Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
Upgraded bundled PCRE to version 7.6
Key enhancements in PHP 5.2.6 include:
* Fixed two possible crashes inside the posix extension.
* Fixed bug 44069 (Huge memory usage with concatenation using . instead of .=)
* Fixed bug 44141 (private parent constructor callable through static function).
* Fixed bug 43589 (a possible infinite loop in bz2_filter.c).
* Fixed bug 43450 (Memory leak on some functions with implicit object __toString() call).
* Fixed bug 43201 (Crash on using uninitialized vals and __get/__set).
* Fixed bug 42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql).
* Fixed bug 42937 (__call() method not invoked when methods are called on parent from child class).
* Fixed bug 42736 (xmlrpc_server_call_method() crashes).
* Fixed bug 42369 (Implicit conversion to string leaks memory).
* Fixed bug 41562 (SimpleXML memory issue).
* Over 120 bug fixes.
See http://www.php.net/ChangeLog-5.php#5.2.6 for all the details
long. Patch appended to PHP bug 42862, so the fix may be incorporated in
later PHP releases and thus this patch can be reverted.
http://bugs.php.net/bug.php?id=42862
Bump PKGREVISION of php-imap
* Security Enhancements and Fixes in PHP 5.2.5:
Fixed dl() to only accept filenames. Reported by Laurent Gaffie.
Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887). Reported by Laurent Gaffie.
Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences. Reported by Rasmus Lerdorf
Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie.
Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications. Reported by SecurityReason.
Fixed bug 42869 (automatic session id insertion adds sessions id to non-local forms).
Fixed bug 41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()).
* Key enhancements in PHP 5.2.5 include:
Upgraded PCRE to version 7.3
Updated timezone database to version 2007.9
Added ability to control memory consumption between request using ZEND_MM_COMPACT environment variable.
Improved speed of array_intersect_key(), array_intersect_assoc(), array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and array_udiff_assoc() functions
Fixed bug 43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with fetchAll())
Fixed bug 42785 (json_encode() formats doubles according to locale rather then following standard syntax)
Fixed bug 42549 (ext/mysql failed to compile with libmysql 3.23)
Over 60 bug fixes.
For all the details see:
http://www.php.net/ChangeLog-5.php#5.2.5
extension loading code to export all symbols (i.e. do equivalent
of dlopen(..., RTLD_GLOBAL)), so that older Mac OS X without dlopen()
(before 10.4) also load extensions properly
patch also submitted as PHP bug# 42629
and to support the "inet6" option instead.
Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files. Replace:
BUILD_DEFS+= USE_INET6
with
BUILD_DEFS+= IPV6_READY
and teach the README-generation tools to look for that instead.
This nukes USE_INET6 from pkgsrc proper. We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.
so that symbols of loaded modules are available for other, dependant modules;
dlopen() is native function since 10.4, so actually apparently preferable interface
now
this is necessary for PDO family of modules (pdo_* depends on symbols of PDO module),
and for XSL module (which depends on symbols of DOM module); doing it this way
allows for PDO and DOM modules to be also shared and dynamically loaded, this avoids
need to compile them into main PHP binary
bump PKGREVISION, this is functionality change for Mac OS X (no change for other
platforms)
Security Fixes
* Fixed an integer overflow inside chunk_split() (by Gerhard Wagner, CVE-2007-2872)
* Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche, CVE-2007-2756)
* Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan Esser, CVE-2007-1900)
* Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath()) (by bugs dot php dot net at chsc dot dk)
* Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
* Added mysql_set_charset() to allow runtime altering of connection encoding.
* Upgraded bundled SQLite 3 to version 3.3.17. (Ilia)
* Fixed gd build when used with freetype 1.x (Pierre, Tony)
And a fair few bugs fixed, see: http://www.php.net/ChangeLog-5.php#5.2.3
for all the details.
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals
(MOPB-26 by Stefan Esser)
* Fixed unallocated memory access/double free in in array_user_key_compare()
(MOPB-24 by Stefan Esser)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser)
* Added missing open_basedir & safe_mode checks to zip:// and bzip:// wrappers.
(MOPB-21 by Stefan Esser).
* Limit nesting level of input variables with max_input_nesting_level as fix for
(MOPB-03 by Stefan Esser)
* Fixed CRLF injection inside ftp_putcmd(). (by loveshell[at]Bug.Center.Team)
* Fixed a possible super-global overwrite inside import_request_variables().
(by Stefano Di Paola, Stefan Esser)
* Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc
library. (by Stanislav Malyshev)
* Fixed a header injection via Subject and To parameters to the mail() function
(MOPB-34 by Stefan Esser)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser)
* Fixed substr_compare and substr_count information leak
(MOPB-14 by Stefan Esser) (Stas, Ilia)
* Fixed a remotely trigger-able buffer overflow inside make_http_soap_request()
(by Ilia Alshanetsky)
* Fixed a buffer overflow inside user_filter_factory_create().
(by Ilia Alshanetsky)
Changes since 5.1.6:
The key features of PHP 5.2.0 include:
* New memory manager for the Zend Engine with improved performance and a more
accurate memory usage tracking.
* Input filtering extension was added and enabled by default.
* JSON extension was added and enabled by default.
* ZIP extension for creating and editing zip files was introduced.
* Hooks for tracking file upload progress were introduced.
* Introduced E_RECOVERABLE_ERROR error mode.
* Introduced DateTime and DateTimeZone objects with methods to manipulate
date/time information.
* Upgraded bundled SQLite, PCRE libraries.
* Upgraded OpenSSL, MySQL and PostgreSQL client libraries for Windows
installations.
* Many performance improvements.
* Over 200 bug fixes.
Security Enhancements and Fixes in PHP 5.2.0:
* Made PostgreSQL escaping functions in PostgreSQL and PDO extension keep
track of character set encoding whenever possible.
* Added allow_url_include, set to Off by default to disallow use of URLs
for include and require.
* Disable realpath cache when open_basedir and safe_mode are being used.
* Improved safe_mode enforcement for error_log() function.
* Fixed a possible buffer overflow in the underlying code responsible
for htmlspecialchars() and htmlentities() functions.
* Added missing safe_mode and open_basedir checks for the cURL extension.
* Fixed overflow is str_repeat() & wordwrap() functions on 64bit machines.
* Fixed handling of long paths inside the tempnam() function.
* Fixed safe_mode/open_basedir checks for session.save_path, allowing them
to account for extra parameters.
* Fixed ini setting overload in the ini_restore() function.
For a full list of changes in PHP 5.2.0, see the ChangeLog:
http://www.php.net/ChangeLog-5.php#5.2.0
Also other notable extensions changes:
* filePRO extension removed (not in PECL yet, php-filepro disabled for PHP5)
* JSON added (not enabled by default, packaged in php-json)
* filter added (enabled by default)
* wddx rewritten to native libxml2, fixing several encoding bugs
Changes since 5.1.6:
The key features of PHP 5.2.0 include:
* New memory manager for the Zend Engine with improved performance and a more
accurate memory usage tracking.
* Input filtering extension was added and enabled by default.
* JSON extension was added and enabled by default.
* ZIP extension for creating and editing zip files was introduced.
* Hooks for tracking file upload progress were introduced.
* Introduced E_RECOVERABLE_ERROR error mode.
* Introduced DateTime and DateTimeZone objects with methods to manipulate
date/time information.
* Upgraded bundled SQLite, PCRE libraries.
* Upgraded OpenSSL, MySQL and PostgreSQL client libraries for Windows
installations.
* Many performance improvements.
* Over 200 bug fixes.
Security Enhancements and Fixes in PHP 5.2.0:
* Made PostgreSQL escaping functions in PostgreSQL and PDO extension keep
track of character set encoding whenever possible.
* Added allow_url_include, set to Off by default to disallow use of URLs
for include and require.
* Disable realpath cache when open_basedir and safe_mode are being used.
* Improved safe_mode enforcement for error_log() function.
* Fixed a possible buffer overflow in the underlying code responsible
for htmlspecialchars() and htmlentities() functions.
* Added missing safe_mode and open_basedir checks for the cURL extension.
* Fixed overflow is str_repeat() & wordwrap() functions on 64bit machines.
* Fixed handling of long paths inside the tempnam() function.
* Fixed safe_mode/open_basedir checks for session.save_path, allowing them
to account for extra parameters.
* Fixed ini setting overload in the ini_restore() function.
For a full list of changes in PHP 5.2.0, see the ChangeLog:
http://www.php.net/ChangeLog-5.php#5.2.0
Also other notable extensions changes:
* filePRO extension removed (not in PECL yet, php-filepro disabled for PHP5)
* JSON added (not enabled by default, packaged in php-json)
* filter added (enabled by default)
* wddx rewritten to native libxml2, fixing several encoding bugs
duplicates process resource limits, which already provide necessary
"safety net" protection against rogue scripts
bump PKGREVISION for this
adressess PR pkg/32007 by "pancake"
also remove --enable-track-vars, since that configure argument
is long gone from PHP
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
24 Aug 2006, PHP 5.1.6
- Fixed memory_limit on 64bit systems. (Stefan E.)
- Fixed bug #38488 (Access to "php://stdin" and family crashes PHP on win32).
(Dmitry)
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
