 a8 3 SHA1 (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes @ 1.28.2.4 log @Pullup ticket #3671 - requested by taca lang/php53 security and build fixes. Revisions pulled up: - lang/php53/Makefile 1.22-1.23 - lang/php53/Makefile.common 1.10 - lang/php53/Makefile.php 1.13 - lang/php53/distinfo 1.32-1.35 - lang/php53/patches/patch-main_php__variables.c deleted - lang/php53/patches/patch-main_streams_cast.c 1.1 --- Module Name: pkgsrc Committed By: taca Date: Thu Feb 2 15:44:09 UTC 2012 Modified Files: pkgsrc/lang/php53: distinfo Added Files: pkgsrc/lang/php53/patches: patch-main_streams_cast.c Log Message: Trying to fix build problem on NetBSD current recently. --- Module Name: pkgsrc Committed By: taca Date: Thu Feb 2 16:00:40 UTC 2012 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-main_php__variables.c Log Message: Add fix for "Critical PHP Remote Vulnerability Introduced in Fix for PHP Hashtable Collision DOS" by revision 323007 from PHP's repository. http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/ Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Thu Feb 2 16:19:44 UTC 2012 Modified Files: pkgsrc/lang/php53: distinfo pkgsrc/lang/php53/patches: patch-main_php__variables.c Log Message: And more fix for memory leaks by revision 323013 from PHP's repository. Hopefully, these 18 minutes is allowed to avoid to PKGREVISION bump. --- Module Name: pkgsrc Committed By: taca Date: Fri Feb 3 03:10:34 UTC 2012 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo Removed Files: pkgsrc/lang/php53/patches: patch-main_php__variables.c Log Message: Update php53 package to 5.3.10. Below security fix is already included in php-5.3.9nb2 package. 02 Feb 2012, PHP 5.3.10 - Core: . Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830. (Stas, Dmitry) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.28.2.3 2012/01/21 09:02:55 sbd Exp $ d3 6 a8 6 SHA1 (php-5.3.10/php-5.3.10.tar.bz2) = 689d8463b5d9e24b9bf297e35826f2ebdb69afda RMD160 (php-5.3.10/php-5.3.10.tar.bz2) = acab30a19b340f21a64e06b524906f2b064dd1c9 Size (php-5.3.10/php-5.3.10.tar.bz2) = 11707402 bytes SHA1 (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes a19 1 SHA1 (patch-main_streams_cast.c) = c169ccb73dc660e40eff9f9e168374f35eedadad @ 1.27 log @Add security fix for http://www.ocert.org/advisories/ocert-2011-003.html from r321038 from PHP's repository. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.26 2011/10/20 14:30:55 taca Exp $ d9 1 a9 1 SHA1 (patch-Zend_zend__builtin__functions.c) = beada1a54586a545e934c40085c14d1b9e8e02f3 @ 1.26 log @A small correction in comment text of the patch. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.25 2011/10/20 13:32:20 taca Exp $ d9 1 a9 1 SHA1 (patch-Zend_zend__builtin__functions.c) = 3d734b2137cd0b31ed54725f18059aba67f0de5b d22 3 @ 1.25 log @Add fix for 2011-3379 from r317183 from PHP's repository. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.24 2011/10/20 12:38:24 taca Exp $ d9 1 a9 1 SHA1 (patch-Zend_zend__builtin__functions.c) = 635480e508bd8159daa3f6e38c8b8d6c14f89b5b @ 1.24 log @Re-add suhosin-patch to distinfo. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.23 2011/10/06 05:34:00 jklos Exp $ d9 1 @ 1.23 log @Atomic operations via gcc are not supported on many archs. Allow them only on amd64, powerpc, i386 and alpha. @ text @d1 1 a1 1 $NetBSD$ d6 3 @ 1.22 log @Add some patches to fix build problem of databases/php-mssql with recent updated databases/freetds. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.21 2011/08/23 22:22:27 taca Exp $ a5 3 SHA1 (php-5.3.8/suhosin-patch-5.3.7-0.9.10.patch.gz) = 3c38e873584b8f9e325a813cc9b197a342595099 RMD160 (php-5.3.8/suhosin-patch-5.3.7-0.9.10.patch.gz) = 19f789bf49a5fed2cd88b199fd8ac5d1ffa9bdc8 Size (php-5.3.8/suhosin-patch-5.3.7-0.9.10.patch.gz) = 41175 bytes d17 1 @ 1.22.2.1 log @Pullup ticket #3573 - requested by taca lang/php53 security update Revisions pulled up: - lang/php53/Makefile 1.18 - lang/php53/Makefile.php 1.9-1.10 - lang/php53/distinfo 1.23-1.26 - lang/php53/patches/patch-Zend_zend__builtin__functions.c 1.1-1.2 - lang/php53/patches/patch-as 1.1 --- Module Name: pkgsrc Committed By: jklos Date: Thu Oct 6 05:34:00 UTC 2011 Modified Files: pkgsrc/lang/php53: distinfo Added Files: pkgsrc/lang/php53/patches: patch-as Log Message: Atomic operations via gcc are not supported on many archs. Allow them only on amd64, powerpc, i386 and alpha. --- Module Name: pkgsrc Committed By: taca Date: Thu Oct 20 12:38:24 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile.php distinfo Log Message: Re-add suhosin-patch to distinfo. --- Module Name: pkgsrc Committed By: taca Date: Thu Oct 20 12:39:33 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile.php Log Message: Revert accidental commit with previous commit. --- Module Name: pkgsrc Committed By: taca Date: Thu Oct 20 13:32:20 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-Zend_zend__builtin__functions.c Log Message: Add fix for 2011-3379 from r317183 from PHP's repository. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Thu Oct 20 14:30:55 UTC 2011 Modified Files: pkgsrc/lang/php53: distinfo pkgsrc/lang/php53/patches: patch-Zend_zend__builtin__functions.c Log Message: A small correction in comment text of the patch. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.22 2011/09/12 16:24:32 taca Exp $ a8 1 SHA1 (patch-Zend_zend__builtin__functions.c) = 3d734b2137cd0b31ed54725f18059aba67f0de5b a19 1 SHA1 (patch-as) = 5faa039f0ab7663e82787973e937aea685ba2dac @ 1.21 log @Update php53 package to 5.3.8. (crypt()'s problem was already fixed our php53-5.3.7nb1 package.) PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 23 Aug 2011, PHP 5.3.8 - Core: . Fixed bug #55439 (crypt() returns only the salt for MD5). (Stas) - OpenSSL: . Reverted a change in timeout handling restoring PHP 5.3.6 behavior, as the new behavior caused mysqlnd SSL connections to hang (#55283). (Pierre, Andrey, Johannes) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2011/08/22 09:40:00 taca Exp $ d20 2 @ 1.20 log @Add fix for MD5 password encryption problem (r315218 from PHP repository). Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.19 2011/08/20 14:41:04 taca Exp $ d3 6 a8 6 SHA1 (php-5.3.7/php-5.3.7.tar.bz2) = 811e84b75d41ad997c075e3ebc8470f5c26d03ea RMD160 (php-5.3.7/php-5.3.7.tar.bz2) = d14c52036f35d79193783b590c0cf131e1cd00c0 Size (php-5.3.7/php-5.3.7.tar.bz2) = 11144328 bytes SHA1 (php-5.3.7/suhosin-patch-5.3.7-0.9.10.patch.gz) = 3c38e873584b8f9e325a813cc9b197a342595099 RMD160 (php-5.3.7/suhosin-patch-5.3.7-0.9.10.patch.gz) = 19f789bf49a5fed2cd88b199fd8ac5d1ffa9bdc8 Size (php-5.3.7/suhosin-patch-5.3.7-0.9.10.patch.gz) = 41175 bytes a19 1 SHA1 (patch-ext_standard_php__crypt__r.c) = 47ddf0ecb5d740e0a72af7d3071883f4c368d2f4 @ 1.19 log @Update suhosin patch with hoping this 45 minutes delay wouldn't need PKGREVISION bump. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2011/08/20 13:55:09 taca Exp $ d20 1 @ 1.18 log @Update php53 package to 5.3.7. PHP 5.3.7 Released! [18-Aug-2011] The PHP development team would like to announce the immediate availability of PHP 5.3.7. This release focuses on improving the stability of the PHP 5.3.x branch with over 90 bug fixes, some of which are security related. Security Enhancements and Fixes in PHP 5.3.7: * Updated crypt_blowfish to 1.2. (CVE-2011-2483) * Fixed crash in error_log(). Reported by Mateusz Kocielski * Fixed buffer overflow on overlog salt in crypt(). * Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202) * Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938) * Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148) Key enhancements in PHP 5.3.7 include: * Upgraded bundled Sqlite3 to version 3.7.7.1 * Upgraded bundled PCRE to version 8.12 * Fixed bug #54910 (Crash when calling call_user_func with unknown function name) * Fixed bug #54585 (track_errors causes segfault) * Fixed bug #54262 (Crash when assigning value to a dimension in a non-array) * Fixed a crash inside dtor for error handling * Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off) * Fixed bug #54935 php_win_err can lead to crash * Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption) * Fixed bug #54305 (Crash in gc_remove_zval_from_buffer) * Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive is set through php_admin_value) * Fixed bug #54529 (SAPI crashes on apache_config.c:197) * Fixed bug #54283 (new DatePeriod(NULL) causes crash). * Fixed bug #54269 (Short exception message buffer causes crash) * Fixed Bug #54221 (mysqli::get_warnings segfault when used in multi queries) * Fixed bug #54395 (Phar::mount() crashes when calling with wrong parameters) * Fixed bug #54384 (Dual iterators, GlobIterator, SplFileObject and SplTempFileObject crash when user-space classes don't call the parent constructor) * Fixed bug #54292 (Wrong parameter causes crash in SplFileObject::__construct()) * Fixed bug #54291 (Crash iterating DirectoryIterator for dir name starting with \0) * Fixed bug #54281 (Crash in non-initialized RecursiveIteratorIterator) * Fixed bug #54623 (Segfault when writing to a persistent socket after closing a copy of the socket) * Fixed bug #54681 (addGlob() crashes on invalid flags) * Over 80 other bug fixes. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2011/06/22 09:54:35 taca Exp $ d6 3 @ 1.17 log @Improve previous security fix for cyrpt_blowfish(). There was incompatible result by previous fix and it should be gone away. Beside ths security fix, ${PREFIX}/bin/phar.phar has correct shbang line. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (php-5.3.6/php-5.3.6.tar.bz2) = 0e0b9b4d9117f22080e2204afa9383469eb0dbbd RMD160 (php-5.3.6/php-5.3.6.tar.bz2) = 619bf96cf24bf6aa0988494186f8914fde94d44d Size (php-5.3.6/php-5.3.6.tar.bz2) = 10952171 bytes d8 1 a8 1 SHA1 (patch-ac) = 07a3d6c9ee4c316033afd8c7db71eb21045a3afd a16 4 SHA1 (patch-ext_sockets_sockets.c) = 99137af0e3307f1b379e4a4012ebd56978a88a15 SHA1 (patch-ext_standard_crypt__blowfish.c) = aa1788e5e89bb51a6f9271bb3859386c99859c8c SHA1 (patch-ext_standard_string.c) = fe16ffedd894a6d580f3c998b9f571f403f4a764 SHA1 (patch-main_rfc1867.c) = 2f7efd3ebc6eadb377ce308d5d8293bda07bbc42 @ 1.16 log @* Add a fix of potential security problem by char signedness processing: http://www.openwall.com/lists/oss-security/2011/06/20/2 Noted by Matthias Drochner via private mail. * Add LICENSE. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2011/06/15 14:42:03 taca Exp $ d11 1 a11 1 SHA1 (patch-af) = 64a9e8bf83df23179b221e03af6061fc7ee2584e d18 1 a18 1 SHA1 (patch-ext_standard_crypt__blowfish.c) = 816a8404322c336bada83587761254318966191a @ 1.15 log @Add two security fix, CVE-2011-1938 and filename-injection from PHP 5.3's repository. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2011/05/16 13:08:45 taca Exp $ d18 1 @ 1.14 log @Add a patch to fix for CVE-2011-1148 (and more bugfix) from PHP's repository. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.13 2011/03/19 07:01:18 taca Exp $ d17 1 d19 1 @ 1.13 log @Update lang/php53 package to PHP 5.3. PHP 5.3.6 Released! [17-Mar-2011] The PHP development team would like to announce the immediate availability of PHP 5.3.6. This release focuses on improving the stability of the PHP 5.3.x branch with over 60 bug fixes, some of which are security related. Security Enhancements and Fixes in PHP 5.3.6: * Enforce security in the fastcgi protocol parsing with fpm SAPI. * Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153) * Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092) * Fixed bug #54055 (buffer overrun with high values for precision ini setting). * Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708) * Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421) Key enhancements in PHP 5.3.6 include: * Upgraded bundled Sqlite3 to version 3.7.4. * Upgraded bundled PCRE to version 8.11. * Added ability to connect to HTTPS sites through proxy with basic authentication using stream_context/http/header/Proxy-Authorization. * Added options to debug backtrace functions. * Changed default value of ini directive serialize_precision from 100 to 17. * Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime error). * Fixed Bug #53958 (Closures can't 'use' shared variables by value and by reference). * Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a trailing forward slash). * Over 60 other bug fixes. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.12 2011/02/21 16:38:40 taca Exp $ a5 3 SHA1 (php-5.3.6/suhosin-patch-5.3.4-0.9.10.patch.gz) = a2ab4bd03a329ec56a1f8b99e12e59f1838e0da6 RMD160 (php-5.3.6/suhosin-patch-5.3.4-0.9.10.patch.gz) = e5105397a9e41997ad11d2a0be01c7e3c9d06c6e Size (php-5.3.6/suhosin-patch-5.3.4-0.9.10.patch.gz) = 41092 bytes d17 1 @ 1.13.2.1 log @Pullup ticket #3432 - requested by taca lang/php53 security update Revisions pulled up: - lang/php53/Makefile 1.9 - lang/php53/distinfo 1.14 - lang/php53/patches/patch-ext_standard_string.c 1.1 --- Module Name: pkgsrc Committed By: taca Date: Mon May 16 13:08:45 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-ext_standard_string.c Log Message: Add a patch to fix for CVE-2011-1148 (and more bugfix) from PHP's repository. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ d6 3 a19 1 SHA1 (patch-ext_standard_string.c) = fe16ffedd894a6d580f3c998b9f571f403f4a764 @ 1.12 log @Oops, it should be commit before CHANGE-2011 update. Add Add patches to fix SA43328. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.11 2011/01/30 17:58:06 rumko Exp $ d3 8 a10 8 SHA1 (php-5.3.5/php-5.3.5.tar.bz2) = 355701b723fcb497581c368be4d6e572c150a5ea RMD160 (php-5.3.5/php-5.3.5.tar.bz2) = 831018429b87c46da7571397e0d463b81ded11eb Size (php-5.3.5/php-5.3.5.tar.bz2) = 10806092 bytes SHA1 (php-5.3.5/suhosin-patch-5.3.4-0.9.10.patch.gz) = a2ab4bd03a329ec56a1f8b99e12e59f1838e0da6 RMD160 (php-5.3.5/suhosin-patch-5.3.4-0.9.10.patch.gz) = e5105397a9e41997ad11d2a0be01c7e3c9d06c6e Size (php-5.3.5/suhosin-patch-5.3.4-0.9.10.patch.gz) = 41092 bytes SHA1 (patch-aa) = f51491af7c577f36979fc07d52b5857368392e09 SHA1 (patch-ab) = 7aeb5148056e7f0b150388c4cf60a139f6aeec44 d14 1 a14 1 SHA1 (patch-af) = 6e903ea7ff501226601fa73ce74c272d44d7346b a19 4 SHA1 (patch-ar) = edad3e866106cec502ccd93bacf722a771a6c1c0 SHA1 (patch-ext_exif_exif.c) = 98884afa0a6122e2730e1626d63337e6e82c0c09 SHA1 (patch-ext_zip_lib_zip__name__locate.c) = ffe336a383bd6a4c7328d4a3a5f2ef2038763b7a SHA1 (patch-ext_zip_php__zip.c) = fbff5185b1d8493409554bea8611cb4e9363e5f7 @ 1.11 log @lang/php53: add the missing suhosin patch 5.3.5 was released due to a critical issue and the previous suhosin patch still applies. Prior art of this can be seen in OpenBSD's and FreeBSD's ports. ok@@ wiz @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2011/01/13 13:52:53 wiz Exp $ d21 3 @ 1.10 log @Update patches for png-1.5. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2011/01/07 09:20:16 taca Exp $ d6 3 @ 1.9 log @Update php53 pacakge to 5.3.5. * Add fix for VAX floating point handling (Bug #53682), r307192 from PHP's repositry. (It is in PHP 5.2.17 but not in 5.3.5). 06 Jan 2011, PHP 5.3.5 - Fixed Bug #53632 (infinite loop with x87 fpu). (Scott, Rasmus) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2010/12/13 13:16:37 taca Exp $ d8 1 a8 1 SHA1 (patch-ac) = a896371d3343c07a5cf46c79d9ca9e1b2164797a @ 1.9.2.1 log @Pullup ticket #3348 - requested by rumko lang/php53 with suhosin build fix Revisions pulled up: - pkgsrc/lang/php53/Makefile.php ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: rumko Date: Sun Jan 30 17:58:06 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile.php distinfo Log Message: lang/php53: add the missing suhosin patch 5.3.5 was released due to a critical issue and the previous suhosin patch still applies. Prior art of this can be seen in OpenBSD's and FreeBSD's ports. ok@@ wiz To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile.php cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/php53/distinfo @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2011/01/07 09:20:16 taca Exp $ a5 3 SHA1 (php-5.3.5/suhosin-patch-5.3.4-0.9.10.patch.gz) = a2ab4bd03a329ec56a1f8b99e12e59f1838e0da6 RMD160 (php-5.3.5/suhosin-patch-5.3.4-0.9.10.patch.gz) = e5105397a9e41997ad11d2a0be01c7e3c9d06c6e Size (php-5.3.5/suhosin-patch-5.3.4-0.9.10.patch.gz) = 41092 bytes @ 1.9.2.2 log @Pullup ticket #3362 - requested by taca archivers/php-zip: security patch graphics/php-exif: security patch lang/php5: security patch lang/php53: security patch Revisions pulled up: - archivers/php-zip/Makefile 1.12-1.13 - graphics/php-exif/Makefile 1.9-1.10 - lang/php5/Makefile 1.82-1.83 - lang/php5/Makefile.php 1.43-1.44 - lang/php5/distinfo 1.86-1.87 - lang/php5/patches/patch-ext_exif_exif.c 1.1 - lang/php5/patches/patch-ext_zip_lib_zip__name__locate.c 1.1 - lang/php5/patches/patch-ext_zip_php__zip.c 1.1 - lang/php53/Makefile 1.7 - lang/php53/Makefile.php 1.5 - lang/php53/distinfo 1.12 - lang/php53/patches/patch-ext_exif_exif.c 1.1 - lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c 1.1 - lang/php53/patches/patch-ext_zip_php__zip.c 1.1 --- Module Name: pkgsrc Committed By: shattered Date: Tue Feb 15 20:52:24 UTC 2011 Modified Files: pkgsrc/lang/php5: Makefile Makefile.php Log Message: Re-enable DL_AUTO_VARS -- makes PHP CLI work again with extensions that are linked to pthread (like mysql.so). --- Module Name: pkgsrc Committed By: taca Date: Mon Feb 21 16:21:17 UTC 2011 Modified Files: pkgsrc/lang/php5: Makefile.php distinfo Log Message: Re-enable suhosin patch as php53. --- Module Name: pkgsrc Committed By: taca Date: Mon Feb 21 16:23:58 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile.php Log Message: Re-enable DL_AUTO_VARS as php5 package. --- Module Name: pkgsrc Committed By: taca Date: Mon Feb 21 16:25:33 UTC 2011 Modified Files: pkgsrc/lang/php5: Makefile Added Files: pkgsrc/lang/php5/patches: patch-ext_exif_exif.c patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c Log Message: Add patches to fix SA43328. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Mon Feb 21 16:26:50 UTC 2011 Modified Files: pkgsrc/lang/php5: distinfo Log Message: Regen distinfo. --- Module Name: pkgsrc Committed By: taca Date: Mon Feb 21 16:29:15 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile Log Message: Bump PKGREVISION for DL_AUTO_VARS. --- Module Name: pkgsrc Committed By: taca Date: Mon Feb 21 16:30:44 UTC 2011 Modified Files: pkgsrc/archivers/php-zip: Makefile pkgsrc/graphics/php-exif: Makefile Log Message: Bump PKGREVISION reflects fix of SA43328. --- Module Name: pkgsrc Committed By: taca Date: Mon Feb 21 16:38:40 UTC 2011 Modified Files: pkgsrc/lang/php53: distinfo Added Files: pkgsrc/lang/php53/patches: patch-ext_exif_exif.c patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c Log Message: Oops, it should be commit before CHANGE-2011 update. Add Add patches to fix SA43328. --- Module Name: pkgsrc Committed By: taca Date: Tue Feb 22 07:36:08 UTC 2011 Modified Files: pkgsrc/archivers/php-zip: Makefile pkgsrc/graphics/php-exif: Makefile Log Message: Add missing USE_PHP_EXT_PATCHES to apply patches really. @ text @d1 1 a1 1 $NetBSD$ a20 3 SHA1 (patch-ext_exif_exif.c) = 98884afa0a6122e2730e1626d63337e6e82c0c09 SHA1 (patch-ext_zip_lib_zip__name__locate.c) = ffe336a383bd6a4c7328d4a3a5f2ef2038763b7a SHA1 (patch-ext_zip_php__zip.c) = fbff5185b1d8493409554bea8611cb4e9363e5f7 @ 1.9.2.3 log @Pullup ticket #3395 - requested by taca security fix for lang/php53 Revisions pulled up: - lang/php53/Makefile 1.8 - lang/php53/Makefile.common 1.5 - lang/php53/distinfo 1.13 - lang/php53/patches/patch-aa 1.2 - lang/php53/patches/patch-ab 1.4 - lang/php53/patches/patch-af 1.2 - lang/php53/patches/patch-ar Removed - lang/php53/patches/patch-ext_exif_exif.c Removed - lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c Removed - lang/php53/patches/patch-ext_zip_php__zip.c Removed --- Module Name: pkgsrc Committed By: taca Date: Sat Mar 19 07:01:19 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common distinfo pkgsrc/lang/php53/patches: patch-aa patch-ab patch-af Removed Files: pkgsrc/lang/php53/patches: patch-ar patch-ext_exif_exif.c patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c Log Message: Update lang/php53 package to PHP 5.3. PHP 5.3.6 Released! [17-Mar-2011] The PHP development team would like to announce the immediate availability of PHP 5.3.6. This release focuses on improving the stability of the PHP 5.3.x branch with over 60 bug fixes, some of which are security related. Security Enhancements and Fixes in PHP 5.3.6: * Enforce security in the fastcgi protocol parsing with fpm SAPI. * Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153) * Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092) * Fixed bug #54055 (buffer overrun with high values for precision ini setting). * Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708) * Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421) Key enhancements in PHP 5.3.6 include: * Upgraded bundled Sqlite3 to version 3.7.4. * Upgraded bundled PCRE to version 8.11. * Added ability to connect to HTTPS sites through proxy with basic authentication using stream_context/http/header/Proxy-Authorization. * Added options to debug backtrace functions. * Changed default value of ini directive serialize_precision from 100 to 17. * Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime error). * Fixed Bug #53958 (Closures can't 'use' shared variables by value and by reference). * Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a trailing forward slash). * Over 60 other bug fixes. @ text @d3 8 a10 8 SHA1 (php-5.3.6/php-5.3.6.tar.bz2) = 0e0b9b4d9117f22080e2204afa9383469eb0dbbd RMD160 (php-5.3.6/php-5.3.6.tar.bz2) = 619bf96cf24bf6aa0988494186f8914fde94d44d Size (php-5.3.6/php-5.3.6.tar.bz2) = 10952171 bytes SHA1 (php-5.3.6/suhosin-patch-5.3.4-0.9.10.patch.gz) = a2ab4bd03a329ec56a1f8b99e12e59f1838e0da6 RMD160 (php-5.3.6/suhosin-patch-5.3.4-0.9.10.patch.gz) = e5105397a9e41997ad11d2a0be01c7e3c9d06c6e Size (php-5.3.6/suhosin-patch-5.3.4-0.9.10.patch.gz) = 41092 bytes SHA1 (patch-aa) = b0dc6cd0b2103d5858280202506b33322a98496e SHA1 (patch-ab) = d08bb50cf074a6065ef0d1d67a713b7573cb2f5b d14 1 a14 1 SHA1 (patch-af) = 64a9e8bf83df23179b221e03af6061fc7ee2584e d20 4 @ 1.8 log @Update lang/php53 package to 5.3.4 (PHP 5.3.4). The PHP development team is proud to announce the immediate release of PHP 5.3.4. This is a maintenance release in the 5.3 series, which includes a large number of bug fixes. Security Enhancements and Fixes in PHP 5.3.4: * Fixed crash in zip extract method (possible CWE-170). * Paths with NULL in them (foo\0bar.txt) are now considered as invalid (CVE-2006-7243). * Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150). * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). * Fixed possible flaw in open_basedir (CVE-2010-3436). * Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). * Fixed symbolic resolution support when the target is a DFS share. * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) (CVE-2010-3710). Key Bug Fixes in PHP 5.3.4 include: * Added stat support for zip stream. * Added follow_location (enabled by default) option for the http stream support. * Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al. * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime. * Multiple improvements to the FPM SAPI. * Over 100 other bug fixes. For users upgrading from PHP 5.2 there is a migration guide available here, detailing the changes between those releases and PHP 5.3. For a full list of changes in PHP 5.3.4, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2010/11/25 03:43:50 taca Exp $ d3 3 a5 3 SHA1 (php-5.3.4/php-5.3.4.tar.bz2) = 0b33926e78e1683e3383b3b5c840ee60ba669b0b RMD160 (php-5.3.4/php-5.3.4.tar.bz2) = dffbeced87117fd34c948de3ebdde01a25c24dae Size (php-5.3.4/php-5.3.4.tar.bz2) = 10804376 bytes d17 1 @ 1.7 log @ - GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016 - CVE-2010-3710 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=303779 - CVE-2010-3870 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=304959 - CVE-2010-4150 (php-imap) http://svn.php.net/viewvc?view=revision&revision=305032 - CVE-2010-4156 (SA42135) http://svn.php.net/viewvc?view=revision&revision=305214 Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2010/07/24 22:23:37 tron Exp $ d3 3 a5 6 SHA1 (php-5.3.3/php-5.3.3.tar.bz2) = 9f66716b341119e4e4f8fe3d81b7d0a5daf3cbc8 RMD160 (php-5.3.3/php-5.3.3.tar.bz2) = 9edb51663feac9b787f8382012893f1ac98fec6a Size (php-5.3.3/php-5.3.3.tar.bz2) = 10662227 bytes SHA1 (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 76675242cfdeff763767900213346af622002490 RMD160 (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 8dcd8b51ea0357b6cc51e70e495e18f341c62f7c Size (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 41298 bytes d7 1 a7 1 SHA1 (patch-ab) = 8ac388f50afc03f3f4eacbfed42ae295a2e8d700 a16 5 SHA1 (patch-am) = b2627295554d6e3cbe7de70e79ae0938379f8d93 SHA1 (patch-an) = d4ac5152584450d731b4c5ccb82ee84a8eed5071 SHA1 (patch-ao) = 6871d0a2b3bca1deec6b309e90e1c109a4758a21 SHA1 (patch-ap) = d54c00968ab581f8442b087a7ece42c827ff47f5 SHA1 (patch-aq) = 3f541181fcaa8bc2a20bd719a9c71b0cccd411d6 @ 1.6 log @Update "php53" package to version 5.3.3. Changes since version 5.3.2: - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). (Scott) - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) - A large number of not security related bug fixes @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2010/06/13 22:44:51 wiz Exp $ d20 5 @ 1.6.2.1 log @Pullup ticket #3312 - requested by taca pkgsrc/lang/{php5,php53} security fixes Revisions pulled up: - pkgsrc/databases/php-mysql/Makefile 1.14 - pkgsrc/databases/php-mysqli/Makefile 1.3 - pkgsrc/databases/php-pdo_mysql/Makefile 1.12 - pkgsrc/lang/php5/Makefile 1.80, 1.81 - pkgsrc/lang/php5/Makefile.common 1.43, 1.44 - pkgsrc/lang/php5/distinfo 1.80, 1.81, 1.82 - pkgsrc/lang/php5/patches/patch-ak 1.8, deleted - pkgsrc/lang/php5/patches/patch-bf 1.1, deleted - pkgsrc/lang/php5/patches/patch-bg 1.1, deleted - pkgsrc/lang/php53/Makefile 1.5, 1.6 - pkgsrc/lang/php53/Makefile.common 1.3 - pkgsrc/lang/php53/distinfo 1.7, 1.8 - pkgsrc/lang/php53/patches/patch-ab 1.3 - pkgsrc/lang/php53/patches/patch-am 1.1, deleted - pkgsrc/lang/php53/patches/patch-an 1.1, deleted - pkgsrc/lang/php53/patches/patch-ao 1.1, deleted - pkgsrc/lang/php53/patches/patch-ap 1.1, deleted - pkgsrc/lang/php53/patches/patch-aq 1.1, deleted - pkgsrc/mail/php-imap/Makefile 1.21, 1.22 - pkgsrc/www/ap-php/Makefile 1.24 - pkgsrc/www/php-eaccelerator/Makefile 1.13 ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:43:50 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq Log Message: - GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016 - CVE-2010-3710 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=303779 - CVE-2010-3870 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=304959 - CVE-2010-4150 (php-imap) http://svn.php.net/viewvc?view=revision&revision=305032 - CVE-2010-4156 (SA42135) http://svn.php.net/viewvc?view=revision&revision=305214 Bump PKGREVISION. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:44:16 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile distinfo Added Files: pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg Log Message: - CVE-2010-4150 (php-imap) http://svn.php.net/viewvc?view=revision&revision=305032 - CVE-2010-3710 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=303885 - CVE-2010-3870 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=305055 Bump PKGREVISION. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:45:19 UTC 2010 Modified Files: pkgsrc/mail/php-imap: Makefile Log Message: Bump REVISION since CVE-2010-4150 fix was added. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:15:46 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile Makefile.common distinfo Removed Files: pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg Log Message: Update php5 package to 5.2.15 (PHP 5.2.15): The PHP development team would like to announce the immediate availability of PHP 5.2.15. This release marks the end of support for PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. This release focuses on improving the security and stability of the PHP 5.2.x branch with a small number, of predominatly security fixes. Security Enhancements and Fixes in PHP 5.2.15: * Fixed extract() to do not overwrite $GLOBALS and $this when using EXTR_OVERWRITE. * Fixed crash in zip extract method (possible CWE-170). * Fixed a possible double free in imap extension. * Fixed possible flaw in open_basedir (CVE-2010-3436). * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data). Key enhancements in PHP 5.2.15 include: * Fixed bug #47643 (array_diff() takes over 3000 times longer than php 5.2.4). * Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy with SoapClient object). * To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a migration guide available on http://php.net/migration53, details the changes between PHP 5.2 and PHP 5.3. For a full list of changes in PHP 5.2.15 see the ChangeLog at http://www.php.net/ChangeLog-5.php#5.2.15. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:16:37 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common distinfo pkgsrc/lang/php53/patches: patch-ab Removed Files: pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq Log Message: Update lang/php53 package to 5.3.4 (PHP 5.3.4). The PHP development team is proud to announce the immediate release of PHP 5.3.4. This is a maintenance release in the 5.3 series, which includes a large number of bug fixes. Security Enhancements and Fixes in PHP 5.3.4: * Fixed crash in zip extract method (possible CWE-170). * Paths with NULL in them (foo\0bar.txt) are now considered as invalid (CVE-2006-7243). * Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150). * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). * Fixed possible flaw in open_basedir (CVE-2010-3436). * Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). * Fixed symbolic resolution support when the target is a DFS share. * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) (CVE-2010-3710). Key Bug Fixes in PHP 5.3.4 include: * Added stat support for zip stream. * Added follow_location (enabled by default) option for the http stream support. * Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al. * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime. * Multiple improvements to the FPM SAPI. * Over 100 other bug fixes. For users upgrading from PHP 5.2 there is a migration guide available here, detailing the changes between those releases and PHP 5.3. For a full list of changes in PHP 5.3.4, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:18:20 UTC 2010 Modified Files: pkgsrc/databases/php-mysql: Makefile pkgsrc/databases/php-mysqli: Makefile pkgsrc/databases/php-pdo_mysql: Makefile pkgsrc/mail/php-imap: Makefile pkgsrc/www/ap-php: Makefile pkgsrc/www/php-eaccelerator: Makefile Log Message: Reset PKGREVISION by update of base PHP version. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Dec 16 14:20:45 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile.common distinfo Log Message: Update php5 pacakge to 5.2.16: PHP 5.2.16 Released! The PHP development team would like to announce the immediate availability of PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. This release focuses on addressing a regression in open_basedir implementation introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data retrieval when the server is down. All users who have upgraded to 5.2.15 and are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or 5.3.4. To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a migration guide available on http://php.net/migration53, details the changes between PHP 5.2 and PHP 5.3. For a full list of changes in PHP 5.2.16 see the ChangeLog at http://www.php.net/ChangeLog-5.php#5.2.16. ChangeLog: Version 5.2.16 16-Dec-2010 * Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is down). (gyp at balabit dot hu) * Fixed bug #53516 (Regression in open_basedir handling). (Ilia) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2010/12/13 13:16:37 taca Exp $ d3 6 a8 3 SHA1 (php-5.3.4/php-5.3.4.tar.bz2) = 0b33926e78e1683e3383b3b5c840ee60ba669b0b RMD160 (php-5.3.4/php-5.3.4.tar.bz2) = dffbeced87117fd34c948de3ebdde01a25c24dae Size (php-5.3.4/php-5.3.4.tar.bz2) = 10804376 bytes d10 1 a10 1 SHA1 (patch-ab) = 7aeb5148056e7f0b150388c4cf60a139f6aeec44 @ 1.6.2.2 log @Pullup ticket #3319 - requested by taca lang/php5: security update lang/php53: security update Revisions pulled up: - lang/php5/Makefile.common 1.45 - lang/php5/distinfo 1.83 - lang/php5/distinfo 1.84 - lang/php5/patches/patch-ab 1.6 - lang/php5/patches/patch-ab delete - lang/php53/Makefile.common 1.4 - lang/php53/distinfo 1.9 - lang/php53/patches/patch-ar 1.1 --- Module Name: pkgsrc Committed By: jklos Date: Thu Jan 6 22:13:24 UTC 2011 Modified Files: pkgsrc/lang/php5: distinfo Added Files: pkgsrc/lang/php5/patches: patch-ab Log Message: Fix VAX floating point handling in zend_strtod.c. --- Module Name: pkgsrc Committed By: taca Date: Fri Jan 7 09:16:28 UTC 2011 Modified Files: pkgsrc/lang/php5: Makefile.common distinfo Removed Files: pkgsrc/lang/php5/patches: patch-ab Log Message: Update php5 pacakge to 5.2.17. * patch-ab (Fix VAX floating point handling) is merge to PHP 5.2.17. 06 Jan 2010, PHP 5.2.17 - Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott, Rasmus) --- Module Name: pkgsrc Committed By: taca Date: Fri Jan 7 09:20:16 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile.common distinfo Added Files: pkgsrc/lang/php53/patches: patch-ar Log Message: Update php53 pacakge to 5.3.5. * Add fix for VAX floating point handling (Bug #53682), r307192 from PHP's repositry. (It is in PHP 5.2.17 but not in 5.3.5). 06 Jan 2011, PHP 5.3.5 - Fixed Bug #53632 (infinite loop with x87 fpu). (Scott, Rasmus) @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (php-5.3.5/php-5.3.5.tar.bz2) = 355701b723fcb497581c368be4d6e572c150a5ea RMD160 (php-5.3.5/php-5.3.5.tar.bz2) = 831018429b87c46da7571397e0d463b81ded11eb Size (php-5.3.5/php-5.3.5.tar.bz2) = 10806092 bytes a16 1 SHA1 (patch-ar) = edad3e866106cec502ccd93bacf722a771a6c1c0 @ 1.5 log @Bump PKGREVISION for libpng shlib name change. Also add some patches to remove use of deprecated symbols and fix other problems when looking for or compiling against libpng-1.4.x. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2010/05/28 15:31:04 joerg Exp $ d3 6 a8 6 SHA1 (php-5.3.2/php-5.3.2.tar.bz2) = 79ea4ee3da3a7542d1e348ac963a5b38bcbb4b6b RMD160 (php-5.3.2/php-5.3.2.tar.bz2) = 60a8aac0d51511ecaf8dcad9d31bdf072c0c99cf Size (php-5.3.2/php-5.3.2.tar.bz2) = 10477662 bytes SHA1 (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = c48d3f24341d3b0214ca3e980320b23864aa93ba RMD160 (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = 64d8b7ec2ec91fd7a43b0cd95c0aa0df5b666768 Size (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = 40847 bytes d10 1 a10 1 SHA1 (patch-ab) = 07c1a5463a302ea155aba10da0d6b0ee0aee43a8 a18 1 SHA1 (patch-ak) = f80a23158ea9105be47fc90465a1fee46673cc74 @ 1.5.2.1 log @Pullup ticket 3184 - requested by tron security updates Revisions pulled up: - pkgsrc/lang/php5/Makefile 1.79 - pkgsrc/lang/php5/distinf 1.79 - pkgsrc/lang/php5/Makefile.common 1.42 - pkgsrc/lang/php5/Makefile.ph 1.42 - pkgsrc/lang/php53/Makefile 1.4 - pkgsrc/lang/php53/Makefile.common 1.2 - pkgsrc/lang/php53/Makefile.php 1.3 - pkgsrc/lang/php53/distinfo 1.6 - pkgsrc/lang/php53/patches/patch-ab 1.2 - pkgsrc/converters/php-mbstring/Makefile 1.2 - pkgsrc/devel/php-gmp/Makefile 1.12 - pkgsrc/graphics/php-gd/Makefile 1.24 - pkgsrc/multimedia/php-ming/Makefile 1.11 - pkgsrc/net/php-xmlrpc/Makefile 1.13 - pkgsrc/net/php-yaz/Makefile 1.9 - pkgsrc/print/php-pdflib/Makefile 1.17 Files deleted: pkgsrc/lang/php5/patches/patch-be pkgsrc/lang/php53/patches/patch-ak ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sat Jul 24 22:23:15 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile Makefile.common Makefile.php distinfo Removed Files: pkgsrc/lang/php5/patches: patch-be Log Message: Update "php5" package to version 5.2.14. Changes since version 5.2.13: - Reverted bug fix #49521 (PDO fetchObject sets values before calling constructor). (Felipe) - Updated timezone database to version 2010.5. (Derick) - Upgraded bundled PCRE to version 8.02. (Ilia) - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). (Scott) - Fixed a possible interruption array leak in strrchr(). Reported by P??ter Veres. (CVE-2010-2484) (Felipe) - Fixed a possible interruption array leak in strchr(), strstr(), substr(), chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe) - Fixed a possible memory corruption in substr_replace() (Dmitry) - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) - Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan Esser (Ilia) - Reset error state in PDO::beginTransaction() reset error state. (Ilia) - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) - Fixed handling of session variable serialization on certain prefix characters. Reported by Stefan Esser (Ilia) - Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski. (Ilia) - Fixed a crash when calling an inexistent method of a class that inherits PDOStatement if instantiated directly instead of doing by the PDO methods. (Felipe) - Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64 bit)). (Adam) - Fixed bug #52238 (Crash when an Exception occured in iterator_to_array). (Johannes) - Fixed bug #52237 (Crash when passing the reference of the property of a non-object). (Dmitry) - Fixed bug #52163 (SplFileObject::fgetss() fails due to parameter that can't be set). (Felipe) - Fixed bug #52162 (custom request header variables with numbers are removed). (Sriram Natarajan) - Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe) - Fixed bug #52061 (memory_limit above 2G). (Felipe) - Fixed bug #52041 (Memory leak when writing on uninitialized variable returned from function). (Dmitry) - Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at debian dot org, Kalle) - Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick) - Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command). (Ilia, Felipe) - Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle, coreystup at gmail dot com) - Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with constant array). (Felipe) - Fixed bug #51905 (ReflectionParameter fails if default value is an array with an access to self::). (Felipe) - Fixed bug #51822 (Segfault with strange __destruct() for static class variables). (Dmitry) - Fixed bug #51671 (imagefill does not work correctly for small images). (Pierre) - Fixed bug #51670 (getColumnMeta causes segfault when re-executing query after calling nextRowset). (Pierrick) - Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading). (Pierre) - Fixed bug #51617 (PDO PGSQL still broken against PostGreSQL < 7.4). (Felipe, wdierkes at 5dollarwhitebox dot org) - Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe) - Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter). (Felipe) - Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string literal). (cbandy at jbandy dot com) - Fixed bug #51607 (pg_copy_from does not allow schema in the tablename argument). (cbandy at jbandy dot com) - Fixed bug #51604 (newline in end of header is shown in start of message). (Daniel Egeberg) - Fixed bug #51562 (query timeout in mssql can not be changed per query). (ejsmont dot artur at gmail dot com) - Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory issues). (Dmitry) - Fixed bug #51532 (Wrong prototype for SplFileObject::fscanf()). (Etienne) - Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe) - Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains timezone). (Adam) - Fixed bug #51374 (Wrongly initialized object properties). (Etienne) - Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is on). (Ilia, j dot jeising at gmail dot com) - Fixed bug #51273 (Faultstring property does not exist when the faultstring is empty) (Ilia, dennis at transip dot nl) - Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam) - Fixed bug #51263 (imagettftext and rotated text uses wrong baseline) (cschneid at cschneid dot com, Takeshi Abe) - Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com) - Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia, alexr at oplot dot com) - Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that includes '-'). (Adam, solar at azrael dot ws). - Fixed bug #51190 (ftp_put() returns false when transfer was successful). (Ilia) - Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio). (Sriram Natarajan) - Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when an invalid option is provided). (Ilia) - Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre) - Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones) - Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris Jones) - Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4). (Raphael Geissert) - Fixed bug #50762 (in WSDL mode Soap Header handler function only being called if defined in WSDL). (mephius at gmail dot com) - Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable endpoints). (Justin Dearing) - Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not include file and line in trace). (Felipe) - Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe) - Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne) - Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus) - Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe) - Fixed bug #49267 (Linking fails for iconv). (Moriyosh) - Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob) - Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken). (Adam, patch from hiroaki dot kawai at gmail dot com). - Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus) - Fixed bug #33210 (getimagesize() fails to detect width/height on certain JPEGs). (Ilia) - Fixed bug #23229 (syslog() truncates messages). (Adam) To generate a diff of this commit: cvs rdiff -u -r1.78 -r1.79 pkgsrc/lang/php5/Makefile \ pkgsrc/lang/php5/distinfo cvs rdiff -u -r1.41 -r1.42 pkgsrc/lang/php5/Makefile.common \ pkgsrc/lang/php5/Makefile.php cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-be ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sat Jul 24 22:23:37 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo pkgsrc/lang/php53/patches: patch-ab Removed Files: pkgsrc/lang/php53/patches: patch-ak Log Message: Update "php53" package to version 5.3.3. Changes since version 5.3.2: - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). (Scott) - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) - A large number of not security related bug fixes To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/Makefile.common cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php53/Makefile.php cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/php53/distinfo cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/patches/patch-ab cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php53/patches/patch-ak ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sat Jul 24 22:24:22 UTC 2010 Modified Files: pkgsrc/converters/php-mbstring: Makefile pkgsrc/devel/php-gmp: Makefile pkgsrc/graphics/php-gd: Makefile pkgsrc/multimedia/php-ming: Makefile pkgsrc/net/php-xmlrpc: Makefile pkgsrc/net/php-yaz: Makefile pkgsrc/print/php-pdflib: Makefile Log Message: Revert revision of several PHP extensions after both core PHP packages were updated. To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/converters/php-mbstring/Makefile cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/php-gmp/Makefile cvs rdiff -u -r1.23 -r1.24 pkgsrc/graphics/php-gd/Makefile cvs rdiff -u -r1.10 -r1.11 pkgsrc/multimedia/php-ming/Makefile cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/php-xmlrpc/Makefile cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/php-yaz/Makefile cvs rdiff -u -r1.16 -r1.17 pkgsrc/print/php-pdflib/Makefile @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2010/07/24 22:23:37 tron Exp $ d3 6 a8 6 SHA1 (php-5.3.3/php-5.3.3.tar.bz2) = 9f66716b341119e4e4f8fe3d81b7d0a5daf3cbc8 RMD160 (php-5.3.3/php-5.3.3.tar.bz2) = 9edb51663feac9b787f8382012893f1ac98fec6a Size (php-5.3.3/php-5.3.3.tar.bz2) = 10662227 bytes SHA1 (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 76675242cfdeff763767900213346af622002490 RMD160 (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 8dcd8b51ea0357b6cc51e70e495e18f341c62f7c Size (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 41298 bytes d10 1 a10 1 SHA1 (patch-ab) = 8ac388f50afc03f3f4eacbfed42ae295a2e8d700 d19 1 @ 1.4 log @Patch pdo-mysql to not append empty -I arguments. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2010/04/16 15:19:23 taca Exp $ d11 1 a11 1 SHA1 (patch-ac) = f1a0c3ebe65bc3c486c44411b384bc882288b55d @ 1.3 log @Explicitly set PKGNAME to handle PKG_OPTIONS properly, noted by PR pkg/43170 by Nathaniel Madura. And add suhosin-patch to distinfo. Bump PKG_REVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2010/03/27 06:23:13 taca Exp $ d20 1 @ 1.2 log @Add patch for php-xmlrpc to fix CVE-2010-0397 security problem. These patch are created from r296152 and r296153 from svn from PHP. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.1.1.1 2010/03/16 15:31:58 taca Exp $ d6 3 @ 1.2.2.1 log @Pullup ticket #3093 - requested by taca lang/php53: bug fix Revisions pulled up: - lang/php53/Makefile 1.3 - lang/php53/distinfo 1.3 --- Module Name: pkgsrc Committed By: taca Date: Fri Apr 16 15:19:23 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile distinfo Log Message: Explicitly set PKGNAME to handle PKG_OPTIONS properly, noted by PR pkg/43170 by Nathaniel Madura. And add suhosin-patch to distinfo. Bump PKG_REVISION. @ text @d1 1 a1 1 $NetBSD$ a5 3 SHA1 (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = c48d3f24341d3b0214ca3e980320b23864aa93ba RMD160 (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = 64d8b7ec2ec91fd7a43b0cd95c0aa0df5b666768 Size (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = 40847 bytes @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ a5 3 SHA1 (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = c48d3f24341d3b0214ca3e980320b23864aa93ba RMD160 (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = 64d8b7ec2ec91fd7a43b0cd95c0aa0df5b666768 Size (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = 40847 bytes d16 1 @ 1.1.1.1 log @Importing PHP 5.3.2 as lang/php53. This package and lang/php5 aren't installed at the same time. Setting PHP_VERSION_DEFAULT as "5" or "53" to select PHP 5.2.x or 5.3.x. PHP is an HTML-embedded scripting language. It is modular, with some object-oriented features. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The language is designed to allow web developers to write dynamically generated pages quickly. @ text @@