| non port: lang/php72/distinfo |
|
SVNWeb
|
Number of commits found: 36 |
|
Fri, 9 Oct 2020
|
[ 23:25 tz  ]  
lang/php72: Update from 7.2.33 to 7.2.34
Core:
Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-`
cookies can be sent). (CVE-2020-7070)
OpenSSL:
Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12
bytes IV). (CVE-2020-7069)
Sponsored by: Bounce Experts
|
|
Tue, 25 Aug 2020
|
[ 23:08 tz ]
lang/php72: Update from 7.2.22 to 7.2.23
The last log entry is the same, because i accidently performed an update from
7.2.21 to 7.2.22. I ignored the update to 7.2.22 because for FreeBSD its a
no-op.
But when 7.2.23 was released i only increased the version by one.
This time its the real update! :)
Changelog:
Core:
Fixed bug #79877 (getimagesize function silently truncates after a null
byte) (cmb)
Phar:
Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile
function). (CVE-2020-7068)
Reported by: Jose Garcia Juanino <jjuanino@gmail.com>
Sponsored by: Bounce Experts
|
|
Wed, 19 Aug 2020
|
[ 21:29 tz ]
lang/php72: Update from 7.2.22 to 7.2.23
Changelog:
Core:
Fixed bug #79877 (getimagesize function silently truncates after a null
byte) (cmb)
Phar:
Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile
function). (CVE-2020-7068)
Sponsored by: Bounce Experts
|
|
Fri, 15 May 2020
|
[ 19:39 tz ]
lang/php72: Upgrade from 7.2.30 to 7.2.31
Core:
Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned).
(CVE-2019-11048)
Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp
files are not cleaned). (CVE-2019-11048)
Sponsored by: Bounce Experts
|
|
Sat, 18 Apr 2020
|
[ 21:07 tz ]
lang/php72: Upgrade from 7.2.29 to 7.2.30
Changelog:
Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter
appended).
Fixed bug #79330 (shell_exec() silently truncates after a null byte).
Fixed bug #79465 (OOB Read in urldecode()).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.2.30
|
|
Mon, 23 Mar 2020
|
[ 22:02 tz ]
lang/php72: Update from 7.2.28 to 7.2.29
Changelog:
Core:
Fixed bug #79329 (get_headers() silently truncates after a null byte)
(CVE-2020-7066) (cmb)
EXIF:
Fixed bug #79282 (Use-of-uninitialized-value in exif) (CVE-2020-7064)
(Nikita)
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.2.29
MFH: 2020Q1
Sponsored by: PHP Update Service
|
|
Fri, 21 Feb 2020
|
[ 22:00 tz ]
lang/php72: Upgrade from 7.2.27 to 7.2.28
Changelog:
DOM:
Fixed bug #77569: (Write Access Violation in DomImplementation).
Phar:
Fixed bug #79082 (Files added to tar with Phar::buildFromIterator have
all-access permissions). (CVE-2020-7063)
Session:
Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload
Progress). (CVE-2020-7062)
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.2.28
MFH: 2020Q1
|
|
Fri, 24 Jan 2020
|
[ 23:54 tz ]
lang/php72: Update from 7.2.26 to 7.2.27
Changelog:
Mbstring:
Fixed bug #79037 (global buffer-overflow in
`mbfl_filt_conv_big5_wchar`). (CVE-2020-7060)
Session:
Fixed bug #79091 (heap use-after-free in session_create_id()).
Standard:
Fixed bug #79099 (OOB read in php_strip_tags_ex). (CVE-2020-7059)
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.2.27
|
|
Sun, 22 Dec 2019
|
[ 14:30 tz ]
lang/php72: Upgrade from 7.2.25 to 7.2.26
Changelog:
Bcmath:
Fixed bug #78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046)
Core:
Fixed bug #78862 (link() silently truncates after a null byte on
Windows). (CVE-2019-11044)
Fixed bug #78863 (DirectoryIterator class silently truncates after a
null byte). (CVE-2019-11045)
EXIF:
Fixed bug #78793 (Use-after-free in exif parsing under memory
sanitizer). (CVE-2019-11050)
Fixed bug #78910 (Heap-buffer-overflow READ in exif). (CVE-2019-11047)
GD:
Fixed bug #78849 (GD build broken with -D SIGNED_COMPARE_SLOW).
Intl:(Only the first 15 lines of the commit message are shown above  )
|
|
Fri, 22 Nov 2019
|
[ 22:13 tz ]
lang/php72: Update from 7.2.24 to 7.2.25
Changelog:
Core:
Fixed bug #78656 (Parse errors classified as highest log-level).
Fixed bug #78752 (Segfault if GC triggered while generator stack frame
is being destroyed).
Fixed bug #78689 (Closure::fromCallable() doesn't handle [Closure,
'__invoke']).
COM:
Fixed bug #78694 (Appending to a variant array causes segfault).
Date:
Fixed bug #70153 (\DateInterval incorrectly unserialized).
Fixed bug #78751 (Serialising DatePeriod converts DateTimeImmutable).
Iconv:
Fixed bug #78642 (Wrong libiconv version displayed). (gedas at martynas,
cmb).(Only the first 15 lines of the commit message are shown above )
|
|
Fri, 25 Oct 2019
|
[ 10:34 tz ]
lang/php72: Update from 7.2.23 to 7.2.24
Changelog:
Core:
Fixed bug #78535 (auto_detect_line_endings value not parsed as bool).
Fixed bug #78620 (Out of memory error).
Exif:
Fixed bug #78442 ('Illegal component' on exif_read_data since PHP7)
(Kalle)
FPM:
Fixed bug #78599 (env_path_info underflow in fpm_main.c can lead to
RCE). (CVE-2019-11043)
MBString:
Fixed bug #78579 (mb_decode_numericentity: args number inconsistency).
Fixed bug #78609 (mb_check_encoding() no longer supports stringable
objects).
MySQLi:(Only the first 15 lines of the commit message are shown above )
|
|
Sun, 29 Sep 2019
|
[ 21:06 tz ]
lang/php72: Update from 7.2.22 to 7.2.23
Changelog:
Core:
Fixed bug #78220 (Can't access OneDrive folder).
Fixed bug #78412 (Generator incorrectly reports non-releasable $this as
GC child).
FastCGI:
Fixed bug #78469 (FastCGI on_accept hook is not called when using named
pipes on Windows).
MySQLnd:
Fixed connect_attr issues and added the _server_host connection
attribute.
ODBC:
Fixed bug #78473 (odbc_close() closes arbitrary resources).
PDO_MySQL:
Fixed bug #41997 (SP call yields additional empty result set).
sodium:
Fixed bug #78510 (Partially uninitialized buffer returned by
sodium_crypto_generichash_init()).
SPL:
Fixed bug #72884 (SplObject isCloneable() returns true but errs on
clone).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.2.23
|
|
Tue, 3 Sep 2019
|
[ 20:23 tz ]
lang/php72: Update from 7.2.21 to 7.2.22
Changelog:
Core:
Fixed bug #78363 (Buffer overflow in zendparse).
Fixed bug #78379 (Cast to object confuses GC, causes crash).
Curl:
Fixed bug #77946 (Bad cURL resources returned by
curl_multi_info_read()).
Exif:
Fixed bug #78333 (Exif crash (bus error) due to wrong alignment and
invalid cast).
Iconv:
Fixed bug #78342 (Bus error in configure test for iconv //IGNORE).
LiteSpeed:
Updated to LiteSpeed SAPI V7.5 (Fixed clean shutdown).
MySQLnd:
Fixed bug #78179 (MariaDB server version incorrectly detected).
Opcache:
Fixed bug #77191 (Assertion failure in dce_live_ranges() when silencing
is used).
Standard:
Fixed bug #69100 (Bus error from stream_copy_to_stream (file -> SSL
stream) with invalid length).
Fixed bug #78282 (atime and mtime mismatch).
Fixed bug #78326 (improper memory deallocation on stream_get_contents()
with fixed length buffer).
MFH: 2019Q3
|
|
Sat, 3 Aug 2019
|
[ 18:28 tz ]
Update PHP 7.2 from 7.2.20 to 7.2.21
Changelog:
Date:
Fixed bug #69044 (discrepency between time and microtime).
EXIF:
Fixed bug #78256 (heap-buffer-overflow on exif_process_user_comment).
(CVE-2019-11042)
Fixed bug #78222 (heap-buffer-overflow on exif_scan_thumbnail).
(CVE-2019-11041)
Fileinfo:
Fixed bug #78183 (finfo_file shows wrong mime-type for .tga file).
FTP:
Fixed bug #77124 (FTP with SSL memory leak).
Libxml:
Fixed bug #78279 (libxml_disable_entity_loader settings is shared
between requests (cgi-fcgi)).(Only the first 15 lines of the commit message are shown above )
|
|
Sat, 13 Jul 2019
|
[ 21:25 tz ]
lang/php72: Upgrade from 7.2.19 to 7.2.20
Changelog:
Core:
Fixed bug #76980 (Interface gets skipped if autoloader throws an
exception).
DOM:
Fixed bug #78025 (segfault when accessing properties of
DOMDocumentType).
MySQLi:
Fixed bug #77956 (When mysqli.allow_local_infile = Off, use a meaningful
error message).
Fixed bug #38546 (bindParam incorrect processing of bool types).
Opcache:
Fixed bug #78106 (Path resolution fails if opcache disabled during
request).
OpenSSL:
Fixed bug #78079 (openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c).(Only the first 15 lines of the commit message are shown above )
|
|
Fri, 31 May 2019
|
[ 21:57 tz ]
lang/php72: Upgrade from 7.2.18 7.2.19
Changelog:
EXIF:
Fixed bug #77988 (heap-buffer-overflow on php_jpg_get16)
(CVE-2019-11040).
FPM:
Fixed bug #77934 (php-fpm kill -USR2 not working).
Fixed bug #77921 (static.php.net doesn't work anymore).
GD:
Fixed bug #77943 (imageantialias($image, false); does not work).
Fixed bug #77973 (Uninitialized read in gdImageCreateFromXbm)
(CVE-2019-11038).
Iconv:
Fixed bug #78069 (Out-of-bounds read in iconv.c:_php_iconv_mime_decode()
due to integer overflow) (CVE-2019-11039).
JSON:(Only the first 15 lines of the commit message are shown above )
|
|
Wed, 8 May 2019
|
[ 06:45 tz ]
lang/php72: Upgrade from 7.2.17 to 7.2.18
Changelog:
CLI:
Fixed bug #77794 (Incorrect Date header format in built-in server).
EXIF:
Fixed bug #77950 (Heap-buffer-overflow in _estrndup via
exif_process_IFD_TAG).
Interbase:
Fixed bug #72175 (Impossibility of creating multiple connections to
Interbase with php 7.x).
Intl:
Fixed bug #77895 (IntlDateFormatter::create fails in strict mode if
$locale = null).
litespeed:
LiteSpeed SAPI 7.3.1, better process management, new API function
litespeed_finish_request().
Mail:(Only the first 15 lines of the commit message are shown above )
|
|
Fri, 5 Apr 2019
|
[ 13:50 tz ]
Update PHP 7.2 from 7.2.16 to 7.2.17
Changelog:
Core:
Fixed bug #77738 (Nullptr deref in zend_compile_expr).
Fixed bug #77660 (Segmentation fault on break 2147483648).
Fixed bug #77652 (Anonymous classes can lose their interface
information).
Fixed bug #77676 (Unable to run tests when building shared extension on
AIX).
Bcmath:
Fixed bug #77742 (bcpow() implementation related to gcc compiler
optimization).
COM:
Fixed bug #77578 (Crash when php unload).
Date:
Fixed bug #50020 (DateInterval:createDateFromString() silently fails).(Only the first 15 lines of the commit message are shown above )
|
|
Fri, 8 Mar 2019
|
[ 15:47 tz ]
lang/php72: Upgrade from 7.2.15 to 7.2.16
Changelog:
Core:
Fixed bug #77589 (Core dump using parse_ini_string with numeric
sections).
Fixed bug #77630 (rename() across the device may allow unwanted access
during processing).
COM:
Fixed bug #77621 (Already defined constants are not properly reported).
EXIF:
Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF).
Fixed bug #77540 (Invalid Read on exif_process_SOFn).
Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE).
Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE).
PDO_OCI:(Only the first 15 lines of the commit message are shown above )
|
|
Fri, 8 Feb 2019
|
[ 10:55 tz ]
lang/php72: Upgrade from 7.2.14 to 7.2.15
Changelog:
Core:
Fixed bug #77339 (__callStatic may get incorrect arguments).
Fixed bug #77494 (Disabling class causes segfault on member access).
Fixed bug #77530 (PHP crashes when parsing `(2)::class`).
Curl:
Fixed bug #76675 (Segfault with H2 server push).
GD:
Fixed bug #73281 (imagescale(..., IMG_BILINEAR_FIXED) can cause black
border).
Fixed bug #73614 (gdImageFilledArc() doesn't properly draw pies).
Fixed bug #77272 (imagescale() may return image resource on failure).
Fixed bug #77391 (1bpp BMPs may fail to be loaded).(Only the first 15 lines of the commit message are shown above )
|
|
Mon, 14 Jan 2019
|
[ 11:03 tz ]
lang/php72: Upgrade from 7.2.13 to 7.2.14
Changelog:
Core:
Fixed bug #77369 (memcpy with negative length via crafted DNS response).
Fixed bug #71041 (zend_signal_startup() needs ZEND_API).
Fixed bug #76046 (PHP generates "FE_FREE" opcode on the wrong line).
COM:
Fixed bug #77177 (Serializing or unserializing COM objects crashes).
Date:
Fixed bug #77097 (DateTime::diff gives wrong diff when the actual diff
is less than 1 second).
Exif:
Fixed bug #77184 (Unsigned rational numbers are written out as signed
rationals).
GD:(Only the first 15 lines of the commit message are shown above )
|
|
Fri, 7 Dec 2018
|
[ 07:54 tz ]
lang/php72: Upgrade from 7.2.12 to 7.2.13
Changelog: http://www.php.net/ChangeLog-7.php#7.2.13
MFH: 2018Q4
|
|
Sat, 10 Nov 2018
|
[ 17:33 joneum ]
Update to 7.2.12
Changelog:
- http://www.php.net/ChangeLog-7.php#7.2.12
Approved by: tz (implicit)
Sponsored by: Netzkommune GmbH
|
|
Fri, 12 Oct 2018
|
[ 15:15 joneum ]
Update to 7.2.11
Changelogs:
- http://www.php.net/releases/7_2_11.php
- http://www.php.net/ChangeLog-7.php#7.2.11
Approved by: tz (implicit)
Sponsored by: Netzkommune GmbH
|
|
Thu, 13 Sep 2018
|
[ 18:40 joneum ]
Update to 7.2.10
Changelog: http://www.php.net/ChangeLog-7.php#7.2.10
Approved by: tz (implicit)
MFH: 2018Q3
Sponsored by: Netzkommune GmbH
|
|
Sat, 18 Aug 2018
|
[ 15:32 joneum ]
Update to 7.2.9
Changelog: http://www.php.net/ChangeLog-7.php#7.2.9
MFH: 2018Q3
|
|
Mon, 23 Jul 2018
|
[ 15:06 tz ]
lang/php72: Update from 7.2.7 to 7.2.8
Changelog: http://www.php.net/ChangeLog-7.php#7.2.8
Also patch out MySQL 8 auth changes, which makes the hash
extension mandatory instead of optional and introduce further
bugs:
https://github.com/php/php-src/commit/d6e81f0bfd0cb90586dd83d4fd47a4302605261a
MFH: 2018Q3
|
|
Mon, 25 Jun 2018
|
[ 11:41 tz ]
lang/php72: Update from 7.2.6 to 7.2.7
Changelog: http://www.php.net/ChangeLog-7.php#7.2.7
|
|
Tue, 29 May 2018
|
[ 14:33 tz ]
lang/php72: Update from 7.2.5 to 7.2.6
Changelog: http://www.php.net/ChangeLog-7.php#7.2.6
MFH: 2018Q2
|
|
Thu, 26 Apr 2018
|
[ 14:50 tz ]
lang/php72: Update from 7.2.4 to 7.2.5
Changelog: http://www.php.net/ChangeLog-7.php#7.2.5
MFH: 2018Q2
Security: CVE-2018-5712
|
|
Thu, 29 Mar 2018
|
[ 13:11 tz ]
lang/php72: Update from 7.2.3 to 7.2.4
Changelog: http://www.php.net/ChangeLog-7.php#7.2.4
|
|
Fri, 2 Mar 2018
|
[ 13:11 tz ]
lang/php72: Update from 7.2.2 to 7.2.3
Changelog: http://www.php.net/ChangeLog-7.php#7.2.3
MFH: 2018Q1
|
|
Fri, 2 Feb 2018
|
[ 11:40 tz ]
lang/php72: Update from 7.2.1 to 7.2.2
Changelog: http://www.php.net/ChangeLog-7.php#7.2.2
MFH: 2018Q1
|
|
Wed, 10 Jan 2018
|
[ 16:11 tz ]
lang/php72: Update from 7.2.0 to 7.2.1
Changelog: http://www.php.net/ChangeLog-7.php#7.2.1
PR: 224953
MFH: 2018Q1
|
|
Wed, 6 Dec 2017
|
[ 15:40 tz ]
lang/php72: Update from 7.2.0 RC 6 to 7.2.0
Changelog: http://www.php.net/ChangeLog-7.php#7.2.0
|
|
Thu, 16 Nov 2017
|
[ 10:48 tz ] (Only the first 10 of 184 ports in this commit are shown above. )
Add PHP 7.2 RC6
Notable changes:
- mcrypt module was removed
- sodium module was added
- sybase_ct artifacts removed
Also many PECL ports will not work with this version
since some files got renamed.
Reviewed by: mat, ale, Rainer Duffner <rainer@ultra-secure.de>
Differential Revision: https://reviews.freebsd.org/D12980
|
Number of commits found: 36 |
As an Amazon Associate I earn from qualifying purchases.