kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
272310 commits 166 branches 0 tags 1.5 GiB
Commit graph

18 commits

Author SHA1 Message Date
fhajny
bc2e501ed4 Build the dom extension embedded. This enables full functionality in xmlreader and fixes joyent/pkgsrc/issues/477. Bump PKREVISION. 2017-04-05 12:28:59 +00:00
wiz
4e8a4877f6 Fix build with tidy-5.x. 2017-02-20 09:35:16 +00:00
adam
f49c15c0ca On Darwin, allow native iconv when Command Line Tools are not installed. 2016-12-05 18:17:11 +00:00
taca
2c82dc088f * Switch to use external gd (graphics/gd package). 
* Use the same PKG_OPTIONS as graphics/gd.

Bump PKGREVISION of php-gd.
 2016-08-13 17:34:41 +00:00
jdolecek
f73a55be7f add patch for ext/recode/recode.c so that the variable 'program_name' required by recode library is provided unconditionally; it should not depend on whether or not program without this symbol happens to compile 2016-07-24 13:27:23 +00:00
taca
bfb053cbff Update php56 to 5.6.21. 
pkgsrc change: Fix build problem on Linux noted by Matthias Ferdinand on
pkgsrc-users@.

28 Apr 2016, PHP 5.6.21

- Core:
  . Fixed bug #69537 (__debugInfo with empty string for key gives error).
    (krakjoe)
  . Fixed bug #71841 (EG(error_zval) is not handled well). (Laruence)

- BCmath:
  . Fixed bug #72093 (bcpowmod accepts negative scale and corrupts
    _one_ definition). (Stas)

- Curl:
  . Fixed bug #71831 (CURLOPT_NOPROXY applied as long instead of string).
    (Michael Sierks)

- Date:
  . Fixed bug #71889 (DateInterval::format Segmentation fault). (Thomas Punt)

- EXIF:
  . Fixed bug #72094 (Out of bounds heap read access in exif header processing). (Stas)

- GD:
  . Fixed bug #71952 (Corruption inside imageaffinematrixget). (Stas)
  . Fixed bug #71912 (libgd: signedness vulnerability). (Stas)

- Intl:
  . Fixed bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative
    offset). (Stas)

- OCI8:
  . Fixed bug #71422 (Fix ORA-01438: value larger than specified precision
    allowed for this column). (Chris Jones)

- ODBC:
  . Fixed bug #63171 (Script hangs after max_execution_time). (Remi)

- Opcache:
  . Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER).
    (Laruence)

- PDO:
  . Fixed bug #52098 (Own PDOStatement implementation ignore __call()).
    (Daniel Kalaspuffar, Julien)
  . Fixed bug #71447 (Quotes inside comments not properly handled). (Matteo)

- Postgres:
  . Fixed bug #71820 (pg_fetch_object binds parameters before call
    constructor). (Anatol)

- SPL:
  . Fixed bug #67582 (Cloned SplObjectStorage with overwritten getHash fails
    offsetExists()). (Nikita)

- Standard:
  . Fixed bug #71840 (Unserialize accepts wrongly data). (Ryat, Laruence)
  . Fixed bug #67512 (php_crypt() crashes if crypt_r() does not exist or
    _REENTRANT is not defined). (Nikita)

- XML:
  . Fixed bug #72099 (xml_parse_into_struct segmentation fault). (Stas)
 2016-05-02 13:08:00 +00:00
taca
915b9c1643 Update php56 to 5.6.20, including security fix. 
Add add an patch to fix memory leak noted from Zafer Aydo«»an via
private mail.

31 Mar 2016, PHP 5.6.20

- CLI Server:
  . Fixed bug #69953 (Support MKCALENDAR request method). (Christoph)

- Core:
  . Fixed bug #71596 (Segmentation fault on ZTS with date function
    (setlocale)). (Anatol)

- Curl:
  . Fixed bug #71694 (Support constant CURLM_ADDED_ALREADY). (mpyw)

- Date:
  . Fixed bug #71635 (DatePeriod::getEndDate segfault). (Thomas Punt)

- Fileinfo:
  . Fixed bug #71527 (Buffer over-write in finfo_open with malformed magic
    file). (Anatol)

- Mbstring:
  . Fixed bug #71906 (AddressSanitizer: negative-size-param (-1) in
    mbfl_strcut). (Stas)

- ODBC:
  . Fixed bug #47803, #69526 (Executing prepared statements is succesfull only
    for the first two statements). (einavitamar at gmail dot com, Anatol)
  . Fixed bug #71860 (Invalid memory write in phar on filename with \0 in
    name). (Stas)

- PDO_DBlib:
  . Bug #54648 (PDO::MSSQL forces format of datetime fields).
    (steven dot lambeth at gmx dot de, Anatol)

- Phar:
  . Fixed bug #71625 (Crash in php7.dll with bad phar filename).
    (Anatol)
  . Fixed bug #71504 (Parsing of tar file with duplicate filenames causes
    memory leak). (Jos Elstgeest)

- SNMP:
  . Fixed bug #71704 (php_snmp_error() Format String Vulnerability).
    (andrew at jmpesp dot org)

- Standard
  . Fixed bug #71798 (Integer Overflow in php_raw_url_encode).
    (taoguangchen at icloud dot com, Stas)
 2016-04-02 09:00:25 +00:00
jklos
1dac4e77a8 Same as other php versions - selectively enable just-in-time support in 
PCRE for supported architectures.
https://mail-index.netbsd.org/pkgsrc-bugs/2015/09/13/msg057792.html
 2016-02-17 01:17:16 +00:00
taca
360ea761dc Update php56 to 5.6.14. 
01 Oct 2015, PHP 5.6.14

- Core:
  . Fixed bug #70370 (Bundled libtool.m4 doesn't handle FreeBSD 10 when
    building extensions). (Adam)

- CLI server:
  . Fixed bug #68291 (404 on urls with '+'). (cmb)

- DOM:
  . Fixed bug #70001 (Assigning to DOMNode::textContent does additional entity
    encoding). (cmb)

- Mysqlnd:
  . Fixed bug #70456 (mysqlnd doesn't activate TCP keep-alive when connecting to
    a server). (Sergei Turchanov)

- OpenSSL:
  . Fixed bug #55259 (openssl extension does not get the DH parameters from
    DH key resource). (Jakub Zelenka)
  . Fixed bug #70395 (Missing ARG_INFO for openssl_seal()). (cmb)
  . Fixed bug #60632 (openssl_seal fails with AES). (Jakub Zelenka)
  . Fixed bug #68312 (Lookup for openssl.cnf causes a message box). (Anatol)

- PDO:
  . Fixed bug #70389 (PDO constructor changes unrelated variables). (Laruence)

- Phar:
  . Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()). (Stas)
  . FIxed bug #70433 (Uninitialized pointer in phar_make_dirstream when zip
    entry filename is "/"). (Stas)

- Phpdbg:
  . Fix phpdbg_break_next() sometimes not breaking. (Bob)

- Standard:
  . Fixed bug #67131 (setcookie() conditional for empty values not met). (cmb)

- Streams:
  . Fixed bug #70361 (HTTP stream wrapper doesn't close keep-alive connections).
    (Niklas Keller)

- Zip:
  . Fixed bug #70322 (ZipArchive::close() doesn't indicate errors). (cmb)
 2015-10-02 14:37:39 +00:00
taca
b4a8fda3a6 Update php56 to 5.6.11. 
10 Jul 2015, PHP 5.6.11

- Core:
  . Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
  . Fixed bug #69703 (Use __builtin_clzl on PowerPC).
    (dja at axtens dot net, Kalle)
  . Fixed bug #69732 (can induce segmentation fault with basic php code).
    (Dmitry)
  . Fixed bug #69642 (Windows 10 reported as Windows 8).
    (Christian Wenz, Anatol Belski)
  . Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation
    fault). (Christoph M. Becker)
  . Fixed bug #69781 (phpinfo() reports Professional Editions of Windows
    7/8/8.1/10 as "Business"). (Christian Wenz)
  . Fixed bug #69740 (finally in generator (yield) swallows exception in
    iteration). (Nikita)
  . Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
    (Christian Wenz)
  . Fixed bug #69892 (Different arrays compare indentical due to integer key
    truncation). (Nikita)
  . Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
    from fix to bug #68776. (Yasuo)

- GD:
  . Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)

- GMP:
  . Fixed bug #69803 (gmp_random_range() modifies second parameter if GMP
    number). (Nikita)

- PCRE:
  . Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the
    string). (cmb)
  . Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab)

- PDO_pgsql:
  . Fixed bug #69752 (PDOStatement::execute() leaks memory with DML
    Statements when closeCuror() is u). (Philip Hofstetter)
  . Fixed bug #69362 (PDO-pgsql fails to connect if password contains a
    leading single quote). (Matteo)
  . Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps).
    (Matteo)

- SimpleXML:
  . Refactored the fix for bug #66084 (simplexml_load_string() mangles empty
    node name). (Christoph Michael Becker)

- SPL:
  . Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error).
    (Stas)
  . Fixed bug #67805 (SplFileObject setMaxLineLength). (Willian Gustavo Veiga).
  . Fixed bug #69970 (Use-after-free vulnerability in
    spl_recursive_it_move_forward_ex()). (Laruence)

- Sqlite3:
  . Fixed bug #69972 (Use-after-free vulnerability in
    sqlite3SafetyCheckSickOrOk()). (Laruence)
 2015-07-11 00:31:01 +00:00
taca
ba064f36c8 Add fix to https://bugs.php.net/bug.php?id=69737. 
Bump PKGREVISION.
 2015-06-28 15:34:16 +00:00
taca
ea01694e1e Update php56 to 5.6.10. 
11 Jun 2015, PHP 5.6.10

- Core:
  . Fixed bug #66048 (temp. directory is cached during multiple requests).
    (Julien)
  . Fixed bug #69566 (Conditional jump or move depends on uninitialised value
    in extension trait). (jbboehr at gmail dot com)
  . Fixed bug #69599 (Strange generator+exception+variadic crash). (Nikita)
  . Fixed bug #69628 (complex GLOB_BRACE fails on Windows).
    (Christoph M. Becker)
  . Fixed POST data processing slowdown due to small input buffer size
    on Windows. (Jorge Oliveira, Anatol)
  . Fixed bug #69646 (OS command injection vulnerability in escapeshellarg).
    (Anatol Belski)
  . Fixed bug #69719 (Incorrect handling of paths with NULs). (Stas)

- FTP
  . Improved fix for bug #69545 (Integer overflow in ftp_genlist()
    resulting in heap overflow). (Max Spelsberg)

- GD:
  . Fixed bug #69479 (GD fails to build with newer libvpx). (Remi)

- Iconv:
  . Fixed bug #48147 (iconv with //IGNORE cuts the string). (Stas)

- Litespeed SAPI:
  . Fixed bug #68812 (Unchecked return value). (George Wang)

- Mail:
  . Fixed bug #68776 (mail() does not have mail header injection prevention for
    additional headers). (Yasuo)

- MCrypt:
  . Added file descriptor caching to mcrypt_create_iv() (Leigh)

- Opcache
  . Fixed bug #69549 (Memory leak with opcache.optimization_level=0xFFFFFFFF).
    (Laruence, Dmitry)

- Phar:
  . Fixed bug #69680 (phar symlink in binary directory broken).
    (Matteo Bernardini, Remi)

- Postgres:
  . Fixed bug #69667 (segfault in php_pgsql_meta_data). (Remi)

- Sqlite3:
  . Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415,
    CVE-2015-3416) (Kaplan)
 2015-06-12 00:47:03 +00:00
he
00a801a14b Treat NetBSD the same as FreeBSD wrt. handling of TCP_INFO. 
No revision bump since this is a build fix for systems supporting TCP_INFO.
 2015-03-19 08:12:27 +00:00
taca
013d8ad12d Update php56 to 5.6.6 (PHP 5.6.6). 
19 Feb 2015, PHP 5.6.6

- Core:
  . Removed support for multi-line headers, as the are deprecated by RFC 7230.
    (Stas)
  . Fixed bug #67068 (getClosure returns somethings that's not a closure).
    (Danack at basereality dot com)
  . Fixed bug #68942 (Use after free vulnerability in unserialize() with
    DateTimeZone). (CVE-2015-0273) (Stas)
  . Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname
    buffer overflow). (Stas)
  . Fixed Bug #67988 (htmlspecialchars() does not respect default_charset
    specified by ini_set) (Yasuo)
  . Added NULL byte protection to exec, system and passthru. (Yasuo)

- Dba:
  . Fixed bug #68711 (useless comparisons). (bugreports at internot dot info)

- Enchant:
  . Fixed bug #68552 (heap buffer overflow in enchant_broker_request_dict()).
    (Antony)

- Fileinfo:
  . Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers)
  . Fixed bug #67647 (Bundled libmagic 5.17 does not detect quicktime files
    correctly). (Anatol)
  . Fixed bug #68731 (finfo_buffer doesn't extract the correct mime with some
    gifs). (Anatol)

- FPM:
  . Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle)
  . Fixed bug #68571 (core dump when webserver close the socket).
    (redfoxli069 at gmail dot com, Laruence)

- JSON:
  . Fixed bug #50224 (json_encode() does not always encode a float as a float)
    by adding JSON_PRESERVE_ZERO_FRACTION. (Juan Basso)

- LIBXML:
  . Fixed bug #64938 (libxml_disable_entity_loader setting is shared
    between threads). (Martin Jansen)

- Mysqli:
  . Fixed bug #68114 (linker error on some OS X machines with fixed
    width decimal support) (Keyur Govande)
  . Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient
    has rounding errors) (Keyur Govande)

- Opcache:
  . Fixed bug with try blocks being removed when extended_info opcode
    generation is turned on. (Laruence)

- PDO_mysql:
  . Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of
    named pipes). (steffenb198 at aol dot com)

- Phar:
  . Fixed bug #68901 (use after free). (bugreports at internot dot info)

- Pgsql:
  . Fixed Bug #65199 (pg_copy_from() modifies input array variable) (Yasuo)

- Session:
  . Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo)
  . Fixed Bug #66623 (no EINTR check on flock) (Yasuo)
  . Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo)

- Sqlite3:
  . Fixed bug #68260 (SQLite3Result::fetchArray declares wrong
    required_num_args). (Julien)

- Standard:
  . Fixed bug #65272 (flock() out parameter not set correctly in windows).
    (Daniel Lowrey)
  . Fixed bug #69033 (Request may get env. variables from previous requests
    if PHP works as FastCGI). (Anatol)

- Streams:
  . Fixed bug which caused call after final close on streams filter. (Bob)
 2015-02-20 01:17:49 +00:00
sevan
a368baa8e9 Fix CVE-2015-0273 php: #68942 Use after free vulnerability in 
unserialize() with DateTimeZone

Reviewed by wiz@
 2015-02-19 00:23:20 +00:00
taca
af65cf60a1 Update php56 to 5.6.4, including security fix. 
18 Dec 2014, PHP 5.6.4

- Core:
  . Fixed bug #68091 (Some Zend headers lack appropriate extern "C" blocks).
    (Adam)
  . Fixed bug #68104 (Segfault while pre-evaluating a disabled function).
    (Laruence)
  . Fixed bug #68185 ("Inconsistent insteadof definition."- incorrectly
    triggered). (Julien)
  . Fixed bug #68355 (Inconsistency in example php.ini comments).
    (Chris McCafferty)
  . Fixed bug #68370 ("unset($this)" can make the program crash). (Laruence)
  . Fixed bug #68422 (Incorrect argument reflection info for array_multisort()).
    (Alexander Lisachenko)
  . Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
  . Fixed bug #68446 (Array constant not accepted for array parameter default).
    (Bob, Dmitry)
  . Fixed bug #68594 (Use after free vulnerability in unserialize()).
    (CVE-2014-8142) (Stefan Esser)

- Date:
  . Fixed day_of_week function as it could sometimes return negative values
    internally. (Derick)

- FPM:
  . Fixed bug #68381 (fpm_unix_init_main ignores log_level).
    (David Zuelke, Remi)
  . Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all
    addresses). (Remi)
  . Fixed bug #68421 (access.format='%R' doesn't log ipv6 address). (Remi)
  . Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi)
  . Fixed bug #68428 (listen.allowed_clients is IPv4 only). (Remi)
  . Fixed bug #68452 (php-fpm man page is oudated). (Remi)
  . Fixed request #68458 (Change pm.start_servers default warning to
    notice). (David Zuelke, Remi)
  . Fixed bug #68463 (listen.allowed_clients can silently result
    in no allowed access). (Remi)
  . Fixed request #68391 (php-fpm conf files loading order).
    (Florian Margaine, Remi)
  . Fixed bug #68478 (access.log don't use prefix). (Remi)

- Mcrypt:
  . Fixed possible read after end of buffer and use after free. (Dmitry)

- GMP:
  . Fixed bug #68419 (build error with gmp 4.1). (Remi)

- PDO_pgsql:
  . Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception
  when not in transaction) (Matteo)
  . Fixed bug #68351 (PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving)
  (Matteo)

- Session:
  . Fixed bug #68331 (Session custom storage callable functions not being called)
    (Yasuo Ohgaki)

- SOAP:
  . Fixed bug #68361 (Segmentation fault on SoapClient::__getTypes).
    (Laruence)

- zlib:
  . Fixed bug #53829 (Compiling PHP with large file support will replace
    function gzopen by gzopen64) (Sascha Kettler, Matteo)
 2014-12-19 16:12:48 +00:00
joerg
79915485d0 Fix RCS ID. 2014-12-09 15:11:36 +00:00
taca
39506d885e Add php56, PHP version 5.6.3. 
THe main features of PHP 5.6:

* Constant scalar expressions.
* Variadic functions and argument unpacking using the ... operator.
* Exponentiation using the ** operator.
* Function and constant importing with the use keyword.
* phpdbg as an interactive integrated debugger SAPI.
* php://input is now reusable, and $HTTP_RAW_POST_DATA is deprecated.
* GMP objects now support operator overloading.
* File uploads larger than 2 gigabytes in size are now accepted.

Please refer for difference from oldre release:http://php.net/migration56.
 2014-11-24 15:37:08 +00:00