head 1.9; access; symbols pkgsrc-2014Q4:1.8.0.8 pkgsrc-2014Q4-base:1.8 pkgsrc-2014Q3:1.8.0.6 pkgsrc-2014Q3-base:1.8 pkgsrc-2014Q2:1.8.0.4 pkgsrc-2014Q2-base:1.8 pkgsrc-2014Q1:1.8.0.2 pkgsrc-2014Q1-base:1.8 pkgsrc-2013Q4:1.7.0.4 pkgsrc-2013Q4-base:1.7 pkgsrc-2013Q3:1.7.0.2 pkgsrc-2013Q3-base:1.7 pkgsrc-2013Q2:1.6.0.2 pkgsrc-2013Q2-base:1.6 pkgsrc-2013Q1:1.5.0.2 pkgsrc-2013Q1-base:1.5 pkgsrc-2012Q4:1.4.0.16 pkgsrc-2012Q4-base:1.4 pkgsrc-2012Q3:1.4.0.14 pkgsrc-2012Q3-base:1.4 pkgsrc-2012Q2:1.4.0.12 pkgsrc-2012Q2-base:1.4 pkgsrc-2012Q1:1.4.0.10 pkgsrc-2012Q1-base:1.4 pkgsrc-2011Q4:1.4.0.8 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q3:1.4.0.6 pkgsrc-2011Q3-base:1.4 pkgsrc-2011Q2:1.4.0.4 pkgsrc-2011Q2-base:1.4 pkgsrc-2011Q1:1.4.0.2 pkgsrc-2011Q1-base:1.4 pkgsrc-2010Q4:1.3.0.2 pkgsrc-2010Q4-base:1.3 pkgsrc-2010Q3:1.2.0.2 pkgsrc-2010Q3-base:1.2 pkgsrc-2010Q2:1.1.1.1.0.4 pkgsrc-2010Q2-base:1.1.1.1 pkgsrc-2010Q1:1.1.1.1.0.2 pkgsrc-2010Q1-base:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.9 date 2015.03.15.15.00.46; author taca; state dead; branches; next 1.8; commitid 4KsKfLt2nQH6kIdy; 1.8 date 2014.03.12.19.52.04; author asau; state Exp; branches; next 1.7; commitid OLWiYTMSBSqyLrsx; 1.7 date 2013.07.12.00.07.04; author taca; state Exp; branches; next 1.6; commitid C1FAqta7bpf817Xw; 1.6 date 2013.04.12.16.59.51; author taca; state Exp; branches 1.6.2.1; next 1.5; 1.5 date 2013.03.16.01.58.18; author taca; state Exp; branches 1.5.2.1; next 1.4; 1.4 date 2011.03.19.07.01.19; author taca; state Exp; branches; next 1.3; 1.3 date 2010.12.13.13.16.37; author taca; state Exp; branches 1.3.2.1; next 1.2; 1.2 date 2010.07.24.22.23.37; author tron; state Exp; branches 1.2.2.1; next 1.1; 1.1 date 2010.03.16.15.31.58; author taca; state Exp; branches 1.1.1.1; next ; 1.6.2.1 date 2013.07.15.22.32.24; author tron; state Exp; branches; next ; commitid Sj7vdPy68bMQmCXw; 1.5.2.1 date 2013.06.11.09.39.22; author tron; state Exp; branches; next ; commitid UanYVDXE7k5qbbTw; 1.3.2.1 date 2011.03.22.06.55.44; author sbd; state Exp; branches; next ; 1.2.2.1 date 2010.12.23.10.10.54; author sbd; state Exp; branches; next ; 1.1.1.1 date 2010.03.16.15.31.58; author taca; state Exp; branches 1.1.1.1.4.1; next ; 1.1.1.1.4.1 date 2010.07.25.11.56.17; author spz; state Exp; branches; next ; desc @@ 1.9 log @Remove php53 now. It is not supported any more including security fix. @ text @$NetBSD: patch-ab,v 1.8 2014/03/12 19:52:04 asau Exp $ --- configure.orig 2013-12-10 20:13:12.000000000 +0000 +++ configure @@@@ -14121,7 +14121,7 @@@@ EOF PHP_VAR_SUBST="$PHP_VAR_SUBST SAPI_CGI_PATH" - INSTALL_IT="@@echo \"Installing PHP CGI binary: \$(INSTALL_ROOT)\$(bindir)/\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH) \$(INSTALL_ROOT)\$(bindir)/\$(program_prefix)php-cgi\$(program_suffix)\$(EXEEXT)" + INSTALL_IT="@@echo \"Installing PHP CGI binary: \$(INSTALL_ROOT)@@CGIDIR@@\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH) \$(INSTALL_ROOT)@@CGIDIR@@/php" if test "$PHP_SAPI" != "default"; then { echo "configure: error: @@@@ -23462,7 +23462,7 @@@@ fi if test "$found_openssl" = "no"; then if test "$PHP_OPENSSL_DIR" = "yes"; then - PHP_OPENSSL_DIR="/usr/local/ssl /usr/local /usr /usr/local/openssl" + PHP_OPENSSL_DIR="/usr/local/ssl /usr/local /usr /usr/local/openssl /" fi for i in $PHP_OPENSSL_DIR; do @@@@ -25453,7 +25453,7 @@@@ echo "configure:25433: checking bundled PHP_SQLITE3_CFLAGS="-I@@ext_srcdir@@/libsqlite $other_flags $threadsafe_flags $debug_flags" - for header_file in ext/sqlite3/libsqlite/sqlite3.h; do + for header_file; do unique=`echo $header_file|$SED 's/[^a-zA-Z0-9]/_/g'` @@@@ -36315,7 +36315,7 @@@@ fi if test "$found_openssl" = "no"; then if test "$PHP_OPENSSL_DIR" = "yes"; then - PHP_OPENSSL_DIR="/usr/local/ssl /usr/local /usr /usr/local/openssl" + PHP_OPENSSL_DIR="/usr/local/ssl /usr/local /usr /usr/local/openssl /" fi for i in $PHP_OPENSSL_DIR; do @@@@ -50656,7 +50656,7 @@@@ fi if test "$found_openssl" = "no"; then if test "$PHP_OPENSSL_DIR" = "yes"; then - PHP_OPENSSL_DIR="/usr/local/ssl /usr/local /usr /usr/local/openssl" + PHP_OPENSSL_DIR="/usr/local/ssl /usr/local /usr /usr/local/openssl /" fi for i in $PHP_OPENSSL_DIR; do @@@@ -84774,7 +84774,7 @@@@ fi if test "$found_openssl" = "no"; then if test "$PHP_OPENSSL_DIR" = "yes"; then - PHP_OPENSSL_DIR="/usr/local/ssl /usr/local /usr /usr/local/openssl" + PHP_OPENSSL_DIR="/usr/local/ssl /usr/local /usr /usr/local/openssl /" fi for i in $PHP_OPENSSL_DIR; do @@@@ -107937,12 +107937,7 @@@@ old_CC=$CC if test "$PHP_THREAD_SAFETY" = "yes" && test -n "$ac_cv_pthreads_cflags"; then CXXFLAGS="$CXXFLAGS $ac_cv_pthreads_cflags" INLINE_CFLAGS="$INLINE_CFLAGS $ac_cv_pthreads_cflags" - cat >meta_ccld<param_bind). (Andrey) - DateTime . Fixed bug #62852 (Unserialize Invalid Date causes crash). (Anatol) - Zip: . Bug #64452 (Zip crash intermittently). (Anatol) @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.5 2013/03/16 01:58:18 taca Exp $ d3 1 a3 1 --- configure.orig 2013-04-10 07:50:37.000000000 +0000 d14 1 a14 1 @@@@ -23462,7 +23462,7 @@@@ fi d23 1 a23 1 @@@@ -25453,7 +25453,7 @@@@ echo "configure:25433: checking bundled d32 1 a32 1 @@@@ -36315,7 +36315,7 @@@@ fi d41 1 a41 1 @@@@ -50360,7 +50360,7 @@@@ fi d50 1 a50 1 @@@@ -84478,7 +84478,7 @@@@ fi d59 1 a59 1 @@@@ -107641,12 +107641,7 @@@@ old_CC=$CC @ 1.6.2.1 log @Pullup ticket #4183 - requested by taca lang/php53: security update Revisions pulled up: - lang/php/phpversion.mk 1.36 - lang/php53/Makefile.common 1.27 - lang/php53/Makefile.php 1.35 - lang/php53/distinfo 1.66 - lang/php53/patches/patch-aa 1.3 - lang/php53/patches/patch-ab 1.7 - lang/php53/patches/patch-ac 1.6 - lang/php53/patches/patch-ad 1.2 - lang/php53/patches/patch-ae 1.2 - lang/php53/patches/patch-af 1.4 - lang/php53/patches/patch-ag 1.3 - lang/php53/patches/patch-ah 1.2 - lang/php53/patches/patch-ai 1.2 - lang/php53/patches/patch-aj 1.3 - lang/php53/patches/patch-al 1.2 - lang/php53/patches/patch-ext_standard_basic__functions.c 1.2 - lang/php53/patches/patch-main_streams_cast.c 1.2 - lang/php53/patches/patch-php__mssql.c 1.2 - lang/php53/patches/patch-sapi_fpm_php-fpm.conf.in 1.2 --- Module Name: pkgsrc Committed By: taca Date: Fri Jul 12 00:07:04 UTC 2013 Modified Files: pkgsrc/lang/php53: Makefile.common Makefile.php distinfo pkgsrc/lang/php53/patches: patch-aa patch-ab patch-ac patch-ad patch-ae patch-af patch-ag patch-ah patch-ai patch-aj patch-al patch-ext_standard_basic__functions.c patch-main_streams_cast.c patch-php__mssql.c patch-sapi_fpm_php-fpm.conf.in Log Message: Update php53 to 5.3.27 (PHP 5.3.27). 11-Jul-2013 Core: * Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC). * Fixed bug #64960 (Segfault in gc_zval_possible_root). * Fixed bug #64934 (Apache2 TS crash with get_browser()). * Fixed bug #63186 (compile failure on netbsd). DateTime: * Fixed bug #53437 (Crash when using unserialized DatePeriod instance). PDO_firebird: * Fixed bug #64037 (Firebird return wrong value for numeric field). * Fixed bug #62024 (Cannot insert second row with null using parametrized query). PDO_pgsql: * Fixed bug #64949 (Buffer overflow in _pdo_pgsql_error). pgsql: * Fixed bug #64609 (pg_convert enum type support). SPL: * Fixed bug #64997 (Segfault while using RecursiveIteratorIterator on 64-bits systems). XML: * Fixed bug #65236 (heap corruption in xml parser). --- Module Name: pkgsrc Committed By: taca Date: Fri Jul 12 00:09:14 UTC 2013 Modified Files: pkgsrc/lang/php: phpversion.mk Log Message: Update PHP53_VERSION to 5.3.27. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- configure.orig 2013-07-11 17:08:25.000000000 +0000 d14 1 a14 1 @@@@ -23465,7 +23465,7 @@@@ fi d23 1 a23 1 @@@@ -25456,7 +25456,7 @@@@ echo "configure:25433: checking bundled d32 1 a32 1 @@@@ -36318,7 +36318,7 @@@@ fi d41 1 a41 1 @@@@ -50659,7 +50659,7 @@@@ fi d50 1 a50 1 @@@@ -84777,7 +84777,7 @@@@ fi d59 1 a59 1 @@@@ -107940,12 +107940,7 @@@@ old_CC=$CC @ 1.5 log @Update php53 to 5.3.23. 14 Mar 2013, PHP 5.3.23 - SOAP . Improved check that soap.wsdl_cache_dir conforms to open_basedir (Dmitry) . Disabled external entities loading. (Dmitry) - SPL: . Fixed bug #64264 (SPLFixedArray toArray problem). (Laruence) . Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS). (patch by kriss@@krizalys.com, Laruence) . Fixed bug #52861 (unset fails with ArrayObject and deep arrays). (Mike Willbanks) @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.4 2011/03/19 07:01:19 taca Exp $ d3 1 a3 1 --- configure.orig 2013-03-14 17:17:01.000000000 +0000 d5 1 a5 1 @@@@ -17392,7 +17392,7 @@@@ echo "${ECHO_T}no" >&6 d11 1 a11 1 d13 2 a14 2 { { echo "$as_me:$LINENO: error: @@@@ -33475,7 +33475,7 @@@@ echo "$as_me: error: OpenSSL version 0.9 d16 1 a16 1 d23 1 a23 1 @@@@ -35650,7 +35650,7 @@@@ echo "${ECHO_T}yes" >&6 d25 2 a26 2 d29 2 a30 2 d32 1 a32 1 @@@@ -47718,7 +47718,7 @@@@ echo "$as_me: error: OpenSSL version 0.9 d34 1 a34 1 d41 1 a41 1 @@@@ -65336,7 +65336,7 @@@@ echo "$as_me: error: OpenSSL version 0.9 d43 1 a43 1 d50 1 a50 1 @@@@ -106941,7 +106941,7 @@@@ echo "$as_me: error: OpenSSL version 0.9 d52 1 a52 1 d59 1 a59 1 @@@@ -138087,12 +138087,7 @@@@ old_CC=$CC @ 1.5.2.1 log @Pullup ticket #4158 - requested by taca lang/php53: fix build with "suhosi" option Revisions pulled up: - lang/php53/Makefile.php 1.34 - lang/php53/distinfo 1.65 --- Module Name: pkgsrc Committed By: taca Date: Sun Jun 9 22:23:24 UTC 2013 Modified Files: pkgsrc/lang/php53: Makefile.php distinfo Log Message: Fix suhosi patch part. Thanks to Volkmar Seifert notified me the problem via private e-mail. (I should modify my local mk.conf to handle better...) @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.5 2013/03/16 01:58:18 taca Exp $ d3 1 a3 1 --- configure.orig 2013-04-10 07:50:37.000000000 +0000 d5 1 a5 1 @@@@ -14121,7 +14121,7 @@@@ EOF d11 1 a11 1 d13 2 a14 2 { echo "configure: error: @@@@ -23462,7 +23462,7 @@@@ fi d16 1 a16 1 d23 1 a23 1 @@@@ -25453,7 +25453,7 @@@@ echo "configure:25433: checking bundled d25 2 a26 2 d29 2 a30 2 d32 1 a32 1 @@@@ -36315,7 +36315,7 @@@@ fi d34 1 a34 1 d41 1 a41 1 @@@@ -50360,7 +50360,7 @@@@ fi d43 1 a43 1 d50 1 a50 1 @@@@ -84478,7 +84478,7 @@@@ fi d52 1 a52 1 d59 1 a59 1 @@@@ -107641,12 +107641,7 @@@@ old_CC=$CC @ 1.4 log @Update lang/php53 package to PHP 5.3. PHP 5.3.6 Released! [17-Mar-2011] The PHP development team would like to announce the immediate availability of PHP 5.3.6. This release focuses on improving the stability of the PHP 5.3.x branch with over 60 bug fixes, some of which are security related. Security Enhancements and Fixes in PHP 5.3.6: * Enforce security in the fastcgi protocol parsing with fpm SAPI. * Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153) * Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092) * Fixed bug #54055 (buffer overrun with high values for precision ini setting). * Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708) * Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421) Key enhancements in PHP 5.3.6 include: * Upgraded bundled Sqlite3 to version 3.7.4. * Upgraded bundled PCRE to version 8.11. * Added ability to connect to HTTPS sites through proxy with basic authentication using stream_context/http/header/Proxy-Authorization. * Added options to debug backtrace functions. * Changed default value of ini directive serialize_precision from 100 to 17. * Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime error). * Fixed Bug #53958 (Closures can't 'use' shared variables by value and by reference). * Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a trailing forward slash). * Over 60 other bug fixes. @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.3 2010/12/13 13:16:37 taca Exp $ d3 1 a3 1 --- configure.orig 2011-03-17 07:55:56.000000000 +0000 d5 1 a5 1 @@@@ -13699,7 +13699,7 @@@@ EOF d11 1 a11 1 d13 2 a14 2 { echo "configure: error: @@@@ -22963,7 +22963,7 @@@@ fi d16 1 a16 1 d23 1 a23 1 @@@@ -24930,7 +24930,7 @@@@ echo "configure:24910: checking bundled d25 2 a26 2 d29 2 a30 2 d32 1 a32 1 @@@@ -35788,7 +35788,7 @@@@ fi d34 1 a34 1 d41 1 a41 1 @@@@ -49814,7 +49814,7 @@@@ fi d43 1 a43 1 d50 1 a50 1 @@@@ -83901,7 +83901,7 @@@@ fi d52 1 a52 1 d59 1 a59 1 @@@@ -107041,12 +107041,7 @@@@ old_CC=$CC @ 1.3 log @Update lang/php53 package to 5.3.4 (PHP 5.3.4). The PHP development team is proud to announce the immediate release of PHP 5.3.4. This is a maintenance release in the 5.3 series, which includes a large number of bug fixes. Security Enhancements and Fixes in PHP 5.3.4: * Fixed crash in zip extract method (possible CWE-170). * Paths with NULL in them (foo\0bar.txt) are now considered as invalid (CVE-2006-7243). * Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150). * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). * Fixed possible flaw in open_basedir (CVE-2010-3436). * Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). * Fixed symbolic resolution support when the target is a DFS share. * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) (CVE-2010-3710). Key Bug Fixes in PHP 5.3.4 include: * Added stat support for zip stream. * Added follow_location (enabled by default) option for the http stream support. * Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al. * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime. * Multiple improvements to the FPM SAPI. * Over 100 other bug fixes. For users upgrading from PHP 5.2 there is a migration guide available here, detailing the changes between those releases and PHP 5.3. For a full list of changes in PHP 5.3.4, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/. @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $ d3 1 a3 1 --- configure.orig 2010-12-08 21:46:58.000000000 +0000 d50 1 a50 1 @@@@ -83900,7 +83900,7 @@@@ fi d59 1 a59 1 @@@@ -107040,12 +107040,7 @@@@ old_CC=$CC @ 1.3.2.1 log @Pullup ticket #3395 - requested by taca security fix for lang/php53 Revisions pulled up: - lang/php53/Makefile 1.8 - lang/php53/Makefile.common 1.5 - lang/php53/distinfo 1.13 - lang/php53/patches/patch-aa 1.2 - lang/php53/patches/patch-ab 1.4 - lang/php53/patches/patch-af 1.2 - lang/php53/patches/patch-ar Removed - lang/php53/patches/patch-ext_exif_exif.c Removed - lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c Removed - lang/php53/patches/patch-ext_zip_php__zip.c Removed --- Module Name: pkgsrc Committed By: taca Date: Sat Mar 19 07:01:19 UTC 2011 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common distinfo pkgsrc/lang/php53/patches: patch-aa patch-ab patch-af Removed Files: pkgsrc/lang/php53/patches: patch-ar patch-ext_exif_exif.c patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c Log Message: Update lang/php53 package to PHP 5.3. PHP 5.3.6 Released! [17-Mar-2011] The PHP development team would like to announce the immediate availability of PHP 5.3.6. This release focuses on improving the stability of the PHP 5.3.x branch with over 60 bug fixes, some of which are security related. Security Enhancements and Fixes in PHP 5.3.6: * Enforce security in the fastcgi protocol parsing with fpm SAPI. * Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153) * Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092) * Fixed bug #54055 (buffer overrun with high values for precision ini setting). * Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708) * Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421) Key enhancements in PHP 5.3.6 include: * Upgraded bundled Sqlite3 to version 3.7.4. * Upgraded bundled PCRE to version 8.11. * Added ability to connect to HTTPS sites through proxy with basic authentication using stream_context/http/header/Proxy-Authorization. * Added options to debug backtrace functions. * Changed default value of ini directive serialize_precision from 100 to 17. * Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime error). * Fixed Bug #53958 (Closures can't 'use' shared variables by value and by reference). * Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a trailing forward slash). * Over 60 other bug fixes. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- configure.orig 2011-03-17 07:55:56.000000000 +0000 d50 1 a50 1 @@@@ -83901,7 +83901,7 @@@@ fi d59 1 a59 1 @@@@ -107041,12 +107041,7 @@@@ old_CC=$CC @ 1.2 log @Update "php53" package to version 5.3.3. Changes since version 5.3.2: - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). (Scott) - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) - A large number of not security related bug fixes @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.1.1.1 2010/03/16 15:31:58 taca Exp $ d3 3 a5 3 --- configure.orig 2010-07-24 22:35:41.000000000 +0100 +++ configure 2010-07-24 22:39:23.000000000 +0100 @@@@ -13778,7 +13778,7 @@@@ d12 3 a14 3 PHP_SAPI=cgi @@@@ -23206,7 +23206,7 @@@@ d23 1 a23 1 @@@@ -25179,7 +25179,7 @@@@ d32 1 a32 1 @@@@ -36124,7 +36124,7 @@@@ d41 1 a41 1 @@@@ -50201,7 +50201,7 @@@@ d50 1 a50 1 @@@@ -84421,7 +84421,7 @@@@ d59 1 a59 1 @@@@ -107682,12 +107682,7 @@@@ @ 1.2.2.1 log @Pullup ticket #3312 - requested by taca pkgsrc/lang/{php5,php53} security fixes Revisions pulled up: - pkgsrc/databases/php-mysql/Makefile 1.14 - pkgsrc/databases/php-mysqli/Makefile 1.3 - pkgsrc/databases/php-pdo_mysql/Makefile 1.12 - pkgsrc/lang/php5/Makefile 1.80, 1.81 - pkgsrc/lang/php5/Makefile.common 1.43, 1.44 - pkgsrc/lang/php5/distinfo 1.80, 1.81, 1.82 - pkgsrc/lang/php5/patches/patch-ak 1.8, deleted - pkgsrc/lang/php5/patches/patch-bf 1.1, deleted - pkgsrc/lang/php5/patches/patch-bg 1.1, deleted - pkgsrc/lang/php53/Makefile 1.5, 1.6 - pkgsrc/lang/php53/Makefile.common 1.3 - pkgsrc/lang/php53/distinfo 1.7, 1.8 - pkgsrc/lang/php53/patches/patch-ab 1.3 - pkgsrc/lang/php53/patches/patch-am 1.1, deleted - pkgsrc/lang/php53/patches/patch-an 1.1, deleted - pkgsrc/lang/php53/patches/patch-ao 1.1, deleted - pkgsrc/lang/php53/patches/patch-ap 1.1, deleted - pkgsrc/lang/php53/patches/patch-aq 1.1, deleted - pkgsrc/mail/php-imap/Makefile 1.21, 1.22 - pkgsrc/www/ap-php/Makefile 1.24 - pkgsrc/www/php-eaccelerator/Makefile 1.13 ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:43:50 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq Log Message: - GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016 - CVE-2010-3710 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=303779 - CVE-2010-3870 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=304959 - CVE-2010-4150 (php-imap) http://svn.php.net/viewvc?view=revision&revision=305032 - CVE-2010-4156 (SA42135) http://svn.php.net/viewvc?view=revision&revision=305214 Bump PKGREVISION. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:44:16 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile distinfo Added Files: pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg Log Message: - CVE-2010-4150 (php-imap) http://svn.php.net/viewvc?view=revision&revision=305032 - CVE-2010-3710 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=303885 - CVE-2010-3870 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=305055 Bump PKGREVISION. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:45:19 UTC 2010 Modified Files: pkgsrc/mail/php-imap: Makefile Log Message: Bump REVISION since CVE-2010-4150 fix was added. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:15:46 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile Makefile.common distinfo Removed Files: pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg Log Message: Update php5 package to 5.2.15 (PHP 5.2.15): The PHP development team would like to announce the immediate availability of PHP 5.2.15. This release marks the end of support for PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. This release focuses on improving the security and stability of the PHP 5.2.x branch with a small number, of predominatly security fixes. Security Enhancements and Fixes in PHP 5.2.15: * Fixed extract() to do not overwrite $GLOBALS and $this when using EXTR_OVERWRITE. * Fixed crash in zip extract method (possible CWE-170). * Fixed a possible double free in imap extension. * Fixed possible flaw in open_basedir (CVE-2010-3436). * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data). Key enhancements in PHP 5.2.15 include: * Fixed bug #47643 (array_diff() takes over 3000 times longer than php 5.2.4). * Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy with SoapClient object). * To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a migration guide available on http://php.net/migration53, details the changes between PHP 5.2 and PHP 5.3. For a full list of changes in PHP 5.2.15 see the ChangeLog at http://www.php.net/ChangeLog-5.php#5.2.15. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:16:37 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common distinfo pkgsrc/lang/php53/patches: patch-ab Removed Files: pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq Log Message: Update lang/php53 package to 5.3.4 (PHP 5.3.4). The PHP development team is proud to announce the immediate release of PHP 5.3.4. This is a maintenance release in the 5.3 series, which includes a large number of bug fixes. Security Enhancements and Fixes in PHP 5.3.4: * Fixed crash in zip extract method (possible CWE-170). * Paths with NULL in them (foo\0bar.txt) are now considered as invalid (CVE-2006-7243). * Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150). * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). * Fixed possible flaw in open_basedir (CVE-2010-3436). * Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). * Fixed symbolic resolution support when the target is a DFS share. * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) (CVE-2010-3710). Key Bug Fixes in PHP 5.3.4 include: * Added stat support for zip stream. * Added follow_location (enabled by default) option for the http stream support. * Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al. * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime. * Multiple improvements to the FPM SAPI. * Over 100 other bug fixes. For users upgrading from PHP 5.2 there is a migration guide available here, detailing the changes between those releases and PHP 5.3. For a full list of changes in PHP 5.3.4, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:18:20 UTC 2010 Modified Files: pkgsrc/databases/php-mysql: Makefile pkgsrc/databases/php-mysqli: Makefile pkgsrc/databases/php-pdo_mysql: Makefile pkgsrc/mail/php-imap: Makefile pkgsrc/www/ap-php: Makefile pkgsrc/www/php-eaccelerator: Makefile Log Message: Reset PKGREVISION by update of base PHP version. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Dec 16 14:20:45 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile.common distinfo Log Message: Update php5 pacakge to 5.2.16: PHP 5.2.16 Released! The PHP development team would like to announce the immediate availability of PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. This release focuses on addressing a regression in open_basedir implementation introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data retrieval when the server is down. All users who have upgraded to 5.2.15 and are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or 5.3.4. To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a migration guide available on http://php.net/migration53, details the changes between PHP 5.2 and PHP 5.3. For a full list of changes in PHP 5.2.16 see the ChangeLog at http://www.php.net/ChangeLog-5.php#5.2.16. ChangeLog: Version 5.2.16 16-Dec-2010 * Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is down). (gyp at balabit dot hu) * Fixed bug #53516 (Regression in open_basedir handling). (Ilia) @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.3 2010/12/13 13:16:37 taca Exp $ d3 3 a5 3 --- configure.orig 2010-12-08 21:46:58.000000000 +0000 +++ configure @@@@ -13699,7 +13699,7 @@@@ EOF d12 3 a14 3 if test "$PHP_SAPI" != "default"; then { echo "configure: error: @@@@ -22963,7 +22963,7 @@@@ fi d23 1 a23 1 @@@@ -24930,7 +24930,7 @@@@ echo "configure:24910: checking bundled d32 1 a32 1 @@@@ -35788,7 +35788,7 @@@@ fi d41 1 a41 1 @@@@ -49814,7 +49814,7 @@@@ fi d50 1 a50 1 @@@@ -83900,7 +83900,7 @@@@ fi d59 1 a59 1 @@@@ -107040,12 +107040,7 @@@@ old_CC=$CC @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 --- configure.orig 2010-03-13 06:01:16.000000000 +0000 +++ configure @@@@ -12194,7 +12194,7 @@@@ EOF d14 1 a14 1 @@@@ -21515,7 +21515,7 @@@@ fi d23 10 a32 1 @@@@ -34398,7 +34398,7 @@@@ fi d41 1 a41 1 @@@@ -48467,7 +48467,7 @@@@ fi d50 1 a50 1 @@@@ -82684,7 +82684,7 @@@@ fi d59 1 a59 1 @@@@ -104623,12 +104623,7 @@@@ old_CC=$CC @ 1.1.1.1 log @Importing PHP 5.3.2 as lang/php53. This package and lang/php5 aren't installed at the same time. Setting PHP_VERSION_DEFAULT as "5" or "53" to select PHP 5.2.x or 5.3.x. PHP is an HTML-embedded scripting language. It is modular, with some object-oriented features. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The language is designed to allow web developers to write dynamically generated pages quickly. @ text @@ 1.1.1.1.4.1 log @Pullup ticket 3184 - requested by tron security updates Revisions pulled up: - pkgsrc/lang/php5/Makefile 1.79 - pkgsrc/lang/php5/distinf 1.79 - pkgsrc/lang/php5/Makefile.common 1.42 - pkgsrc/lang/php5/Makefile.ph 1.42 - pkgsrc/lang/php53/Makefile 1.4 - pkgsrc/lang/php53/Makefile.common 1.2 - pkgsrc/lang/php53/Makefile.php 1.3 - pkgsrc/lang/php53/distinfo 1.6 - pkgsrc/lang/php53/patches/patch-ab 1.2 - pkgsrc/converters/php-mbstring/Makefile 1.2 - pkgsrc/devel/php-gmp/Makefile 1.12 - pkgsrc/graphics/php-gd/Makefile 1.24 - pkgsrc/multimedia/php-ming/Makefile 1.11 - pkgsrc/net/php-xmlrpc/Makefile 1.13 - pkgsrc/net/php-yaz/Makefile 1.9 - pkgsrc/print/php-pdflib/Makefile 1.17 Files deleted: pkgsrc/lang/php5/patches/patch-be pkgsrc/lang/php53/patches/patch-ak ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sat Jul 24 22:23:15 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile Makefile.common Makefile.php distinfo Removed Files: pkgsrc/lang/php5/patches: patch-be Log Message: Update "php5" package to version 5.2.14. Changes since version 5.2.13: - Reverted bug fix #49521 (PDO fetchObject sets values before calling constructor). (Felipe) - Updated timezone database to version 2010.5. (Derick) - Upgraded bundled PCRE to version 8.02. (Ilia) - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). (Scott) - Fixed a possible interruption array leak in strrchr(). Reported by P??ter Veres. (CVE-2010-2484) (Felipe) - Fixed a possible interruption array leak in strchr(), strstr(), substr(), chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe) - Fixed a possible memory corruption in substr_replace() (Dmitry) - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) - Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan Esser (Ilia) - Reset error state in PDO::beginTransaction() reset error state. (Ilia) - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) - Fixed handling of session variable serialization on certain prefix characters. Reported by Stefan Esser (Ilia) - Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski. (Ilia) - Fixed a crash when calling an inexistent method of a class that inherits PDOStatement if instantiated directly instead of doing by the PDO methods. (Felipe) - Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64 bit)). (Adam) - Fixed bug #52238 (Crash when an Exception occured in iterator_to_array). (Johannes) - Fixed bug #52237 (Crash when passing the reference of the property of a non-object). (Dmitry) - Fixed bug #52163 (SplFileObject::fgetss() fails due to parameter that can't be set). (Felipe) - Fixed bug #52162 (custom request header variables with numbers are removed). (Sriram Natarajan) - Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe) - Fixed bug #52061 (memory_limit above 2G). (Felipe) - Fixed bug #52041 (Memory leak when writing on uninitialized variable returned from function). (Dmitry) - Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at debian dot org, Kalle) - Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick) - Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command). (Ilia, Felipe) - Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle, coreystup at gmail dot com) - Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with constant array). (Felipe) - Fixed bug #51905 (ReflectionParameter fails if default value is an array with an access to self::). (Felipe) - Fixed bug #51822 (Segfault with strange __destruct() for static class variables). (Dmitry) - Fixed bug #51671 (imagefill does not work correctly for small images). (Pierre) - Fixed bug #51670 (getColumnMeta causes segfault when re-executing query after calling nextRowset). (Pierrick) - Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading). (Pierre) - Fixed bug #51617 (PDO PGSQL still broken against PostGreSQL < 7.4). (Felipe, wdierkes at 5dollarwhitebox dot org) - Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe) - Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter). (Felipe) - Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string literal). (cbandy at jbandy dot com) - Fixed bug #51607 (pg_copy_from does not allow schema in the tablename argument). (cbandy at jbandy dot com) - Fixed bug #51604 (newline in end of header is shown in start of message). (Daniel Egeberg) - Fixed bug #51562 (query timeout in mssql can not be changed per query). (ejsmont dot artur at gmail dot com) - Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory issues). (Dmitry) - Fixed bug #51532 (Wrong prototype for SplFileObject::fscanf()). (Etienne) - Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe) - Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains timezone). (Adam) - Fixed bug #51374 (Wrongly initialized object properties). (Etienne) - Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is on). (Ilia, j dot jeising at gmail dot com) - Fixed bug #51273 (Faultstring property does not exist when the faultstring is empty) (Ilia, dennis at transip dot nl) - Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam) - Fixed bug #51263 (imagettftext and rotated text uses wrong baseline) (cschneid at cschneid dot com, Takeshi Abe) - Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com) - Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia, alexr at oplot dot com) - Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that includes '-'). (Adam, solar at azrael dot ws). - Fixed bug #51190 (ftp_put() returns false when transfer was successful). (Ilia) - Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio). (Sriram Natarajan) - Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when an invalid option is provided). (Ilia) - Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre) - Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones) - Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris Jones) - Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4). (Raphael Geissert) - Fixed bug #50762 (in WSDL mode Soap Header handler function only being called if defined in WSDL). (mephius at gmail dot com) - Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable endpoints). (Justin Dearing) - Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not include file and line in trace). (Felipe) - Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe) - Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne) - Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus) - Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe) - Fixed bug #49267 (Linking fails for iconv). (Moriyosh) - Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob) - Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken). (Adam, patch from hiroaki dot kawai at gmail dot com). - Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus) - Fixed bug #33210 (getimagesize() fails to detect width/height on certain JPEGs). (Ilia) - Fixed bug #23229 (syslog() truncates messages). (Adam) To generate a diff of this commit: cvs rdiff -u -r1.78 -r1.79 pkgsrc/lang/php5/Makefile \ pkgsrc/lang/php5/distinfo cvs rdiff -u -r1.41 -r1.42 pkgsrc/lang/php5/Makefile.common \ pkgsrc/lang/php5/Makefile.php cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-be ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sat Jul 24 22:23:37 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo pkgsrc/lang/php53/patches: patch-ab Removed Files: pkgsrc/lang/php53/patches: patch-ak Log Message: Update "php53" package to version 5.3.3. Changes since version 5.3.2: - Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). (Scott) - Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) - A large number of not security related bug fixes To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/Makefile.common cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php53/Makefile.php cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/php53/distinfo cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/patches/patch-ab cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php53/patches/patch-ak ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sat Jul 24 22:24:22 UTC 2010 Modified Files: pkgsrc/converters/php-mbstring: Makefile pkgsrc/devel/php-gmp: Makefile pkgsrc/graphics/php-gd: Makefile pkgsrc/multimedia/php-ming: Makefile pkgsrc/net/php-xmlrpc: Makefile pkgsrc/net/php-yaz: Makefile pkgsrc/print/php-pdflib: Makefile Log Message: Revert revision of several PHP extensions after both core PHP packages were updated. To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/converters/php-mbstring/Makefile cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/php-gmp/Makefile cvs rdiff -u -r1.23 -r1.24 pkgsrc/graphics/php-gd/Makefile cvs rdiff -u -r1.10 -r1.11 pkgsrc/multimedia/php-ming/Makefile cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/php-xmlrpc/Makefile cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/php-yaz/Makefile cvs rdiff -u -r1.16 -r1.17 pkgsrc/print/php-pdflib/Makefile @ text @d1 1 a1 1 $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $ d3 3 a5 3 --- configure.orig 2010-07-24 22:35:41.000000000 +0100 +++ configure 2010-07-24 22:39:23.000000000 +0100 @@@@ -13778,7 +13778,7 @@@@ d14 1 a14 1 @@@@ -23206,7 +23206,7 @@@@ d23 1 a23 10 @@@@ -25179,7 +25179,7 @@@@ PHP_SQLITE3_CFLAGS="-I@@ext_srcdir@@/libsqlite $other_flags $threadsafe_flags $debug_flags" - for header_file in ext/sqlite3/libsqlite/sqlite3.h; do + for header_file; do unique=`echo $header_file|$SED 's/[^a-zA-Z0-9]/_/g'` @@@@ -36124,7 +36124,7 @@@@ d32 1 a32 1 @@@@ -50201,7 +50201,7 @@@@ d41 1 a41 1 @@@@ -84421,7 +84421,7 @@@@ d50 1 a50 1 @@@@ -107682,12 +107682,7 @@@@ @