The NetBSD Project

CVS log for pkgsrc/lang/php5/Attic/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / lang / php5

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.91, Sat Jun 16 15:15:05 2012 UTC (10 years, 7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2012Q4-base, pkgsrc-2012Q4, HEAD
Changes since 1.90: +1 -1 lines
FILE REMOVED

Remove php5 (PHP 5.2.17), please migra to php53 or php54.

Revision 1.90 / (download) - annotate - [select for diffs], Thu Jun 14 07:43:22 2012 UTC (10 years, 7 months ago) by sbd
Branch: MAIN
Changes since 1.89: +2 -2 lines
Diff to previous 1.89 (colored)

Recursive PKGREVISION bump for libxml2 buildlink addition.

Revision 1.89 / (download) - annotate - [select for diffs], Thu May 17 19:01:43 2012 UTC (10 years, 8 months ago) by marino
Branch: MAIN
Changes since 1.88: +3 -3 lines
Diff to previous 1.88 (colored)

lang/php5: Fix unwanted directory removal

Replace OWN_DIRS with @pkgdir to avoid unwanted deletion of PHP extension
directory when the only extension is deinstalled.

Revision 1.87.8.1 / (download) - annotate - [select for diffs], Wed May 16 12:50:45 2012 UTC (10 years, 8 months ago) by tron
Branch: pkgsrc-2012Q1
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored) next main 1.88 (colored)

Pullup ticket #3788 - requested by taca
lang/php5: security patch

Revisions pulled up:
- lang/php5/Makefile                                            1.88
- lang/php5/distinfo                                            1.94
- lang/php5/patches/patch-sapi_cgi_cgi__main.c                  1.1

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun May 13 16:09:52 UTC 2012

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo
   Added Files:
   	pkgsrc/lang/php5/patches: patch-sapi_cgi_cgi__main.c

   Log Message:
   Add fix for CVE-2012-1823.

   Bump PKGREVISION.

Revision 1.88 / (download) - annotate - [select for diffs], Sun May 13 16:09:52 2012 UTC (10 years, 8 months ago) by taca
Branch: MAIN
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored)

Add fix for CVE-2012-1823.

Bump PKGREVISION.

Revision 1.87 / (download) - annotate - [select for diffs], Fri Jun 24 11:59:29 2011 UTC (11 years, 7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2
Branch point for: pkgsrc-2012Q1
Changes since 1.86: +2 -2 lines
Diff to previous 1.86 (colored)

Change LICENSE to php from php-license.

Revision 1.86 / (download) - annotate - [select for diffs], Mon Jun 20 13:40:51 2011 UTC (11 years, 7 months ago) by taca
Branch: MAIN
Changes since 1.85: +3 -1 lines
Diff to previous 1.85 (colored)

Add LICENSE.

Revision 1.85 / (download) - annotate - [select for diffs], Wed Jun 15 14:41:16 2011 UTC (11 years, 7 months ago) by taca
Branch: MAIN
Changes since 1.84: +2 -2 lines
Diff to previous 1.84 (colored)

Add two security fix, CVE-2011-1938 and filename-injection from PHP 5.3's
repository.

Bump PKGREVISION.

Revision 1.81.2.2 / (download) - annotate - [select for diffs], Tue Mar 22 06:31:55 2011 UTC (11 years, 10 months ago) by sbd
Branch: pkgsrc-2010Q4
Changes since 1.81.2.1: +2 -2 lines
Diff to previous 1.81.2.1 (colored) to branchpoint 1.81 (colored) next main 1.82 (colored)

Pullup ticket #3393 - requested by taca
security fix for lang/php5

Revisions pulled up:
- lang/php5/Makefile                                            1.84
- lang/php5/distinfo                                            1.89
- lang/php5/patches/patch-main_snprintf.c                       1.1
- lang/php5/patches/patch-main_snprintf.h                       1.1
- lang/php5/patches/patch-main_spprintf.c                       1.1

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Mar 21 16:34:28 UTC 2011

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo
   Added Files:
   	pkgsrc/lang/php5/patches: patch-main_snprintf.c patch-main_snprintf.h
   	    patch-main_spprintf.c

   Log Message:
   Apply changes by r308525 from PHP's repository to fix bug #54055
   (buffer overrun with high values for precision ini setting).

   It fixes one of security fixes by PHP 5.3.6.

   Bump PKGREVISION.

Revision 1.84 / (download) - annotate - [select for diffs], Mon Mar 21 16:34:28 2011 UTC (11 years, 10 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1
Changes since 1.83: +2 -2 lines
Diff to previous 1.83 (colored)

Apply changes by r308525 from PHP's repository to fix bug #54055
(buffer overrun with high values for precision ini setting).

It fixes one of security fixes by PHP 5.3.6.

Bump PKGREVISION.

Revision 1.81.2.1 / (download) - annotate - [select for diffs], Wed Feb 23 19:12:53 2011 UTC (11 years, 11 months ago) by tron
Branch: pkgsrc-2010Q4
Changes since 1.81: +2 -1 lines
Diff to previous 1.81 (colored)

Pullup ticket #3362 - requested by taca
archivers/php-zip: security patch
graphics/php-exif: security patch
lang/php5: security patch
lang/php53: security patch

Revisions pulled up:
- archivers/php-zip/Makefile					1.12-1.13
- graphics/php-exif/Makefile					1.9-1.10
- lang/php5/Makefile						1.82-1.83
- lang/php5/Makefile.php					1.43-1.44
- lang/php5/distinfo						1.86-1.87
- lang/php5/patches/patch-ext_exif_exif.c			1.1
- lang/php5/patches/patch-ext_zip_lib_zip__name__locate.c	1.1
- lang/php5/patches/patch-ext_zip_php__zip.c			1.1
- lang/php53/Makefile						1.7
- lang/php53/Makefile.php					1.5
- lang/php53/distinfo						1.12
- lang/php53/patches/patch-ext_exif_exif.c			1.1
- lang/php53/patches/patch-ext_zip_lib_zip__name__locate.c	1.1
- lang/php53/patches/patch-ext_zip_php__zip.c			1.1
---
Module Name:	pkgsrc
Committed By:	shattered
Date:		Tue Feb 15 20:52:24 UTC 2011

Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.php

Log Message:
Re-enable DL_AUTO_VARS -- makes PHP CLI work again with extensions that
are linked to pthread (like mysql.so).
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Feb 21 16:21:17 UTC 2011

Modified Files:
	pkgsrc/lang/php5: Makefile.php distinfo

Log Message:
Re-enable suhosin patch as php53.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Feb 21 16:23:58 UTC 2011

Modified Files:
	pkgsrc/lang/php53: Makefile.php

Log Message:
Re-enable DL_AUTO_VARS as php5 package.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Feb 21 16:25:33 UTC 2011

Modified Files:
	pkgsrc/lang/php5: Makefile
Added Files:
	pkgsrc/lang/php5/patches: patch-ext_exif_exif.c
	    patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c

Log Message:
Add patches to fix SA43328.

Bump PKGREVISION.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Feb 21 16:26:50 UTC 2011

Modified Files:
	pkgsrc/lang/php5: distinfo

Log Message:
Regen distinfo.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Feb 21 16:29:15 UTC 2011

Modified Files:
	pkgsrc/lang/php53: Makefile

Log Message:
Bump PKGREVISION for DL_AUTO_VARS.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Feb 21 16:30:44 UTC 2011

Modified Files:
	pkgsrc/archivers/php-zip: Makefile
	pkgsrc/graphics/php-exif: Makefile

Log Message:
Bump PKGREVISION reflects fix of SA43328.
---

Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Feb 21 16:38:40 UTC 2011

Modified Files:
	pkgsrc/lang/php53: distinfo
Added Files:
	pkgsrc/lang/php53/patches: patch-ext_exif_exif.c
	    patch-ext_zip_lib_zip__name__locate.c patch-ext_zip_php__zip.c

Log Message:
Oops, it should be commit before CHANGE-2011 update.

Add Add patches to fix SA43328.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Tue Feb 22 07:36:08 UTC 2011

Modified Files:
	pkgsrc/archivers/php-zip: Makefile
	pkgsrc/graphics/php-exif: Makefile

Log Message:
Add missing USE_PHP_EXT_PATCHES to apply patches really.

Revision 1.83 / (download) - annotate - [select for diffs], Mon Feb 21 16:25:33 2011 UTC (11 years, 11 months ago) by taca
Branch: MAIN
Changes since 1.82: +2 -2 lines
Diff to previous 1.82 (colored)

Add patches to fix SA43328.

Bump PKGREVISION.

Revision 1.82 / (download) - annotate - [select for diffs], Tue Feb 15 20:52:24 2011 UTC (11 years, 11 months ago) by shattered
Branch: MAIN
Changes since 1.81: +2 -1 lines
Diff to previous 1.81 (colored)

Re-enable DL_AUTO_VARS -- makes PHP CLI work again with extensions that
are linked to pthread (like mysql.so).

Revision 1.81 / (download) - annotate - [select for diffs], Mon Dec 13 13:15:45 2010 UTC (12 years, 1 month ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2010Q4-base
Branch point for: pkgsrc-2010Q4
Changes since 1.80: +1 -2 lines
Diff to previous 1.80 (colored)

Update php5 package to 5.2.15 (PHP 5.2.15):


The PHP development team would like to announce the immediate
availability of PHP 5.2.15. This release marks the end of support for
PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.

This release focuses on improving the security and stability of the
PHP 5.2.x branch with a small number, of predominatly security fixes.

Security Enhancements and Fixes in PHP 5.2.15:

* Fixed extract() to do not overwrite $GLOBALS and $this when using
  EXTR_OVERWRITE.
* Fixed crash in zip extract method (possible CWE-170).
* Fixed a possible double free in imap extension.
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed NULL pointer dereference in
  ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
  large amount of data).

Key enhancements in PHP 5.2.15 include:

* Fixed bug #47643 (array_diff() takes over 3000 times longer than php
  5.2.4).
* Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy
  with SoapClient object).
* To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
  migration guide available on http://php.net/migration53, details the changes
  between PHP 5.2 and PHP 5.3.

For a full list of changes in PHP 5.2.15 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.15.

Revision 1.80 / (download) - annotate - [select for diffs], Thu Nov 25 03:44:16 2010 UTC (12 years, 2 months ago) by taca
Branch: MAIN
Changes since 1.79: +2 -1 lines
Diff to previous 1.79 (colored)

- CVE-2010-4150 (php-imap)
	http://svn.php.net/viewvc?view=revision&revision=305032
- CVE-2010-3710 (a part of SA41724)
	http://svn.php.net/viewvc?view=revision&revision=303885
- CVE-2010-3870 (a part of SA41724)
	http://svn.php.net/viewvc?view=revision&revision=305055

Bump PKGREVISION.

Revision 1.78.4.1 / (download) - annotate - [select for diffs], Sun Jul 25 11:56:16 2010 UTC (12 years, 6 months ago) by spz
Branch: pkgsrc-2010Q2
Changes since 1.78: +1 -2 lines
Diff to previous 1.78 (colored) next main 1.79 (colored)

Pullup ticket 3184 - requested by tron
security updates

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.79
- pkgsrc/lang/php5/distinf			1.79
- pkgsrc/lang/php5/Makefile.common		1.42
- pkgsrc/lang/php5/Makefile.ph			1.42
- pkgsrc/lang/php53/Makefile			1.4
- pkgsrc/lang/php53/Makefile.common		1.2
- pkgsrc/lang/php53/Makefile.php		1.3
- pkgsrc/lang/php53/distinfo			1.6
- pkgsrc/lang/php53/patches/patch-ab		1.2
- pkgsrc/converters/php-mbstring/Makefile	1.2
- pkgsrc/devel/php-gmp/Makefile			1.12
- pkgsrc/graphics/php-gd/Makefile		1.24
- pkgsrc/multimedia/php-ming/Makefile		1.11
- pkgsrc/net/php-xmlrpc/Makefile		1.13
- pkgsrc/net/php-yaz/Makefile			1.9
- pkgsrc/print/php-pdflib/Makefile		1.17

Files deleted:
pkgsrc/lang/php5/patches/patch-be
pkgsrc/lang/php53/patches/patch-ak

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Sat Jul 24 22:23:15 UTC 2010

   Modified Files:
           pkgsrc/lang/php5: Makefile Makefile.common Makefile.php distinfo
   Removed Files:
           pkgsrc/lang/php5/patches: patch-be

   Log Message:
   Update "php5" package to version 5.2.14. Changes since version 5.2.13:
   - Reverted bug fix #49521 (PDO fetchObject sets values before calling
     constructor). (Felipe)
   - Updated timezone database to version 2010.5. (Derick)
   - Upgraded bundled PCRE to version 8.02. (Ilia)
   - Rewrote var_export() to use smart_str rather than output buffering, prevents
     data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)
   - Fixed a possible interruption array leak in strrchr(). Reported by
     P??ter Veres. (CVE-2010-2484) (Felipe)
   - Fixed a possible interruption array leak in strchr(), strstr(), substr(),
     chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
   - Fixed a possible memory corruption in substr_replace() (Dmitry)
   - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
   - Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
     Esser (Ilia)
   - Reset error state in PDO::beginTransaction() reset error state. (Ilia)
   - Fixed a NULL pointer dereference when processing invalid XML-RPC
     requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
   - Fixed handling of session variable serialization on certain prefix
     characters. Reported by Stefan Esser (Ilia)
   - Fixed a possible arbitrary memory access inside sqlite extension. Reported
     by Mateusz Kocielski. (Ilia)
   - Fixed a crash when calling an inexistent method of a class that inherits
     PDOStatement if instantiated directly instead of doing by the PDO methods.
     (Felipe)
   - Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64
     bit)). (Adam)
   - Fixed bug #52238 (Crash when an Exception occured in iterator_to_array).
     (Johannes)
   - Fixed bug #52237 (Crash when passing the reference of the property of a
     non-object). (Dmitry)
   - Fixed bug #52163 (SplFileObject::fgetss() fails due to parameter that can't
     be set). (Felipe)
   - Fixed bug #52162 (custom request header variables with numbers are removed).
     (Sriram Natarajan)
   - Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe)
   - Fixed bug #52061 (memory_limit above 2G). (Felipe)
   - Fixed bug #52041 (Memory leak when writing on uninitialized variable returned
     from function). (Dmitry)
   - Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at
     debian dot org, Kalle)
   - Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick)
   - Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command).
     (Ilia, Felipe)
   - Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle,
     coreystup at gmail dot com)
   - Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with
     constant array). (Felipe)
   - Fixed bug #51905 (ReflectionParameter fails if default value is an array
     with an access to self::). (Felipe)
   - Fixed bug #51822 (Segfault with strange __destruct() for static class
     variables). (Dmitry)
   - Fixed bug #51671 (imagefill does not work correctly for small images).
     (Pierre)
   - Fixed bug #51670 (getColumnMeta causes segfault when re-executing query
     after calling nextRowset). (Pierrick)
   - Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading).
     (Pierre)
   - Fixed bug #51617 (PDO PGSQL still broken against PostGreSQL < 7.4).
     (Felipe, wdierkes at 5dollarwhitebox dot org)
   - Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe)
   - Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter).
     (Felipe)
   - Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string
     literal). (cbandy at jbandy dot com)
   - Fixed bug #51607 (pg_copy_from does not allow schema in the tablename
     argument). (cbandy at jbandy dot com)
   - Fixed bug #51604 (newline in end of header is shown in start of message).
     (Daniel Egeberg)
   - Fixed bug #51562 (query timeout in mssql can not be changed per query).
     (ejsmont dot artur at gmail dot com)
   - Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory
     issues). (Dmitry)
   - Fixed bug #51532 (Wrong prototype for SplFileObject::fscanf()). (Etienne)
   - Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe)
   - Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains
     timezone). (Adam)
   - Fixed bug #51374 (Wrongly initialized object properties). (Etienne)
   - Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
     on). (Ilia, j dot jeising at gmail dot com)
   - Fixed bug #51273 (Faultstring property does not exist when the faultstring is
     empty) (Ilia, dennis at transip dot nl)
   - Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
   - Fixed bug #51263 (imagettftext and rotated text uses wrong baseline)
     (cschneid at cschneid dot com, Takeshi Abe)
   - Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)
   - Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia,
     alexr at oplot dot com)
   - Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that
     includes '-'). (Adam, solar at azrael dot ws).
   - Fixed bug #51190 (ftp_put() returns false when transfer was successful).
     (Ilia)
   - Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio).
     (Sriram Natarajan)
   - Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when
     an invalid option is provided). (Ilia)
   - Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre)
   - Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones)
   - Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris
     Jones)
   - Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4).
     (Raphael Geissert)
   - Fixed bug #50762 (in WSDL mode Soap Header handler function only being called
     if defined in WSDL). (mephius at gmail dot com)
   - Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable
     endpoints). (Justin Dearing)
   - Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not
     include file and line in trace). (Felipe)
   - Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe)
   - Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne)
   - Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus)
   - Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe)
   - Fixed bug #49267 (Linking fails for iconv). (Moriyosh)
   - Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob)
   - Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken).
     (Adam, patch from hiroaki dot kawai at gmail dot com).
   - Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus)
   - Fixed bug #33210 (getimagesize() fails to detect width/height on certain
     JPEGs). (Ilia)
   - Fixed bug #23229 (syslog() truncates messages). (Adam)


   To generate a diff of this commit:
   cvs rdiff -u -r1.78 -r1.79 pkgsrc/lang/php5/Makefile \
       pkgsrc/lang/php5/distinfo
   cvs rdiff -u -r1.41 -r1.42 pkgsrc/lang/php5/Makefile.common \
       pkgsrc/lang/php5/Makefile.php
   cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-be

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Sat Jul 24 22:23:37 UTC 2010

   Modified Files:
           pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo
           pkgsrc/lang/php53/patches: patch-ab
   Removed Files:
           pkgsrc/lang/php53/patches: patch-ak

   Log Message:
   Update "php53" package to version 5.3.3. Changes since version 5.3.2:
   - Rewrote var_export() to use smart_str rather than output buffering,
     prevents data disclosure if a fatal error occurs (CVE-2010-2531).
     (Scott)
   - Fixed a NULL pointer dereference when processing invalid XML-RPC
     requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
   - Fixed SplObjectStorage unserialization problems (CVE-2010-2225).
     (Stas)
   - A large number of not security related bug fixes


   To generate a diff of this commit:
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile
   cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/Makefile.common
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php53/Makefile.php
   cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/php53/distinfo
   cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/patches/patch-ab
   cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php53/patches/patch-ak

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Sat Jul 24 22:24:22 UTC 2010

   Modified Files:
           pkgsrc/converters/php-mbstring: Makefile
           pkgsrc/devel/php-gmp: Makefile
           pkgsrc/graphics/php-gd: Makefile
           pkgsrc/multimedia/php-ming: Makefile
           pkgsrc/net/php-xmlrpc: Makefile
           pkgsrc/net/php-yaz: Makefile
           pkgsrc/print/php-pdflib: Makefile

   Log Message:
   Revert revision of several PHP extensions after both core PHP packages
   were updated.


   To generate a diff of this commit:
   cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/converters/php-mbstring/Makefile
   cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/php-gmp/Makefile
   cvs rdiff -u -r1.23 -r1.24 pkgsrc/graphics/php-gd/Makefile
   cvs rdiff -u -r1.10 -r1.11 pkgsrc/multimedia/php-ming/Makefile
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/php-xmlrpc/Makefile
   cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/php-yaz/Makefile
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/print/php-pdflib/Makefile

Revision 1.79 / (download) - annotate - [select for diffs], Sat Jul 24 22:23:14 2010 UTC (12 years, 6 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base, pkgsrc-2010Q3
Changes since 1.78: +1 -2 lines
Diff to previous 1.78 (colored)

Update "php5" package to version 5.2.14. Changes since version 5.2.13:
- Reverted bug fix #49521 (PDO fetchObject sets values before calling
  constructor). (Felipe)
- Updated timezone database to version 2010.5. (Derick)
- Upgraded bundled PCRE to version 8.02. (Ilia)
- Rewrote var_export() to use smart_str rather than output buffering, prevents
  data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)
- Fixed a possible interruption array leak in strrchr(). Reported by
  P├ęter Veres. (CVE-2010-2484) (Felipe)
- Fixed a possible interruption array leak in strchr(), strstr(), substr(),
  chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
- Fixed a possible memory corruption in substr_replace() (Dmitry)
- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
- Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
  Esser (Ilia)
- Reset error state in PDO::beginTransaction() reset error state. (Ilia)
- Fixed a NULL pointer dereference when processing invalid XML-RPC
  requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
- Fixed handling of session variable serialization on certain prefix
  characters. Reported by Stefan Esser (Ilia)
- Fixed a possible arbitrary memory access inside sqlite extension. Reported
  by Mateusz Kocielski. (Ilia)
- Fixed a crash when calling an inexistent method of a class that inherits
  PDOStatement if instantiated directly instead of doing by the PDO methods.
  (Felipe)
- Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64
  bit)). (Adam)
- Fixed bug #52238 (Crash when an Exception occured in iterator_to_array).
  (Johannes)
- Fixed bug #52237 (Crash when passing the reference of the property of a
  non-object). (Dmitry)
- Fixed bug #52163 (SplFileObject::fgetss() fails due to parameter that can't
  be set). (Felipe)
- Fixed bug #52162 (custom request header variables with numbers are removed).
  (Sriram Natarajan)
- Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe)
- Fixed bug #52061 (memory_limit above 2G). (Felipe)
- Fixed bug #52041 (Memory leak when writing on uninitialized variable returned
  from function). (Dmitry)
- Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at
  debian dot org, Kalle)
- Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick)
- Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command).
  (Ilia, Felipe)
- Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle,
  coreystup at gmail dot com)
- Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with
  constant array). (Felipe)
- Fixed bug #51905 (ReflectionParameter fails if default value is an array
  with an access to self::). (Felipe)
- Fixed bug #51822 (Segfault with strange __destruct() for static class
  variables). (Dmitry)
- Fixed bug #51671 (imagefill does not work correctly for small images).
  (Pierre)
- Fixed bug #51670 (getColumnMeta causes segfault when re-executing query
  after calling nextRowset). (Pierrick)
- Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading).
  (Pierre)
- Fixed bug #51617 (PDO PGSQL still broken against PostGreSQL < 7.4).
  (Felipe, wdierkes at 5dollarwhitebox dot org)
- Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe)
- Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter).
  (Felipe)
- Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string
  literal). (cbandy at jbandy dot com)
- Fixed bug #51607 (pg_copy_from does not allow schema in the tablename
  argument). (cbandy at jbandy dot com)
- Fixed bug #51604 (newline in end of header is shown in start of message).
  (Daniel Egeberg)
- Fixed bug #51562 (query timeout in mssql can not be changed per query).
  (ejsmont dot artur at gmail dot com)
- Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory
  issues). (Dmitry)
- Fixed bug #51532 (Wrong prototype for SplFileObject::fscanf()). (Etienne)
- Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe)
- Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains
  timezone). (Adam)
- Fixed bug #51374 (Wrongly initialized object properties). (Etienne)
- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
  on). (Ilia, j dot jeising at gmail dot com)
- Fixed bug #51273 (Faultstring property does not exist when the faultstring is
  empty) (Ilia, dennis at transip dot nl)
- Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
- Fixed bug #51263 (imagettftext and rotated text uses wrong baseline)
  (cschneid at cschneid dot com, Takeshi Abe)
- Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)
- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia,
  alexr at oplot dot com)
- Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that
  includes '-'). (Adam, solar at azrael dot ws).
- Fixed bug #51190 (ftp_put() returns false when transfer was successful).
  (Ilia)
- Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio).
  (Sriram Natarajan)
- Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when
  an invalid option is provided). (Ilia)
- Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre)
- Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones)
- Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris
  Jones)
- Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4).
  (Raphael Geissert)
- Fixed bug #50762 (in WSDL mode Soap Header handler function only being called
  if defined in WSDL). (mephius at gmail dot com)
- Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable
  endpoints). (Justin Dearing)
- Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not
  include file and line in trace). (Felipe)
- Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe)
- Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne)
- Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus)
- Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe)
- Fixed bug #49267 (Linking fails for iconv). (Moriyosh)
- Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob)
- Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken).
  (Adam, patch from hiroaki dot kawai at gmail dot com).
- Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus)
- Fixed bug #33210 (getimagesize() fails to detect width/height on certain
  JPEGs). (Ilia)
- Fixed bug #23229 (syslog() truncates messages). (Adam)

Revision 1.75.2.1 / (download) - annotate - [select for diffs], Thu Mar 4 20:27:04 2010 UTC (12 years, 10 months ago) by tron
Branch: pkgsrc-2009Q4
Changes since 1.75: +2 -1 lines
Diff to previous 1.75 (colored) next main 1.76 (colored)

Pullup ticket #3036 - requested by taca
php5: security update
php-bz2: security update
php-zip: security update
php-zlib: security update
php-iconv: security update
php-dba: security update
php-dbase: security update
php-dbx: security update
php-ldap: security update
php-mssql: security update
php-mysql: security update
php-odbc: security update
php-pdo: security update
php-pdo_dblib: security update
php-pdo_mysql: security update
php-pdo_pgsql: security update
php-pdo_sqlite: security update
php-pgsql: security update
php-sqlite: security update
php5-mysqli: security update
php-gettext: security update
php-gmp: security update
php-memcache: security update
php-pcntl: security update
php-posix: security update
php-shmop: security update
php-sysvsem: security update
php-sysvshm: security update
php-exif: security update
php-gd: security update
php5-perl: security update
php-imap: security update
php-bcmath: security update
php-calendar: security update
php-mbstring: security update
php-ming: security update
php-ftp: security update
php-snmp: security update
php-sockets: security update
php-xmlrpc: security update
php-yaz: security update
php5-soap: security update
php-pdflib: security update
php-mcrypt: security update
php-mhash: security update
php-suhosin: security update
php-json: security update
php-pspell: security update
php-wddx: security update
php5-dom: security update
php5-xsl: security update
php-apc: security update
php-curl: security update
php-eaccelerator: security update

Revisions pulled up:
- archivers/php-zlib/Makefile			1.14
- databases/php-dba/Makefile			1.12
- databases/php-ldap/Makefile			1.16
- databases/php-mssql/Makefile			1.12
- databases/php-pdo_dblib/Makefile		1.12
- databases/php-pdo_pgsql/Makefile		1.13
- databases/php-pgsql/Makefile			1.14
- graphics/php-exif/Makefile			1.8
- graphics/php-gd/Makefile			1.22
- lang/php5/Makefile				1.77-1.78
- lang/php5/Makefile.common			1.40
- lang/php5/Makefile.php			1.39-1.41
- lang/php5/distinfo				1.73,1.76
- mail/php-imap/Makefile			1.20
- net/php-ftp/Makefile				1.12
- print/php-pdflib/Makefile			1.13
- www/php-curl/Makefile				1.16
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sat Feb 27 03:25:17 UTC 2010

Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.common Makefile.php distinfo

Log Message:
Update php5 package to 5.2.13.

25 Feb 2010, PHP 5.2.13
- Updated timezone database to version 2010.2. (Derick)
- Upgraded bundled PCRE to version 7.9. (Ilia)

- Removed automatic file descriptor unlocking happening on shutdown and/or
  stream close (on all OSes excluding Windows). (Tony, Ilia)

- Changed tidyNode class to disallow manual node creation. (Pierrick)

- Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL.
  (Ilia)

- Improved LCG entropy. (Rasmus, Samy Kamkar)

- Fixed safe_mode validation inside tempnam() when the directory path does
  not end with a /). (Martin Jansen)
- Fixed a possible open_basedir/safe_mode bypass in session extension
  identified by Grzegorz Stachowiak. (Ilia)
- Fixed bug in bundled libgd causing spurious horizontal lines drawn by
  gdImageFilledPolygon (libgd #100). (Takeshi Abe)
- Fixed build of mysqli with MySQL 5.5.0-m2. (Andrey)

- Fixed bug #50940 Custom content-length set incorrectly in Apache sapis.
  (Brian France, Rasmus)
- Fixed bug #50930 (Wrong date by php_date.c patch with ancient gcc/glibc
  versions). (Derick)
- Fixed bug #50859 (build fails with openssl 1.0 due to md2 deprecation).
  (Ilia, hanno at hboeck dot de)
- Fixed bug #50847 (strip_tags() removes all tags greater then 1023 bytes
  long). (Ilia)
- Fixed bug #50832 (HTTP fopen wrapper does not support passwordless HTTP
  authentication). (Jani)
- Fixed bug #50823 (ReflectionFunction::isDeprecated producing "cannot be called
  statically" error). (Jani, Felipe)
- Fixed bug #50791 (Compile failure: Bad logic in defining fopencookie
  emulation). (Jani)
- Fixed bug #50787 (stream_set_write_buffer() has no effect on socket
  streams). (vnegrier at optilian dot com, Ilia)
- Fixed bug #50772 (mysqli constructor without parameters does not return a
  working mysqli object). (Andrey)
- Fixed bug #50761 (system.multiCall crashes in xmlrpc extension). (hiroaki
  dot kawai at gmail dot com, Ilia)
- Fixed bug #50732 (exec() adds single byte twice to $output array). (Ilia)
- Fixed bug #50728 (All PDOExceptions hardcode 'code' property to 0). (Joey,
  Ilia)
- Fixed bug #50727 (Accessing mysqli->affected_rows on no connection causes
  segfault). (Andrey, Johannes)
- Fixed bug #50680 (strtotime() does not support eighth ordinal number).
  (Ilia)
- Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob)
- Fixed bug #50657 (copy() with an empty (zero-byte) HTTP source succeeds but
  returns false). (Ilia)
- Fixed bug #50636 (MySQLi_Result sets values before calling constructor).
  (Pierrick)
- Fixed bug #50632 (filter_input() does not return default value if the
  variable does not exist). (Ilia)
- Fixed bug #50576 (XML_OPTION_SKIP_TAGSTART option has no effect). (Pierrick)
- Fixed bug #50575 (PDO_PGSQL LOBs are not compatible with PostgreSQL 8.5).
  (Matteo)
- Fixed bug #50558 (Broken object model when extending tidy). (Pierrick)
- Fixed bug #50540 (Crash while running ldap_next_reference test cases).
  (Sriram)
- Fixed bug #50508 (compile failure: Conflicting HEADER type declarations).
  (Jani)
- Fixed bug #50394 (Reference argument converted to value in __call). (Stas)
- Fixed bug #49851 (http wrapper breaks on 1024 char long headers). (Ilia)
- Fixed bug #49600 (imageTTFText text shifted right). (Takeshi Abe)
- Fixed bug #49585 (date_format buffer not long enough for >4 digit years).
  (Derick, Adam)
- Fixed bug #49463 (setAttributeNS fails setting default namespace). (Rob)
- Fixed bug #48667 (Implementing Iterator and IteratorAggregate). (Etienne)
- Fixed bug #48590 (SoapClient does not honor max_redirects). (Sriram)
- Fixed bug #48190 (Content-type parameter "boundary" is not case-insensitive
  in HTTP uploads). (Ilia)
- Fixed bug #47601 (defined() requires class to exist when testing for class
  constants). (Ilia)
- Fixed bug #47409 (extract() problem with array containing word "this").
  (Ilia, chrisstocktonaz at gmail dot com)
- Fixed bug #47002 (Field truncation when reading from dbase dbs with more
  then 1024 fields). (Ilia, sjoerd-php at linuxonly dot nl)
- Fixed bug #45599 (strip_tags() truncates rest of string with invalid
  attribute). (Ilia, hradtke)
- Fixed bug #44827 (define() allows :: in constant names). (Ilia)
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sat Feb 27 03:35:12 UTC 2010

Modified Files:
	pkgsrc/archivers/php-zlib: Makefile
	pkgsrc/databases/php-dba: Makefile
	pkgsrc/databases/php-ldap: Makefile
	pkgsrc/databases/php-mssql: Makefile
	pkgsrc/databases/php-pdo_dblib: Makefile
	pkgsrc/databases/php-pdo_pgsql: Makefile
	pkgsrc/databases/php-pgsql: Makefile
	pkgsrc/graphics/php-exif: Makefile
	pkgsrc/graphics/php-gd: Makefile
	pkgsrc/mail/php-imap: Makefile
	pkgsrc/net/php-ftp: Makefile
	pkgsrc/print/php-pdflib: Makefile
	pkgsrc/www/php-curl: Makefile

Log Message:
Reset PKGREVISION.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Wed Mar  3 10:51:35 UTC 2010

Modified Files:
	pkgsrc/lang/php5: Makefile.php

Log Message:
Re-enable suhosin option since there is no need to disable it.

Noted by Volkmar Seifert and I misunderstood something.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Thu Mar  4 15:36:04 UTC 2010

Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.php distinfo

Log Message:
Update suhosin patch for PHP 5.2.13.

Bump PKGREVISION.

Revision 1.78 / (download) - annotate - [select for diffs], Thu Mar 4 15:36:04 2010 UTC (12 years, 10 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2010Q2-base, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Branch point for: pkgsrc-2010Q2
Changes since 1.77: +2 -1 lines
Diff to previous 1.77 (colored)

Update suhosin patch for PHP 5.2.13.

Bump PKGREVISION.

Revision 1.77 / (download) - annotate - [select for diffs], Sat Feb 27 03:25:16 2010 UTC (12 years, 11 months ago) by taca
Branch: MAIN
Changes since 1.76: +1 -2 lines
Diff to previous 1.76 (colored)

Update php5 package to 5.2.13.

25 Feb 2010, PHP 5.2.13
- Updated timezone database to version 2010.2. (Derick)
- Upgraded bundled PCRE to version 7.9. (Ilia)

- Removed automatic file descriptor unlocking happening on shutdown and/or
  stream close (on all OSes excluding Windows). (Tony, Ilia)

- Changed tidyNode class to disallow manual node creation. (Pierrick)

- Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL.
  (Ilia)

- Improved LCG entropy. (Rasmus, Samy Kamkar)

- Fixed safe_mode validation inside tempnam() when the directory path does
  not end with a /). (Martin Jansen)
- Fixed a possible open_basedir/safe_mode bypass in session extension
  identified by Grzegorz Stachowiak. (Ilia)
- Fixed bug in bundled libgd causing spurious horizontal lines drawn by
  gdImageFilledPolygon (libgd #100). (Takeshi Abe)
- Fixed build of mysqli with MySQL 5.5.0-m2. (Andrey)

- Fixed bug #50940 Custom content-length set incorrectly in Apache sapis.
  (Brian France, Rasmus)
- Fixed bug #50930 (Wrong date by php_date.c patch with ancient gcc/glibc
  versions). (Derick)
- Fixed bug #50859 (build fails with openssl 1.0 due to md2 deprecation).
  (Ilia, hanno at hboeck dot de)
- Fixed bug #50847 (strip_tags() removes all tags greater then 1023 bytes
  long). (Ilia)
- Fixed bug #50832 (HTTP fopen wrapper does not support passwordless HTTP
  authentication). (Jani)
- Fixed bug #50823 (ReflectionFunction::isDeprecated producing "cannot be called
  statically" error). (Jani, Felipe)
- Fixed bug #50791 (Compile failure: Bad logic in defining fopencookie
  emulation). (Jani)
- Fixed bug #50787 (stream_set_write_buffer() has no effect on socket
  streams). (vnegrier at optilian dot com, Ilia)
- Fixed bug #50772 (mysqli constructor without parameters does not return a
  working mysqli object). (Andrey)
- Fixed bug #50761 (system.multiCall crashes in xmlrpc extension). (hiroaki
  dot kawai at gmail dot com, Ilia)
- Fixed bug #50732 (exec() adds single byte twice to $output array). (Ilia)
- Fixed bug #50728 (All PDOExceptions hardcode 'code' property to 0). (Joey,
  Ilia)
- Fixed bug #50727 (Accessing mysqli->affected_rows on no connection causes
  segfault). (Andrey, Johannes)
- Fixed bug #50680 (strtotime() does not support eighth ordinal number).
  (Ilia)
- Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob)
- Fixed bug #50657 (copy() with an empty (zero-byte) HTTP source succeeds but
  returns false). (Ilia)
- Fixed bug #50636 (MySQLi_Result sets values before calling constructor).
  (Pierrick)
- Fixed bug #50632 (filter_input() does not return default value if the
  variable does not exist). (Ilia)
- Fixed bug #50576 (XML_OPTION_SKIP_TAGSTART option has no effect). (Pierrick)
- Fixed bug #50575 (PDO_PGSQL LOBs are not compatible with PostgreSQL 8.5).
  (Matteo)
- Fixed bug #50558 (Broken object model when extending tidy). (Pierrick)
- Fixed bug #50540 (Crash while running ldap_next_reference test cases).
  (Sriram)
- Fixed bug #50508 (compile failure: Conflicting HEADER type declarations).
  (Jani)
- Fixed bug #50394 (Reference argument converted to value in __call). (Stas)
- Fixed bug #49851 (http wrapper breaks on 1024 char long headers). (Ilia)
- Fixed bug #49600 (imageTTFText text shifted right). (Takeshi Abe)
- Fixed bug #49585 (date_format buffer not long enough for >4 digit years).
  (Derick, Adam)
- Fixed bug #49463 (setAttributeNS fails setting default namespace). (Rob)
- Fixed bug #48667 (Implementing Iterator and IteratorAggregate). (Etienne)
- Fixed bug #48590 (SoapClient does not honor max_redirects). (Sriram)
- Fixed bug #48190 (Content-type parameter "boundary" is not case-insensitive
  in HTTP uploads). (Ilia)
- Fixed bug #47601 (defined() requires class to exist when testing for class
  constants). (Ilia)
- Fixed bug #47409 (extract() problem with array containing word "this").
  (Ilia, chrisstocktonaz at gmail dot com)
- Fixed bug #47002 (Field truncation when reading from dbase dbs with more
  then 1024 fields). (Ilia, sjoerd-php at linuxonly dot nl)
- Fixed bug #45599 (strip_tags() truncates rest of string with invalid
  attribute). (Ilia, hradtke)
- Fixed bug #44827 (define() allows :: in constant names). (Ilia)

Revision 1.76 / (download) - annotate - [select for diffs], Sun Jan 17 12:02:22 2010 UTC (13 years ago) by wiz
Branch: MAIN
Changes since 1.75: +2 -1 lines
Diff to previous 1.75 (colored)

Recursive PKGREVISION bump for jpeg update to 8.

Revision 1.72.4.2 / (download) - annotate - [select for diffs], Wed Dec 23 19:09:51 2009 UTC (13 years, 1 month ago) by spz
Branch: pkgsrc-2009Q3
Changes since 1.72.4.1: +1 -2 lines
Diff to previous 1.72.4.1 (colored) to branchpoint 1.72 (colored) next main 1.73 (colored)

Pullup ticket 2955 - requested by taca
security update

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.75
- pkgsrc/lang/php5/Makefile.common		1.39
- pkgsrc/lang/php5/PLIST			1.25
- pkgsrc/lang/php5/distinfo			1.71
- pkgsrc/lang/php5/patches/patch-ag		1.4
- pkgsrc/lang/php5/patches/patch-ah		1.3
- pkgsrc/textproc/php5-xsl/Makefile		1.13

Files removed:
pkgsrc/lang/php5/patches/patch-ay
pkgsrc/lang/php5/patches/patch-az
pkgsrc/lang/php5/patches/patch-ba
pkgsrc/lang/php5/patches/patch-bb
pkgsrc/lang/php5/patches/patch-bc
pkgsrc/lang/php5/patches/patch-bd

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Wed Dec 23 07:07:35 UTC 2009

   Modified Files:
           pkgsrc/lang/php5: Makefile Makefile.common PLIST distinfo
           pkgsrc/lang/php5/patches: patch-ag patch-ah
   Removed Files:
           pkgsrc/lang/php5/patches: patch-ay patch-az patch-ba patch-bb
               patch-bc patch-bd

   Log Message:
   Update lang/php5 to 5.2.12, security update.

   Security Enhancements and Fixes in PHP 5.2.12:

   * Fixed a safe_mode bypass in tempnam() identified by Grzegorz
     Stachowiak. (CVE-2009-3557, Rasmus)
   * Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
     Stachowiak. (CVE-2009-3558, Rasmus)
   * Added "max_file_uploads" INI directive, which can be set to limit the
     number of file uploads per-request to 20 by default, to prevent possible
     DOS via temporary file exhaustion, identified by Bogdan
     Calin. (CVE-2009-4017, Ilia)
   * Added protection for $_SESSION from interrupt corruption and improved
     "session.save_path" check, identified by Stefan Esser. (CVE-2009-4143,
     Stas)
   * Fixed bug #49785 (insufficient input string validation of
     htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)

   Key enhancements in PHP 5.2.12 include:

   * Fixed unnecessary invocation of setitimer when timeouts have been
     disabled. (Arvind Srinivasan)
   * Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
   * Fixed crash in SQLiteDatabase::ArrayQuery() and
     SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe)
   * Fixed crash when instantiating PDORow and PDOStatement through
     Reflection. (Felipe)
   * Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe)
   * Fixed bug #50207 (segmentation fault when concatenating very large strings
     on 64bit linux). (Ilia)
   * Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle
     database). (Felipe)
   * Fixed bug #50006 (Segfault caused by uksort()). (Felipe)
   * Fixed bug #50005 (Throwing through Reflection modified Exception object
     makes segmentation fault). (Felipe)
   * Fixed bug #49174 (crash when extending PDOStatement and trying to set
     queryString property). (Felipe)
   * Fixed bug #49098 (mysqli segfault on error). (Rasmus)
   * Over 50 other bug fixes.


   To generate a diff of this commit:
   cvs rdiff -u -r1.74 -r1.75 pkgsrc/lang/php5/Makefile
   cvs rdiff -u -r1.38 -r1.39 pkgsrc/lang/php5/Makefile.common
   cvs rdiff -u -r1.24 -r1.25 pkgsrc/lang/php5/PLIST
   cvs rdiff -u -r1.70 -r1.71 pkgsrc/lang/php5/distinfo
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php5/patches/patch-ag
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php5/patches/patch-ah
   cvs rdiff -u -r1.2 -r0 pkgsrc/lang/php5/patches/patch-ay \
       pkgsrc/lang/php5/patches/patch-az
   cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-ba \
       pkgsrc/lang/php5/patches/patch-bb pkgsrc/lang/php5/patches/patch-bc \
       pkgsrc/lang/php5/patches/patch-bd

   --------------------------------------------------------------------------

   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Wed Dec 23 07:08:31 UTC 2009

   Modified Files:
           pkgsrc/textproc/php5-xsl: Makefile

   Log Message:
   Reset PKGREVISION by implicit update to 5.2.12.


   To generate a diff of this commit:
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/textproc/php5-xsl/Makefile

Revision 1.75 / (download) - annotate - [select for diffs], Wed Dec 23 07:07:34 2009 UTC (13 years, 1 month ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base
Branch point for: pkgsrc-2009Q4
Changes since 1.74: +1 -2 lines
Diff to previous 1.74 (colored)

Update lang/php5 to 5.2.12, security update.


Security Enhancements and Fixes in PHP 5.2.12:

* Fixed a safe_mode bypass in tempnam() identified by Grzegorz
  Stachowiak. (CVE-2009-3557, Rasmus)
* Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
  Stachowiak. (CVE-2009-3558, Rasmus)
* Added "max_file_uploads" INI directive, which can be set to limit the
  number of file uploads per-request to 20 by default, to prevent possible
  DOS via temporary file exhaustion, identified by Bogdan
  Calin. (CVE-2009-4017, Ilia)
* Added protection for $_SESSION from interrupt corruption and improved
  "session.save_path" check, identified by Stefan Esser. (CVE-2009-4143,
  Stas)
* Fixed bug #49785 (insufficient input string validation of
  htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)

Key enhancements in PHP 5.2.12 include:

* Fixed unnecessary invocation of setitimer when timeouts have been
  disabled. (Arvind Srinivasan)
* Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
* Fixed crash in SQLiteDatabase::ArrayQuery() and
  SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe)
* Fixed crash when instantiating PDORow and PDOStatement through
  Reflection. (Felipe)
* Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe)
* Fixed bug #50207 (segmentation fault when concatenating very large strings
  on 64bit linux). (Ilia)
* Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle
  database). (Felipe)
* Fixed bug #50006 (Segfault caused by uksort()). (Felipe)
* Fixed bug #50005 (Throwing through Reflection modified Exception object
  makes segmentation fault). (Felipe)
* Fixed bug #49174 (crash when extending PDOStatement and trying to set
  queryString property). (Felipe)
* Fixed bug #49098 (mysqli segfault on error). (Rasmus)
* Over 50 other bug fixes.

Revision 1.72.4.1 / (download) - annotate - [select for diffs], Mon Nov 30 23:10:19 2009 UTC (13 years, 2 months ago) by tron
Branch: pkgsrc-2009Q3
Changes since 1.72: +10 -9 lines
Diff to previous 1.72 (colored)

Pullup ticket #2939 - requested by taca
php5: security patch

Revisions pulled up:
- lang/php5/Makefile				1.73-1.74
- lang/php5/distinfo				1.69-1.70
- lang/php5/patches/patch-ag			1.3
- lang/php5/patches/patch-ah			1.2
- lang/php5/patches/patch-ay			1.2
- lang/php5/patches/patch-az			1.1-1.2
- lang/php5/patches/patch-ba			1.1
- lang/php5/patches/patch-bb			1.1
- lang/php5/patches/patch-bc			1.1
- lang/php5/patches/patch-bd			1.1
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Thu Oct 22 14:49:06 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile distinfo
Added Files:
	pkgsrc/lang/php5/patches: patch-az

Log Message:
Add patch to check byte sequence more strictly in htmlspecialchars().

	http://bugs.php.net/bug.php?id=49785

These are patch refrects r289411, r289554, r289565, r289567 and r289605
in PHP svn repositry.

Bump PKGREVISION.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Nov 30 06:14:08 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile distinfo
	pkgsrc/lang/php5/patches: patch-ag patch-ah patch-ay patch-az
Added Files:
	pkgsrc/lang/php5/patches: patch-ba patch-bb patch-bc patch-bd

Log Message:
Add fixes for http://secunia.com/advisories/37412/ from PHP's repositry.

1. CVE-2009-3292 is already fixed in 5.2.11.

2. CVE-2009-3558

	http://svn.php.net/viewvc?view=revision&revision=288934

3. CVE-2009-3557

	http://svn.php.net/viewvc?view=revision&revision=288945
	http://svn.php.net/viewvc?view=revision&revision=288971

4. CVE-2009-4017

	http://svn.php.net/viewvc?view=revision&revision=289990
	http://svn.php.net/viewvc?view=revision&revision=290820
	http://svn.php.net/viewvc?view=revision&revision=290885

Other pkgsrc changes:

* Don't hardcord /usr/pkg in php.ini-dist and php.ini-recommended.
* Add comments to some of patch files.

Bump PKGREVISION.

Revision 1.74 / (download) - annotate - [select for diffs], Mon Nov 30 06:14:08 2009 UTC (13 years, 2 months ago) by taca
Branch: MAIN
Changes since 1.73: +10 -10 lines
Diff to previous 1.73 (colored)

Add fixes for http://secunia.com/advisories/37412/ from PHP's repositry.

1. CVE-2009-3292 is already fixed in 5.2.11.

2. CVE-2009-3558

	http://svn.php.net/viewvc?view=revision&revision=288934

3. CVE-2009-3557

	http://svn.php.net/viewvc?view=revision&revision=288945
	http://svn.php.net/viewvc?view=revision&revision=288971

4. CVE-2009-4017

	http://svn.php.net/viewvc?view=revision&revision=289990
	http://svn.php.net/viewvc?view=revision&revision=290820
	http://svn.php.net/viewvc?view=revision&revision=290885

Other pkgsrc changes:

* Don't hardcord /usr/pkg in php.ini-dist and php.ini-recommended.
* Add comments to some of patch files.

Bump PKGREVISION.

Revision 1.73 / (download) - annotate - [select for diffs], Thu Oct 22 14:49:06 2009 UTC (13 years, 3 months ago) by taca
Branch: MAIN
Changes since 1.72: +2 -1 lines
Diff to previous 1.72 (colored)

Add patch to check byte sequence more strictly in htmlspecialchars().

	http://bugs.php.net/bug.php?id=49785

These are patch refrects r289411, r289554, r289565, r289567 and r289605
in PHP svn repositry.

Bump PKGREVISION.

Revision 1.72 / (download) - annotate - [select for diffs], Tue Jun 9 15:15:07 2009 UTC (13 years, 7 months ago) by sketch
Branch: MAIN
CVS Tags: pkgsrc-2009Q3-base, pkgsrc-2009Q2-base, pkgsrc-2009Q2
Branch point for: pkgsrc-2009Q3
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)

Requires pkg-config to find openssl dependancy.

Revision 1.69.2.1 / (download) - annotate - [select for diffs], Sun Mar 15 19:21:22 2009 UTC (13 years, 10 months ago) by tron
Branch: pkgsrc-2008Q4
Changes since 1.69: +1 -1 lines
Diff to previous 1.69 (colored) next main 1.70 (colored)

Pullup ticket #2721 - requested by adrianp
php5: security update

Revisions pulled up:
- lang/php5/MESSAGE.suhosin			1.1 via patch
- lang/php5/Makefile				1.71 via patch
- lang/php5/Makefile.common			1.35
- lang/php5/Makefile.php			1.33-1.34
- lang/php5/PLIST				1.21
- lang/php5/distinfo				1.61-1.62
- lang/php5/patches/patch-an			patch
- lang/php5/patches/patch-ar			patch
- lang/php5/patches/patch-as			delete
---
Module Name:	pkgsrc
Committed By:	adrianp
Date:		Mon Mar  2 22:52:17 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.common Makefile.php PLIST distinfo
Removed Files:
	pkgsrc/lang/php5/patches: patch-as

Log Message:
The PHP development team would like to announce the immediate availability of PHP 5.2.9. This release focuses on improving the stability of the PHP 5.2.x branch with over 50 bug fixes, several of which are security related. All users of PHP are encouraged to upgrade to this release.

Security Enhancements and Fixes in PHP 5.2.9:

    * Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. Reported by Hamid Ebadi, APA Laboratory (Fixes CVE-2008-5498). (Scott)
    * Fixed a crash on extract in zip when files or directories entry names contain a relative path. (Pierre)
    * Fixed explode() behavior with empty string to respect negative limit. (Shire)
    * Fixed a segfault when malformed string is passed to json_decode(). (Scott)

Key enhancements in PHP 5.2.9 include:

    * Added optional sorting type flag parameter to array_unique(). Default is SORT_REGULAR. (Andrei)
    * Fixed bug #45996 (libxml2 2.7 causes breakage with character data in xml_parse()). (Rob)
    * A number of fixes in the mbstring extension (Moriyoshi)
    * Fixed bug #44336 (Improve pcre UTF-8 string matching performance). (frode at coretrek dot com, Nuno)
    * Fixed bug #46699 (xml_parse crash when parser is namespace aware). (Rob)
    * Fixed bug #46748 (Segfault when an SSL error has more than one error). (Scott)
    * Fixed bug #46889 (Memory leak in strtotime()). (Derick)
    * Fixed bug #47049 (SoapClient::__soapCall causes a segmentation fault). (Dmitry)
    * Fixed bug #47165 (Possible memory corruption when passing return value by reference). (Dmitry)
    * Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email addresses as invalid). (Ilia)
    * Fixed bug #47422 (modulus operator returns incorrect results on 64 bit linux). (Matt)
    * Over 50 bug fixes.
---
Module Name:	pkgsrc
Committed By:	adrianp
Date:		Thu Mar  5 23:22:24 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile.php distinfo

Log Message:
Add back suhosin patch as a new one for 5.2.9 is out

Revision 1.71 / (download) - annotate - [select for diffs], Mon Mar 2 22:52:17 2009 UTC (13 years, 11 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2009Q1-base, pkgsrc-2009Q1
Changes since 1.70: +1 -2 lines
Diff to previous 1.70 (colored)

The PHP development team would like to announce the immediate availability of PHP 5.2.9. This release focuses on improving the stability of the PHP 5.2.x branch with over 50 bug fixes, several of which are security related. All users of PHP are encouraged to upgrade to this release.

Security Enhancements and Fixes in PHP 5.2.9:

    * Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. Reported by Hamid Ebadi, APA Laboratory (Fixes CVE-2008-5498). (Scott)
    * Fixed a crash on extract in zip when files or directories entry names contain a relative path. (Pierre)
    * Fixed explode() behavior with empty string to respect negative limit. (Shire)
    * Fixed a segfault when malformed string is passed to json_decode(). (Scott)

Key enhancements in PHP 5.2.9 include:

    * Added optional sorting type flag parameter to array_unique(). Default is SORT_REGULAR. (Andrei)
    * Fixed bug #45996 (libxml2 2.7 causes breakage with character data in xml_parse()). (Rob)
    * A number of fixes in the mbstring extension (Moriyoshi)
    * Fixed bug #44336 (Improve pcre UTF-8 string matching performance). (frode at coretrek dot com, Nuno)
    * Fixed bug #46699 (xml_parse crash when parser is namespace aware). (Rob)
    * Fixed bug #46748 (Segfault when an SSL error has more than one error). (Scott)
    * Fixed bug #46889 (Memory leak in strtotime()). (Derick)
    * Fixed bug #47049 (SoapClient::__soapCall causes a segmentation fault). (Dmitry)
    * Fixed bug #47165 (Possible memory corruption when passing return value by reference). (Dmitry)
    * Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email addresses as invalid). (Ilia)
    * Fixed bug #47422 (modulus operator returns incorrect results on 64 bit linux). (Matt)
    * Over 50 bug fixes.

Revision 1.70 / (download) - annotate - [select for diffs], Sat Feb 7 18:03:00 2009 UTC (13 years, 11 months ago) by adrianp
Branch: MAIN
Changes since 1.69: +2 -1 lines
Diff to previous 1.69 (colored)

Get SSL support working on OpenSolaris.  Unfortunately on OpenSolairs the
OpenSSL install is split between /lib and /usr/include/openssl with plays
havoc with the php ./configure as it assumes both have the same base
directory (e.g. /usr).  This patch uses a modified inbuilt check for
OpenSSL instead of explicitly specifying a base using --with-openssl.

Revision 1.69 / (download) - annotate - [select for diffs], Wed Dec 10 19:37:01 2008 UTC (14 years, 1 month ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2008Q4-base
Branch point for: pkgsrc-2008Q4
Changes since 1.68: +1 -2 lines
Diff to previous 1.68 (colored)

Update to 5.2.8.

Security Enhancements and Fixes in PHP 5.2.7:

Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371)
Fixed missing initialization of BG(page_uid) and BG(page_gid), reported by Maksymilian Arciemowicz.
Fixed incorrect php_value order for Apache configuration, reported by Maksymilian Arciemowicz.
Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658).
Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659).
Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666.
Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).(Fixes CVE-2008-3660)
Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer overflow). (Fixes CVE-2008-2829)
Key enhancements in PHP 5.2.7 include:

Fixed several memory leaks inside the readline and sqlite extensions
A number of corrections relating to date parsing inside the date extension
Fixed bugs relating to data retrieval in the PDO extension
A series of crashes in various areas of code were resolved
Several corrections were made to the strip_tags() function in terms of < and <?XML handling
A number of bugs were fixed in extract() function when EXTR_REFS flag is being used
Added the ability to log PHP errors to the SAPI (Ex. Apache log) logging facility
Over 170 bug fixes.

5.2.8
Reverted bug fix Fixed bug #42718 that broke magic_quotes_gpc (Scott)

Revision 1.68 / (download) - annotate - [select for diffs], Mon Dec 8 14:52:00 2008 UTC (14 years, 1 month ago) by adrianp
Branch: MAIN
Changes since 1.67: +1 -0 lines
Diff to previous 1.67 (colored)

Revert to 5.2.6:
http://www.php.net/archive/2008.php#id2008-12-07-1

Thanks to tron@ for the heads up

Revision 1.67 / (download) - annotate - [select for diffs], Fri Dec 5 13:07:37 2008 UTC (14 years, 1 month ago) by adrianp
Branch: MAIN
Changes since 1.66: +1 -2 lines
Diff to previous 1.66 (colored)

Update to 5.2.7.

Security Enhancements and Fixes in PHP 5.2.7:

Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371)
Fixed missing initialization of BG(page_uid) and BG(page_gid), reported by Maksymilian Arciemowicz.
Fixed incorrect php_value order for Apache configuration, reported by Maksymilian Arciemowicz.
Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658).
Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659).
Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666.
Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).(Fixes CVE-2008-3660)
Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer overflow). (Fixes CVE-2008-2829)
Key enhancements in PHP 5.2.7 include:

Fixed several memory leaks inside the readline and sqlite extensions
A number of corrections relating to date parsing inside the date extension
Fixed bugs relating to data retrieval in the PDO extension
A series of crashes in various areas of code were resolved
Several corrections were made to the strip_tags() function in terms of < and <?XML handling
A number of bugs were fixed in extract() function when EXTR_REFS flag is being used
Added the ability to log PHP errors to the SAPI (Ex. Apache log) logging facility
Over 170 bug fixes.

Revision 1.66 / (download) - annotate - [select for diffs], Sun Aug 17 18:36:50 2008 UTC (14 years, 5 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2008Q3-base, pkgsrc-2008Q3, cube-native-xorg-base, cube-native-xorg
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)

This adds ${PREFIX}/lib/php to the default include_path in php.ini
which makes integration with PEAR a little simpler.
PKGREVISION++

Revision 1.65 / (download) - annotate - [select for diffs], Tue Jul 8 20:28:55 2008 UTC (14 years, 6 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base, pkgsrc-2008Q2, cwrapper
Changes since 1.64: +2 -2 lines
Diff to previous 1.64 (colored)

Fix PEAR installs where PKG_SYSCONFDIR is not the default.
Fixes PR 39081
PKGREVISION++

Revision 1.63.2.1 / (download) - annotate - [select for diffs], Thu May 15 09:56:31 2008 UTC (14 years, 8 months ago) by rtr
Branch: pkgsrc-2008Q1
Changes since 1.63: +1 -2 lines
Diff to previous 1.63 (colored) next main 1.64 (colored)

pullup ticket #2378 - requested by adrianp
php5: many security fixes

revisions pulled up:
- pkgsrc/lang/php5/Makefile		1.64
- pkgsrc/lang/php5/Makefile.common	1.29
- pkgsrc/lang/php5/distinfo		1.52

   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Sun May  4 16:50:44 UTC 2008

   Modified Files:
   	pkgsrc/lang/php5: Makefile Makefile.common distinfo

   Log Message:
   Security Enhancements and Fixes in PHP 5.2.6:

   Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
   Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
   Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
   Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
   Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
   Upgraded bundled PCRE to version 7.6

   Key enhancements in PHP 5.2.6 include:
   * Fixed two possible crashes inside the posix extension.
   * Fixed bug 44069 (Huge memory usage with concatenation using . instead of .=)
   * Fixed bug 44141 (private parent constructor callable through static function).
   * Fixed bug 43589 (a possible infinite loop in bz2_filter.c).
   * Fixed bug 43450 (Memory leak on some functions with implicit object __toString() call).
   * Fixed bug 43201 (Crash on using uninitialized vals and __get/__set).
   * Fixed bug 42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql).
   * Fixed bug 42937 (__call() method not invoked when methods are called on parent from child class).
   * Fixed bug 42736 (xmlrpc_server_call_method() crashes).
   * Fixed bug 42369 (Implicit conversion to string leaks memory).
   * Fixed bug 41562 (SimpleXML memory issue).
   * Over 120 bug fixes.

Revision 1.64 / (download) - annotate - [select for diffs], Sun May 4 16:50:44 2008 UTC (14 years, 8 months ago) by adrianp
Branch: MAIN
Changes since 1.63: +1 -2 lines
Diff to previous 1.63 (colored)

Security Enhancements and Fixes in PHP 5.2.6:

Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
Upgraded bundled PCRE to version 7.6

Key enhancements in PHP 5.2.6 include:
* Fixed two possible crashes inside the posix extension.
* Fixed bug 44069 (Huge memory usage with concatenation using . instead of .=)
* Fixed bug 44141 (private parent constructor callable through static function).
* Fixed bug 43589 (a possible infinite loop in bz2_filter.c).
* Fixed bug 43450 (Memory leak on some functions with implicit object __toString() call).
* Fixed bug 43201 (Crash on using uninitialized vals and __get/__set).
* Fixed bug 42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql).
* Fixed bug 42937 (__call() method not invoked when methods are called on parent from child class).
* Fixed bug 42736 (xmlrpc_server_call_method() crashes).
* Fixed bug 42369 (Implicit conversion to string leaks memory).
* Fixed bug 41562 (SimpleXML memory issue).
* Over 120 bug fixes.

See http://www.php.net/ChangeLog-5.php#5.2.6 for all the details

Revision 1.63 / (download) - annotate - [select for diffs], Fri Jan 18 05:06:44 2008 UTC (15 years ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base
Branch point for: pkgsrc-2008Q1
Changes since 1.62: +2 -1 lines
Diff to previous 1.62 (colored)

Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@

Revision 1.61.2.1 / (download) - annotate - [select for diffs], Wed Dec 5 14:07:18 2007 UTC (15 years, 1 month ago) by ghen
Branch: pkgsrc-2007Q3
Changes since 1.61: +1 -2 lines
Diff to previous 1.61 (colored) next main 1.62 (colored)

Pullup ticket 2239 - requested by adrianp
security update for php5

- pkgsrc/lang/php5/Makefile				1.62
- pkgsrc/lang/php5/Makefile.common			1.28
- pkgsrc/lang/php5/distinfo				1.50
- pkgsrc/lang/php5/patches/patch-ao			removed
- pkgsrc/lang/php5/patches/patch-ar			removed

   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Fri Nov 23 13:20:01 UTC 2007

   Modified Files:
	   pkgsrc/lang/php5: Makefile Makefile.common distinfo
   Removed Files:
	   pkgsrc/lang/php5/patches: patch-ao patch-ar

   Log Message:
   Update to 5.2.5

   * Security Enhancements and Fixes in PHP 5.2.5:
   Fixed dl() to only accept filenames. Reported by Laurent Gaffie.
   Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
   Reported by Laurent Gaffie.
   Fixed htmlentities/htmlspecialchars not to accept partial multibyte
   sequences. Reported by Rasmus Lerdorf
   Fixed possible triggering of buffer overflows inside glibc
   implementations of the fnmatch(), setlocale() and glob() functions.
   Reported by Laurent Gaffie.
   Fixed "mail.force_extra_parameters" php.ini directive not to be
   modifiable in .htaccess due to the security implications. Reported by
   SecurityReason.
   Fixed bug 42869 (automatic session id insertion adds sessions id to
   non-local forms).
   Fixed bug 41561 (Values set with php_admin_* in httpd.conf can be
   overwritten with ini_set()).

   * Key enhancements in PHP 5.2.5 include:
   Upgraded PCRE to version 7.3
   Updated timezone database to version 2007.9
   Added ability to control memory consumption between request using
   ZEND_MM_COMPACT environment variable.
   Improved speed of array_intersect_key(), array_intersect_assoc(),
   array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and
   array_udiff_assoc() functions
   Fixed bug 43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with
   fetchAll())
   Fixed bug 42785 (json_encode() formats doubles according to locale
   rather then following standard syntax)
   Fixed bug 42549 (ext/mysql failed to compile with libmysql 3.23)
   Over 60 bug fixes.

   For all the details see:
	   http://www.php.net/ChangeLog-5.php#5.2.5

Revision 1.62 / (download) - annotate - [select for diffs], Fri Nov 23 13:20:00 2007 UTC (15 years, 2 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4
Changes since 1.61: +1 -2 lines
Diff to previous 1.61 (colored)

Update to 5.2.5

* Security Enhancements and Fixes in PHP 5.2.5:
Fixed dl() to only accept filenames. Reported by Laurent Gaffie.
Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887). Reported by Laurent Gaffie.
Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences. Reported by Rasmus Lerdorf
Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie.
Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications. Reported by SecurityReason.
Fixed bug 42869 (automatic session id insertion adds sessions id to non-local forms).
Fixed bug 41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()).

* Key enhancements in PHP 5.2.5 include:
Upgraded PCRE to version 7.3
Updated timezone database to version 2007.9
Added ability to control memory consumption between request using ZEND_MM_COMPACT environment variable.
Improved speed of array_intersect_key(), array_intersect_assoc(), array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and array_udiff_assoc() functions
Fixed bug 43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with fetchAll())
Fixed bug 42785 (json_encode() formats doubles according to locale rather then following standard syntax)
Fixed bug 42549 (ext/mysql failed to compile with libmysql 3.23)
Over 60 bug fixes.

For all the details see:
	http://www.php.net/ChangeLog-5.php#5.2.5

Revision 1.61 / (download) - annotate - [select for diffs], Tue Sep 25 21:00:16 2007 UTC (15 years, 4 months ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base
Branch point for: pkgsrc-2007Q3
Changes since 1.60: +2 -1 lines
Diff to previous 1.60 (colored)

add test target, as suggested by Chris Ross on pkgsrc-users@n.o.

Revision 1.60 / (download) - annotate - [select for diffs], Tue Sep 4 23:39:31 2007 UTC (15 years, 4 months ago) by jdolecek
Branch: MAIN
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)

load extensions via dlopen(), in preference to using NsLinkModule() et.al. on Mac OS X,
so that symbols of loaded modules are available for other, dependant modules;
dlopen() is native function since 10.4, so actually apparently preferable interface
now

this is necessary for PDO family of modules (pdo_* depends on symbols of PDO module),
and for XSL module (which depends on symbols of DOM module); doing it this way
allows for PDO and DOM modules to be also shared and dynamically loaded, this avoids
need to compile them into main PHP binary

bump PKGREVISION, this is functionality change for Mac OS X (no change for other
platforms)

Revision 1.59 / (download) - annotate - [select for diffs], Tue Sep 4 22:12:23 2007 UTC (15 years, 4 months ago) by jdolecek
Branch: MAIN
Changes since 1.58: +7 -2 lines
Diff to previous 1.58 (colored)

install PHP unstripped on Darwin/Mac OS X, so that modules load properly; bump
PKGREVISION

PR: 36869 by Louis Guillaume

Revision 1.58 / (download) - annotate - [select for diffs], Mon Sep 3 11:48:44 2007 UTC (15 years, 4 months ago) by tron
Branch: MAIN
Changes since 1.57: +3 -1 lines
Diff to previous 1.57 (colored)

Stop the path to the wrapper "sed" script from ending up in "php-config".
Bump package revision.

Revision 1.57 / (download) - annotate - [select for diffs], Sun Sep 2 21:12:40 2007 UTC (15 years, 5 months ago) by jdolecek
Branch: MAIN
Changes since 1.56: +1 -2 lines
Diff to previous 1.56 (colored)

Update lang/php5 to 5.2.4 - miscellaneous security fixes and over 120 other
bug fixes

Revision 1.55.2.1 / (download) - annotate - [select for diffs], Mon Aug 6 21:13:13 2007 UTC (15 years, 5 months ago) by ghen
Branch: pkgsrc-2007Q2
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored) next main 1.56 (colored)

Pullup tickets 2161-2163 - requested by taca
security fix for php

- pkgsrc/lang/php5/Makefile				1.56
- pkgsrc/lang/php5/distinfo				1.45
- pkgsrc/lang/php5/patches/patch-ad			1.1
- pkgsrc/lang/php5/patches/patch-ae			1.1
- pkgsrc/www/ap-php/Makefile				1.15
- pkgsrc/www/php4/Makefile				1.79
- pkgsrc/www/php4/distinfo				1.66
- pkgsrc/www/php4/patches/patch-aw			1.3

   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Aug  1 01:40:55 UTC 2007

   Modified Files:
	   pkgsrc/www/php4: Makefile distinfo
   Added Files:
	   pkgsrc/www/php4/patches: patch-aw

   Log Message:
   Add patches to fix CVE-2007-3806 referring CVS repository.

   Bump PKGREVISION.
---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Aug  1 01:40:08 UTC 2007

   Modified Files:
	   pkgsrc/lang/php5: Makefile distinfo
   Added Files:
	   pkgsrc/lang/php5/patches: patch-ad patch-ae

   Log Message:
   - Add patches to fix CVE-2007-3806 referring CVS repository.
   - Fix compile problem on NetBSD with mremap(2).

   Bump PKGREVISION.
---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Aug  2 15:10:04 UTC 2007

   Modified Files:
	   pkgsrc/www/ap-php: Makefile

   Log Message:
   Update of www/php5 package affects ap-php, too.

   So, bump PKGREVISION.

   (I just forgot to commit.)

Revision 1.56 / (download) - annotate - [select for diffs], Wed Aug 1 01:40:07 2007 UTC (15 years, 6 months ago) by taca
Branch: MAIN
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)

- Add patches to fix CVE-2007-3806 referring CVS repository.
- Fix compile problem on NetBSD with mremap(2).

Bump PKGREVISION.

Revision 1.48.2.2 / (download) - annotate - [select for diffs], Thu Jun 14 23:34:08 2007 UTC (15 years, 7 months ago) by salo
Branch: pkgsrc-2007Q1
Changes since 1.48.2.1: +26 -9 lines
Diff to previous 1.48.2.1 (colored) to branchpoint 1.48 (colored) next main 1.49 (colored)

Pullup ticket 2113 - requested by adrianp
security update for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.52, 1.53, 1.54, 1.55
- pkgsrc/lang/php5/Makefile.common		1.26
- pkgsrc/lang/php5/distinfo			1.41, 1.42, 1.43, 1.44
- pkgsrc/lang/php5/patches/patch-am		1.3
- pkgsrc/lang/php5/patches/patch-an		1.3, 1.4

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Wed Jun  6 19:33:13 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile Makefile.common distinfo

   Log Message:
   Update to php-5.2.3

   Security Fixes
   * Fixed an integer overflow inside chunk_split() (by Gerhard Wagner,
     CVE-2007-2872)
   * Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche,
     CVE-2007-2756)
   * Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan
     Esser, CVE-2007-1900)
   * Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath())
     (by bugs dot php dot net at chsc dot dk)
   * Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
   * Added mysql_set_charset() to allow runtime altering of connection
     encoding.

   * Upgraded bundled SQLite 3 to version 3.3.17. (Ilia)
   * Fixed gd build when used with freetype 1.x (Pierre, Tony)

   And a fair few bugs fixed, see: http://www.php.net/ChangeLog-5.php#5.2.3
   for all the details.
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Thu Jun  7 10:45:18 UTC 2007

   Added Files:
   	pkgsrc/lang/php5/patches: patch-am

   Log Message:
   Add in the correct patch to fix CVE-2007-2872
   Spotted by Takahiro Kambe
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Thu Jun  7 10:45:42 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo

   Log Message:
   Add in the correct patch to fix CVE-2007-2872
   Spotted by Takahiro Kambe
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Fri Jun  8 12:29:53 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo
   Added Files:
   	pkgsrc/lang/php5/patches: patch-an

   Log Message:
   Fix the install path for the CGI binary so it ends up where we want it.
   Pointed out by schmonz@ and taca@
   Bump PKGREVISION
---
   Module Name:		pkgsrc
   Committed By:	heinz
   Date:		Mon Jun 11 17:45:30 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo
   	pkgsrc/lang/php5/patches: patch-an

   Log Message:
   Added support for installation to DESTDIR. patch-an had removed correct
   support for this before, probably unintentionally.

Revision 1.55 / (download) - annotate - [select for diffs], Mon Jun 11 17:45:30 2007 UTC (15 years, 7 months ago) by heinz
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base
Branch point for: pkgsrc-2007Q2
Changes since 1.54: +17 -9 lines
Diff to previous 1.54 (colored)

Added support for installation to DESTDIR. patch-an had removed correct
support for this before, probably unintentionally.

Revision 1.54 / (download) - annotate - [select for diffs], Fri Jun 8 12:29:53 2007 UTC (15 years, 7 months ago) by adrianp
Branch: MAIN
Changes since 1.53: +11 -3 lines
Diff to previous 1.53 (colored)

Fix the install path for the CGI binary so it ends up where we want it.
Pointed out by schmonz@ and taca@
Bump PKGREVISION

Revision 1.53 / (download) - annotate - [select for diffs], Thu Jun 7 10:45:42 2007 UTC (15 years, 7 months ago) by adrianp
Branch: MAIN
Changes since 1.52: +2 -1 lines
Diff to previous 1.52 (colored)

Add in the correct patch to fix CVE-2007-2872
Spotted by Takahiro Kambe

Revision 1.52 / (download) - annotate - [select for diffs], Wed Jun 6 19:33:12 2007 UTC (15 years, 7 months ago) by adrianp
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)

Update to php-5.2.3

Security Fixes
* Fixed an integer overflow inside chunk_split() (by Gerhard Wagner, CVE-2007-2872)
* Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche, CVE-2007-2756)
* Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan Esser, CVE-2007-1900)
* Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath()) (by bugs dot php dot net at chsc dot dk)
* Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
* Added mysql_set_charset() to allow runtime altering of connection encoding.

* Upgraded bundled SQLite 3 to version 3.3.17. (Ilia)
* Fixed gd build when used with freetype 1.x (Pierre, Tony)

And a fair few bugs fixed, see: http://www.php.net/ChangeLog-5.php#5.2.3
for all the details.

Revision 1.48.2.1 / (download) - annotate - [select for diffs], Tue May 15 23:42:38 2007 UTC (15 years, 8 months ago) by salo
Branch: pkgsrc-2007Q1
Changes since 1.48: +1 -2 lines
Diff to previous 1.48 (colored)

Pullup ticket 2085 - requested by adrianp
security update for php5

Updated via patch provided by the submitter.

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Sun May  6 20:07:37 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile Makefile.common distinfo
   Removed Files:
   	pkgsrc/lang/php5/patches: patch-ac

   Log Message:
   Update 5.2.2
   * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric)
   * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser)
   * Fixed a bug in mb_parse_str() that can be used to activate register_globals
     (MOPB-26 by Stefan Esser)
   * Fixed unallocated memory access/double free in in array_user_key_compare()
     (MOPB-24 by Stefan Esser)
   * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser)
   * Added missing open_basedir & safe_mode checks to zip:// and bzip://
   * wrappers.
     (MOPB-21 by Stefan Esser).
   * Limit nesting level of input variables with max_input_nesting_level as fix
   * for
     (MOPB-03 by Stefan Esser)
   * Fixed CRLF injection inside ftp_putcmd(). (by loveshell[at]Bug.Center.Team)
   * Fixed a possible super-global overwrite inside import_request_variables().
     (by Stefano Di Paola, Stefan Esser)
   * Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc
     library. (by Stanislav Malyshev)
   * Fixed a header injection via Subject and To parameters to the mail()
   * function
     (MOPB-34 by Stefan Esser)
   * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan
   * Esser)
   * Fixed substr_compare and substr_count information leak
     (MOPB-14 by Stefan Esser) (Stas, Ilia)
   * Fixed a remotely trigger-able buffer overflow inside
   * make_http_soap_request()
     (by Ilia Alshanetsky)
   * Fixed a buffer overflow inside user_filter_factory_create().
     (by Ilia Alshanetsky)

Revision 1.51 / (download) - annotate - [select for diffs], Sun May 6 20:07:28 2007 UTC (15 years, 8 months ago) by adrianp
Branch: MAIN
Changes since 1.50: +1 -2 lines
Diff to previous 1.50 (colored)

Update 5.2.2
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals
  (MOPB-26 by Stefan Esser)
* Fixed unallocated memory access/double free in in array_user_key_compare()
  (MOPB-24 by Stefan Esser)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser)
* Added missing open_basedir & safe_mode checks to zip:// and bzip:// wrappers.
  (MOPB-21 by Stefan Esser).
* Limit nesting level of input variables with max_input_nesting_level as fix for
  (MOPB-03 by Stefan Esser)
* Fixed CRLF injection inside ftp_putcmd(). (by loveshell[at]Bug.Center.Team)
* Fixed a possible super-global overwrite inside import_request_variables().
  (by Stefano Di Paola, Stefan Esser)
* Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc
  library. (by Stanislav Malyshev)
* Fixed a header injection via Subject and To parameters to the mail() function
  (MOPB-34 by Stefan Esser)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser)
* Fixed substr_compare and substr_count information leak
  (MOPB-14 by Stefan Esser) (Stas, Ilia)
* Fixed a remotely trigger-able buffer overflow inside make_http_soap_request()
  (by Ilia Alshanetsky)
* Fixed a buffer overflow inside user_filter_factory_create().
  (by Ilia Alshanetsky)

Revision 1.50 / (download) - annotate - [select for diffs], Sat May 5 21:45:12 2007 UTC (15 years, 8 months ago) by adrianp
Branch: MAIN
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)

Remove PEAR from the default PHP install

Revision 1.49 / (download) - annotate - [select for diffs], Sat Apr 28 22:05:50 2007 UTC (15 years, 9 months ago) by sborrill
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)

Patch to fix PHP bug #40326 (cannot open file from cwd if parent folder not
readable).
Patch will be in 5.2.2, so this patch can be removed once it has been
released.

Revision 1.47.2.1 / (download) - annotate - [select for diffs], Fri Mar 2 13:02:26 2007 UTC (15 years, 11 months ago) by salo
Branch: pkgsrc-2006Q4
Changes since 1.47: +2 -1 lines
Diff to previous 1.47 (colored) next main 1.48 (colored)

Pullup ticket 2035 - requested by bouyer
add back SSL extension for PHP5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile				1.48
- pkgsrc/lang/php5/Makefile.php				1.24
- pkgsrc/www/ap-php/Makefile				1.13

   Module Name:		pkgsrc
   Committed By:	jdolecek
   Date:		Sun Feb 25 20:05:11 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile Makefile.php

   Log Message:
   put back openssl extension, mistakely commented out in PHP 5.2.1 upgrade

   noted by Manuel Bouyer
---
   Module Name:		pkgsrc
   Committed By:	jdolecek
   Date:		Sun Feb 25 20:06:09 UTC 2007

   Modified Files:
   	pkgsrc/www/ap-php: Makefile

   Log Message:
   bump revision for openssl omission fix in lang/php5 for PHP 5.2.1

   noted by Manuel Bouyer

Revision 1.48 / (download) - annotate - [select for diffs], Sun Feb 25 20:05:11 2007 UTC (15 years, 11 months ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base
Branch point for: pkgsrc-2007Q1
Changes since 1.47: +2 -1 lines
Diff to previous 1.47 (colored)

put back openssl extension, mistakely commented out in PHP 5.2.1 upgrade

noted by Manuel Bouyer

Revision 1.47 / (download) - annotate - [select for diffs], Mon Nov 6 22:06:35 2006 UTC (16 years, 2 months ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base
Branch point for: pkgsrc-2006Q4
Changes since 1.46: +1 -2 lines
Diff to previous 1.46 (colored)

Update lang/php5 to 5.2.0.

Changes since 5.1.6:

The key features of PHP 5.2.0 include:
* New memory manager for the Zend Engine with improved performance and a more
  accurate memory usage tracking.
* Input filtering extension was added and enabled by default.
* JSON extension was added and enabled by default.
* ZIP extension for creating and editing zip files was introduced.
* Hooks for tracking file upload progress were introduced.
* Introduced E_RECOVERABLE_ERROR error mode.
* Introduced DateTime and DateTimeZone objects with methods to manipulate
  date/time information.
* Upgraded bundled SQLite, PCRE libraries.
* Upgraded OpenSSL, MySQL and PostgreSQL client libraries for Windows
  installations.
* Many performance improvements.
* Over 200 bug fixes.

Security Enhancements and Fixes in PHP 5.2.0:
* Made PostgreSQL escaping functions in PostgreSQL and PDO extension keep
  track of character set encoding whenever possible.
* Added allow_url_include, set to Off by default to disallow use of URLs
  for include and require.
* Disable realpath cache when open_basedir and safe_mode are being used.
* Improved safe_mode enforcement for error_log() function.
* Fixed a possible buffer overflow in the underlying code responsible
  for htmlspecialchars() and htmlentities() functions.
* Added missing safe_mode and open_basedir checks for the cURL extension.
* Fixed overflow is str_repeat() & wordwrap() functions on 64bit machines.
* Fixed handling of long paths inside the tempnam() function.
* Fixed safe_mode/open_basedir checks for session.save_path, allowing them
  to account for extra parameters.
* Fixed ini setting overload in the ini_restore() function.

For a full list of changes in PHP 5.2.0, see the ChangeLog:
	http://www.php.net/ChangeLog-5.php#5.2.0

Also other notable extensions changes:
* filePRO extension removed (not in PECL yet, php-filepro disabled for PHP5)
* JSON added (not enabled by default, packaged in php-json)
* filter added (enabled by default)
* wddx rewritten to native libxml2, fixing several encoding bugs

Revision 1.43.2.2 / (download) - annotate - [select for diffs], Sat Nov 4 16:25:31 2006 UTC (16 years, 2 months ago) by ghen
Branch: pkgsrc-2006Q3
Changes since 1.43.2.1: +2 -2 lines
Diff to previous 1.43.2.1 (colored) to branchpoint 1.43 (colored) next main 1.44 (colored)

Pullup ticket 1898 - requested by adrianp
security fix for php

- pkgsrc/lang/php5/Makefile			1.46
- pkgsrc/lang/php5/distinfo			1.32
- pkgsrc/lang/php5/patches/patch-av		1.3

   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Sat Nov  4 11:27:55 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile distinfo
   Added Files:
	pkgsrc/lang/php5/patches: patch-av

   Log Message:
   Fix for CVE-2006-5465 from PHP CVS
   http://www.hardened-php.net/advisory_132006.138.html

Revision 1.46 / (download) - annotate - [select for diffs], Sat Nov 4 11:27:55 2006 UTC (16 years, 2 months ago) by adrianp
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)

Fix for CVE-2006-5465 from PHP CVS
http://www.hardened-php.net/advisory_132006.138.html

Revision 1.43.2.1 / (download) - annotate - [select for diffs], Sun Oct 29 16:47:58 2006 UTC (16 years, 3 months ago) by ghen
Branch: pkgsrc-2006Q3
Changes since 1.43: +2 -1 lines
Diff to previous 1.43 (colored)

Pullup ticket 1889 - requested by adrianp
security fix for php

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.44-1.45
- pkgsrc/lang/php5/Makefile.php			1.20
- pkgsrc/lang/php5/distinfo			1.30
- pkgsrc/lang/php5/patches/patch-aa		1.1
- pkgsrc/lang/php5/patches/patch-ab		1.2
- pkgsrc/lang/www/ap-php/Makefile		1.12
- pkgsrc/lang/www/php4/Makefile			1.71-1.72
- pkgsrc/lang/www/php4/Makefile.php		1.36
- pkgsrc/lang/www/php4/distinfo			1.58
- pkgsrc/lang/www/php4/patches/patch-au		1.3

   Module Name:	pkgsrc
   Committed By:	jdolecek
   Date:		Fri Oct 20 22:10:34 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.php
	pkgsrc/www/ap-php: Makefile
	pkgsrc/www/php4: Makefile Makefile.php

   Log Message:
   remove --enable-memory-limit - 8MB is too low, and this just
   duplicates process resource limits, which already provide necessary
   "safety net" protection against rogue scripts

   bump PKGREVISION for this

   adressess PR pkg/32007 by "pancake"

   also remove --enable-track-vars, since that configure argument
   is long gone from PHP
---
   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Sun Oct 22 13:16:42 UTC 2006

   Modified Files:
	pkgsrc/www/php4: Makefile distinfo
   Added Files:
	pkgsrc/www/php4/patches: patch-au

   Log Message:
   Fix for CVE-2006-4625
   Bump nb
---
   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Sun Oct 22 13:19:19 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile distinfo
   Added Files:
	pkgsrc/lang/php5/patches: patch-aa patch-ab

   Log Message:
   Fixes for CVE-2006-4812 and CVE-2006-4625
   Bump nb

Revision 1.45 / (download) - annotate - [select for diffs], Sun Oct 22 13:19:19 2006 UTC (16 years, 3 months ago) by adrianp
Branch: MAIN
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)

Fixes for CVE-2006-4812 and CVE-2006-4625
Bump nb

Revision 1.44 / (download) - annotate - [select for diffs], Fri Oct 20 22:10:33 2006 UTC (16 years, 3 months ago) by jdolecek
Branch: MAIN
Changes since 1.43: +2 -1 lines
Diff to previous 1.43 (colored)

remove --enable-memory-limit - 8MB is too low, and this just
duplicates process resource limits, which already provide necessary
"safety net" protection against rogue scripts

bump PKGREVISION for this

adressess PR pkg/32007 by "pancake"

also remove --enable-track-vars, since that configure argument
is long gone from PHP

Revision 1.36.2.4 / (download) - annotate - [select for diffs], Sun Aug 20 11:25:49 2006 UTC (16 years, 5 months ago) by ghen
Branch: pkgsrc-2006Q2
Changes since 1.36.2.3: +1 -2 lines
Diff to previous 1.36.2.3 (colored) to branchpoint 1.36 (colored) next main 1.37 (colored)

Pullup ticket 1796 (part 2) - requested by taca
security update for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile				1.42
- pkgsrc/lang/php5/Makefile.common			1.19
- pkgsrc/lang/php5/distinfo				1.27
- pkgsrc/lang/php5/patches/patch-ao			removed
- pkgsrc/lang/php5/patches/patch-as			1.2
- pkgsrc/lang/php5/patches/patch-at			removed
- pkgsrc/lang/php5/patches/patch-av			removed
- pkgsrc/lang/php5/patches/patch-aw			removed

   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Aug 17 13:17:48 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile PLIST

   Log Message:
   Correct PLIST to fix a binary package:

   - remove an extra directory.
   - handle empty directories.
---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Aug 19 14:47:44 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile PLIST

   Log Message:
   More fix of PLIST, now pkg_delete should always succeed.
---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Aug 19 16:44:15 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.common distinfo
	pkgsrc/lang/php5/patches: patch-as
   Removed Files:
	pkgsrc/lang/php5/patches: patch-ao patch-at patch-av patch-aw

   Log Message:
   Update php5 package to 5.1.5:

   17 Aug 2006, PHP 5.1.5

   - Fixed memory_limit on 64bit systems. (Stefan E.)
   - Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.)
   - Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are
     enabled. (Stefan E., Ilia)
   - Fixed bug #38322 (reading past array in sscanf() leads to arbitrary code
     execution). (Tony)
   - Fixed bug #38125 (undefined reference to spl_dual_it_free_storage). (Marcus)
   - Fixed bug #38112 (corrupted gif segfaults) (Pierre)
   - Fixed bug #37587 (var without attribute causes segfault). (Marcus)
   - Fixed bug #37576 (FastCGI env (cgi vars) table overflow). (Piotr)
   - Fixed bug #37496 (FastCGI output buffer overrun). (Piotr, Dmitry)
   - Fixed bug #37487 (oci_fetch_array() array-type should always default to
     OCI_BOTH). (Tony)
   - Fixed bug #37416 (iterator_to_array() hides exceptions thrown in rewind()
     method). (Tony)
   - Fixed bug #37392 (Unnecessary call to OCITransRollback() at the end of
     request). (Tony)
   - Fixed bug #37341 ($_SERVER in included file is shortened to two entries,
     if $_ENV gets used). (Dmitry)
   - Fixed bug #37313 (sigemptyset() used without including <signal.h>).
     (jdolecek)
   - Fixed bug #37346 (invalid colormap format) (Pierre)
   - Fixed bug #37360 (invalid gif size) (Pierre)
   - Fixed bug #37306 (max_execution_time = max_input_time). (Dmitry)
   - Fixed Bug #37278 (SOAP not respecting uri in __soapCall). (Dmitry)
   - Fixed bug #37265 (Added missing safe_mode & open_basedir checks to
  imap_body()). (Ilia)
   - Fixed bug #37256 (php-fastcgi dosen't handle connection abort). (Dmitry)

Revision 1.36.2.3 / (download) - annotate - [select for diffs], Sun Aug 20 11:04:03 2006 UTC (16 years, 5 months ago) by ghen
Branch: pkgsrc-2006Q2
Changes since 1.36.2.2: +2 -2 lines
Diff to previous 1.36.2.2 (colored) to branchpoint 1.36 (colored)

Pullup ticket 1796 - requested by taca
PLIST fix for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile				1.40-1.41
- pkgsrc/lang/php5/PLIST				1.12-1.13

   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Aug 17 13:17:48 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile PLIST

   Log Message:
   Correct PLIST to fix a binary package:

   - remove an extra directory.
   - handle empty directories.
---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Aug 19 14:47:44 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile PLIST

   Log Message:
   More fix of PLIST, now pkg_delete should always succeed.

Revision 1.43 / (download) - annotate - [select for diffs], Sat Aug 19 16:50:44 2006 UTC (16 years, 5 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base
Branch point for: pkgsrc-2006Q3
Changes since 1.42: +1 -4 lines
Diff to previous 1.42 (colored)

Remove special DIST_SUBDIR processing from Makefile.

Revision 1.42 / (download) - annotate - [select for diffs], Sat Aug 19 16:44:15 2006 UTC (16 years, 5 months ago) by taca
Branch: MAIN
Changes since 1.41: +1 -2 lines
Diff to previous 1.41 (colored)

Update php5 package to 5.1.5:

17 Aug 2006, PHP 5.1.5

- Fixed memory_limit on 64bit systems. (Stefan E.)
- Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.)
- Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are
  enabled. (Stefan E., Ilia)
- Fixed bug #38322 (reading past array in sscanf() leads to arbitrary code
  execution). (Tony)
- Fixed bug #38125 (undefined reference to spl_dual_it_free_storage). (Marcus)
- Fixed bug #38112 (corrupted gif segfaults) (Pierre)
- Fixed bug #37587 (var without attribute causes segfault). (Marcus)
- Fixed bug #37576 (FastCGI env (cgi vars) table overflow). (Piotr)
- Fixed bug #37496 (FastCGI output buffer overrun). (Piotr, Dmitry)
- Fixed bug #37487 (oci_fetch_array() array-type should always default to
  OCI_BOTH). (Tony)
- Fixed bug #37416 (iterator_to_array() hides exceptions thrown in rewind()
  method). (Tony)
- Fixed bug #37392 (Unnecessary call to OCITransRollback() at the end of
  request). (Tony)
- Fixed bug #37341 ($_SERVER in included file is shortened to two entries,
  if $_ENV gets used). (Dmitry)
- Fixed bug #37313 (sigemptyset() used without including <signal.h>).
  (jdolecek)
- Fixed bug #37346 (invalid colormap format) (Pierre)
- Fixed bug #37360 (invalid gif size) (Pierre)
- Fixed bug #37306 (max_execution_time = max_input_time). (Dmitry)
- Fixed Bug #37278 (SOAP not respecting uri in __soapCall). (Dmitry)
- Fixed bug #37265 (Added missing safe_mode & open_basedir checks to
  imap_body()). (Ilia)
- Fixed bug #37256 (php-fastcgi dosen't handle connection abort). (Dmitry)

Revision 1.41 / (download) - annotate - [select for diffs], Sat Aug 19 14:47:44 2006 UTC (16 years, 5 months ago) by taca
Branch: MAIN
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)

More fix of PLIST, now pkg_delete should always succeed.

Revision 1.40 / (download) - annotate - [select for diffs], Thu Aug 17 13:17:48 2006 UTC (16 years, 5 months ago) by taca
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)

Correct PLIST to fix a binary package:

- remove an extra directory.
- handle empty directories.

Revision 1.36.2.2 / (download) - annotate - [select for diffs], Thu Aug 10 07:19:25 2006 UTC (16 years, 5 months ago) by ghen
Branch: pkgsrc-2006Q2
Changes since 1.36.2.1: +2 -2 lines
Diff to previous 1.36.2.1 (colored) to branchpoint 1.36 (colored)

Pullup ticket 1786 - requested by taca
security fix for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile				1.39
- pkgsrc/lang/php5/distinfo				1.26
- pkgsrc/lang/php5/patches/patch-aw			1.1

   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Aug 10 05:57:09 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile distinfo
   Added Files:
	pkgsrc/lang/php5/patches: patch-aw

   Log Message:
   Add security fix for Secunia Advisory SA21403 from PHP's CVS repository.

   Bump PKGREVISION.

Revision 1.39 / (download) - annotate - [select for diffs], Thu Aug 10 05:57:09 2006 UTC (16 years, 5 months ago) by taca
Branch: MAIN
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)

Add security fix for Secunia Advisory SA21403 from PHP's CVS repository.

Bump PKGREVISION.

Revision 1.36.2.1 / (download) - annotate - [select for diffs], Sun Jul 23 16:17:02 2006 UTC (16 years, 6 months ago) by salo
Branch: pkgsrc-2006Q2
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)

Pullup ticket 1751 - requested by adrianp
security fix for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.38
- pkgsrc/lang/php5/distinfo			1.25
- pkgsrc/lang/php5/patches/patch-av		1.1

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Tue Jul 18 21:57:30 UTC 2006

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo
   Added Files:
   	pkgsrc/lang/php5/patches: patch-av

   Log Message:
   Fix for CVE-2006-3011
   Bump to nb2

Revision 1.38 / (download) - annotate - [select for diffs], Tue Jul 18 21:57:30 2006 UTC (16 years, 6 months ago) by adrianp
Branch: MAIN
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)

Fix for CVE-2006-3011
Bump to nb2

Revision 1.37 / (download) - annotate - [select for diffs], Sat Jul 8 00:53:09 2006 UTC (16 years, 6 months ago) by minskim
Branch: MAIN
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)

Change DIST_SUBDIR because the current distfile path was already used before
for a different tarball.

Revision 1.36 / (download) - annotate - [select for diffs], Tue Jun 6 16:42:02 2006 UTC (16 years, 7 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base
Branch point for: pkgsrc-2006Q2
Changes since 1.35: +2 -1 lines
Diff to previous 1.35 (colored)

Note in the MESSAGE file the path to the PHP CGI binary to answer an FAQ.

Revision 1.35 / (download) - annotate - [select for diffs], Mon Jun 5 17:22:39 2006 UTC (16 years, 7 months ago) by minskim
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)

This package needs lex to build.  Add it to USE_TOOLS.

Revision 1.34 / (download) - annotate - [select for diffs], Wed May 17 06:20:00 2006 UTC (16 years, 8 months ago) by reed
Branch: MAIN
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)

Use PKGNAME_NOREV for DIST_SUBDIR (instead of just PKGNAME).

As reported by Christopher W. Richardson on tech-pkg.

Revision 1.33 / (download) - annotate - [select for diffs], Tue May 16 19:54:02 2006 UTC (16 years, 8 months ago) by adrianp
Branch: MAIN
Changes since 1.32: +3 -15 lines
Diff to previous 1.32 (colored)

Tarball on php.net has changed to include the pear installation file
Modify the package to not seperately fetch the pear file from php.net
Problem found by Christopher W. Richardson on tech-pkg@
Bump PKGREVISION

Revision 1.32 / (download) - annotate - [select for diffs], Sun May 7 09:54:55 2006 UTC (16 years, 8 months ago) by martti
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)

Added missing DIST_SUBDIR

Revision 1.31 / (download) - annotate - [select for diffs], Sun May 7 09:29:35 2006 UTC (16 years, 8 months ago) by jdolecek
Branch: MAIN
Changes since 1.30: +16 -1 lines
Diff to previous 1.30 (colored)

fetch PEAR installation archive too, to avoid use of wget by PHP installation

PR: pkg/33432 by Martti Kuparinen

XXX PEAR should be moved to separate package

Revision 1.30 / (download) - annotate - [select for diffs], Sat May 6 22:42:44 2006 UTC (16 years, 8 months ago) by jdolecek
Branch: MAIN
Changes since 1.29: +2 -7 lines
Diff to previous 1.29 (colored)

Update lang/php5 to 5.1.4.

Some of the key changes include:

* Disallow certain characters in session names.
* Fixed a buffer overflow inside the wordwrap() function.
* Prevent jumps to parent directory via the 2nd parameter of the
  tempnam() function.
* Enforce safe_mode for the source parameter of the copy() function.
* Fixed cross-site scripting inside the phpinfo() function.
* Fixed offset/length parameter validation inside the substr_compare()
  function.
* Fixed a heap corruption inside the session extension.
* Fixed a bug that would allow variable to survive unset().
* Fixed a number of crashes in the DOM, SOAP and PDO extensions.
* Upgraded bundled PCRE library to version 6.6
* The use of the var keyword to declare properties no longer raises
  a deprecation E_STRICT.
* FastCGI interface was completely reimplemented.
* Multitude of improvements to the SPL, SimpleXML, GD, CURL and
  Reflection extensions.
* Over 120 various bug fixes.

See release annoucement on:
	http://www.php.net/release_5_1_3.php

And ChangeLog:
	http://www.php.net/ChangeLog-5.php#5.1.3

Revision 1.28.2.1 / (download) - annotate - [select for diffs], Wed Apr 19 00:12:27 2006 UTC (16 years, 9 months ago) by salo
Branch: pkgsrc-2006Q1
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored) next main 1.29 (colored)

Pullup ticket 1406 - requested by cube
security fixes for php

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.29
- pkgsrc/lang/php5/Makefile.php			1.18
- pkgsrc/lang/php5/distinfo			1.15
- pkgsrc/lang/php5/patches/patch-ap		1.1
- pkgsrc/lang/php5/patches/patch-aq		1.1
- pkgsrc/lang/php5/patches/patch-ar		1.1
- pkgsrc/www/php4/Makefile			1.63
- pkgsrc/www/php4/distinfo			1.52
- pkgsrc/www/php4/patches/patch-aq		1.1
- pkgsrc/www/php4/patches/patch-ar		1.1
- pkgsrc/www/php4/patches/patch-as		1.1
- pkgsrc/www/ap-php/Makefile			1.9

   Module Name:		pkgsrc
   Committed By:	cube
   Date:		Fri Apr 14 13:47:30 UTC 2006

   Modified Files:
   	pkgsrc/lang/php5: Makefile Makefile.php distinfo
   	pkgsrc/www/ap-php: Makefile
   	pkgsrc/www/php4: Makefile distinfo

   Log Message:
   PHP4/5 security changes...  They're not critical issues;  secunia classes
   them between "not critical" and "less critical".

   Fix CVE-2006-0996, CVE-2006-1494, CVE-2006-1608, CVE-2006-1490.

   See:
       http://secunia.com/advisories/19383/
       http://secunia.com/advisories/19599/

   Patches were extracted from CVS.  I had to translate the one for
   CVE-2006-1608 on php4 because it has not made its way to the php4.4 branch
   (I don't know why;  I can confirm it fixes the issue).

   While here, add PATCHDIR to the list of variables php5's Makefile.php
   defines.  That way, ap-php gets patched too...
---
   Module Name:		pkgsrc
   Committed By:	cube
   Date:		Fri Apr 14 13:48:33 UTC 2006

   Added Files:
   	pkgsrc/lang/php5/patches: patch-ap patch-aq patch-ar
   	pkgsrc/www/php4/patches: patch-aq patch-ar patch-as

   Log Message:
   The actual patches for PHP4/5.

Revision 1.29 / (download) - annotate - [select for diffs], Fri Apr 14 13:47:29 2006 UTC (16 years, 9 months ago) by cube
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

PHP4/5 security changes...  They're not critical issues;  secunia classes
them between "not critical" and "less critical".

Fix CVE-2006-0996, CVE-2006-1494, CVE-2006-1608, CVE-2006-1490.

See:
    http://secunia.com/advisories/19383/
    http://secunia.com/advisories/19599/

Patches were extracted from CVS.  I had to translate the one for
CVE-2006-1608 on php4 because it has not made its way to the php4.4 branch
(I don't know why;  I can confirm it fixes the issue).

While here, add PATCHDIR to the list of variables php5's Makefile.php
defines.  That way, ap-php gets patched too...

Revision 1.28 / (download) - annotate - [select for diffs], Fri Feb 17 09:48:01 2006 UTC (16 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base
Branch point for: pkgsrc-2006Q1
Changes since 1.27: +3 -3 lines
Diff to previous 1.27 (colored)

Install bin/pear with correct file permissions

Revision 1.22.2.1 / (download) - annotate - [select for diffs], Wed Feb 15 14:12:20 2006 UTC (16 years, 11 months ago) by salo
Branch: pkgsrc-2005Q4
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored) next main 1.23 (colored)

Pullup ticket 1136 - requested by Martti Kuparinen
security update for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.24, 1.25, 1.27
- pkgsrc/lang/php5/Makefile.common		1.14, 1.15
- pkgsrc/lang/php5/PLIST			1.9, 1.10
- pkgsrc/lang/php5/buildlink3.mk		1.10
- pkgsrc/lang/php5/distinfo			1.14
- pkgsrc/lang/php5/patches/patch-ag		1.2
- pkgsrc/lang/php5/patches/patch-ak		1.2
- pkgsrc/lang/php5/patches/patch-aj		1.3
- pkgsrc/lang/php5/patches/patch-ao		1.3

   Module Name:		pkgsrc
   Committed By:	reed
   Date:		Wed Jan  4 17:44:24 UTC 2006

   Modified Files:
    	pkgsrc/lang/php5: Makefile

   Log Message:
   Use PKGMANDIR instead of "man".
---
   Module Name:		pkgsrc
   Committed By:	rillig
   Date:		Thu Feb  2 20:31:17 UTC 2006

   Modified Files:
    	pkgsrc/lang/php5: Makefile PLIST


   Log Message:
   Added two missing files to the PLIST. Bumped PKGREVISION.
---
   Module Name:		pkgsrc
   Committed By:	martti
   Date:		Mon Feb  6 06:39:59 UTC 2006

   Modified Files:
    	pkgsrc/lang/php5: Makefile Makefile.common PLIST buildlink3.mk
		distinfo
    	pkgsrc/lang/php5/patches: patch-ag patch-aj patch-ak patch-ao

   Log Message:
   Updated lang/php5 to 5.1.2

   * HTTP Response Splitting has been addressed in ext/session and in
     the header() function.
   * Fixed format string vulnerability in ext/mysqli.
   * Fixed possible cross-site scripting problems in certain error
     conditions.
   * Hash & XMLWriter extensions added and enabled by default.
   * Upgraded OCI8 extension.
   * Over 85 various bug fixes.

   (I haven't heard anything from the MAINTAINER but since this works fine
   on my servers and as this fixes security issues I checked in this)
---
   Module Name:		pkgsrc
   Committed By:	jdolecek
   Date:		Mon Feb  6 20:12:55 UTC 2006

   Modified Files:
    	pkgsrc/lang/php5: Makefile.common

   Log Message:
   add fix to build php-xmlrpc and php5-dom successfully with 5.1.2

Revision 1.27 / (download) - annotate - [select for diffs], Mon Feb 6 06:39:59 2006 UTC (16 years, 11 months ago) by martti
Branch: MAIN
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)

Updated lang/php5 to 5.1.2

* HTTP Response Splitting has been addressed in ext/session and in
  the header() function.
* Fixed format string vulnerability in ext/mysqli.
* Fixed possible cross-site scripting problems in certain error conditions.
* Hash & XMLWriter extensions added and enabled by default.
* Upgraded OCI8 extension.
* Over 85 various bug fixes.

(I haven't heard anything from the MAINTAINER but since this works fine
on my servers and as this fixes security issues I checked in this)

Revision 1.26 / (download) - annotate - [select for diffs], Sun Feb 5 23:09:47 2006 UTC (16 years, 11 months ago) by joerg
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

Recursive revision bump / recommended bump for gettext ABI change.

Revision 1.25 / (download) - annotate - [select for diffs], Thu Feb 2 20:31:17 2006 UTC (16 years, 11 months ago) by rillig
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)

Added two missing files to the PLIST. Bumped PKGREVISION.

Revision 1.24 / (download) - annotate - [select for diffs], Wed Jan 4 17:44:24 2006 UTC (17 years ago) by reed
Branch: MAIN
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)

Use PKGMANDIR instead of "man".

Revision 1.23 / (download) - annotate - [select for diffs], Thu Dec 29 06:21:47 2005 UTC (17 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.22: +1 -2 lines
Diff to previous 1.22 (colored)

Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.

Revision 1.22 / (download) - annotate - [select for diffs], Tue Dec 6 08:32:22 2005 UTC (17 years, 1 month ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base
Branch point for: pkgsrc-2005Q4
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)

patch php.ini-dist and php.ini-recommended to comment out extension_dir
and to uncomment and explicitly set upload_tmp_dir, so that this works
out of box (patches adapted from www/php4)

pointed out by Martti Kuparinen on tech-pkg@

Revision 1.21 / (download) - annotate - [select for diffs], Sun Dec 4 21:28:07 2005 UTC (17 years, 1 month ago) by jdolecek
Branch: MAIN
Changes since 1.20: +6 -2 lines
Diff to previous 1.20 (colored)

patch pear to use -n post-install - it cannot be done using normal
patch framework, the file is part of binary .phar archive and is
created during installation

this has been submitted as PHP bug #35544, so this may be adressed
upstream hopefully

Revision 1.20 / (download) - annotate - [select for diffs], Sat Dec 3 18:53:57 2005 UTC (17 years, 1 month ago) by jdolecek
Branch: MAIN
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)

Update PHP5 to version 5.1.1. Some of the key features include:

* A complete rewrite of date handling code, with improved timezone support.
* Significant performance improvements compared to PHP 5.0.X.
* PDO extension is now enabled by default (separate pkg for pkgsrc)
* Over 30 new functions in various extensions and built-in functionality.
* Bundled libraries, PCRE and SQLite upgraded to latest versions.
* Over 400 various bug fixes.
* PEAR upgraded to version 1.4.5

This release also fixes various security problems discovered in 5.0.X.

Revision 1.19 / (download) - annotate - [select for diffs], Mon Nov 21 09:13:28 2005 UTC (17 years, 2 months ago) by joerg
Branch: MAIN
Changes since 1.18: +11 -1 lines
Diff to previous 1.18 (colored)

Allow choosing of CGI or FastCGI as SAPI for the PHP interpreter.
This is done via an option group, default is CGI. Note that the
FastCGI interpreter can still be used for normal CGI, but there
might be security issues involved in doing so.

Revision 1.18 / (download) - annotate - [select for diffs], Sat Oct 8 21:04:36 2005 UTC (17 years, 3 months ago) by jdolecek
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)

add inet6 to list of supported options; this effectively enables IPv6
support by default, since the USE_INET6 mapping now properly kicks in

Revision 1.17 / (download) - annotate - [select for diffs], Sat Oct 8 16:49:35 2005 UTC (17 years, 3 months ago) by jdolecek
Branch: MAIN
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)

Unfortunately PHP has several openssl hooks, which are only enabled
when the base PHP is compiled with openssl extension (e.g. ssl://, tls://
stream support, and couple others). These don't work when SSL support
is loaded via extension.

For this reason, make openssl extension unconditionally built-in
into the main PHP package, and g/c security/php-openssl.

Revision 1.16 / (download) - annotate - [select for diffs], Thu Sep 8 18:49:01 2005 UTC (17 years, 4 months ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base, pkgsrc-2005Q3
Changes since 1.15: +3 -13 lines
Diff to previous 1.15 (colored)

Update php5 to version 5.0.5. This is maintenance release, aimed at
bug fixes only with only few and minor new features.

Full changelog available at:
        http://mirrors.inway.cz/ChangeLog-5.php#5.0.5

Revision 1.15 / (download) - annotate - [select for diffs], Sun Sep 4 20:13:59 2005 UTC (17 years, 4 months ago) by jlam
Branch: MAIN
Changes since 1.14: +4 -1 lines
Diff to previous 1.14 (colored)

Move some options that only apply to the PHP CGI package from Makefile.php
(shared with ap-php) into the php package Makefile.

Revision 1.13.2.1 / (download) - annotate - [select for diffs], Sat Sep 3 15:12:32 2005 UTC (17 years, 4 months ago) by salo
Branch: pkgsrc-2005Q2
Changes since 1.13: +13 -3 lines
Diff to previous 1.13 (colored) next main 1.14 (colored)

Pullup ticket 736 - requested by Adrian Portelli
security fix for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile		1.14
- pkgsrc/lang/php5/PLIST		1.6
- pkgsrc/lang/php5/buildlink3.mk	1.5
- pkgsrc/lang/php5/distinfo		1.7

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Sat Sep  3 13:37:36 UTC 2005

   Modified Files:
   	pkgsrc/lang/php5: Makefile PLIST distinfo

   Log Message:
   Update php5 to 5.0.4nb1 to address XML_RPC security issue(s)
   Fix based on work done by tron@ for the PHP 4.x branch fix
   PLIST fixup to correctly remove @PREFIX@/lib/php
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Sat Sep  3 14:41:05 UTC 2005

   Modified Files:
   	pkgsrc/lang/php5: buildlink3.mk

   Log Message:
   Bump BUILDLINK_RECOMMENDED to nb1 for recent security issue and fix typo
   Fix suggested by salo@.

Revision 1.14 / (download) - annotate - [select for diffs], Sat Sep 3 13:37:36 2005 UTC (17 years, 4 months ago) by adrianp
Branch: MAIN
Changes since 1.13: +13 -3 lines
Diff to previous 1.13 (colored)

Update php5 to 5.0.4nb1 to address XML_RPC security issue(s)
Fix based on work done by tron@ for the PHP 4.x branch fix
PLIST fixup to correctly remove @PREFIX@/lib/php

Revision 1.13 / (download) - annotate - [select for diffs], Sun May 22 20:08:10 2005 UTC (17 years, 8 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base
Branch point for: pkgsrc-2005Q2
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)

Remove USE_GNU_TOOLS and replace with the correct USE_TOOLS definitions:

	USE_GNU_TOOLS	-> USE_TOOLS
	awk		-> gawk
	m4		-> gm4
	make		-> gmake
	sed		-> gsed
	yacc		-> bison

Revision 1.12 / (download) - annotate - [select for diffs], Mon Apr 11 21:46:15 2005 UTC (17 years, 9 months ago) by tv
Branch: MAIN
Changes since 1.11: +1 -2 lines
Diff to previous 1.11 (colored)

Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.

Revision 1.11 / (download) - annotate - [select for diffs], Mon Apr 11 20:16:02 2005 UTC (17 years, 9 months ago) by jdolecek
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

Update php5 to 5.0.4. This is maintenance/bugfix release, full list of changes
available at:
	http://www.php.net/ChangeLog-5.php#5.0.4

Revision 1.10 / (download) - annotate - [select for diffs], Fri Apr 8 20:58:49 2005 UTC (17 years, 9 months ago) by jdolecek
Branch: MAIN
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)

disable sqlite extension again - there is databases/php5-sqlite for this
purpose

Revision 1.9 / (download) - annotate - [select for diffs], Tue Jan 4 13:50:00 2005 UTC (18 years ago) by manu
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base, pkgsrc-2005Q1
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)

Enable SQLite

Revision 1.8 / (download) - annotate - [select for diffs], Sat Dec 18 16:23:04 2004 UTC (18 years, 1 month ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base, pkgsrc-2004Q4
Changes since 1.7: +1 -2 lines
Diff to previous 1.7 (colored)

g/c MAINTAINER (use one from Makefile.common)

Revision 1.7 / (download) - annotate - [select for diffs], Sat Dec 18 16:01:07 2004 UTC (18 years, 1 month ago) by jdolecek
Branch: MAIN
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)

claim MAINTAINER

Revision 1.6 / (download) - annotate - [select for diffs], Fri Dec 17 07:53:06 2004 UTC (18 years, 1 month ago) by jdolecek
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

Update php5 to 5.0.3. This maintenance release addressing several very
serious security issues, as well as bunch of non-critical bug fixes.
All PHP5 users are strongly encouraged to upgrade to this version.

Detailed change list at:
	http://www.php.net/ChangeLog-5.php#5.0.3

Revision 1.5 / (download) - annotate - [select for diffs], Sun Dec 12 11:03:33 2004 UTC (18 years, 1 month ago) by jdolecek
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)

completely ignore system php.ini for all pear-related operations; this
is necessary to avoid being subject to e.g. open_basedir or safe_mode settings

Revision 1.4 / (download) - annotate - [select for diffs], Thu Nov 4 18:38:55 2004 UTC (18 years, 2 months ago) by jdolecek
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)

put items only pertinent to interpreter build to new file Makefile.php
(similar to PHP4 package), and also update to use PKG_OPTIONS

this fixes environment pollution for extension modules, particularily
CONFIGURE_ARGS

Revision 1.3 / (download) - annotate - [select for diffs], Tue Nov 2 21:03:03 2004 UTC (18 years, 2 months ago) by jdolecek
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)

s/PHP5_VERSION/PHP_BASE_VERS/, to match php4 package

Revision 1.2 / (download) - annotate - [select for diffs], Mon Nov 1 19:46:18 2004 UTC (18 years, 3 months ago) by jdolecek
Branch: MAIN
Changes since 1.1: +11 -3 lines
Diff to previous 1.1 (colored)

Make sure to install the _CLI_ version to ${PREFIX}/bin/php, and _CGI_
to ${PREFIX}/libexec/cgi-bin; install also couple more files same way
as PHP4

Of particular note is that CLI ignores setting of register_argc_argv
(treats as if it would be On), so it's no longer necessary to do anything
special for Pear packages to work. g/c MESSAGE warning about the Pear issue.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Fri Oct 29 20:31:54 2004 UTC (18 years, 3 months ago) by jdolecek
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Import PHP 5.0.2, based on the pkgsrc-wip PHP5 package.

Some of the key features of PHP 5 include:
* The Zend Engine II with a new object model and dozens of new features. 
* XML support has been completely redone in PHP 5, all extensions
  are now focused around the excellent libxml2 library
  (http://www.xmlsoft.org/).
* A new SimpleXML extension for easily accessing and manipulating
  XML as PHP objects. It can also interface with the DOM extension
  and vice-versa.
* A brand new built-in SOAP extension for interoperability with Web Services. 
* A new MySQL extension named MySQLi for developers using MySQL
  4.1 and later. This new extension includes an object-oriented
  interface in addition to a traditional interface; as well as support
  for many of MySQL's new features, such as prepared statements.
* SQLite has been bundled with PHP. For more information on SQLite,
  please visit their website. 
* Streams have been greatly improved, including the ability to access
  low-level socket operations on streams.

Revision 1.1 / (download) - annotate - [select for diffs], Fri Oct 29 20:31:54 2004 UTC (18 years, 3 months ago) by jdolecek
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>