| non port: lang/php52/distinfo |
Number of commits found: 19 |
|
Saturday, 31 Aug 2013
|
21:30 rm 
- update backports patch to 20130717
- extend deprecation period for 6 months
- bump PORTREVISION
Changes:
- CVE-2013-4113, exif_read_data fix, compilation warning, libxml2 >2.9 support
- timezonedb 2013.4 (2013d)
PR: 181449
Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Approved by: Alex Keda <admin@lissyara.su>
  |
|
Tuesday, 21 May 2013
|
08:17 miwi
- Update backports patch to 20121114
- Bump PORTREVISION
security fixes:
- CVE-2013-1635
- CVE-2013-1643
PR: 177203
Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Approved by: maintainer
|
|
Sunday, 25 Nov 2012
|
15:42 flo
- Update backports patch to 20121114
- Bump PORTREVISION
Changes:
- CVE-2006-7243
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow
context-dependent attackers to bypass intended access restrictions by placing a
safe file extension after this character, as demonstrated by .php\0.jpg at the
end of the argument to the file_exists function
Secuity 3761df02-0f9c-11e0-becc-0022156e8794 fixed by check in fopen functions
for strlen(filename) != filename_len
- CVE-2012-4388
The sapi_header_op function in main/SAPI.c does not properly determine a pointer
during checks for %0D sequences (aka carriage return characters), which allows
remote attackers to bypass an HTTP response-splitting protection mechanism via a
crafted URL, this vulnerability exists because of an incorrect fix for
CVE-2011-1398.
- Timezone database updated to version 2012.9 (2012i)
PR: ports/173685
Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Approved by: maintainer
Feature safe: yes
|
|
Thursday, 20 Sep 2012
|
03:02 bdrewery
- Update php52 backports patch to 20120911
- Add and update relevant vuxml entries
Changes:
- CVE-2011-1398 - The sapi_header_op function in main/SAPI.c in PHP
before 5.3.11 does not properly handle %0D sequences
- CVE-2012-0789 - Memory leak in the timezone functionality in PHP
before 5.3.9 allows remote attackers to cause a denial of service
(memory consumption) by triggering many strtotime function calls,
which are not properly handled by the php_date_parse_tzfile cache.
- CVE-2012-3365 - The SQLite functionality in PHP before 5.3.15 allows
remote attackers to bypass the open_basedir protection mechanism via
unspecified vectors
- Timezone database updated to version 2012.5 (2012e) (from 2011.13 (2011m))
- Minor improvements (CVE-2012-2688, compilation issues with old GCC)
PR: ports/171583
Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Approved by: Alex Keda <admin@lissyara.su> (maintainer)
|
|
Monday, 23 Jul 2012
|
04:14 rm
- update backports patch to 20120721
- bump PORTREVISION
PR: 170063
Submitted by: Svyatoslav Lempert <svyatoslav.lempert at gmail dot com>
Approved by: Alex Keda <admin at lissyara dot su> (maintainer)
|
|
Saturday, 30 Jun 2012
|
23:00 rm
- update backports patch to 20120526
- bump PORTREVISION
PR: 169272
Submitted by: Svyatoslav Lempert <svyatoslav.lempert at gmail dot com>
Approved by: Alex Keda <admin at lissyara dot su> (maintainer)
|
|
Saturday, 5 May 2012
|
15:21 rm
Update distinfo that's was missed for some reason.
|
|
Wednesday, 18 Jan 2012
|
17:27 lwhsu
- CVE-2011-4566 fix in 20120117 security patchset
PR: ports/164286
Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Approved by: Alex Keda <admin@lissyara.su> (maintainer)
Security: d3921810-3c80-11e1-97e8-00215c6a37bb
|
|
Monday, 2 Jan 2012
|
18:26 rm
Update to lastest security patchset 20120103: added max_input_vars directive
(default "1000") to prevent attacks based on hash collisions (from PHP 5.4 RC4)
PR: 163782
Submitted by: Svyatoslav Lempert <svyatoslav.lempert at gmail dot com>
Approved by: maintainer
|
|
Tuesday, 1 Nov 2011
|
15:58 miwi
- Update to lastest security patchset: 20111030
- Move removal date to 2012-03-01
- Bump PORTREVISION
PR: 162165
Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
Approved by: maintainer
|
|
Thursday, 29 Sep 2011
|
17:53 delphij
- security fixes for CVE-2011-2202, CVE-2011-1938, CVE-2011-1148,
CVE-2011-0708, CVE-2011-1092, CVE-2011-0421 vulnerabilities
- option BACKPORTS in port config for enable port patches (enabled
by default)
- bump PORTREVISION
Submitted by: Svyatoslav Lempert <svyatoslav.lempert gmail.com>
PR: ports/160805
Approved by: maintainer
|
|
Sunday, 9 Jan 2011
|
18:56 mm
Update to 5.2.17
Approved by: Alex Keda <admin@lissyara.su> (maintainer, private e-mail)
|
|
Friday, 31 Dec 2010
|
12:56 mm
- Update suhosin patch
- Portrevision bump not required
PR: ports/153579
Approved by: Alex Keda <admin@lissyara.su> (maintainer)
|
|
Friday, 17 Dec 2010
|
11:30 mm
- Update to 5.2.16
PR: ports/153246
Approved by: Alex Keda <admin@lissyara.su> (maintainer)
|
|
Friday, 10 Dec 2010
|
12:38 mm
- Update to 5.2.15
PR: ports/152981
Approved by: Alex Keda <admin@lissyara.su> (maintainer)
|
|
Monday, 26 Jul 2010
|
08:56 mm
Update php52 to 5.2.14
PR: ports/148951
Approved by: Alex Keda <admin@lissyara.su> (maintainer)
|
|
Wednesday, 16 Jun 2010
|
10:12 mm
- Add optional support for PHP-FPM (FastCGI process manager)
- Add sample configuration file and rc script for PHP-FPM
PR: ports/147688
Approved by: Alex Keda <admin@lissyara.su> (maintainer)
|
|
Tuesday, 27 Apr 2010
|
05:46 dinoex
- update to 5.2.13
Sumbitted by: Alex Keda (maintainer)
|
|
Friday, 23 Apr 2010
|
15:03 dinoex
PHP, which stands for "PHP: Hypertext Preprocessor" is a widely-used Open
Source general-purpose scripting language that is especially suited for
Web development and can be embedded into HTML. Its syntax draws upon C,
Java, and Perl, and is easy to learn. The main goal of the language is to
allow web developers to write dynamically generated webpages quickly, but
you can do much more with PHP.
WWW: http://www.php.net/
PR: 145772
Submitted by: Alex Keda
|
Number of commits found: 19 |
As an Amazon Associate I earn from qualifying purchases.