From 84a3db46c5b2234943812816c86102f7ced94181 Mon Sep 17 00:00:00 2001 From: bsiegert Date: Sat, 19 Jan 2019 21:57:11 +0000 Subject: [PATCH] Pullup ticket #5899 - requested by taca lang/php56: security fix Revisions pulled up: - lang/php/phpversion.mk 1.245 - lang/php56/Makefile 1.20 - lang/php56/distinfo 1.54 --- Module Name: pkgsrc Committed By: taca Date: Sat Jan 12 15:01:34 UTC 2019 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php56: Makefile distinfo Log Message: lang/php56: udate to 5.6.40 10 Jan 2019, PHP 5.6.40 - GD: . Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to use-after-free). (cmb) . Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). (cmb) - Mbstring: . Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). (Stas) . Fixed bug #77371 (heap buffer overflow in mb regex functions - compile_string_node). (Stas) . Fixed bug #77381 (heap buffer overflow in multibyte match_at). (Stas) . Fixed bug #77382 (heap buffer overflow due to incorrect length in expand_case_fold_string). (Stas) . Fixed bug #77385 (buffer overflow in fetch_token). (Stas) . Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). (Stas) . Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). (Stas) - Phar: . Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). (Stas) - Xmlrpc: . Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). (cmb) . Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). (Stas) --- lang/php/phpversion.mk | 4 ++-- lang/php56/Makefile | 3 +-- lang/php56/distinfo | 10 +++++----- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index f24054c35aed..6a743dc12f24 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.241.2.3 2019/01/19 21:51:57 bsiegert Exp $ +# $NetBSD: phpversion.mk,v 1.241.2.4 2019/01/19 21:57:11 bsiegert Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -87,7 +87,7 @@ PHPVERSION_MK= defined # Define each PHP's version. -PHP56_VERSION= 5.6.39 +PHP56_VERSION= 5.6.40 PHP70_VERSION= 7.0.33 PHP71_VERSION= 7.1.26 PHP72_VERSION= 7.2.14 diff --git a/lang/php56/Makefile b/lang/php56/Makefile index b91a9a25e3a8..1b63c6c3cd05 100644 --- a/lang/php56/Makefile +++ b/lang/php56/Makefile @@ -1,10 +1,9 @@ -# $NetBSD: Makefile,v 1.19 2018/12/09 12:20:44 taca Exp $ +# $NetBSD: Makefile,v 1.19.2.1 2019/01/19 21:57:11 bsiegert Exp $ # # We can't omit PKGNAME here to handle PKG_OPTIONS. # PKGNAME= php-${PHP_VERSION} -PKGREVISION= 1 CATEGORIES= lang HOMEPAGE= http://www.php.net/ diff --git a/lang/php56/distinfo b/lang/php56/distinfo index 1f8dba9619cf..41afd579d5f7 100644 --- a/lang/php56/distinfo +++ b/lang/php56/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.53 2018/12/15 16:58:57 taca Exp $ +$NetBSD: distinfo,v 1.53.2.1 2019/01/19 21:57:11 bsiegert Exp $ -SHA1 (php-5.6.39.tar.bz2) = 5cb2b8fdeff71f3a198e09835862facb1e6e0354 -RMD160 (php-5.6.39.tar.bz2) = d1d412f874904aff2a6c78dc1899844ec16ddc02 -SHA512 (php-5.6.39.tar.bz2) = 362388882f813f9e56e22cd58505e44becdfef87b031b117c957a05aca881b70a30283e462a3c3e50c9935cb055b9994183b7d2555765f876a30266540765753 -Size (php-5.6.39.tar.bz2) = 15056476 bytes +SHA1 (php-5.6.40.tar.bz2) = d34b1503521843a63024a5e20c017d630997f4bc +RMD160 (php-5.6.40.tar.bz2) = c96e45edb86da40384950818eeb0f5d4c281240f +SHA512 (php-5.6.40.tar.bz2) = acd9fee67a55f5e62c23550777c676138e9932330ce6f056354752a12b169fe1d017b30d85ad66a612ce959f2392edecde68eca9eb200cf99f739f629e0cb857 +Size (php-5.6.40.tar.bz2) = 15061249 bytes SHA1 (patch-acinclude.m4) = 34d38d2538cc00932cdfcc80d1d4a91632cd15d0 SHA1 (patch-configure) = a5623b0cbb3331fd0a537b26c0ae48315d52dbe2 SHA1 (patch-disable-filter-url) = a2b08912d81f2872bf1834fa4cefddb044c9d0f8