The NetBSD Project

CVS log for pkgsrc/lang/php5/Attic/Makefile.common

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / lang / php5

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.48, Sat Jun 16 15:15:06 2012 UTC (10 years, 7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2012Q4-base, pkgsrc-2012Q4, HEAD
Changes since 1.47: +1 -1 lines
FILE REMOVED

Remove php5 (PHP 5.2.17), please migra to php53 or php54.

Revision 1.47 / (download) - annotate - [select for diffs], Sat May 12 10:12:32 2012 UTC (10 years, 8 months ago) by obache
Branch: MAIN
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)

Set DISTNAME and DIST_SUBDIR only for !defined(PECL_VERSION).

Revision 1.46 / (download) - annotate - [select for diffs], Sun Apr 15 22:01:01 2012 UTC (10 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)

Reset maintainer, developer has left the building

Revision 1.42.2.2 / (download) - annotate - [select for diffs], Sat Jan 8 15:29:46 2011 UTC (12 years, 1 month ago) by tron
Branch: pkgsrc-2010Q3
Changes since 1.42.2.1: +2 -2 lines
Diff to previous 1.42.2.1 (colored) to branchpoint 1.42 (colored) next main 1.43 (colored)

Pullup ticket #3319 - requested by taca
lang/php5: security update
lang/php53: security update

Revisions pulled up:
- lang/php5/Makefile.common			1.45
- lang/php5/distinfo				1.83
- lang/php5/distinfo				1.84
- lang/php5/patches/patch-ab			1.6
- lang/php5/patches/patch-ab			delete
- lang/php53/Makefile.common			1.4
- lang/php53/distinfo				1.9
- lang/php53/patches/patch-ar			1.1
---
Module Name:	pkgsrc
Committed By:	jklos
Date:		Thu Jan  6 22:13:24 UTC 2011

Modified Files:
	pkgsrc/lang/php5: distinfo
Added Files:
	pkgsrc/lang/php5/patches: patch-ab

Log Message:
Fix VAX floating point handling in zend_strtod.c.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Fri Jan  7 09:16:28 UTC 2011

Modified Files:
	pkgsrc/lang/php5: Makefile.common distinfo
Removed Files:
	pkgsrc/lang/php5/patches: patch-ab

Log Message:
Update php5 pacakge to 5.2.17.

* patch-ab (Fix VAX floating point handling) is merge to PHP 5.2.17.

06 Jan 2010, PHP 5.2.17
- Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott,
  Rasmus)
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Fri Jan  7 09:20:16 UTC 2011

Modified Files:
	pkgsrc/lang/php53: Makefile.common distinfo
Added Files:
	pkgsrc/lang/php53/patches: patch-ar

Log Message:
Update php53 pacakge to 5.3.5.

* Add fix for VAX floating point handling (Bug #53682), r307192 from
  PHP's repositry.  (It is in PHP 5.2.17 but not in 5.3.5).

06 Jan 2011, PHP 5.3.5
- Fixed Bug #53632 (infinite loop with x87 fpu). (Scott, Rasmus)

Revision 1.45 / (download) - annotate - [select for diffs], Fri Jan 7 09:16:26 2011 UTC (12 years, 1 month ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)

Update php5 pacakge to 5.2.17.

* patch-ab (Fix VAX floating point handling) is merge to PHP 5.2.17.


06 Jan 2010, PHP 5.2.17
- Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott,
  Rasmus)

Revision 1.42.2.1 / (download) - annotate - [select for diffs], Thu Dec 23 10:10:54 2010 UTC (12 years, 1 month ago) by sbd
Branch: pkgsrc-2010Q3
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)

Pullup ticket #3312 - requested by taca
pkgsrc/lang/{php5,php53} security fixes

Revisions pulled up:
- pkgsrc/databases/php-mysql/Makefile		1.14
- pkgsrc/databases/php-mysqli/Makefile		1.3
- pkgsrc/databases/php-pdo_mysql/Makefile	1.12
- pkgsrc/lang/php5/Makefile			1.80, 1.81
- pkgsrc/lang/php5/Makefile.common		1.43, 1.44
- pkgsrc/lang/php5/distinfo			1.80, 1.81, 1.82
- pkgsrc/lang/php5/patches/patch-ak		1.8, deleted
- pkgsrc/lang/php5/patches/patch-bf		1.1, deleted
- pkgsrc/lang/php5/patches/patch-bg		1.1, deleted
- pkgsrc/lang/php53/Makefile			1.5, 1.6
- pkgsrc/lang/php53/Makefile.common		1.3
- pkgsrc/lang/php53/distinfo			1.7, 1.8
- pkgsrc/lang/php53/patches/patch-ab		1.3
- pkgsrc/lang/php53/patches/patch-am		1.1, deleted
- pkgsrc/lang/php53/patches/patch-an		1.1, deleted
- pkgsrc/lang/php53/patches/patch-ao		1.1, deleted
- pkgsrc/lang/php53/patches/patch-ap		1.1, deleted
- pkgsrc/lang/php53/patches/patch-aq		1.1, deleted
- pkgsrc/mail/php-imap/Makefile			1.21, 1.22
- pkgsrc/www/ap-php/Makefile			1.24
- pkgsrc/www/php-eaccelerator/Makefile		1.13

-------------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Nov 25 03:43:50 UTC 2010

   Modified Files:
   	pkgsrc/lang/php53: Makefile distinfo
   Added Files:
   	pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq

   Log Message:
   - GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016
   - CVE-2010-3710 (a part of SA41724)
   	http://svn.php.net/viewvc?view=revision&revision=303779
   - CVE-2010-3870 (a part of SA41724)
   	http://svn.php.net/viewvc?view=revision&revision=304959
   - CVE-2010-4150 (php-imap)
   	http://svn.php.net/viewvc?view=revision&revision=305032
   - CVE-2010-4156 (SA42135)
   	http://svn.php.net/viewvc?view=revision&revision=305214

   Bump PKGREVISION.

-------------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Nov 25 03:44:16 UTC 2010

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo
   Added Files:
   	pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg

   Log Message:
   - CVE-2010-4150 (php-imap)
   	http://svn.php.net/viewvc?view=revision&revision=305032
   - CVE-2010-3710 (a part of SA41724)
   	http://svn.php.net/viewvc?view=revision&revision=303885
   - CVE-2010-3870 (a part of SA41724)
   	http://svn.php.net/viewvc?view=revision&revision=305055

   Bump PKGREVISION.

-------------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Nov 25 03:45:19 UTC 2010

   Modified Files:
   	pkgsrc/mail/php-imap: Makefile

   Log Message:
   Bump REVISION since CVE-2010-4150 fix was added.

-------------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Dec 13 13:15:46 UTC 2010

   Modified Files:
   	pkgsrc/lang/php5: Makefile Makefile.common distinfo
   Removed Files:
   	pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg

   Log Message:
   Update php5 package to 5.2.15 (PHP 5.2.15):

   The PHP development team would like to announce the immediate
   availability of PHP 5.2.15. This release marks the end of support for
   PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.

   This release focuses on improving the security and stability of the
   PHP 5.2.x branch with a small number, of predominatly security fixes.

   Security Enhancements and Fixes in PHP 5.2.15:

   * Fixed extract() to do not overwrite $GLOBALS and $this when using
     EXTR_OVERWRITE.
   * Fixed crash in zip extract method (possible CWE-170).
   * Fixed a possible double free in imap extension.
   * Fixed possible flaw in open_basedir (CVE-2010-3436).
   * Fixed NULL pointer dereference in
     ZipArchive::getArchiveComment. (CVE-2010-3709).
   * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
     large amount of data).

   Key enhancements in PHP 5.2.15 include:

   * Fixed bug #47643 (array_diff() takes over 3000 times longer than php
     5.2.4).
   * Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy
     with SoapClient object).
   * To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
     migration guide available on http://php.net/migration53, details the changes
     between PHP 5.2 and PHP 5.3.

   For a full list of changes in PHP 5.2.15 see the ChangeLog at
   http://www.php.net/ChangeLog-5.php#5.2.15.

-------------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Dec 13 13:16:37 UTC 2010

   Modified Files:
   	pkgsrc/lang/php53: Makefile Makefile.common distinfo
   	pkgsrc/lang/php53/patches: patch-ab
   Removed Files:
   	pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq

   Log Message:
   Update lang/php53 package to 5.3.4 (PHP 5.3.4).

   The PHP development team is proud to announce the immediate release of PHP
   5.3.4. This is a maintenance release in the 5.3 series, which includes a large
   number of bug fixes.

   Security Enhancements and Fixes in PHP 5.3.4:

   * Fixed crash in zip extract method (possible CWE-170).
   * Paths with NULL in them (foo\0bar.txt) are now considered as invalid
     (CVE-2006-7243).
   * Fixed a possible double free in imap extension (Identified by Mateusz
     Kocielski). (CVE-2010-4150).
   * Fixed NULL pointer dereference in
     ZipArchive::getArchiveComment. (CVE-2010-3709).
   * Fixed possible flaw in open_basedir (CVE-2010-3436).
   * Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950).
   * Fixed symbolic resolution support when the target is a DFS share.
   * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
     large amount of data) (CVE-2010-3710).

   Key Bug Fixes in PHP 5.3.4 include:

   * Added stat support for zip stream.
   * Added follow_location (enabled by default) option for the http stream
     support.
   * Added a 3rd parameter to get_html_translation_table. It now takes a charset
     hint, like htmlentities et al.
   * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend
     multibyte at runtime.
   * Multiple improvements to the FPM SAPI.
   * Over 100 other bug fixes.

   For users upgrading from PHP 5.2 there is a migration guide available here,
   detailing the changes between those releases and PHP 5.3.

   For a full list of changes in PHP 5.3.4, see the ChangeLog. For source
   downloads please visit our downloads page, Windows binaries can be found on
   windows.php.net/download/.

-------------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Dec 13 13:18:20 UTC 2010

   Modified Files:
   	pkgsrc/databases/php-mysql: Makefile
   	pkgsrc/databases/php-mysqli: Makefile
   	pkgsrc/databases/php-pdo_mysql: Makefile
   	pkgsrc/mail/php-imap: Makefile
   	pkgsrc/www/ap-php: Makefile
   	pkgsrc/www/php-eaccelerator: Makefile

   Log Message:
   Reset PKGREVISION by update of base PHP version.

-------------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Dec 16 14:20:45 UTC 2010

   Modified Files:
   	pkgsrc/lang/php5: Makefile.common distinfo

   Log Message:
   Update php5 pacakge to 5.2.16:

   PHP 5.2.16 Released!

   The PHP development team would like to announce the immediate availability of
   PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of
   PHP 5.2 are encouraged to upgrade to PHP 5.3.

   This release focuses on addressing a regression in open_basedir implementation
   introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data
   retrieval when the server is down. All users who have upgraded to 5.2.15 and
   are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or
   5.3.4.

   To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
   migration guide available on http://php.net/migration53, details the changes
   between PHP 5.2 and PHP 5.3.

   For a full list of changes in PHP 5.2.16 see the ChangeLog at
   http://www.php.net/ChangeLog-5.php#5.2.16.

   ChangeLog:

   Version 5.2.16

   16-Dec-2010

   * Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is
     down). (gyp at balabit dot hu)
   * Fixed bug #53516 (Regression in open_basedir handling). (Ilia)

Revision 1.44 / (download) - annotate - [select for diffs], Thu Dec 16 14:20:45 2010 UTC (12 years, 1 month ago) by taca
Branch: MAIN
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)

Update php5 pacakge to 5.2.16:


PHP 5.2.16 Released!

The PHP development team would like to announce the immediate availability of
PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of
PHP 5.2 are encouraged to upgrade to PHP 5.3.

This release focuses on addressing a regression in open_basedir implementation
introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data
retrieval when the server is down. All users who have upgraded to 5.2.15 and
are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or
5.3.4.

To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
migration guide available on http://php.net/migration53, details the changes
between PHP 5.2 and PHP 5.3.

For a full list of changes in PHP 5.2.16 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.16.

ChangeLog:

Version 5.2.16

16-Dec-2010

* Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is
  down). (gyp at balabit dot hu)
* Fixed bug #53516 (Regression in open_basedir handling). (Ilia)

Revision 1.43 / (download) - annotate - [select for diffs], Mon Dec 13 13:15:45 2010 UTC (12 years, 1 month ago) by taca
Branch: MAIN
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)

Update php5 package to 5.2.15 (PHP 5.2.15):


The PHP development team would like to announce the immediate
availability of PHP 5.2.15. This release marks the end of support for
PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3.

This release focuses on improving the security and stability of the
PHP 5.2.x branch with a small number, of predominatly security fixes.

Security Enhancements and Fixes in PHP 5.2.15:

* Fixed extract() to do not overwrite $GLOBALS and $this when using
  EXTR_OVERWRITE.
* Fixed crash in zip extract method (possible CWE-170).
* Fixed a possible double free in imap extension.
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed NULL pointer dereference in
  ZipArchive::getArchiveComment. (CVE-2010-3709).
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with
  large amount of data).

Key enhancements in PHP 5.2.15 include:

* Fixed bug #47643 (array_diff() takes over 3000 times longer than php
  5.2.4).
* Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy
  with SoapClient object).
* To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a
  migration guide available on http://php.net/migration53, details the changes
  between PHP 5.2 and PHP 5.3.

For a full list of changes in PHP 5.2.15 see the ChangeLog at
http://www.php.net/ChangeLog-5.php#5.2.15.

Revision 1.41.4.1 / (download) - annotate - [select for diffs], Sun Jul 25 11:56:16 2010 UTC (12 years, 6 months ago) by spz
Branch: pkgsrc-2010Q2
Changes since 1.41: +5 -3 lines
Diff to previous 1.41 (colored) next main 1.42 (colored)

Pullup ticket 3184 - requested by tron
security updates

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.79
- pkgsrc/lang/php5/distinf			1.79
- pkgsrc/lang/php5/Makefile.common		1.42
- pkgsrc/lang/php5/Makefile.ph			1.42
- pkgsrc/lang/php53/Makefile			1.4
- pkgsrc/lang/php53/Makefile.common		1.2
- pkgsrc/lang/php53/Makefile.php		1.3
- pkgsrc/lang/php53/distinfo			1.6
- pkgsrc/lang/php53/patches/patch-ab		1.2
- pkgsrc/converters/php-mbstring/Makefile	1.2
- pkgsrc/devel/php-gmp/Makefile			1.12
- pkgsrc/graphics/php-gd/Makefile		1.24
- pkgsrc/multimedia/php-ming/Makefile		1.11
- pkgsrc/net/php-xmlrpc/Makefile		1.13
- pkgsrc/net/php-yaz/Makefile			1.9
- pkgsrc/print/php-pdflib/Makefile		1.17

Files deleted:
pkgsrc/lang/php5/patches/patch-be
pkgsrc/lang/php53/patches/patch-ak

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Sat Jul 24 22:23:15 UTC 2010

   Modified Files:
           pkgsrc/lang/php5: Makefile Makefile.common Makefile.php distinfo
   Removed Files:
           pkgsrc/lang/php5/patches: patch-be

   Log Message:
   Update "php5" package to version 5.2.14. Changes since version 5.2.13:
   - Reverted bug fix #49521 (PDO fetchObject sets values before calling
     constructor). (Felipe)
   - Updated timezone database to version 2010.5. (Derick)
   - Upgraded bundled PCRE to version 8.02. (Ilia)
   - Rewrote var_export() to use smart_str rather than output buffering, prevents
     data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)
   - Fixed a possible interruption array leak in strrchr(). Reported by
     P??ter Veres. (CVE-2010-2484) (Felipe)
   - Fixed a possible interruption array leak in strchr(), strstr(), substr(),
     chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
   - Fixed a possible memory corruption in substr_replace() (Dmitry)
   - Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
   - Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
     Esser (Ilia)
   - Reset error state in PDO::beginTransaction() reset error state. (Ilia)
   - Fixed a NULL pointer dereference when processing invalid XML-RPC
     requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
   - Fixed handling of session variable serialization on certain prefix
     characters. Reported by Stefan Esser (Ilia)
   - Fixed a possible arbitrary memory access inside sqlite extension. Reported
     by Mateusz Kocielski. (Ilia)
   - Fixed a crash when calling an inexistent method of a class that inherits
     PDOStatement if instantiated directly instead of doing by the PDO methods.
     (Felipe)
   - Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64
     bit)). (Adam)
   - Fixed bug #52238 (Crash when an Exception occured in iterator_to_array).
     (Johannes)
   - Fixed bug #52237 (Crash when passing the reference of the property of a
     non-object). (Dmitry)
   - Fixed bug #52163 (SplFileObject::fgetss() fails due to parameter that can't
     be set). (Felipe)
   - Fixed bug #52162 (custom request header variables with numbers are removed).
     (Sriram Natarajan)
   - Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe)
   - Fixed bug #52061 (memory_limit above 2G). (Felipe)
   - Fixed bug #52041 (Memory leak when writing on uninitialized variable returned
     from function). (Dmitry)
   - Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at
     debian dot org, Kalle)
   - Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick)
   - Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command).
     (Ilia, Felipe)
   - Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle,
     coreystup at gmail dot com)
   - Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with
     constant array). (Felipe)
   - Fixed bug #51905 (ReflectionParameter fails if default value is an array
     with an access to self::). (Felipe)
   - Fixed bug #51822 (Segfault with strange __destruct() for static class
     variables). (Dmitry)
   - Fixed bug #51671 (imagefill does not work correctly for small images).
     (Pierre)
   - Fixed bug #51670 (getColumnMeta causes segfault when re-executing query
     after calling nextRowset). (Pierrick)
   - Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading).
     (Pierre)
   - Fixed bug #51617 (PDO PGSQL still broken against PostGreSQL < 7.4).
     (Felipe, wdierkes at 5dollarwhitebox dot org)
   - Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe)
   - Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter).
     (Felipe)
   - Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string
     literal). (cbandy at jbandy dot com)
   - Fixed bug #51607 (pg_copy_from does not allow schema in the tablename
     argument). (cbandy at jbandy dot com)
   - Fixed bug #51604 (newline in end of header is shown in start of message).
     (Daniel Egeberg)
   - Fixed bug #51562 (query timeout in mssql can not be changed per query).
     (ejsmont dot artur at gmail dot com)
   - Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory
     issues). (Dmitry)
   - Fixed bug #51532 (Wrong prototype for SplFileObject::fscanf()). (Etienne)
   - Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe)
   - Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains
     timezone). (Adam)
   - Fixed bug #51374 (Wrongly initialized object properties). (Etienne)
   - Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
     on). (Ilia, j dot jeising at gmail dot com)
   - Fixed bug #51273 (Faultstring property does not exist when the faultstring is
     empty) (Ilia, dennis at transip dot nl)
   - Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
   - Fixed bug #51263 (imagettftext and rotated text uses wrong baseline)
     (cschneid at cschneid dot com, Takeshi Abe)
   - Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)
   - Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia,
     alexr at oplot dot com)
   - Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that
     includes '-'). (Adam, solar at azrael dot ws).
   - Fixed bug #51190 (ftp_put() returns false when transfer was successful).
     (Ilia)
   - Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio).
     (Sriram Natarajan)
   - Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when
     an invalid option is provided). (Ilia)
   - Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre)
   - Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones)
   - Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris
     Jones)
   - Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4).
     (Raphael Geissert)
   - Fixed bug #50762 (in WSDL mode Soap Header handler function only being called
     if defined in WSDL). (mephius at gmail dot com)
   - Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable
     endpoints). (Justin Dearing)
   - Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not
     include file and line in trace). (Felipe)
   - Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe)
   - Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne)
   - Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus)
   - Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe)
   - Fixed bug #49267 (Linking fails for iconv). (Moriyosh)
   - Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob)
   - Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken).
     (Adam, patch from hiroaki dot kawai at gmail dot com).
   - Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus)
   - Fixed bug #33210 (getimagesize() fails to detect width/height on certain
     JPEGs). (Ilia)
   - Fixed bug #23229 (syslog() truncates messages). (Adam)


   To generate a diff of this commit:
   cvs rdiff -u -r1.78 -r1.79 pkgsrc/lang/php5/Makefile \
       pkgsrc/lang/php5/distinfo
   cvs rdiff -u -r1.41 -r1.42 pkgsrc/lang/php5/Makefile.common \
       pkgsrc/lang/php5/Makefile.php
   cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-be

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Sat Jul 24 22:23:37 UTC 2010

   Modified Files:
           pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo
           pkgsrc/lang/php53/patches: patch-ab
   Removed Files:
           pkgsrc/lang/php53/patches: patch-ak

   Log Message:
   Update "php53" package to version 5.3.3. Changes since version 5.3.2:
   - Rewrote var_export() to use smart_str rather than output buffering,
     prevents data disclosure if a fatal error occurs (CVE-2010-2531).
     (Scott)
   - Fixed a NULL pointer dereference when processing invalid XML-RPC
     requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
   - Fixed SplObjectStorage unserialization problems (CVE-2010-2225).
     (Stas)
   - A large number of not security related bug fixes


   To generate a diff of this commit:
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php53/Makefile
   cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/Makefile.common
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php53/Makefile.php
   cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/php53/distinfo
   cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/lang/php53/patches/patch-ab
   cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php53/patches/patch-ak

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Sat Jul 24 22:24:22 UTC 2010

   Modified Files:
           pkgsrc/converters/php-mbstring: Makefile
           pkgsrc/devel/php-gmp: Makefile
           pkgsrc/graphics/php-gd: Makefile
           pkgsrc/multimedia/php-ming: Makefile
           pkgsrc/net/php-xmlrpc: Makefile
           pkgsrc/net/php-yaz: Makefile
           pkgsrc/print/php-pdflib: Makefile

   Log Message:
   Revert revision of several PHP extensions after both core PHP packages
   were updated.


   To generate a diff of this commit:
   cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/converters/php-mbstring/Makefile
   cvs rdiff -u -r1.11 -r1.12 pkgsrc/devel/php-gmp/Makefile
   cvs rdiff -u -r1.23 -r1.24 pkgsrc/graphics/php-gd/Makefile
   cvs rdiff -u -r1.10 -r1.11 pkgsrc/multimedia/php-ming/Makefile
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/php-xmlrpc/Makefile
   cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/php-yaz/Makefile
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/print/php-pdflib/Makefile

Revision 1.42 / (download) - annotate - [select for diffs], Sat Jul 24 22:23:15 2010 UTC (12 years, 6 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base
Branch point for: pkgsrc-2010Q3
Changes since 1.41: +5 -3 lines
Diff to previous 1.41 (colored)

Update "php5" package to version 5.2.14. Changes since version 5.2.13:
- Reverted bug fix #49521 (PDO fetchObject sets values before calling
  constructor). (Felipe)
- Updated timezone database to version 2010.5. (Derick)
- Upgraded bundled PCRE to version 8.02. (Ilia)
- Rewrote var_export() to use smart_str rather than output buffering, prevents
  data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)
- Fixed a possible interruption array leak in strrchr(). Reported by
  Péter Veres. (CVE-2010-2484) (Felipe)
- Fixed a possible interruption array leak in strchr(), strstr(), substr(),
  chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). (Felipe)
- Fixed a possible memory corruption in substr_replace() (Dmitry)
- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)
- Fixed a possible stack exaustion inside fnmatch(). Reporeted by Stefan
  Esser (Ilia)
- Reset error state in PDO::beginTransaction() reset error state. (Ilia)
- Fixed a NULL pointer dereference when processing invalid XML-RPC
  requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
- Fixed handling of session variable serialization on certain prefix
  characters. Reported by Stefan Esser (Ilia)
- Fixed a possible arbitrary memory access inside sqlite extension. Reported
  by Mateusz Kocielski. (Ilia)
- Fixed a crash when calling an inexistent method of a class that inherits
  PDOStatement if instantiated directly instead of doing by the PDO methods.
  (Felipe)
- Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64
  bit)). (Adam)
- Fixed bug #52238 (Crash when an Exception occured in iterator_to_array).
  (Johannes)
- Fixed bug #52237 (Crash when passing the reference of the property of a
  non-object). (Dmitry)
- Fixed bug #52163 (SplFileObject::fgetss() fails due to parameter that can't
  be set). (Felipe)
- Fixed bug #52162 (custom request header variables with numbers are removed).
  (Sriram Natarajan)
- Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe)
- Fixed bug #52061 (memory_limit above 2G). (Felipe)
- Fixed bug #52041 (Memory leak when writing on uninitialized variable returned
  from function). (Dmitry)
- Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at
  debian dot org, Kalle)
- Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick)
- Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command).
  (Ilia, Felipe)
- Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle,
  coreystup at gmail dot com)
- Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with
  constant array). (Felipe)
- Fixed bug #51905 (ReflectionParameter fails if default value is an array
  with an access to self::). (Felipe)
- Fixed bug #51822 (Segfault with strange __destruct() for static class
  variables). (Dmitry)
- Fixed bug #51671 (imagefill does not work correctly for small images).
  (Pierre)
- Fixed bug #51670 (getColumnMeta causes segfault when re-executing query
  after calling nextRowset). (Pierrick)
- Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading).
  (Pierre)
- Fixed bug #51617 (PDO PGSQL still broken against PostGreSQL < 7.4).
  (Felipe, wdierkes at 5dollarwhitebox dot org)
- Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe)
- Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter).
  (Felipe)
- Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string
  literal). (cbandy at jbandy dot com)
- Fixed bug #51607 (pg_copy_from does not allow schema in the tablename
  argument). (cbandy at jbandy dot com)
- Fixed bug #51604 (newline in end of header is shown in start of message).
  (Daniel Egeberg)
- Fixed bug #51562 (query timeout in mssql can not be changed per query).
  (ejsmont dot artur at gmail dot com)
- Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory
  issues). (Dmitry)
- Fixed bug #51532 (Wrong prototype for SplFileObject::fscanf()). (Etienne)
- Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe)
- Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains
  timezone). (Adam)
- Fixed bug #51374 (Wrongly initialized object properties). (Etienne)
- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is
  on). (Ilia, j dot jeising at gmail dot com)
- Fixed bug #51273 (Faultstring property does not exist when the faultstring is
  empty) (Ilia, dennis at transip dot nl)
- Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
- Fixed bug #51263 (imagettftext and rotated text uses wrong baseline)
  (cschneid at cschneid dot com, Takeshi Abe)
- Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)
- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia,
  alexr at oplot dot com)
- Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that
  includes '-'). (Adam, solar at azrael dot ws).
- Fixed bug #51190 (ftp_put() returns false when transfer was successful).
  (Ilia)
- Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio).
  (Sriram Natarajan)
- Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when
  an invalid option is provided). (Ilia)
- Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre)
- Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones)
- Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris
  Jones)
- Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4).
  (Raphael Geissert)
- Fixed bug #50762 (in WSDL mode Soap Header handler function only being called
  if defined in WSDL). (mephius at gmail dot com)
- Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable
  endpoints). (Justin Dearing)
- Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not
  include file and line in trace). (Felipe)
- Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe)
- Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne)
- Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus)
- Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe)
- Fixed bug #49267 (Linking fails for iconv). (Moriyosh)
- Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob)
- Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken).
  (Adam, patch from hiroaki dot kawai at gmail dot com).
- Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus)
- Fixed bug #33210 (getimagesize() fails to detect width/height on certain
  JPEGs). (Ilia)
- Fixed bug #23229 (syslog() truncates messages). (Adam)

Revision 1.41 / (download) - annotate - [select for diffs], Tue Mar 16 16:03:22 2010 UTC (12 years, 10 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2010Q2-base, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Branch point for: pkgsrc-2010Q2
Changes since 1.40: +8 -15 lines
Diff to previous 1.40 (colored)

Update description in comments.

Revision 1.39.2.1 / (download) - annotate - [select for diffs], Thu Mar 4 20:27:04 2010 UTC (12 years, 11 months ago) by tron
Branch: pkgsrc-2009Q4
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored) next main 1.40 (colored)

Pullup ticket #3036 - requested by taca
php5: security update
php-bz2: security update
php-zip: security update
php-zlib: security update
php-iconv: security update
php-dba: security update
php-dbase: security update
php-dbx: security update
php-ldap: security update
php-mssql: security update
php-mysql: security update
php-odbc: security update
php-pdo: security update
php-pdo_dblib: security update
php-pdo_mysql: security update
php-pdo_pgsql: security update
php-pdo_sqlite: security update
php-pgsql: security update
php-sqlite: security update
php5-mysqli: security update
php-gettext: security update
php-gmp: security update
php-memcache: security update
php-pcntl: security update
php-posix: security update
php-shmop: security update
php-sysvsem: security update
php-sysvshm: security update
php-exif: security update
php-gd: security update
php5-perl: security update
php-imap: security update
php-bcmath: security update
php-calendar: security update
php-mbstring: security update
php-ming: security update
php-ftp: security update
php-snmp: security update
php-sockets: security update
php-xmlrpc: security update
php-yaz: security update
php5-soap: security update
php-pdflib: security update
php-mcrypt: security update
php-mhash: security update
php-suhosin: security update
php-json: security update
php-pspell: security update
php-wddx: security update
php5-dom: security update
php5-xsl: security update
php-apc: security update
php-curl: security update
php-eaccelerator: security update

Revisions pulled up:
- archivers/php-zlib/Makefile			1.14
- databases/php-dba/Makefile			1.12
- databases/php-ldap/Makefile			1.16
- databases/php-mssql/Makefile			1.12
- databases/php-pdo_dblib/Makefile		1.12
- databases/php-pdo_pgsql/Makefile		1.13
- databases/php-pgsql/Makefile			1.14
- graphics/php-exif/Makefile			1.8
- graphics/php-gd/Makefile			1.22
- lang/php5/Makefile				1.77-1.78
- lang/php5/Makefile.common			1.40
- lang/php5/Makefile.php			1.39-1.41
- lang/php5/distinfo				1.73,1.76
- mail/php-imap/Makefile			1.20
- net/php-ftp/Makefile				1.12
- print/php-pdflib/Makefile			1.13
- www/php-curl/Makefile				1.16
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sat Feb 27 03:25:17 UTC 2010

Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.common Makefile.php distinfo

Log Message:
Update php5 package to 5.2.13.

25 Feb 2010, PHP 5.2.13
- Updated timezone database to version 2010.2. (Derick)
- Upgraded bundled PCRE to version 7.9. (Ilia)

- Removed automatic file descriptor unlocking happening on shutdown and/or
  stream close (on all OSes excluding Windows). (Tony, Ilia)

- Changed tidyNode class to disallow manual node creation. (Pierrick)

- Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL.
  (Ilia)

- Improved LCG entropy. (Rasmus, Samy Kamkar)

- Fixed safe_mode validation inside tempnam() when the directory path does
  not end with a /). (Martin Jansen)
- Fixed a possible open_basedir/safe_mode bypass in session extension
  identified by Grzegorz Stachowiak. (Ilia)
- Fixed bug in bundled libgd causing spurious horizontal lines drawn by
  gdImageFilledPolygon (libgd #100). (Takeshi Abe)
- Fixed build of mysqli with MySQL 5.5.0-m2. (Andrey)

- Fixed bug #50940 Custom content-length set incorrectly in Apache sapis.
  (Brian France, Rasmus)
- Fixed bug #50930 (Wrong date by php_date.c patch with ancient gcc/glibc
  versions). (Derick)
- Fixed bug #50859 (build fails with openssl 1.0 due to md2 deprecation).
  (Ilia, hanno at hboeck dot de)
- Fixed bug #50847 (strip_tags() removes all tags greater then 1023 bytes
  long). (Ilia)
- Fixed bug #50832 (HTTP fopen wrapper does not support passwordless HTTP
  authentication). (Jani)
- Fixed bug #50823 (ReflectionFunction::isDeprecated producing "cannot be called
  statically" error). (Jani, Felipe)
- Fixed bug #50791 (Compile failure: Bad logic in defining fopencookie
  emulation). (Jani)
- Fixed bug #50787 (stream_set_write_buffer() has no effect on socket
  streams). (vnegrier at optilian dot com, Ilia)
- Fixed bug #50772 (mysqli constructor without parameters does not return a
  working mysqli object). (Andrey)
- Fixed bug #50761 (system.multiCall crashes in xmlrpc extension). (hiroaki
  dot kawai at gmail dot com, Ilia)
- Fixed bug #50732 (exec() adds single byte twice to $output array). (Ilia)
- Fixed bug #50728 (All PDOExceptions hardcode 'code' property to 0). (Joey,
  Ilia)
- Fixed bug #50727 (Accessing mysqli->affected_rows on no connection causes
  segfault). (Andrey, Johannes)
- Fixed bug #50680 (strtotime() does not support eighth ordinal number).
  (Ilia)
- Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob)
- Fixed bug #50657 (copy() with an empty (zero-byte) HTTP source succeeds but
  returns false). (Ilia)
- Fixed bug #50636 (MySQLi_Result sets values before calling constructor).
  (Pierrick)
- Fixed bug #50632 (filter_input() does not return default value if the
  variable does not exist). (Ilia)
- Fixed bug #50576 (XML_OPTION_SKIP_TAGSTART option has no effect). (Pierrick)
- Fixed bug #50575 (PDO_PGSQL LOBs are not compatible with PostgreSQL 8.5).
  (Matteo)
- Fixed bug #50558 (Broken object model when extending tidy). (Pierrick)
- Fixed bug #50540 (Crash while running ldap_next_reference test cases).
  (Sriram)
- Fixed bug #50508 (compile failure: Conflicting HEADER type declarations).
  (Jani)
- Fixed bug #50394 (Reference argument converted to value in __call). (Stas)
- Fixed bug #49851 (http wrapper breaks on 1024 char long headers). (Ilia)
- Fixed bug #49600 (imageTTFText text shifted right). (Takeshi Abe)
- Fixed bug #49585 (date_format buffer not long enough for >4 digit years).
  (Derick, Adam)
- Fixed bug #49463 (setAttributeNS fails setting default namespace). (Rob)
- Fixed bug #48667 (Implementing Iterator and IteratorAggregate). (Etienne)
- Fixed bug #48590 (SoapClient does not honor max_redirects). (Sriram)
- Fixed bug #48190 (Content-type parameter "boundary" is not case-insensitive
  in HTTP uploads). (Ilia)
- Fixed bug #47601 (defined() requires class to exist when testing for class
  constants). (Ilia)
- Fixed bug #47409 (extract() problem with array containing word "this").
  (Ilia, chrisstocktonaz at gmail dot com)
- Fixed bug #47002 (Field truncation when reading from dbase dbs with more
  then 1024 fields). (Ilia, sjoerd-php at linuxonly dot nl)
- Fixed bug #45599 (strip_tags() truncates rest of string with invalid
  attribute). (Ilia, hradtke)
- Fixed bug #44827 (define() allows :: in constant names). (Ilia)
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sat Feb 27 03:35:12 UTC 2010

Modified Files:
	pkgsrc/archivers/php-zlib: Makefile
	pkgsrc/databases/php-dba: Makefile
	pkgsrc/databases/php-ldap: Makefile
	pkgsrc/databases/php-mssql: Makefile
	pkgsrc/databases/php-pdo_dblib: Makefile
	pkgsrc/databases/php-pdo_pgsql: Makefile
	pkgsrc/databases/php-pgsql: Makefile
	pkgsrc/graphics/php-exif: Makefile
	pkgsrc/graphics/php-gd: Makefile
	pkgsrc/mail/php-imap: Makefile
	pkgsrc/net/php-ftp: Makefile
	pkgsrc/print/php-pdflib: Makefile
	pkgsrc/www/php-curl: Makefile

Log Message:
Reset PKGREVISION.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Wed Mar  3 10:51:35 UTC 2010

Modified Files:
	pkgsrc/lang/php5: Makefile.php

Log Message:
Re-enable suhosin option since there is no need to disable it.

Noted by Volkmar Seifert and I misunderstood something.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Thu Mar  4 15:36:04 UTC 2010

Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.php distinfo

Log Message:
Update suhosin patch for PHP 5.2.13.

Bump PKGREVISION.

Revision 1.40 / (download) - annotate - [select for diffs], Sat Feb 27 03:25:16 2010 UTC (12 years, 11 months ago) by taca
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)

Update php5 package to 5.2.13.

25 Feb 2010, PHP 5.2.13
- Updated timezone database to version 2010.2. (Derick)
- Upgraded bundled PCRE to version 7.9. (Ilia)

- Removed automatic file descriptor unlocking happening on shutdown and/or
  stream close (on all OSes excluding Windows). (Tony, Ilia)

- Changed tidyNode class to disallow manual node creation. (Pierrick)

- Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL.
  (Ilia)

- Improved LCG entropy. (Rasmus, Samy Kamkar)

- Fixed safe_mode validation inside tempnam() when the directory path does
  not end with a /). (Martin Jansen)
- Fixed a possible open_basedir/safe_mode bypass in session extension
  identified by Grzegorz Stachowiak. (Ilia)
- Fixed bug in bundled libgd causing spurious horizontal lines drawn by
  gdImageFilledPolygon (libgd #100). (Takeshi Abe)
- Fixed build of mysqli with MySQL 5.5.0-m2. (Andrey)

- Fixed bug #50940 Custom content-length set incorrectly in Apache sapis.
  (Brian France, Rasmus)
- Fixed bug #50930 (Wrong date by php_date.c patch with ancient gcc/glibc
  versions). (Derick)
- Fixed bug #50859 (build fails with openssl 1.0 due to md2 deprecation).
  (Ilia, hanno at hboeck dot de)
- Fixed bug #50847 (strip_tags() removes all tags greater then 1023 bytes
  long). (Ilia)
- Fixed bug #50832 (HTTP fopen wrapper does not support passwordless HTTP
  authentication). (Jani)
- Fixed bug #50823 (ReflectionFunction::isDeprecated producing "cannot be called
  statically" error). (Jani, Felipe)
- Fixed bug #50791 (Compile failure: Bad logic in defining fopencookie
  emulation). (Jani)
- Fixed bug #50787 (stream_set_write_buffer() has no effect on socket
  streams). (vnegrier at optilian dot com, Ilia)
- Fixed bug #50772 (mysqli constructor without parameters does not return a
  working mysqli object). (Andrey)
- Fixed bug #50761 (system.multiCall crashes in xmlrpc extension). (hiroaki
  dot kawai at gmail dot com, Ilia)
- Fixed bug #50732 (exec() adds single byte twice to $output array). (Ilia)
- Fixed bug #50728 (All PDOExceptions hardcode 'code' property to 0). (Joey,
  Ilia)
- Fixed bug #50727 (Accessing mysqli->affected_rows on no connection causes
  segfault). (Andrey, Johannes)
- Fixed bug #50680 (strtotime() does not support eighth ordinal number).
  (Ilia)
- Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob)
- Fixed bug #50657 (copy() with an empty (zero-byte) HTTP source succeeds but
  returns false). (Ilia)
- Fixed bug #50636 (MySQLi_Result sets values before calling constructor).
  (Pierrick)
- Fixed bug #50632 (filter_input() does not return default value if the
  variable does not exist). (Ilia)
- Fixed bug #50576 (XML_OPTION_SKIP_TAGSTART option has no effect). (Pierrick)
- Fixed bug #50575 (PDO_PGSQL LOBs are not compatible with PostgreSQL 8.5).
  (Matteo)
- Fixed bug #50558 (Broken object model when extending tidy). (Pierrick)
- Fixed bug #50540 (Crash while running ldap_next_reference test cases).
  (Sriram)
- Fixed bug #50508 (compile failure: Conflicting HEADER type declarations).
  (Jani)
- Fixed bug #50394 (Reference argument converted to value in __call). (Stas)
- Fixed bug #49851 (http wrapper breaks on 1024 char long headers). (Ilia)
- Fixed bug #49600 (imageTTFText text shifted right). (Takeshi Abe)
- Fixed bug #49585 (date_format buffer not long enough for >4 digit years).
  (Derick, Adam)
- Fixed bug #49463 (setAttributeNS fails setting default namespace). (Rob)
- Fixed bug #48667 (Implementing Iterator and IteratorAggregate). (Etienne)
- Fixed bug #48590 (SoapClient does not honor max_redirects). (Sriram)
- Fixed bug #48190 (Content-type parameter "boundary" is not case-insensitive
  in HTTP uploads). (Ilia)
- Fixed bug #47601 (defined() requires class to exist when testing for class
  constants). (Ilia)
- Fixed bug #47409 (extract() problem with array containing word "this").
  (Ilia, chrisstocktonaz at gmail dot com)
- Fixed bug #47002 (Field truncation when reading from dbase dbs with more
  then 1024 fields). (Ilia, sjoerd-php at linuxonly dot nl)
- Fixed bug #45599 (strip_tags() truncates rest of string with invalid
  attribute). (Ilia, hradtke)
- Fixed bug #44827 (define() allows :: in constant names). (Ilia)

Revision 1.38.2.1 / (download) - annotate - [select for diffs], Wed Dec 23 19:09:51 2009 UTC (13 years, 1 month ago) by spz
Branch: pkgsrc-2009Q3
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored) next main 1.39 (colored)

Pullup ticket 2955 - requested by taca
security update

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.75
- pkgsrc/lang/php5/Makefile.common		1.39
- pkgsrc/lang/php5/PLIST			1.25
- pkgsrc/lang/php5/distinfo			1.71
- pkgsrc/lang/php5/patches/patch-ag		1.4
- pkgsrc/lang/php5/patches/patch-ah		1.3
- pkgsrc/textproc/php5-xsl/Makefile		1.13

Files removed:
pkgsrc/lang/php5/patches/patch-ay
pkgsrc/lang/php5/patches/patch-az
pkgsrc/lang/php5/patches/patch-ba
pkgsrc/lang/php5/patches/patch-bb
pkgsrc/lang/php5/patches/patch-bc
pkgsrc/lang/php5/patches/patch-bd

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Wed Dec 23 07:07:35 UTC 2009

   Modified Files:
           pkgsrc/lang/php5: Makefile Makefile.common PLIST distinfo
           pkgsrc/lang/php5/patches: patch-ag patch-ah
   Removed Files:
           pkgsrc/lang/php5/patches: patch-ay patch-az patch-ba patch-bb
               patch-bc patch-bd

   Log Message:
   Update lang/php5 to 5.2.12, security update.

   Security Enhancements and Fixes in PHP 5.2.12:

   * Fixed a safe_mode bypass in tempnam() identified by Grzegorz
     Stachowiak. (CVE-2009-3557, Rasmus)
   * Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
     Stachowiak. (CVE-2009-3558, Rasmus)
   * Added "max_file_uploads" INI directive, which can be set to limit the
     number of file uploads per-request to 20 by default, to prevent possible
     DOS via temporary file exhaustion, identified by Bogdan
     Calin. (CVE-2009-4017, Ilia)
   * Added protection for $_SESSION from interrupt corruption and improved
     "session.save_path" check, identified by Stefan Esser. (CVE-2009-4143,
     Stas)
   * Fixed bug #49785 (insufficient input string validation of
     htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)

   Key enhancements in PHP 5.2.12 include:

   * Fixed unnecessary invocation of setitimer when timeouts have been
     disabled. (Arvind Srinivasan)
   * Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
   * Fixed crash in SQLiteDatabase::ArrayQuery() and
     SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe)
   * Fixed crash when instantiating PDORow and PDOStatement through
     Reflection. (Felipe)
   * Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe)
   * Fixed bug #50207 (segmentation fault when concatenating very large strings
     on 64bit linux). (Ilia)
   * Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle
     database). (Felipe)
   * Fixed bug #50006 (Segfault caused by uksort()). (Felipe)
   * Fixed bug #50005 (Throwing through Reflection modified Exception object
     makes segmentation fault). (Felipe)
   * Fixed bug #49174 (crash when extending PDOStatement and trying to set
     queryString property). (Felipe)
   * Fixed bug #49098 (mysqli segfault on error). (Rasmus)
   * Over 50 other bug fixes.


   To generate a diff of this commit:
   cvs rdiff -u -r1.74 -r1.75 pkgsrc/lang/php5/Makefile
   cvs rdiff -u -r1.38 -r1.39 pkgsrc/lang/php5/Makefile.common
   cvs rdiff -u -r1.24 -r1.25 pkgsrc/lang/php5/PLIST
   cvs rdiff -u -r1.70 -r1.71 pkgsrc/lang/php5/distinfo
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php5/patches/patch-ag
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php5/patches/patch-ah
   cvs rdiff -u -r1.2 -r0 pkgsrc/lang/php5/patches/patch-ay \
       pkgsrc/lang/php5/patches/patch-az
   cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-ba \
       pkgsrc/lang/php5/patches/patch-bb pkgsrc/lang/php5/patches/patch-bc \
       pkgsrc/lang/php5/patches/patch-bd

   --------------------------------------------------------------------------

   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Wed Dec 23 07:08:31 UTC 2009

   Modified Files:
           pkgsrc/textproc/php5-xsl: Makefile

   Log Message:
   Reset PKGREVISION by implicit update to 5.2.12.


   To generate a diff of this commit:
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/textproc/php5-xsl/Makefile

Revision 1.39 / (download) - annotate - [select for diffs], Wed Dec 23 07:07:34 2009 UTC (13 years, 1 month ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base
Branch point for: pkgsrc-2009Q4
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)

Update lang/php5 to 5.2.12, security update.


Security Enhancements and Fixes in PHP 5.2.12:

* Fixed a safe_mode bypass in tempnam() identified by Grzegorz
  Stachowiak. (CVE-2009-3557, Rasmus)
* Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
  Stachowiak. (CVE-2009-3558, Rasmus)
* Added "max_file_uploads" INI directive, which can be set to limit the
  number of file uploads per-request to 20 by default, to prevent possible
  DOS via temporary file exhaustion, identified by Bogdan
  Calin. (CVE-2009-4017, Ilia)
* Added protection for $_SESSION from interrupt corruption and improved
  "session.save_path" check, identified by Stefan Esser. (CVE-2009-4143,
  Stas)
* Fixed bug #49785 (insufficient input string validation of
  htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)

Key enhancements in PHP 5.2.12 include:

* Fixed unnecessary invocation of setitimer when timeouts have been
  disabled. (Arvind Srinivasan)
* Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
* Fixed crash in SQLiteDatabase::ArrayQuery() and
  SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe)
* Fixed crash when instantiating PDORow and PDOStatement through
  Reflection. (Felipe)
* Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe)
* Fixed bug #50207 (segmentation fault when concatenating very large strings
  on 64bit linux). (Ilia)
* Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle
  database). (Felipe)
* Fixed bug #50006 (Segfault caused by uksort()). (Felipe)
* Fixed bug #50005 (Throwing through Reflection modified Exception object
  makes segmentation fault). (Felipe)
* Fixed bug #49174 (crash when extending PDOStatement and trying to set
  queryString property). (Felipe)
* Fixed bug #49098 (mysqli segfault on error). (Rasmus)
* Over 50 other bug fixes.

Revision 1.38 / (download) - annotate - [select for diffs], Fri Oct 9 03:53:06 2009 UTC (13 years, 4 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2009Q3-base
Branch point for: pkgsrc-2009Q3
Changes since 1.37: +21 -1 lines
Diff to previous 1.37 (colored)

Add some infomation in comment about packages which shold be checked
when lang/php5 package updated.

Revision 1.35.4.1 / (download) - annotate - [select for diffs], Wed Sep 30 12:19:49 2009 UTC (13 years, 4 months ago) by tron
Branch: pkgsrc-2009Q2
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored) next main 1.36 (colored)

Pullup ticket #2903 - requested by taca
php5: security update

Revisions pulled up:
- lang/php5/Makefile.common			1.37
- lang/php5/Makefile.php			1.36-1.37 via patch
- lang/php5/PLIST				1.24
- lang/php5/distinfo				1.66-1.67 via patch
- lang/php5/patches/patch-ad			delete
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sat Sep 26 05:40:05 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile.common Makefile.php PLIST distinfo
Removed Files:
	pkgsrc/lang/php5/patches: patch-ax

Log Message:
Update lang/php5 to 5.2.11, fixing security problem of 5.2.10.
One pkglint warning was fixed, too.

PHP                                                                        NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
17 Sep 2009, PHP 5.2.11
- Fixed certificate validation inside php_openssl_apply_verification_policy.
  (Ryan Sleevi, Ilia)

10 Sep 2009, PHP 5.2.11RC3
- Updated timezone database to version 2009.13 (2009m) (Derick)

- Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). (Ilia)
- Fixed bug #49447 (php engine needs to correctly check for socket API return
  status on windows). (Sriram Natarajan)
- Fixed bug #48060 (pdo_pgsql - large objects are returned as empty). (Matteo)

03 Sep 2009, PHP 5.2.11RC2
- Added missing sanity checks around exif processing. (Ilia)

- Fixed sanity check for the color index in imagecolortransparent. (Pierre)
- Fixed zlib.deflate compress filter to actually accept level parameter. (Jani)
- Fixed leak on error in popen/exec (and related functions) on Windows.
  (Pierre)

- Fixed bug #49361 (wordwrap() wraps incorrectly on end of line boundaries).
  (Ilia, code-it at mail dot ru)
- Fixed bug #49289 (bcmath module doesn't compile with phpize configure).
  (Jani)
- Fixed bug #49286 (php://input (php_stream_input_read) is broken). (Jani)
- Fixed bug #49269 (Ternary operator fails on Iterator object when used inside
  foreach declaration). (Etienne, Dmitry)
- Fixed bug #49236 (Missing PHP_SUBST(PDO_MYSQL_SHARED_LIBADD)). (Jani)
- Fixed bug #49144 (Import of schema from different host transmits original
  authentication details). (Dmitry)
- Fixed bug #49000 (PHP CLI in Interactive mode (php -a) crashes when including
  files from function). (Stas)
- Fixed bug #48696 (ldap_read() segfaults with invalid parameters). (Felipe)
- Fixed bug #47273 (Encoding bug in SoapServer->fault). (Dmitry)
- Fixed bug #28038 (Sent incorrect RCPT TO commands to SMTP server) (Garrett)

13 Aug 2009, PHP 5.2.11RC1
- Fixed regression in cURL extension that prevented flush of data to output
  defined as a file handle. (Ilia)
- Fixed memory leak in stream_is_local(). (Felipe, Tony)

- Fixed bug #49372 (segfault in php_curl_option_curl). (Pierre)
- Fixed bug #49132 (posix_times returns false without error).
  (phpbugs at gunnu dot us)
- Fixed bug #49125 (Error in dba_exists C code). (jdornan at stanford dot edu)
- Fixed bug #49095 (proc_get_status['exitcode'] fails on win32). (Felipe)
- Fixed bug #49074 (private class static fields can be modified by using
  reflection). (Jani)
- Fixed bug #49072 (feof never returns true for damaged file in zip). (Pierre)
- Fixed bug #49052 (context option headers freed too early when using
  --with-curlwrappers). (Jani)
- Fixed bug #49032 (SplFileObject::fscanf() variables passed by reference).
  (Jani)
- Fixed bug #49026 (proc_open() can bypass safe_mode_protected_env_vars
  restrictions). (Ilia)
- Fixed bug #48994 (zlib.output_compression does not output HTTP headers when
  set to a string value). (Jani)
- Fixed bug #48980 (Crash when compiling with pdo_firebird). (Felipe)
- Fixed bug #48962 (cURL does not upload files with specified filename).
  (Ilia)
- Fixed bug #48929 (Double \r\n after HTTP headers when "header" context
  option is an array). (David Z762 (IPv6 address filter still rejects valid address). (Felipe)
- Fixed bug #48733 (CURLOPT_WRITEHEADER|CURLOPT_FILE|CURLOPT_STDERR warns on
  files that have been opened with r+). (Ilia)
- Fixed bug #48732 (TTF Bounding box wrong for letters below baseline).
  (Takeshi Abe)
- Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain
  components). (Ilia)
- Fixed bug #48709 (metaphone and 'wh'). (brettz9 at yahoo dot com, Felipe)
- Fixed bug #48697 (mb_internal_encoding() value gets reset by parse_str()).
  (Moriyoshi)
- Fixed bug #48693 (Double declaration of __lambda_func when lambda wrongly
  formatted). (peter at lvp-media dot com, Felipe)
- Fixed bug #48661 (phpize is broken with non-bash shells). (Jani)
- Fixed bug #48645 (mb_convert_encoding() doesn't understand hexadecimal
  html-entities). (Moriyoshi)
- Fixed bug #48637 ("file" fopen wrapper is overwritten when using
  --with-curlwrappers). (Jani)
- Fixed bug #48636 (Error compiling of ext/date on netware). (guenter at
  php.net, Ilia)
- Fixed bug #48629 (get_defined_constants() ignores categorize parameter).
  (Felipe)
- Fixed bug #48619 (imap_search ALL segfaults). (Pierre)
- Fixed bug #48608 (Invalid libreadline version not detected during configure).
  (Jani)
- Fixed bug #48555 (ImageFTBBox() differs from previous versions for texts
  with new lines) (Takeshi Abe)
- Fixed bug #48539 (pdo_dblib fails to connect, throws empty PDOException
  "SQLSTATE[] (null)"). (Felipe)
- Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using
  TMPDIR). (Ilia)
- Fixed bug #48450 (Compile failure under IRIX 6.5.30 building gd.c). (Kalle)
- Fixed bug #48400 (imap crashes when closing stream opened with
  OP_PROTOTYPE flag). (Jani)
- Fixed bug #48284 (hash "adler32" byte order is reversed). (Scott)
- Fixed bug #48276 (date("Y") on big endian machines produces the
  wrong result). (Scott)
- Fixed bug #48247 (Infinite loop and possible crash during startup with
  errors when errors are logged). (Jani)
- Fixed bug #48116 (Fixed build with Openssl 1ImageLine w/ antialias = 1px shorter). (wojjie at gmail dot
  com, Kalle)
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sat Sep 26 07:35:31 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile.php distinfo

Log Message:
Update suhosin patch to 5.2.11, too.

Revision 1.37 / (download) - annotate - [select for diffs], Sat Sep 26 05:40:05 2009 UTC (13 years, 4 months ago) by taca
Branch: MAIN
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)

Update lang/php5 to 5.2.11, fixing security problem of 5.2.10.
One pkglint warning was fixed, too.

PHP                                                                        NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
17 Sep 2009, PHP 5.2.11
- Fixed certificate validation inside php_openssl_apply_verification_policy.
  (Ryan Sleevi, Ilia)


10 Sep 2009, PHP 5.2.11RC3
- Updated timezone database to version 2009.13 (2009m) (Derick)

- Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). (Ilia)
- Fixed bug #49447 (php engine needs to correctly check for socket API return
  status on windows). (Sriram Natarajan)
- Fixed bug #48060 (pdo_pgsql - large objects are returned as empty). (Matteo)


03 Sep 2009, PHP 5.2.11RC2
- Added missing sanity checks around exif processing. (Ilia)

- Fixed sanity check for the color index in imagecolortransparent. (Pierre)
- Fixed zlib.deflate compress filter to actually accept level parameter. (Jani)
- Fixed leak on error in popen/exec (and related functions) on Windows.
  (Pierre)

- Fixed bug #49361 (wordwrap() wraps incorrectly on end of line boundaries).
  (Ilia, code-it at mail dot ru)
- Fixed bug #49289 (bcmath module doesn't compile with phpize configure).
  (Jani)
- Fixed bug #49286 (php://input (php_stream_input_read) is broken). (Jani)
- Fixed bug #49269 (Ternary operator fails on Iterator object when used inside
  foreach declaration). (Etienne, Dmitry)
- Fixed bug #49236 (Missing PHP_SUBST(PDO_MYSQL_SHARED_LIBADD)). (Jani)
- Fixed bug #49144 (Import of schema from different host transmits original
  authentication details). (Dmitry)
- Fixed bug #49000 (PHP CLI in Interactive mode (php -a) crashes when including
  files from function). (Stas)
- Fixed bug #48696 (ldap_read() segfaults with invalid parameters). (Felipe)
- Fixed bug #47273 (Encoding bug in SoapServer->fault). (Dmitry)
- Fixed bug #28038 (Sent incorrect RCPT TO commands to SMTP server) (Garrett)


13 Aug 2009, PHP 5.2.11RC1
- Fixed regression in cURL extension that prevented flush of data to output
  defined as a file handle. (Ilia)
- Fixed memory leak in stream_is_local(). (Felipe, Tony)

- Fixed bug #49372 (segfault in php_curl_option_curl). (Pierre)
- Fixed bug #49132 (posix_times returns false without error).
  (phpbugs at gunnu dot us)
- Fixed bug #49125 (Error in dba_exists C code). (jdornan at stanford dot edu)
- Fixed bug #49095 (proc_get_status['exitcode'] fails on win32). (Felipe)
- Fixed bug #49074 (private class static fields can be modified by using
  reflection). (Jani)
- Fixed bug #49072 (feof never returns true for damaged file in zip). (Pierre)
- Fixed bug #49052 (context option headers freed too early when using
  --with-curlwrappers). (Jani)
- Fixed bug #49032 (SplFileObject::fscanf() variables passed by reference).
  (Jani)
- Fixed bug #49026 (proc_open() can bypass safe_mode_protected_env_vars
  restrictions). (Ilia)
- Fixed bug #48994 (zlib.output_compression does not output HTTP headers when
  set to a string value). (Jani)
- Fixed bug #48980 (Crash when compiling with pdo_firebird). (Felipe)
- Fixed bug #48962 (cURL does not upload files with specified filename).
  (Ilia)
- Fixed bug #48929 (Double \r\n after HTTP headers when "header" context
  option is an array). (David Zülke)
- Fixed bug #48913 (Too long error code strings in pdo_odbc driver).
  (naf at altlinux dot ru, Felipe)
- Fixed bug #48802 (printf() returns incorrect outputted length). (Jani)
- Fixed bug #48801 (Problem with imagettfbbox). (Takeshi Abe)
- Fixed bug #48788 (RecursiveDirectoryIterator doesn't descend into symlinked
  directories). (Ilia)
- Fixed bug #48774 (SIGSEGVs when using curl_copy_handle()).
  (Sriram Natarajan)
- Fixed bug #48763 (ZipArchive produces corrupt archive). (dani dot church at
  gmail dot com, Pierre)
- Fixed bug #48762 (IPv6 address filter still rejects valid address). (Felipe)
- Fixed bug #48733 (CURLOPT_WRITEHEADER|CURLOPT_FILE|CURLOPT_STDERR warns on
  files that have been opened with r+). (Ilia)
- Fixed bug #48732 (TTF Bounding box wrong for letters below baseline).
  (Takeshi Abe)
- Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain
  components). (Ilia)
- Fixed bug #48709 (metaphone and 'wh'). (brettz9 at yahoo dot com, Felipe)
- Fixed bug #48697 (mb_internal_encoding() value gets reset by parse_str()).
  (Moriyoshi)
- Fixed bug #48693 (Double declaration of __lambda_func when lambda wrongly
  formatted). (peter at lvp-media dot com, Felipe)
- Fixed bug #48661 (phpize is broken with non-bash shells). (Jani)
- Fixed bug #48645 (mb_convert_encoding() doesn't understand hexadecimal
  html-entities). (Moriyoshi)
- Fixed bug #48637 ("file" fopen wrapper is overwritten when using
  --with-curlwrappers). (Jani)
- Fixed bug #48636 (Error compiling of ext/date on netware). (guenter at
  php.net, Ilia)
- Fixed bug #48629 (get_defined_constants() ignores categorize parameter).
  (Felipe)
- Fixed bug #48619 (imap_search ALL segfaults). (Pierre)
- Fixed bug #48608 (Invalid libreadline version not detected during configure).
  (Jani)
- Fixed bug #48555 (ImageFTBBox() differs from previous versions for texts
  with new lines) (Takeshi Abe)
- Fixed bug #48539 (pdo_dblib fails to connect, throws empty PDOException
  "SQLSTATE[] (null)"). (Felipe)
- Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using
  TMPDIR). (Ilia)
- Fixed bug #48450 (Compile failure under IRIX 6.5.30 building gd.c). (Kalle)
- Fixed bug #48400 (imap crashes when closing stream opened with
  OP_PROTOTYPE flag). (Jani)
- Fixed bug #48284 (hash "adler32" byte order is reversed). (Scott)
- Fixed bug #48276 (date("Y") on big endian machines produces the
  wrong result). (Scott)
- Fixed bug #48247 (Infinite loop and possible crash during startup with
  errors when errors are logged). (Jani)
- Fixed bug #48116 (Fixed build with Openssl 1.0). (Pierre,
  Al dot Smith at aeschi dot ch dot eu dot org)
- Fixed bug #48182 (ssl handshake fails during asynchronous socket connection).
  (Sriram Natarajan)
- Fixed bug #48057 (Only the date fields of the first row are fetched,
  others are empty). (info at programmiernutte dot net)
- Fixed bug #47481 (natcasesort() does not sort extended ASCII characters
  correctly). (Herman Radtke)
- Fixed bug #47351 (Memory leak in DateTime). (Derick, Tobias John)
- Fixed bug #46020 (with Sun Java System Web Server 7.0 on HPUX, #define HPUX).
  (Uwe Schindler)
- Fixed bug #45905 (imagefilledrectangle() clipping error).
  (markril at hotmail dot com, Pierre)
- Fixed bug #45280 (Reflection of instantiated COM classes causes PHP to crash)
  (Paul Richards, Kalle)
- Fixed bug #45141 (setcookie will output expires years of >4 digits). (Ilia)
- Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre)
- Fixed bug #44144 (spl_autoload_functions() should return object instance
  when appropriate). (Hannes, Etienne)
- Fixed bug #43510 (stream_get_meta_data() does not return same mode as used
  in fopen). (Jani)
- Fixed bug #42434 (ImageLine w/ antialias = 1px shorter). (wojjie at gmail dot
  com, Kalle)

Revision 1.36 / (download) - annotate - [select for diffs], Tue Jul 7 21:57:28 2009 UTC (13 years, 7 months ago) by jdolecek
Branch: MAIN
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored)

Update lang/php5 to version 5.2.10 - according to the release annoucement:

Security Enhancements and Fixes in PHP 5.2.10:
    * Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files). (Pierre)

Key enhancements in PHP 5.2.10 include:
    * Added "ignore_errors" option to http fopen wrapper. (David Zulke, Sara)
    * Fixed memory corruptions while reading properties of zip files. (Ilia)
    * Fixed memory leak in ob_get_clean/ob_get_flush. (Christian)
    * Fixed segfault on invalid session.save_path. (Hannes)
    * Fixed leaks in imap when a mail_criteria is used. (Pierre)
    * Changed default value of array_unique()'s optional sorting type parameter back to SORT_STRING to fix backwards compatibility breakage introduced in PHP 5.2.9. (Moriyoshi)
    * Fixed bug #47940 (memory leaks in imap_body). (Pierre, Jake Levitt)
    * Fixed bug #47903 ("@" operator does not work with string offsets). (Felipe)
    * Fixed bug #47644 (Valid integers are truncated with json_decode()). (Scott)
    * Fixed bug #47564 (unpacking unsigned long 32bit big endian returns wrong result). (Ilia)
    * Fixed bug #47365 (ip2long() may allow some invalid values on certain 64bit systems).
    * Over 100 bug fixes.

Revision 1.33.2.1 / (download) - annotate - [select for diffs], Sun Mar 15 19:21:22 2009 UTC (13 years, 10 months ago) by tron
Branch: pkgsrc-2008Q4
Changes since 1.33: +12 -2 lines
Diff to previous 1.33 (colored) next main 1.34 (colored)

Pullup ticket #2721 - requested by adrianp
php5: security update

Revisions pulled up:
- lang/php5/MESSAGE.suhosin			1.1 via patch
- lang/php5/Makefile				1.71 via patch
- lang/php5/Makefile.common			1.35
- lang/php5/Makefile.php			1.33-1.34
- lang/php5/PLIST				1.21
- lang/php5/distinfo				1.61-1.62
- lang/php5/patches/patch-an			patch
- lang/php5/patches/patch-ar			patch
- lang/php5/patches/patch-as			delete
---
Module Name:	pkgsrc
Committed By:	adrianp
Date:		Mon Mar  2 22:52:17 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.common Makefile.php PLIST distinfo
Removed Files:
	pkgsrc/lang/php5/patches: patch-as

Log Message:
The PHP development team would like to announce the immediate availability of PHP 5.2.9. This release focuses on improving the stability of the PHP 5.2.x branch with over 50 bug fixes, several of which are security related. All users of PHP are encouraged to upgrade to this release.

Security Enhancements and Fixes in PHP 5.2.9:

    * Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. Reported by Hamid Ebadi, APA Laboratory (Fixes CVE-2008-5498). (Scott)
    * Fixed a crash on extract in zip when files or directories entry names contain a relative path. (Pierre)
    * Fixed explode() behavior with empty string to respect negative limit. (Shire)
    * Fixed a segfault when malformed string is passed to json_decode(). (Scott)

Key enhancements in PHP 5.2.9 include:

    * Added optional sorting type flag parameter to array_unique(). Default is SORT_REGULAR. (Andrei)
    * Fixed bug #45996 (libxml2 2.7 causes breakage with character data in xml_parse()). (Rob)
    * A number of fixes in the mbstring extension (Moriyoshi)
    * Fixed bug #44336 (Improve pcre UTF-8 string matching performance). (frode at coretrek dot com, Nuno)
    * Fixed bug #46699 (xml_parse crash when parser is namespace aware). (Rob)
    * Fixed bug #46748 (Segfault when an SSL error has more than one error). (Scott)
    * Fixed bug #46889 (Memory leak in strtotime()). (Derick)
    * Fixed bug #47049 (SoapClient::__soapCall causes a segmentation fault). (Dmitry)
    * Fixed bug #47165 (Possible memory corruption when passing return value by reference). (Dmitry)
    * Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email addresses as invalid). (Ilia)
    * Fixed bug #47422 (modulus operator returns incorrect results on 64 bit linux). (Matt)
    * Over 50 bug fixes.
---
Module Name:	pkgsrc
Committed By:	adrianp
Date:		Thu Mar  5 23:22:24 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile.php distinfo

Log Message:
Add back suhosin patch as a new one for 5.2.9 is out

Revision 1.35 / (download) - annotate - [select for diffs], Mon Mar 2 22:52:17 2009 UTC (13 years, 11 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2009Q2-base, pkgsrc-2009Q1-base, pkgsrc-2009Q1
Branch point for: pkgsrc-2009Q2
Changes since 1.34: +11 -2 lines
Diff to previous 1.34 (colored)

The PHP development team would like to announce the immediate availability of PHP 5.2.9. This release focuses on improving the stability of the PHP 5.2.x branch with over 50 bug fixes, several of which are security related. All users of PHP are encouraged to upgrade to this release.

Security Enhancements and Fixes in PHP 5.2.9:

    * Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. Reported by Hamid Ebadi, APA Laboratory (Fixes CVE-2008-5498). (Scott)
    * Fixed a crash on extract in zip when files or directories entry names contain a relative path. (Pierre)
    * Fixed explode() behavior with empty string to respect negative limit. (Shire)
    * Fixed a segfault when malformed string is passed to json_decode(). (Scott)

Key enhancements in PHP 5.2.9 include:

    * Added optional sorting type flag parameter to array_unique(). Default is SORT_REGULAR. (Andrei)
    * Fixed bug #45996 (libxml2 2.7 causes breakage with character data in xml_parse()). (Rob)
    * A number of fixes in the mbstring extension (Moriyoshi)
    * Fixed bug #44336 (Improve pcre UTF-8 string matching performance). (frode at coretrek dot com, Nuno)
    * Fixed bug #46699 (xml_parse crash when parser is namespace aware). (Rob)
    * Fixed bug #46748 (Segfault when an SSL error has more than one error). (Scott)
    * Fixed bug #46889 (Memory leak in strtotime()). (Derick)
    * Fixed bug #47049 (SoapClient::__soapCall causes a segmentation fault). (Dmitry)
    * Fixed bug #47165 (Possible memory corruption when passing return value by reference). (Dmitry)
    * Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email addresses as invalid). (Ilia)
    * Fixed bug #47422 (modulus operator returns incorrect results on 64 bit linux). (Matt)
    * Over 50 bug fixes.

Revision 1.34 / (download) - annotate - [select for diffs], Wed Feb 25 16:16:33 2009 UTC (13 years, 11 months ago) by tnn
Branch: MAIN
Changes since 1.33: +2 -1 lines
Diff to previous 1.33 (colored)

add comment to appease pkglint

Revision 1.33 / (download) - annotate - [select for diffs], Wed Dec 10 19:37:01 2008 UTC (14 years, 2 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2008Q4-base
Branch point for: pkgsrc-2008Q4
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)

Update to 5.2.8.

Security Enhancements and Fixes in PHP 5.2.7:

Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371)
Fixed missing initialization of BG(page_uid) and BG(page_gid), reported by Maksymilian Arciemowicz.
Fixed incorrect php_value order for Apache configuration, reported by Maksymilian Arciemowicz.
Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658).
Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659).
Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666.
Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).(Fixes CVE-2008-3660)
Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer overflow). (Fixes CVE-2008-2829)
Key enhancements in PHP 5.2.7 include:

Fixed several memory leaks inside the readline and sqlite extensions
A number of corrections relating to date parsing inside the date extension
Fixed bugs relating to data retrieval in the PDO extension
A series of crashes in various areas of code were resolved
Several corrections were made to the strip_tags() function in terms of < and <?XML handling
A number of bugs were fixed in extract() function when EXTR_REFS flag is being used
Added the ability to log PHP errors to the SAPI (Ex. Apache log) logging facility
Over 170 bug fixes.

5.2.8
Reverted bug fix Fixed bug #42718 that broke magic_quotes_gpc (Scott)

Revision 1.32 / (download) - annotate - [select for diffs], Mon Dec 8 14:52:00 2008 UTC (14 years, 2 months ago) by adrianp
Branch: MAIN
Changes since 1.31: +1 -1 lines
Diff to previous 1.31 (colored)

Revert to 5.2.6:
http://www.php.net/archive/2008.php#id2008-12-07-1

Thanks to tron@ for the heads up

Revision 1.31 / (download) - annotate - [select for diffs], Fri Dec 5 13:07:37 2008 UTC (14 years, 2 months ago) by adrianp
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)

Update to 5.2.7.

Security Enhancements and Fixes in PHP 5.2.7:

Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371)
Fixed missing initialization of BG(page_uid) and BG(page_gid), reported by Maksymilian Arciemowicz.
Fixed incorrect php_value order for Apache configuration, reported by Maksymilian Arciemowicz.
Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658).
Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659).
Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666.
Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).(Fixes CVE-2008-3660)
Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer overflow). (Fixes CVE-2008-2829)
Key enhancements in PHP 5.2.7 include:

Fixed several memory leaks inside the readline and sqlite extensions
A number of corrections relating to date parsing inside the date extension
Fixed bugs relating to data retrieval in the PDO extension
A series of crashes in various areas of code were resolved
Several corrections were made to the strip_tags() function in terms of < and <?XML handling
A number of bugs were fixed in extract() function when EXTR_REFS flag is being used
Added the ability to log PHP errors to the SAPI (Ex. Apache log) logging facility
Over 170 bug fixes.

Revision 1.30 / (download) - annotate - [select for diffs], Tue Jul 8 20:28:55 2008 UTC (14 years, 7 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, cwrapper, cube-native-xorg-base, cube-native-xorg
Changes since 1.29: +2 -1 lines
Diff to previous 1.29 (colored)

Fix PEAR installs where PKG_SYSCONFDIR is not the default.
Fixes PR 39081
PKGREVISION++

Revision 1.28.4.1 / (download) - annotate - [select for diffs], Thu May 15 09:56:31 2008 UTC (14 years, 8 months ago) by rtr
Branch: pkgsrc-2008Q1
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored) next main 1.29 (colored)

pullup ticket #2378 - requested by adrianp
php5: many security fixes

revisions pulled up:
- pkgsrc/lang/php5/Makefile		1.64
- pkgsrc/lang/php5/Makefile.common	1.29
- pkgsrc/lang/php5/distinfo		1.52

   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Sun May  4 16:50:44 UTC 2008

   Modified Files:
   	pkgsrc/lang/php5: Makefile Makefile.common distinfo

   Log Message:
   Security Enhancements and Fixes in PHP 5.2.6:

   Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
   Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
   Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
   Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
   Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
   Upgraded bundled PCRE to version 7.6

   Key enhancements in PHP 5.2.6 include:
   * Fixed two possible crashes inside the posix extension.
   * Fixed bug 44069 (Huge memory usage with concatenation using . instead of .=)
   * Fixed bug 44141 (private parent constructor callable through static function).
   * Fixed bug 43589 (a possible infinite loop in bz2_filter.c).
   * Fixed bug 43450 (Memory leak on some functions with implicit object __toString() call).
   * Fixed bug 43201 (Crash on using uninitialized vals and __get/__set).
   * Fixed bug 42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql).
   * Fixed bug 42937 (__call() method not invoked when methods are called on parent from child class).
   * Fixed bug 42736 (xmlrpc_server_call_method() crashes).
   * Fixed bug 42369 (Implicit conversion to string leaks memory).
   * Fixed bug 41562 (SimpleXML memory issue).
   * Over 120 bug fixes.

Revision 1.29 / (download) - annotate - [select for diffs], Sun May 4 16:50:44 2008 UTC (14 years, 9 months ago) by adrianp
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

Security Enhancements and Fixes in PHP 5.2.6:

Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
Upgraded bundled PCRE to version 7.6

Key enhancements in PHP 5.2.6 include:
* Fixed two possible crashes inside the posix extension.
* Fixed bug 44069 (Huge memory usage with concatenation using . instead of .=)
* Fixed bug 44141 (private parent constructor callable through static function).
* Fixed bug 43589 (a possible infinite loop in bz2_filter.c).
* Fixed bug 43450 (Memory leak on some functions with implicit object __toString() call).
* Fixed bug 43201 (Crash on using uninitialized vals and __get/__set).
* Fixed bug 42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql).
* Fixed bug 42937 (__call() method not invoked when methods are called on parent from child class).
* Fixed bug 42736 (xmlrpc_server_call_method() crashes).
* Fixed bug 42369 (Implicit conversion to string leaks memory).
* Fixed bug 41562 (SimpleXML memory issue).
* Over 120 bug fixes.

See http://www.php.net/ChangeLog-5.php#5.2.6 for all the details

Revision 1.27.2.1 / (download) - annotate - [select for diffs], Wed Dec 5 14:07:19 2007 UTC (15 years, 2 months ago) by ghen
Branch: pkgsrc-2007Q3
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored) next main 1.28 (colored)

Pullup ticket 2239 - requested by adrianp
security update for php5

- pkgsrc/lang/php5/Makefile				1.62
- pkgsrc/lang/php5/Makefile.common			1.28
- pkgsrc/lang/php5/distinfo				1.50
- pkgsrc/lang/php5/patches/patch-ao			removed
- pkgsrc/lang/php5/patches/patch-ar			removed

   Module Name:	pkgsrc
   Committed By:	adrianp
   Date:		Fri Nov 23 13:20:01 UTC 2007

   Modified Files:
	   pkgsrc/lang/php5: Makefile Makefile.common distinfo
   Removed Files:
	   pkgsrc/lang/php5/patches: patch-ao patch-ar

   Log Message:
   Update to 5.2.5

   * Security Enhancements and Fixes in PHP 5.2.5:
   Fixed dl() to only accept filenames. Reported by Laurent Gaffie.
   Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
   Reported by Laurent Gaffie.
   Fixed htmlentities/htmlspecialchars not to accept partial multibyte
   sequences. Reported by Rasmus Lerdorf
   Fixed possible triggering of buffer overflows inside glibc
   implementations of the fnmatch(), setlocale() and glob() functions.
   Reported by Laurent Gaffie.
   Fixed "mail.force_extra_parameters" php.ini directive not to be
   modifiable in .htaccess due to the security implications. Reported by
   SecurityReason.
   Fixed bug 42869 (automatic session id insertion adds sessions id to
   non-local forms).
   Fixed bug 41561 (Values set with php_admin_* in httpd.conf can be
   overwritten with ini_set()).

   * Key enhancements in PHP 5.2.5 include:
   Upgraded PCRE to version 7.3
   Updated timezone database to version 2007.9
   Added ability to control memory consumption between request using
   ZEND_MM_COMPACT environment variable.
   Improved speed of array_intersect_key(), array_intersect_assoc(),
   array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and
   array_udiff_assoc() functions
   Fixed bug 43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with
   fetchAll())
   Fixed bug 42785 (json_encode() formats doubles according to locale
   rather then following standard syntax)
   Fixed bug 42549 (ext/mysql failed to compile with libmysql 3.23)
   Over 60 bug fixes.

   For all the details see:
	   http://www.php.net/ChangeLog-5.php#5.2.5

Revision 1.28 / (download) - annotate - [select for diffs], Fri Nov 23 13:20:00 2007 UTC (15 years, 2 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base, pkgsrc-2007Q4-base, pkgsrc-2007Q4
Branch point for: pkgsrc-2008Q1
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)

Update to 5.2.5

* Security Enhancements and Fixes in PHP 5.2.5:
Fixed dl() to only accept filenames. Reported by Laurent Gaffie.
Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887). Reported by Laurent Gaffie.
Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences. Reported by Rasmus Lerdorf
Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie.
Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications. Reported by SecurityReason.
Fixed bug 42869 (automatic session id insertion adds sessions id to non-local forms).
Fixed bug 41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()).

* Key enhancements in PHP 5.2.5 include:
Upgraded PCRE to version 7.3
Updated timezone database to version 2007.9
Added ability to control memory consumption between request using ZEND_MM_COMPACT environment variable.
Improved speed of array_intersect_key(), array_intersect_assoc(), array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and array_udiff_assoc() functions
Fixed bug 43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with fetchAll())
Fixed bug 42785 (json_encode() formats doubles according to locale rather then following standard syntax)
Fixed bug 42549 (ext/mysql failed to compile with libmysql 3.23)
Over 60 bug fixes.

For all the details see:
	http://www.php.net/ChangeLog-5.php#5.2.5

Revision 1.27 / (download) - annotate - [select for diffs], Sun Sep 2 21:12:41 2007 UTC (15 years, 5 months ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base
Branch point for: pkgsrc-2007Q3
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)

Update lang/php5 to 5.2.4 - miscellaneous security fixes and over 120 other
bug fixes

Revision 1.24.2.2 / (download) - annotate - [select for diffs], Thu Jun 14 23:34:08 2007 UTC (15 years, 7 months ago) by salo
Branch: pkgsrc-2007Q1
Changes since 1.24.2.1: +2 -2 lines
Diff to previous 1.24.2.1 (colored) to branchpoint 1.24 (colored) next main 1.25 (colored)

Pullup ticket 2113 - requested by adrianp
security update for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.52, 1.53, 1.54, 1.55
- pkgsrc/lang/php5/Makefile.common		1.26
- pkgsrc/lang/php5/distinfo			1.41, 1.42, 1.43, 1.44
- pkgsrc/lang/php5/patches/patch-am		1.3
- pkgsrc/lang/php5/patches/patch-an		1.3, 1.4

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Wed Jun  6 19:33:13 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile Makefile.common distinfo

   Log Message:
   Update to php-5.2.3

   Security Fixes
   * Fixed an integer overflow inside chunk_split() (by Gerhard Wagner,
     CVE-2007-2872)
   * Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche,
     CVE-2007-2756)
   * Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan
     Esser, CVE-2007-1900)
   * Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath())
     (by bugs dot php dot net at chsc dot dk)
   * Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
   * Added mysql_set_charset() to allow runtime altering of connection
     encoding.

   * Upgraded bundled SQLite 3 to version 3.3.17. (Ilia)
   * Fixed gd build when used with freetype 1.x (Pierre, Tony)

   And a fair few bugs fixed, see: http://www.php.net/ChangeLog-5.php#5.2.3
   for all the details.
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Thu Jun  7 10:45:18 UTC 2007

   Added Files:
   	pkgsrc/lang/php5/patches: patch-am

   Log Message:
   Add in the correct patch to fix CVE-2007-2872
   Spotted by Takahiro Kambe
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Thu Jun  7 10:45:42 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo

   Log Message:
   Add in the correct patch to fix CVE-2007-2872
   Spotted by Takahiro Kambe
---
   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Fri Jun  8 12:29:53 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo
   Added Files:
   	pkgsrc/lang/php5/patches: patch-an

   Log Message:
   Fix the install path for the CGI binary so it ends up where we want it.
   Pointed out by schmonz@ and taca@
   Bump PKGREVISION
---
   Module Name:		pkgsrc
   Committed By:	heinz
   Date:		Mon Jun 11 17:45:30 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile distinfo
   	pkgsrc/lang/php5/patches: patch-an

   Log Message:
   Added support for installation to DESTDIR. patch-an had removed correct
   support for this before, probably unintentionally.

Revision 1.26 / (download) - annotate - [select for diffs], Wed Jun 6 19:33:13 2007 UTC (15 years, 8 months ago) by adrianp
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base, pkgsrc-2007Q2
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

Update to php-5.2.3

Security Fixes
* Fixed an integer overflow inside chunk_split() (by Gerhard Wagner, CVE-2007-2872)
* Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche, CVE-2007-2756)
* Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan Esser, CVE-2007-1900)
* Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath()) (by bugs dot php dot net at chsc dot dk)
* Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
* Added mysql_set_charset() to allow runtime altering of connection encoding.

* Upgraded bundled SQLite 3 to version 3.3.17. (Ilia)
* Fixed gd build when used with freetype 1.x (Pierre, Tony)

And a fair few bugs fixed, see: http://www.php.net/ChangeLog-5.php#5.2.3
for all the details.

Revision 1.24.2.1 / (download) - annotate - [select for diffs], Tue May 15 23:42:38 2007 UTC (15 years, 8 months ago) by salo
Branch: pkgsrc-2007Q1
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)

Pullup ticket 2085 - requested by adrianp
security update for php5

Updated via patch provided by the submitter.

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Sun May  6 20:07:37 UTC 2007

   Modified Files:
   	pkgsrc/lang/php5: Makefile Makefile.common distinfo
   Removed Files:
   	pkgsrc/lang/php5/patches: patch-ac

   Log Message:
   Update 5.2.2
   * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric)
   * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser)
   * Fixed a bug in mb_parse_str() that can be used to activate register_globals
     (MOPB-26 by Stefan Esser)
   * Fixed unallocated memory access/double free in in array_user_key_compare()
     (MOPB-24 by Stefan Esser)
   * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser)
   * Added missing open_basedir & safe_mode checks to zip:// and bzip://
   * wrappers.
     (MOPB-21 by Stefan Esser).
   * Limit nesting level of input variables with max_input_nesting_level as fix
   * for
     (MOPB-03 by Stefan Esser)
   * Fixed CRLF injection inside ftp_putcmd(). (by loveshell[at]Bug.Center.Team)
   * Fixed a possible super-global overwrite inside import_request_variables().
     (by Stefano Di Paola, Stefan Esser)
   * Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc
     library. (by Stanislav Malyshev)
   * Fixed a header injection via Subject and To parameters to the mail()
   * function
     (MOPB-34 by Stefan Esser)
   * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan
   * Esser)
   * Fixed substr_compare and substr_count information leak
     (MOPB-14 by Stefan Esser) (Stas, Ilia)
   * Fixed a remotely trigger-able buffer overflow inside
   * make_http_soap_request()
     (by Ilia Alshanetsky)
   * Fixed a buffer overflow inside user_filter_factory_create().
     (by Ilia Alshanetsky)

Revision 1.25 / (download) - annotate - [select for diffs], Sun May 6 20:07:36 2007 UTC (15 years, 9 months ago) by adrianp
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)

Update 5.2.2
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals
  (MOPB-26 by Stefan Esser)
* Fixed unallocated memory access/double free in in array_user_key_compare()
  (MOPB-24 by Stefan Esser)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser)
* Added missing open_basedir & safe_mode checks to zip:// and bzip:// wrappers.
  (MOPB-21 by Stefan Esser).
* Limit nesting level of input variables with max_input_nesting_level as fix for
  (MOPB-03 by Stefan Esser)
* Fixed CRLF injection inside ftp_putcmd(). (by loveshell[at]Bug.Center.Team)
* Fixed a possible super-global overwrite inside import_request_variables().
  (by Stefano Di Paola, Stefan Esser)
* Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc
  library. (by Stanislav Malyshev)
* Fixed a header injection via Subject and To parameters to the mail() function
  (MOPB-34 by Stefan Esser)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser)
* Fixed substr_compare and substr_count information leak
  (MOPB-14 by Stefan Esser) (Stas, Ilia)
* Fixed a remotely trigger-able buffer overflow inside make_http_soap_request()
  (by Ilia Alshanetsky)
* Fixed a buffer overflow inside user_filter_factory_create().
  (by Ilia Alshanetsky)

Revision 1.22.2.1 / (download) - annotate - [select for diffs], Fri Feb 23 11:56:25 2007 UTC (15 years, 11 months ago) by ghen
Branch: pkgsrc-2006Q4
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored) next main 1.23 (colored)

Pullup ticket 2032 - requested by taca
security update for php5

- pkgsrc/graphics/php-gd/Makefile			1.15
- pkgsrc/lang/php5/Makefile.common			1.23
- pkgsrc/lang/php5/Makefile.php				1.22
- pkgsrc/lang/php5/PLIST				1.14
- pkgsrc/lang/php5/distinfo				1.36
- pkgsrc/lang/php5/patches/patch-ac			removed
- pkgsrc/lang/php5/patches/patch-al			1.3

   Module Name:	pkgsrc
   Committed By:	jdolecek
   Date:		Tue Feb 20 20:46:20 UTC 2007

   Modified Files:
	   pkgsrc/graphics/php-gd: Makefile
	   pkgsrc/lang/php5: Makefile.common Makefile.php PLIST distinfo
   Added Files:
	   pkgsrc/lang/php5/patches: patch-al
   Removed Files:
	   pkgsrc/lang/php5/patches: patch-ac

   Log Message:
   Update PHP5 to 5.2.1. Includes several important security fixes and
   large number of other fixes. Update for all users is strongly advised.

Revision 1.24 / (download) - annotate - [select for diffs], Thu Feb 22 19:01:21 2007 UTC (15 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base
Branch point for: pkgsrc-2007Q1
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)

pkglint cleanup; update HOMEPAGE/MASTER_SITES.
From Sergey Svishchev in private mail.

Revision 1.23 / (download) - annotate - [select for diffs], Tue Feb 20 20:46:19 2007 UTC (15 years, 11 months ago) by jdolecek
Branch: MAIN
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)

Update PHP5 to 5.2.1. Includes several important security fixes and
large number of other fixes. Update for all users is strongly advised.

Revision 1.22 / (download) - annotate - [select for diffs], Tue Nov 7 16:46:51 2006 UTC (16 years, 3 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base
Branch point for: pkgsrc-2006Q4
Changes since 1.21: +2 -3 lines
Diff to previous 1.21 (colored)

Remove non-existing master site "ftp.php.net".

Revision 1.21 / (download) - annotate - [select for diffs], Mon Nov 6 22:06:35 2006 UTC (16 years, 3 months ago) by jdolecek
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)

Update lang/php5 to 5.2.0.

Changes since 5.1.6:

The key features of PHP 5.2.0 include:
* New memory manager for the Zend Engine with improved performance and a more
  accurate memory usage tracking.
* Input filtering extension was added and enabled by default.
* JSON extension was added and enabled by default.
* ZIP extension for creating and editing zip files was introduced.
* Hooks for tracking file upload progress were introduced.
* Introduced E_RECOVERABLE_ERROR error mode.
* Introduced DateTime and DateTimeZone objects with methods to manipulate
  date/time information.
* Upgraded bundled SQLite, PCRE libraries.
* Upgraded OpenSSL, MySQL and PostgreSQL client libraries for Windows
  installations.
* Many performance improvements.
* Over 200 bug fixes.

Security Enhancements and Fixes in PHP 5.2.0:
* Made PostgreSQL escaping functions in PostgreSQL and PDO extension keep
  track of character set encoding whenever possible.
* Added allow_url_include, set to Off by default to disallow use of URLs
  for include and require.
* Disable realpath cache when open_basedir and safe_mode are being used.
* Improved safe_mode enforcement for error_log() function.
* Fixed a possible buffer overflow in the underlying code responsible
  for htmlspecialchars() and htmlentities() functions.
* Added missing safe_mode and open_basedir checks for the cURL extension.
* Fixed overflow is str_repeat() & wordwrap() functions on 64bit machines.
* Fixed handling of long paths inside the tempnam() function.
* Fixed safe_mode/open_basedir checks for session.save_path, allowing them
  to account for extra parameters.
* Fixed ini setting overload in the ini_restore() function.

For a full list of changes in PHP 5.2.0, see the ChangeLog:
	http://www.php.net/ChangeLog-5.php#5.2.0

Also other notable extensions changes:
* filePRO extension removed (not in PECL yet, php-filepro disabled for PHP5)
* JSON added (not enabled by default, packaged in php-json)
* filter added (enabled by default)
* wddx rewritten to native libxml2, fixing several encoding bugs

Revision 1.20 / (download) - annotate - [select for diffs], Mon Aug 28 12:17:10 2006 UTC (16 years, 5 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base, pkgsrc-2006Q3
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)

Update php5 to 5.1.5.

PHP                                                                        NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
24 Aug 2006, PHP 5.1.6
- Fixed memory_limit on 64bit systems. (Stefan E.)
- Fixed bug #38488 (Access to "php://stdin" and family crashes PHP on win32).
  (Dmitry)

Revision 1.17.2.1 / (download) - annotate - [select for diffs], Sun Aug 20 11:25:49 2006 UTC (16 years, 5 months ago) by ghen
Branch: pkgsrc-2006Q2
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored) next main 1.18 (colored)

Pullup ticket 1796 (part 2) - requested by taca
security update for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile				1.42
- pkgsrc/lang/php5/Makefile.common			1.19
- pkgsrc/lang/php5/distinfo				1.27
- pkgsrc/lang/php5/patches/patch-ao			removed
- pkgsrc/lang/php5/patches/patch-as			1.2
- pkgsrc/lang/php5/patches/patch-at			removed
- pkgsrc/lang/php5/patches/patch-av			removed
- pkgsrc/lang/php5/patches/patch-aw			removed

   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Aug 17 13:17:48 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile PLIST

   Log Message:
   Correct PLIST to fix a binary package:

   - remove an extra directory.
   - handle empty directories.
---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Aug 19 14:47:44 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile PLIST

   Log Message:
   More fix of PLIST, now pkg_delete should always succeed.
---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Aug 19 16:44:15 UTC 2006

   Modified Files:
	pkgsrc/lang/php5: Makefile Makefile.common distinfo
	pkgsrc/lang/php5/patches: patch-as
   Removed Files:
	pkgsrc/lang/php5/patches: patch-ao patch-at patch-av patch-aw

   Log Message:
   Update php5 package to 5.1.5:

   17 Aug 2006, PHP 5.1.5

   - Fixed memory_limit on 64bit systems. (Stefan E.)
   - Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.)
   - Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are
     enabled. (Stefan E., Ilia)
   - Fixed bug #38322 (reading past array in sscanf() leads to arbitrary code
     execution). (Tony)
   - Fixed bug #38125 (undefined reference to spl_dual_it_free_storage). (Marcus)
   - Fixed bug #38112 (corrupted gif segfaults) (Pierre)
   - Fixed bug #37587 (var without attribute causes segfault). (Marcus)
   - Fixed bug #37576 (FastCGI env (cgi vars) table overflow). (Piotr)
   - Fixed bug #37496 (FastCGI output buffer overrun). (Piotr, Dmitry)
   - Fixed bug #37487 (oci_fetch_array() array-type should always default to
     OCI_BOTH). (Tony)
   - Fixed bug #37416 (iterator_to_array() hides exceptions thrown in rewind()
     method). (Tony)
   - Fixed bug #37392 (Unnecessary call to OCITransRollback() at the end of
     request). (Tony)
   - Fixed bug #37341 ($_SERVER in included file is shortened to two entries,
     if $_ENV gets used). (Dmitry)
   - Fixed bug #37313 (sigemptyset() used without including <signal.h>).
     (jdolecek)
   - Fixed bug #37346 (invalid colormap format) (Pierre)
   - Fixed bug #37360 (invalid gif size) (Pierre)
   - Fixed bug #37306 (max_execution_time = max_input_time). (Dmitry)
   - Fixed Bug #37278 (SOAP not respecting uri in __soapCall). (Dmitry)
   - Fixed bug #37265 (Added missing safe_mode & open_basedir checks to
  imap_body()). (Ilia)
   - Fixed bug #37256 (php-fastcgi dosen't handle connection abort). (Dmitry)

Revision 1.19 / (download) - annotate - [select for diffs], Sat Aug 19 16:44:15 2006 UTC (16 years, 5 months ago) by taca
Branch: MAIN
Changes since 1.18: +3 -3 lines
Diff to previous 1.18 (colored)

Update php5 package to 5.1.5:

17 Aug 2006, PHP 5.1.5

- Fixed memory_limit on 64bit systems. (Stefan E.)
- Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.)
- Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are
  enabled. (Stefan E., Ilia)
- Fixed bug #38322 (reading past array in sscanf() leads to arbitrary code
  execution). (Tony)
- Fixed bug #38125 (undefined reference to spl_dual_it_free_storage). (Marcus)
- Fixed bug #38112 (corrupted gif segfaults) (Pierre)
- Fixed bug #37587 (var without attribute causes segfault). (Marcus)
- Fixed bug #37576 (FastCGI env (cgi vars) table overflow). (Piotr)
- Fixed bug #37496 (FastCGI output buffer overrun). (Piotr, Dmitry)
- Fixed bug #37487 (oci_fetch_array() array-type should always default to
  OCI_BOTH). (Tony)
- Fixed bug #37416 (iterator_to_array() hides exceptions thrown in rewind()
  method). (Tony)
- Fixed bug #37392 (Unnecessary call to OCITransRollback() at the end of
  request). (Tony)
- Fixed bug #37341 ($_SERVER in included file is shortened to two entries,
  if $_ENV gets used). (Dmitry)
- Fixed bug #37313 (sigemptyset() used without including <signal.h>).
  (jdolecek)
- Fixed bug #37346 (invalid colormap format) (Pierre)
- Fixed bug #37360 (invalid gif size) (Pierre)
- Fixed bug #37306 (max_execution_time = max_input_time). (Dmitry)
- Fixed Bug #37278 (SOAP not respecting uri in __soapCall). (Dmitry)
- Fixed bug #37265 (Added missing safe_mode & open_basedir checks to
  imap_body()). (Ilia)
- Fixed bug #37256 (php-fastcgi dosen't handle connection abort). (Dmitry)

Revision 1.18 / (download) - annotate - [select for diffs], Sat Jul 8 16:56:56 2006 UTC (16 years, 7 months ago) by minskim
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)

Sync DIST_SUBDIR for PHP modules with DIST_SUBDIR in Makefile.

Revision 1.17 / (download) - annotate - [select for diffs], Sun May 7 13:48:02 2006 UTC (16 years, 9 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base
Branch point for: pkgsrc-2006Q2
Changes since 1.16: +5 -3 lines
Diff to previous 1.16 (colored)

Get distribtion file from sub directory in derived packages, too.

Revision 1.16 / (download) - annotate - [select for diffs], Sat May 6 22:42:44 2006 UTC (16 years, 9 months ago) by jdolecek
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)

Update lang/php5 to 5.1.4.

Some of the key changes include:

* Disallow certain characters in session names.
* Fixed a buffer overflow inside the wordwrap() function.
* Prevent jumps to parent directory via the 2nd parameter of the
  tempnam() function.
* Enforce safe_mode for the source parameter of the copy() function.
* Fixed cross-site scripting inside the phpinfo() function.
* Fixed offset/length parameter validation inside the substr_compare()
  function.
* Fixed a heap corruption inside the session extension.
* Fixed a bug that would allow variable to survive unset().
* Fixed a number of crashes in the DOM, SOAP and PDO extensions.
* Upgraded bundled PCRE library to version 6.6
* The use of the var keyword to declare properties no longer raises
  a deprecation E_STRICT.
* FastCGI interface was completely reimplemented.
* Multitude of improvements to the SPL, SimpleXML, GD, CURL and
  Reflection extensions.
* Over 120 various bug fixes.

See release annoucement on:
	http://www.php.net/release_5_1_3.php

And ChangeLog:
	http://www.php.net/ChangeLog-5.php#5.1.3

Revision 1.13.2.1 / (download) - annotate - [select for diffs], Wed Feb 15 14:12:20 2006 UTC (16 years, 11 months ago) by salo
Branch: pkgsrc-2005Q4
Changes since 1.13: +5 -2 lines
Diff to previous 1.13 (colored) next main 1.14 (colored)

Pullup ticket 1136 - requested by Martti Kuparinen
security update for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile			1.24, 1.25, 1.27
- pkgsrc/lang/php5/Makefile.common		1.14, 1.15
- pkgsrc/lang/php5/PLIST			1.9, 1.10
- pkgsrc/lang/php5/buildlink3.mk		1.10
- pkgsrc/lang/php5/distinfo			1.14
- pkgsrc/lang/php5/patches/patch-ag		1.2
- pkgsrc/lang/php5/patches/patch-ak		1.2
- pkgsrc/lang/php5/patches/patch-aj		1.3
- pkgsrc/lang/php5/patches/patch-ao		1.3

   Module Name:		pkgsrc
   Committed By:	reed
   Date:		Wed Jan  4 17:44:24 UTC 2006

   Modified Files:
    	pkgsrc/lang/php5: Makefile

   Log Message:
   Use PKGMANDIR instead of "man".
---
   Module Name:		pkgsrc
   Committed By:	rillig
   Date:		Thu Feb  2 20:31:17 UTC 2006

   Modified Files:
    	pkgsrc/lang/php5: Makefile PLIST


   Log Message:
   Added two missing files to the PLIST. Bumped PKGREVISION.
---
   Module Name:		pkgsrc
   Committed By:	martti
   Date:		Mon Feb  6 06:39:59 UTC 2006

   Modified Files:
    	pkgsrc/lang/php5: Makefile Makefile.common PLIST buildlink3.mk
		distinfo
    	pkgsrc/lang/php5/patches: patch-ag patch-aj patch-ak patch-ao

   Log Message:
   Updated lang/php5 to 5.1.2

   * HTTP Response Splitting has been addressed in ext/session and in
     the header() function.
   * Fixed format string vulnerability in ext/mysqli.
   * Fixed possible cross-site scripting problems in certain error
     conditions.
   * Hash & XMLWriter extensions added and enabled by default.
   * Upgraded OCI8 extension.
   * Over 85 various bug fixes.

   (I haven't heard anything from the MAINTAINER but since this works fine
   on my servers and as this fixes security issues I checked in this)
---
   Module Name:		pkgsrc
   Committed By:	jdolecek
   Date:		Mon Feb  6 20:12:55 UTC 2006

   Modified Files:
    	pkgsrc/lang/php5: Makefile.common

   Log Message:
   add fix to build php-xmlrpc and php5-dom successfully with 5.1.2

Revision 1.15 / (download) - annotate - [select for diffs], Mon Feb 6 20:12:55 2006 UTC (17 years ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base, pkgsrc-2006Q1
Changes since 1.14: +4 -1 lines
Diff to previous 1.14 (colored)

add fix to build php-xmlrpc and php5-dom successfully with 5.1.2

Revision 1.14 / (download) - annotate - [select for diffs], Mon Feb 6 06:39:59 2006 UTC (17 years ago) by martti
Branch: MAIN
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)

Updated lang/php5 to 5.1.2

* HTTP Response Splitting has been addressed in ext/session and in
  the header() function.
* Fixed format string vulnerability in ext/mysqli.
* Fixed possible cross-site scripting problems in certain error conditions.
* Hash & XMLWriter extensions added and enabled by default.
* Upgraded OCI8 extension.
* Over 85 various bug fixes.

(I haven't heard anything from the MAINTAINER but since this works fine
on my servers and as this fixes security issues I checked in this)

Revision 1.13 / (download) - annotate - [select for diffs], Mon Dec 5 20:50:26 2005 UTC (17 years, 2 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base
Branch point for: pkgsrc-2005Q4
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)

Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in

    http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html

Revision 1.12 / (download) - annotate - [select for diffs], Sat Dec 3 18:53:57 2005 UTC (17 years, 2 months ago) by jdolecek
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)

Update PHP5 to version 5.1.1. Some of the key features include:

* A complete rewrite of date handling code, with improved timezone support.
* Significant performance improvements compared to PHP 5.0.X.
* PDO extension is now enabled by default (separate pkg for pkgsrc)
* Over 30 new functions in various extensions and built-in functionality.
* Bundled libraries, PCRE and SQLite upgraded to latest versions.
* Over 400 various bug fixes.
* PEAR upgraded to version 1.4.5

This release also fixes various security problems discovered in 5.0.X.

Revision 1.11 / (download) - annotate - [select for diffs], Thu Sep 8 18:49:01 2005 UTC (17 years, 5 months ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base, pkgsrc-2005Q3
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

Update php5 to version 5.0.5. This is maintenance release, aimed at
bug fixes only with only few and minor new features.

Full changelog available at:
        http://mirrors.inway.cz/ChangeLog-5.php#5.0.5

Revision 1.10 / (download) - annotate - [select for diffs], Mon May 9 18:36:57 2005 UTC (17 years, 9 months ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base, pkgsrc-2005Q2
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)

follow PHP4 packaeg lead and add 'php5' to CATEGORIES

Revision 1.9 / (download) - annotate - [select for diffs], Sat May 7 18:50:24 2005 UTC (17 years, 9 months ago) by jdolecek
Branch: MAIN
Changes since 1.8: +4 -1 lines
Diff to previous 1.8 (colored)

do not define MASTER_SITES and EXTRACT_SUFX if PECL_VERSION is set,
so that lang/php/ext.php need not use = assignment and extensions
would be able to use different setting

Revision 1.8 / (download) - annotate - [select for diffs], Mon Apr 11 20:16:02 2005 UTC (17 years, 10 months ago) by jdolecek
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)

Update php5 to 5.0.4. This is maintenance/bugfix release, full list of changes
available at:
	http://www.php.net/ChangeLog-5.php#5.0.4

Revision 1.7 / (download) - annotate - [select for diffs], Sat Dec 18 16:04:54 2004 UTC (18 years, 1 month ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base, pkgsrc-2005Q1, pkgsrc-2004Q4-base, pkgsrc-2004Q4
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)

claim MAINTAINER

Revision 1.6 / (download) - annotate - [select for diffs], Fri Dec 17 07:53:06 2004 UTC (18 years, 1 month ago) by jdolecek
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

Update php5 to 5.0.3. This maintenance release addressing several very
serious security issues, as well as bunch of non-critical bug fixes.
All PHP5 users are strongly encouraged to upgrade to this version.

Detailed change list at:
	http://www.php.net/ChangeLog-5.php#5.0.3

Revision 1.5 / (download) - annotate - [select for diffs], Fri Dec 17 07:36:13 2004 UTC (18 years, 1 month ago) by jdolecek
Branch: MAIN
Changes since 1.4: +1 -2 lines
Diff to previous 1.4 (colored)

move DISTINFO_FILE setting from Makefile.common to Makefile.php,
so that it PECL extension packages could override it properly

Revision 1.4 / (download) - annotate - [select for diffs], Thu Nov 4 18:38:55 2004 UTC (18 years, 3 months ago) by jdolecek
Branch: MAIN
Changes since 1.3: +3 -39 lines
Diff to previous 1.3 (colored)

put items only pertinent to interpreter build to new file Makefile.php
(similar to PHP4 package), and also update to use PKG_OPTIONS

this fixes environment pollution for extension modules, particularily
CONFIGURE_ARGS

Revision 1.3 / (download) - annotate - [select for diffs], Tue Nov 2 21:03:03 2004 UTC (18 years, 3 months ago) by jdolecek
Branch: MAIN
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)

s/PHP5_VERSION/PHP_BASE_VERS/, to match php4 package

Revision 1.2 / (download) - annotate - [select for diffs], Sat Oct 30 05:46:21 2004 UTC (18 years, 3 months ago) by grant
Branch: MAIN
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)

s/wip/lang/

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Fri Oct 29 20:31:54 2004 UTC (18 years, 3 months ago) by jdolecek
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Import PHP 5.0.2, based on the pkgsrc-wip PHP5 package.

Some of the key features of PHP 5 include:
* The Zend Engine II with a new object model and dozens of new features. 
* XML support has been completely redone in PHP 5, all extensions
  are now focused around the excellent libxml2 library
  (http://www.xmlsoft.org/).
* A new SimpleXML extension for easily accessing and manipulating
  XML as PHP objects. It can also interface with the DOM extension
  and vice-versa.
* A brand new built-in SOAP extension for interoperability with Web Services. 
* A new MySQL extension named MySQLi for developers using MySQL
  4.1 and later. This new extension includes an object-oriented
  interface in addition to a traditional interface; as well as support
  for many of MySQL's new features, such as prepared statements.
* SQLite has been bundled with PHP. For more information on SQLite,
  please visit their website. 
* Streams have been greatly improved, including the ability to access
  low-level socket operations on streams.

Revision 1.1 / (download) - annotate - [select for diffs], Fri Oct 29 20:31:54 2004 UTC (18 years, 3 months ago) by jdolecek
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>