kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/lang/php
History
taca 5bce200245 Update php55 to 5.6.13 including security fixes. 
03 Sep 2015, PHP 5.6.13

- Core:
  . Fixed bug #69900 (Too long timeout on pipes). (Anatol)
  . Fixed bug #69487 (SAPI may truncate POST data). (cmb)
  . Fixed bug #70198 (Checking liveness does not work as expected).
    (Shafreeck Sea, Anatol Belski)
  . Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (Stas)
  . Fixed bug #70219 (Use after free vulnerability in session deserializer).
    (taoguangchen at icloud dot com)

- CLI server:
  . Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE).
    (wusuopu, cmb)
  . Fixed bug #70264 (CLI server directory traversal). (cmb)

- Date:
  . Fixed bug #70266 (DateInterval::__construct.interval_spec is not supposed to
    be optional). (cmb)
  . Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after null byte).
    (cmb)

- EXIF:
  . Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte
    value of 32 bytes). (Stas)

- hash:
  . Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). (letsgolee
    at naver dot com)

- MCrypt:
  . Fixed bug #69833 (mcrypt fd caching not working). (Anatol)

- Opcache:
  . Fixed bug #70237 (Empty while and do-while segmentation fault with opcode
    on CLI enabled). (Dmitry, Laruence)

- PCRE:
  . Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string
    match). (cmb)
  . Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).
    (Anatol Belski)

- SOAP:
  . Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE).
    (Stas)

- SPL:
  . Fixed bug #70290 (Null pointer deref (segfault) in spl_autoload via
    ob_start). (hugh at allthethings dot co dot nz)
  . Fixed bug #70303 (Incorrect constructor reflection for ArrayObject). (cmb)
  . Fixed bug #70365 (Use-after-free vulnerability in unserialize() with
    SplObjectStorage). (taoguangchen at icloud dot com)
  . Fixed bug #70366 (Use-after-free vulnerability in unserialize() with
    SplDoublyLinkedList). (taoguangchen at icloud dot com)

- Standard:
  . Fixed bug #70052 (getimagesize() fails for very large and very small WBMP).
    (cmb)
  . Fixed bug #70157 (parse_ini_string() segmentation fault with
    INI_SCANNER_TYPED). (Tjerk)

- XSLT:
  . Fixed bug #69782 (NULL pointer dereference). (Stas)

- ZIP:
  . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when
    creating directories). (neal at fb dot com)
2015-09-06 12:27:43 +00:00
..
common.mk Fix problem by PHP_BASE_VERS related changes. 2015-03-16 00:26:31 +00:00
ext.mk One more PHP_BASE_VERS related correction. 2015-03-16 09:21:11 +00:00
MESSAGE.module Re-add part of revision 1.33 slighly different way; show "zend_extension" 2015-02-15 09:00:33 +00:00
pear.mk Add PEAR_PACKAGE_XML. 2015-08-23 15:31:17 +00:00
pear_plist.php
phpversion.mk Update php55 to 5.6.13 including security fixes. 2015-09-06 12:27:43 +00:00
PLIST.module