| non port: lang/php74/Makefile |
Number of commits found: 61 |
|
Sunday, 25 Dec 2022
|
19:36 Muhammad Moinur Rahman (bofh) 
*/*php74*: Sunset php 7.4
As per upstream php 7.4 has reached it's EOL on 2022-11-22. Remove php74
from the tree. Default version of php has already been switched to 8.1.
Approved by: portmgr (blanket infrastructure)
Sponsored by: Bounce Experts
    0d310d7 |
|
Saturday, 5 Nov 2022
|
14:19 Muhammad Moinur Rahman (bofh)
lang/php74: Update version 7.4.32=>7.4.33
* GD:
- Fixed bug #81739: OOB read due to insufficient input validation in
imageloadfont(). (CVE-2022-31630)
* Hash:
- Fixed bug #81738: buffer overflow in hash_update() on long parameter
(CVE-2022-37454)
Approved by: tz (By private mail)
Relnotes: https://www.php.net/ChangeLog-7.php#7.4.33
Sponsored by: Bounce Experts
27ac371f |
|
Sunday, 2 Oct 2022
|
00:21 Muhammad Moinur Rahman (bofh)
lang/php74: Update version 7.4.30=>7.4.32
* Core:
- Fixed bug #81726: phar wrapper: DOS when using quine gzip file.
(CVE-2022-31628)
- Fixed bug #81727: Don't mangle HTTP variable names that clash with
ones that have a specific semantic meaning. (CVE-2022-31629)
Relnotes: https://www.php.net/ChangeLog-7.php
Sponsored by: Bounce Experts
594ae3a |
|
Wednesday, 7 Sep 2022
|
21:10 Stefan Eßer (se)
Add WWW entries to port Makefiles
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
This commit implements such a proposal and moves one of the WWW: entries
of each pkg-descr file into the respective port's Makefile. A heuristic
attempts to identify the most relevant URL in case there is more than
one WWW: entry in some pkg-descr file. URLs that are not moved into the
Makefile are prefixed with "See also:" instead of "WWW:" in the pkg-descr
files in order to preserve them.
There are 1256 ports that had no WWW: entries in pkg-descr files. These
ports will not be touched in this commit.
The portlint port has been adjusted to expect a WWW entry in each port
Makefile, and to flag any remaining "WWW:" lines in pkg-descr files as
deprecated.
Approved by: portmgr (tcberner)
b7f0544 |
|
Friday, 10 Jun 2022
|
13:34 Muhammad Moinur Rahman (bofh)
lang/php74: Update version 7.4.29=>7.4.30
- mysqlnd:
Fixed bug #81719: mysqlnd/pdo password buffer overflow.
(CVE-2022-31626)
- pgsql:
Fixed bug #81720: Uninitialized array in pg_query_params().
(CVE-2022-31625)
Approved by: tz (private email)
Relnotes: https://www.php.net/ChangeLog-7.php#7.4.30
Sponsored by: Bounce Experts
9dd5251 |
|
Friday, 15 Apr 2022
|
22:31 Torsten Zuehlsdorff (tz)
lang/php74: Upgrade from 7.4.28 to 7.4.29
Changelog:
Core:
No source changes to this release. This update allows for re-building
the Windows binaries against upgraded dependencies which have received security
updates.
Date:
Updated to latest IANA timezone database (2022a).
Sponsored by: Bounce Experts
db966c3 |
|
Sunday, 10 Apr 2022
|
19:11 Charlie Li (vishwin)
textproc/libxml2: bump all LIB_DEPENDS consumers
This is a separate commit to facilitate easier cherry-picking for
quarterly.
PR: 262853, 262940, 262877, 263126
Approved by: fluffy (mentor)
d63665f |
|
Saturday, 26 Mar 2022
|
08:27 Matthias Fechner (mfechner)
textproc/libxml2: bump all dependencies
This should make sure that all dependent ports will pick
up the new version commited with a13ec21cd733f67a9fc0dc00ab45268bdc236246
247c7db |
|
Friday, 25 Mar 2022
|
14:29 Piotr Kubaj (pkubaj)
pcre: fix runtime issues on powerpc
In sljitConfigInternal.h, pcre checks for existence of __builtin___clear_cache()
function.
LLVM provides that function for all platforms, even those that don't have
implemented flushing the cache.
This leads to runtime errors on e.g. powerpc (32-bit) with __clear_cache()
calling compilerrt_abort(), resulting in SIGABRT.
b6bb44e |
|
Saturday, 19 Feb 2022
|
04:44 Muhammad Moinur Rahman (bofh)
lang/php74: Update version 7.4.27=>7.4.28
Filter:
Fix #81708: UAF due to php_filter_float() failing for ints
(CVE-2021-21708)
CVE is not yet published.
Approved by: tz (private email)
Sponsored by: Bounce Experts
815ff00 |
|
Friday, 18 Feb 2022
|
19:10 Piotr Kubaj (pkubaj)
lang/php*: remove support for 11 on powerpc64
8f89a07 |
|
Sunday, 6 Feb 2022
|
18:46 Stefan Eßer (se)
lang/php??: make CONFLICTS_INSTALL visible to PHP module ports
The definition of CONFLICTS_INSTALL already included ${PKGNAMESUFFIX},
but in a block that was conditional on ${PKGNAMESUFFIX} not being
defined, defying the purpose.
After this change all ports that refer to the lang/php?? interpreter
ports get an automatic CONFLICTS_INSTALL definition that prevents the
installation of the same module for multiple interpreter versions.
This change adds correct CONFLICTS_INSTALL definitions to hundreds of
PHP ports that previously lacked any such definition.
PHP modules can override this generated CONFLICTS_INSTALL definition
in their Makefiles, if required.
Approved by: portmgr (implicit)
d4b3ad6 |
|
Tuesday, 1 Feb 2022
|
08:08 Muhammad Moinur Rahman (bofh)
lang/php74{-extensions}: Mark DEPRECATED
Security support for php74 will expire on 28th November, 2022. For
details please see:
https://www.php.net/supported-versions
EXPIRATION_DATE has been set 1 day after the EOL.
A metabug has been created to track which ports explicitly depends on
php74{-extensions} only; which is available at:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261604
PR: 261604
Approved by: tz (private email)
Sponsored by: Bounce Experts
5ebfc20 |
|
Wednesday, 26 Jan 2022
|
00:36 Muhammad Moinur Rahman (bofh)
Remove references to defunct php73
- Add regex in CONFLICTS* [1]
Reported by: se [1]
Approved by: portmgr (blanket infrastructure sweep)
Sponsored by: Bounce Experts
Differential Revision: https://reviews.freebsd.org/D33983 [1]
16510ab |
|
Sunday, 26 Dec 2021
|
18:23 Muhammad Moinur Rahman (bofh)
Fix fetch for php*
- Primary hosting provider of php has introduced some sort of checking
which is blocking fetch although curl/wget works perfectly. fetch with
other --user-agent is also not working at the moment. An issue has been
opened with the upstream which can be found at:
https://github.com/php/web-php/issues/483
- Untill this is fixed add php Github distributions URL to MASTER_SITES
- Modify MASTER_SITES for php[73|74|80] and remove SUBDIR as it affects
DIST_SUBDIR
- Add DIST_SUBDIR as Github is IPv4 only which affects IPv6 only
builders. In case someone is running IPv6 only builders distcache will
pickup and serve.
- Although distinfo has been updated as we have added DIST_SUBDIR but
SHA256 and SIZE are unchanged. In case someone needs to verify those
are available from https://www.php.net/downloads
- We might have done some drastic changes but we are on the brink of
quarterly build and we do not want to start a new year and a new
quarter with BROKEN php and thousands of other ports.
PR: 260699
Reported by: chris@cretaforce.gr
Approved by: portmgr (blanket infrastructure)
Sponsored by: Bounce Experts
529117f |
|
Thursday, 23 Dec 2021
|
14:22 Muhammad Moinur Rahman (bofh)
lang/php74: Update version 7.4.26=>7.4.27
- Refactor with OPTIONSNG
Changelog:
Core:
Fixed bug #81626 (Error on use static:: in __сallStatic() wrapped to
Closure::fromCallable()).
FPM:
Fixed bug #81513 (Future possibility for heap overflow in FPM zlog).
GD:
Fixed bug #71316 (libpng warning from imagecreatefromstring).
OpenSSL:
Fixed bug #75725 (./configure: detecting RAND_egd).
PCRE:
Fixed bug #74604 (Out of bounds in php_pcre_replace_impl).
Standard:
Fixed bug #81618 (dns_get_record fails on FreeBSD for missing type).
Fixed bug #81659 (stream_get_contents() may unnecessarily
overallocate).
Approved by: tz (private mail)
Relnotes: https://www.php.net/ChangeLog-7.php#7.4.27
Sponsored by: Bounce Experts
105ff67 |
|
Thursday, 25 Nov 2021
|
21:40 Stefan Eßer (se)
*/*: Remove redundant '-*' from CONFLICTS definitions
The conflict checks compare the patterns first against the package
names without version (as reported by "pkg query "%n"), then - if
there was no match - agsinst the full package names including the
version (as reported by "pkg query "%n-%v").
Approved by: portmgr (blanket)
04b9da4 |
|
Saturday, 20 Nov 2021
|
19:31 Torsten Zuehlsdorff (tz)
lang/php74: Upgrade from 7.4.25 to 7.4.26
Core:
Fixed bug #81518 (Header injection via default_mimetype /
default_charset).
Date:
Fixed bug #81500 (Interval serialization regression since 7.3.14 /
7.4.2).
MBString:
Fixed bug #76167 (mbstring may use pointer from some previous request).
MySQLi:
Fixed bug #81494 (Stopped unbuffered query does not throw error).
PCRE:
Fixed bug #81424 (PCRE2 10.35 JIT performance regression).
Streams:
Fixed bug #54340 (Memory corruption with user_filter).
XML:
Fixed bug #79971 (special character is breaking the path in xml
function). (CVE-2021-21707)
Also include a patch to fix issue 259725:
dns_get_record fails when requested record doesn't exist
PR: 259725
Reported by: fsbruva@yahoo.com
Sponsored by: Bounce Experts
11d48dd |
|
Saturday, 23 Oct 2021
|
22:52 Torsten Zuehlsdorff (tz)
lang/php74: Upgrade from 7.4.24 to 7.4.25
Changelog:
DOM:
Fixed bug #81433 (DOMElement::setIdAttribute() called twice may remove
ID).
FFI:
Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not
defined).
Fileinfo:
Fixed bug #78987 (High memory usage during encoding detection).
Filter:
Fixed bug #61700 (FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE
failing).
FPM:
Fixed bug #81026 (PHP-FPM oob R/W in root process leading to privilege
escalation) (CVE-2021-21703).
SPL:
Fixed bug #80663 (Recursive SplFixedArray::setSize() may cause
double-free).
Streams:
Fixed bug #81475 (stream_isatty emits warning with attached stream
wrapper).
XML:
Fixed bug #70962 (XML_OPTION_SKIP_WHITE strips embedded whitespace).
Zip:
Fixed bug #81490 (ZipArchive::extractTo() may leak memory).
Fixed bug #77978 (Dirname ending in colon unzips to wrong dir).
Sponsored by: Bounce Experts
b0953f0 |
|
Saturday, 16 Oct 2021
|
09:51 Jimmy Olgeni (olgeni)
*: fix tab vs. space issues, and comments according to the guide.
4460cf7 |
|
Thursday, 30 Sep 2021
|
19:36 Torsten Zuehlsdorff (tz)
lang/php7*: adjust CONFLICTS to new versions
PHP 7.3 conflicted with versions no longer in the ports-tree. Remove this
conflicts.
PHP 7.3 and 7.4 did not conflict with PHP 8.0. Add the missing conflict.
PR: 258803
Reported by: Einar Bjarni Halldórsson <einar@isnic.is>
Sponsored by: Bounce Experts
1eeec1b |
|
Wednesday, 29 Sep 2021
|
09:55 Torsten Zuehlsdorff (tz)
lang/php74: Update from 7.4.23 to 7.4.24
Changelog:
Core:
Fixed bug #81302 (Stream position after stream filter removed).
Fixed bug #81346 (Non-seekable streams don't update position after
write).
Fixed bug #73122 (Integer Overflow when concatenating strings).
GD:
Fixed bug #53580 (During resize gdImageCopyResampled cause colors
change).
Opcache:
Fixed bug #81353 (segfault with preloading and statically bound
closure).
Shmop:
Fixed bug #81407 (shmop_open won't attach and causes php to crash).
Standard:
Fixed bug #71542 (disk_total_space does not work with relative paths).
Fixed bug #81400 (Unterminated string in dns_get_record() results).
SysVMsg:
Fixed bug #78819 (Heap Overflow in msg_send).
XML:
Fixed bug #81351 (xml_parse may fail, but has no error code).
Zip:
Fixed bug #81420 (ZipArchive::extractTo extracts outside of
destination). (CVE-2021-21706)
Sponsored by: Bounce Experts
4f8082b |
|
Sunday, 29 Aug 2021
|
20:47 Torsten Zuehlsdorff (tz)
lang/php74: Upgrade from 7.4.22 to 7.4.23
Changelog:
Core:
Fixed bug #72595 (php_output_handler_append illegal write access).
Fixed bug #66719 (Weird behaviour when using get_called_class() with
call_user_func()).
Fixed bug #81305 (Built-in Webserver Drops Requests With "Upgrade"
Header).
BCMath:
Fixed bug #78238 (BCMath returns "-0").
CGI:
Fixed bug #80849 (HTTP Status header truncation).
GD:
Fixed bug #51498 (imagefilledellipse does not work for large circles).
MySQLi:
Fixed bug #74544 (Integer overflow in mysqli_real_escape_string()).
OpenSSL:
Fixed bug #81327 (Error build openssl extension on php 7.4.22).
PDO_ODBC:
Fixed bug #81252 (PDO_ODBC doesn't account for SQL_NO_TOTAL).
Phar:
Fixed bug #81211: Symlinks are followed when creating PHAR archive.(cmb)
Shmop:
Fixed bug #81283 (shmop can't read beyond 2147483647 bytes).
Standard:
Fixed bug #72146 (Integer overflow on substr_replace).
Fixed bug #81265 (getimagesize returns 0 for 256px ICO images).
Fixed bug #74960 (Heap buffer overflow via str_repeat).
Streams:
Fixed bug #81294 (Segfault when removing a filter).
Sponsored by: Bounce Experts
f54d1e5 |
|
Sunday, 1 Aug 2021
|
08:32 Xin LI (delphij)
net/openldap24-server: Make SASL permanent for OpenLDAP port.
PR: ports/257374
Reviewed by: obrien
Approved by: portmgr (exp-run by antoine)
Differential Revision: https://reviews.freebsd.org/D31301
974e13b |
|
Saturday, 31 Jul 2021
|
21:31 Torsten Zuehlsdorff (tz)
lang/php74: Update from 7.4.21 to 7.4.22
Changelog:
Core:
Fixed bug #81145 (copy() and stream_copy_to_stream() fail for +4GB
files).
Fixed bug #81163 (incorrect handling of indirect vars in __sleep).
Fixed bug #80728 (PHP built-in web server resets timeout when it can
kill the process).
Fixed bug #73630 (Built-in Weberver - overwrite
$_SERVER['request_uri']).
Fixed bug #80173 (Using return value of zend_assign_to_variable() is not
safe).
Fixed bug #73226 (--r[fcez] always return zero exit code).
Intl:
Fixed bug #72809 (Locale::lookup() wrong result with canonicalize
option).
Fixed bug #68471 (IntlDateFormatter fails for "GMT+00:00" timezone).
Fixed bug #74264 (grapheme_strrpos() broken for negative offsets).
OpenSSL:
Fixed bug #52093 (openssl_csr_sign truncates $serial).
PCRE:
Fixed bug #81101 (PCRE2 10.37 shows unexpected result).
Fixed bug #81243 (Too much memory is allocated for preg_replace()).
Standard:
Fixed bug #81223 (flock() only locks first byte of file).
Sponsored by: Bounce Experts
e297f25 |
|
Monday, 5 Jul 2021
|
21:31 Torsten Zuehlsdorff (tz)
lang/php74: Update from 7.4.20 to 7.4.21
Changelog:
Core:
Fixed bug #81068 (Double free in realpath_cache_clean()).
Fixed bug #76359 (open_basedir bypass through adding "..").
Fixed bug #81090 (Typed property performance degradation with .=
operator).
Fixed bug #81070 (Integer underflow in memory limit comparison).
Fixed bug #81122 (SSRF bypass in FILTER_VALIDATE_URL). (CVE-2021-21705)
Bzip2:
Fixed bug #81092 (fflush before stream_filter_remove corrupts stream).
OpenSSL:
Fixed bug #76694 (native Windows cert verification uses CN as sever
name).
PDO_Firebird:
Fixed bug #76448 (Stack buffer overflow in firebird_info_cb).
(CVE-2021-21704)
Fixed bug #76449 (SIGSEGV in firebird_handle_doer). (CVE-2021-21704)
Fixed bug #76450 (SIGSEGV in firebird_stmt_execute). (CVE-2021-21704)
Fixed bug #76452 (Crash while parsing blob data in firebird_fetch_blob).
(CVE-2021-21704)
Standard:
Fixed bug #81048 (phpinfo(INFO_VARIABLES) "Array to string conversion").
Sponsored by: Bounce Experts
bc406bc |
|
Wednesday, 16 Jun 2021
|
22:29 Piotr Kubaj (pkubaj)
lang/php74: fix build on riscv64
Same fix as for php80.
331ac64 |
|
Thursday, 10 Jun 2021
|
09:23 Piotr Kubaj (pkubaj)
lang/php74: enable DTRACE on powerpc
5a51fe8 |
|
Friday, 4 Jun 2021
|
20:44 Torsten Zuehlsdorff (tz)
lang/php74: Upgrade from 7.4.19 to 7.4.20
Changelog:
Core:
Fixed bug #80929 (Method name corruption related to repeated calls to
call_user_func_array).
Fixed bug #80960 (opendir() warning wrong info when failed on Windows).
Fixed bug #67792 (HTTP Authorization schemes are treated as
case-sensitive).
Fixed bug #80972 (Memory exhaustion on invalid string offset).
FPM:
Fixed bug #65800 (Events port mechanism).
FTP:
Fixed bug #80901 (Info leak in ftp extension).
Fixed bug #79100 (Wrong FTP error messages).
GD:
Fixed bug #81032 (GD install is affected by external libgd
installation).
MBString:
Fixed bug #81011 (mb_convert_encoding removes references from arrays).
ODBC:
Fixed bug #80460 (ODBC doesn't account for SQL_NO_TOTAL indicator).
PDO_MySQL:
Fixed bug #81037 (PDO discards error message text from prepared
statement).
PDO_ODBC:
Fixed bug #44643 (bound parameters ignore explicit type definitions).
pgsql:
Fixed php_pgsql_fd_cast() wrt. php_stream_can_cast().
SPL:
Fixed bug #80933 (SplFileObject::DROP_NEW_LINE is broken for NUL and
CR).
Opcache:
Fixed bug #80900 (switch statement behavior inside function).
Fixed bug #81015 (Opcache optimization assumes wrong part of ternary
operator in if-condition).
XMLReader:
Fixed bug #73246 (XMLReader: encoding length not checked).
Zip:
Fixed bug #80863 (ZipArchive::extractTo() ignores references).
Sponsored by: Bounce Experts
a1915de |
|
Friday, 7 May 2021
|
22:53 Torsten Zuehlsdorff (tz)
lang/php74: Update from 7.4.18 to 7.4.19
PDO_pgsql:
Revert "Fixed bug #80892 (PDO::PARAM_INT is treated the same as
PDO::PARAM_STR)"
Sponsored by: Bounce Experts
1f37ed9 |
|
Saturday, 1 May 2021
|
22:08 Torsten Zuehlsdorff (tz)
lang/php74: Update from 7.4.16 to 7.4.18
Changelog:
Core:
Fixed bug #80781 (Error handler that throws ErrorException infinite
loop).
Fixed bug #75776 (Flushing streams with compression filter is broken).
(cmb) 04 Mar 2021, php 7.4.16
Fixed #80706 (mail(): Headers after Bcc headers may be ignored).
Dba:
Fixed bug #80817 (dba_popen() may cause segfault during RSHUTDOWN).
DOM:
Fixed bug #66783 (UAF when appending DOMDocument to element).
FPM:
Fixed bug #80024 (Duplication of info about inherited socket after pool
removing).
FTP:
Fixed bug #80880 (SSL_read on shutdown, ftp/proc_open).
Imap:
Fixed bug #80710 (imap_mail_compose() header injection).
Intl:
Fixed bug #80763 (msgfmt_format() does not accept DateTime references).
LibXML:
Fixed bug #51903 (simplexml_load_file() doesn't use HTTP headers).
Fixed bug #73533 (Invalid memory access in php_libxml_xmlCheckUTF8).
MySQLnd:
Fixed bug #80713 (SegFault when disabling ATTR_EMULATE_PREPARES and
MySQL 8.0).
Fixed bug #80837 (Calling stmt_store_result after fetch doesn't throw an
error).
Fixed bug #78680 (mysqlnd's mysql_clear_password does not transmit
null-terminated password).
Opcache:
Fixed bug #80805 (create simple class and get error in opcache.so).
Fixed bug #80950 (Variables become null in if statements).
Pcntl:
Fixed bug #79812 (Potential integer overflow in pcntl_exec()).
PCRE:
Fixed bug #80866 (preg_split ignores limit flag when pattern with \K has
0-width fullstring match).
PDO_ODBC:
Fixed bug #80783 (PDO ODBC truncates BLOB records at every 256th byte).
PDO_pgsql:
Fixed bug #80892 (PDO::PARAM_INT is treated the same as PDO::PARAM_STR).
phpdbg:
Fixed bug #80757 (Exit code is 0 when could not open file).
Session:
Fixed bug #80774 (session_name() problem with backslash).
Fixed bug #80889 (Cannot set save handler when save_handler is invalid).
SOAP:
Fixed bug #69668 (SOAP special XML characters in namespace URIs not
encoded).
Standard:
Fixed bug #78719 (http wrapper silently ignores long Location headers).
Fixed bug #80771 (phpinfo(INFO_CREDITS) displays nothing in CLI).
Fixed bug #80838 (HTTP wrapper waits for HTTP 1 response after HTTP
101).
Fixed bug #80915 (Taking a reference to $_SERVER hides its values from
phpinfo()).
Fixed bug #80654 (file_get_contents() maxlen fails above (2**31)-1
bytes).
MySQLi:
Fixed bug #74779 (x() and y() truncating floats to integers).
OPcache:
Fixed bug #80682 (opcache doesn't honour pcre.jit option).
OpenSSL:
Fixed bug #80747 (Providing RSA key size < 512 generates key that crash
PHP).
Phar:
Fixed bug #75850 (Unclear error message wrt. __halt_compiler() w/o
semicolon) (cmb)
Fixed bug #70091 (Phar does not mark UTF-8 filenames in ZIP archives).
Fixed bug #53467 (Phar cannot compress large archives).
SPL:
Fixed bug#80719 (Iterating after failed ArrayObject::setIteratorClass()
causes Segmentation fault).
Zip:
Fixed bug #80648 (Fix for bug 79296 should be based on runtime version).
Sponsored by: Bounce Experts
5be5ddc |
|
Wednesday, 7 Apr 2021
|
08:09 Mathieu Arnold (mat)
One more small cleanup, forgotten yesterday.
Reported by: lwhsu
cf118cc |
|
Tuesday, 6 Apr 2021
|
14:31 Mathieu Arnold (mat)
Remove # $FreeBSD$ from Makefiles.
305f148 |
|
Saturday, 6 Mar 2021
|
01:33 tz
lang/php74: Update from 7.4.15 to 7.4.16
Changelog:
Core:
Fixed #80706 (mail(): Headers after Bcc headers may be ignored).
MySQLnd:
Fixed bug #78680 (mysqlnd's mysql_clear_password does not transmit
null-terminated password).
MySQLi:
Fixed bug #74779 (x() and y() truncating floats to integers).
OPcache:
Fixed bug #80682 (opcache doesn't honour pcre.jit option).
OpenSSL:
Fixed bug #80747 (Providing RSA key size < 512 generates key that crash
PHP).
Phar:
Fixed bug #75850 (Unclear error message wrt. __halt_compiler() w/o
semicolon) (cmb)
Fixed bug #70091 (Phar does not mark UTF-8 filenames in ZIP archives).
Fixed bug #53467 (Phar cannot compress large archives).
SPL:
Fixed bug#80719 (Iterating after failed ArrayObject::setIteratorClass()
causes Segmentation fault).
Standard:
Fixed bug #80654 (file_get_contents() maxlen fails above (2**31)-1
bytes).
Zip:
Fixed bug #80648 (Fix for bug 79296 should be based on runtime version).
Sponsored by: PHP Upgrade Service
  |
|
Friday, 5 Feb 2021
|
22:52 tz
lang/php74: Update from 7.4.14 to 7.4.15
Core:
Fixed bug #80523 (bogus parse error on >4GB source code).
Fixed bug #80384 (filter buffers entire read until file closed).
Curl:
Fixed bug #80595 (Resetting POSTFIELDS to empty array breaks request).
Date:
Fixed bug #80376 (last day of the month causes runway cpu usage.
MySQLi:
Fixed bug #67983 (mysqlnd with MYSQLI_OPT_INT_AND_FLOAT_NATIVE fails to
interpret bit columns).
Fixed bug #64638 (Fetching resultsets from stored procedure with cursor
fails).
Fixed bug #72862 (segfault using prepared statements on stored
procedures that use a cursor).
Fixed bug #77935 (Crash in mysqlnd_fetch_stmt_row_cursor when calling an
SP with a cursor).
Phar:
Fixed bug #77565 (Incorrect locator detection in ZIP-based phars).
Fixed bug #69279 (Compressed ZIP Phar extractTo() creates garbage
files).
SOAP:
Fixed bug #80672 (Null Dereference in SoapClient). (CVE-2021-21702)
Sponsored by: PHP Update Service
|
|
Saturday, 9 Jan 2021
|
23:49 tz
lang/php74: Upgrade from 7.4.13 to 7.4.14
Core:
Fixed bug #74558 (Can't rebind closure returned by
Closure::fromCallable()).
Fixed bug #80345 (PHPIZE configuration has outdated
PHP_RELEASE_VERSION).
Fixed bug #72964 (White space not unfolded for CC/Bcc headers).
Fixed bug #80362 (Running dtrace scripts can cause php to crash).
Fixed bug #80393 (Build of PHP extension fails due to configuration gap
with libtool).
Fixed bug #80402 (configure filtering out -lpthread).
Fixed bug #77069 (stream filter loses final block of data).
Fileinfo:
Fixed bug #77961 (finfo_open crafted magic parsing SIGABRT).
FPM:
Fixed bug #69625 (FPM returns 200 status on request without
SCRIPT_FILENAME env).
Intl:
Fixed bug #80425 (MessageFormatAdapter::getArgTypeList redefined).
OpenSSL:
Fixed bug #80368 (OpenSSL extension fails to build against LibreSSL due
to lack of OCB support).
Phar:
Fixed bug #73809 (Phar Zip parse crash - mmap fail).
Fixed bug #75102 (`PharData` says invalid checksum for valid tar).
Fixed bug #77322 (PharData::addEmptyDir('/') Possible integer overflow).
PDO MySQL:
Fixed bug #80458 (PDOStatement::fetchAll() throws for upsert queries).
Fixed bug #63185 (nextRowset() ignores MySQL errors with native prepared
statements).
Fixed bug #78152 (PDO::exec() - Bad error handling with multiple
commands).
Fixed bug #70066 (Unexpected "Cannot execute queries while other
unbuffered queries").
Fixed bug #71145 (Multiple statements in init command triggers
unbuffered query error).
Fixed bug #76815 (PDOStatement cannot be GCed/closeCursor-ed when a
PROCEDURE resultset SIGNAL).
Standard:
Fixed bug #77423 (FILTER_VALIDATE_URL accepts URLs with invalid
userinfo). (CVE-2020-7071)
Fixed bug #80366 (Return Value of zend_fstat() not Checked).
Fixed bug #80411 (References to null-serialized object break
serialize()).
Tidy:
Fixed bug #77594 (ob_tidyhandler is never reset).
Zlib:
Fixed #48725 (Support for flushing in zlib stream).
PR: 252509
Submitted by: <michael.glaus@hostpoint.ch>
|
|
Friday, 4 Dec 2020
|
10:22 gahr
lang/php74, security/php74-openssl: fix build with LibreSSL
Upstream: https://bugs.php.net/bug.php?id=80368
https://github.com/php/php-src/commit/ecee3f1209a7c0ac9f99c7f640b2f5df56656e58
|
|
Thursday, 3 Dec 2020
|
17:16 tz
lang/php74: Update from 7.4.12 to 7.4.13
Core:
Fixed bug #80280 (ADD_EXTENSION_DEP() fails for ext/standard and
ext/date).
Fixed bug #80258 (Windows Deduplication Enabled, randon permission
errors).
COM:
Fixed bug #62474 (com_event_sink crashes on certain arguments).
DOM:
Fixed bug #80268 (loadHTML() truncates at NUL bytes).
FFI:
Fixed bug #79177 (FFI doesn't handle well PHP exceptions within
callback).
IMAP:
Fixed bug #64076 (imap_sort() does not return FALSE on failure).
Fixed bug #76618 (segfault on imap_reopen).
Fixed bug #80239 (imap_rfc822_write_address() leaks memory).
Fixed minor regression caused by fixing bug #80220.
Fixed bug #80242 (imap_mail_compose() segfaults for multipart with
rfc822).
MySQLi:
Fixed bug #79375 (mysqli_store_result does not report error from lock
wait timeout).
Fixed bug #76525 (mysqli::commit does not throw if MYSQLI_REPORT_ERROR
enabled and mysqlnd used).
Fixed bug #72413 (mysqlnd segfault (fetch_row second parameter
typemismatch)).
ODBC:
Fixed bug #44618 (Fetching may rely on uninitialized data).
Opcache:
Fixed bug #79643 (PHP with Opcache crashes when a file with specific
name is included).
Fixed run-time binding of preloaded dynamically declared function.
OpenSSL:
Fixed bug #79983 (openssl_encrypt / openssl_decrypt fail with OCB mode).
PDO MySQL:
Fixed bug #66528 (No PDOException or errorCode if database becomes
unavailable before PDO::commit).
Fixed bug #65825 (PDOStatement::fetch() does not throw exception on
broken server connection).
SNMP:
Fixed bug #70461 (disable md5 code when it is not supported in
net-snmp).
Standard:
Fixed bug #80266 (parse_url silently drops port number 0).
PR: 251396
Submitted by: Pascal Christen <pascal.christen@hostpoint.ch>
|
|
Wednesday, 2 Dec 2020
|
18:24 pkubaj
lang/php74: enable DTRACE on powerpc64 head
Builds fine.
|
|
Sunday, 1 Nov 2020
|
22:52 tz
lang/php74: Update from 7.4.11 to 7.4.12
Changelog:
Core:
Fixed bug #80061 (Copying large files may have suboptimal performance).
Fixed bug #79423 (copy command is limited to size of file it can copy).
Fixed bug #80126 (Covariant return types failing compilation).
Fixed bug #80186 (Segfault when iterating over FFI object).
Calendar:
Fixed bug #80185 (jdtounix() fails after 2037).
IMAP:
Fixed bug #80213 (imap_mail_compose() segfaults on certain $bodies).
Fixed bug #80215 (imap_mail_compose() may modify by-val parameters).
Fixed bug #80220 (imap_mail_compose() may leak memory).
Fixed bug #80223 (imap_mail_compose() leaks envelope on malformed
bodies).
Fixed bug #80216 (imap_mail_compose() does not validate
types/encodings).
Fixed bug #80226 (imap_sort() leaks sortpgm memory).
MySQLnd:
Fixed bug #80115 (mysqlnd.debug doesn't recognize absolute paths with
slashes).
Fixed bug #80107 (mysqli_query() fails for ~16 MB long query when
compression is enabled).
ODBC:
Fixed bug #78470 (odbc_specialcolumns() no longer accepts $nullable).
Fixed bug #80147 (BINARY strings may not be properly zero-terminated).
Fixed bug #80150 (Failure to fetch error message).
Fixed bug #80152 (odbc_execute() moves internal pointer of $params).
Fixed bug #46050 (odbc_next_result corrupts prepared resource).
OPcache:
Fixed bug #80083 (Optimizer pass 6 removes variables used for ibm_db2
data binding).
Fixed bug #80194 (Assertion failure during block assembly of unreachable
free with leading nop).
PCRE:
Updated to PCRE 10.35.
Fixed bug #80118 (Erroneous whitespace match with JIT only).
PDO_ODBC:
Fixed bug #67465 (NULL Pointer dereference in odbc_handle_preparer).
Standard:
Fixed bug #80114 (parse_url does not accept URLs with port 0).
Fixed bug #76943 (Inconsistent stream_wrapper_restore() errors).
Fixed bug #76735 (Incorrect message in fopen on invalid mode).
Tidy:
Fixed bug #77040 (tidyNode::isHtml() is completely broken).
Sponsored by: PHP Update Service
|
|
Friday, 9 Oct 2020
|
23:27 tz
lang/php74: Update from 7.4.10 to 7.4.11
Core:
Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-`
cookies can be sent). (CVE-2020-7070)
Fixed bug #79979 (passing value to by-ref param via CUFA crashes).
Fixed bug #80037 (Typed property must not be accessed before
initialization when __get() declared).
Fixed bug #80048 (Bug #69100 has not been fixed for Windows).
Fixed bug #80049 (Memleak when coercing integers to string via variadic
argument).
Calendar:
Fixed bug #80007 (Potential type confusion in unixtojd() parameter
parsing).
COM:
Fixed bug #64130 (COM obj parameters passed by reference are not
updated).
OPcache:
Fixed bug #80002 (calc free space for new interned string is wrong).
Fixed bug #80046 (FREE for SWITCH_STRING optimized away).
Fixed bug #79825 (opcache.file_cache causes SIGSEGV when custom opcode
handlers changed).
OpenSSL:
Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12
bytes IV). (CVE-2020-7069)
PDO:
Fixed bug #80027 (Terrible performance using $query->fetch on queries
with many bind parameters).
SOAP:
Fixed bug #47021 (SoapClient stumbles over WSDL delivered with
"Transfer-Encoding: chunked").
Standard:
Fixed bug #79986 (str_ireplace bug with diacritics characters).
Fixed bug #80077 (getmxrr test bug).
Fixed bug #72941 (Modifying bucket->data by-ref has no effect any
longer).
Fixed bug #80067 (Omitting the port in bindto setting errors).
Sponsored by: Bounce Experts
|
|
Monday, 7 Sep 2020
|
22:16 tz
lang/php74: Upgrade from 7.4.9 to 7.4.10
Changelog:
Core:
Fixed bug #79884 (PHP_CONFIG_FILE_PATH is meaningless).
Fixed bug #77932 (File extensions are case-sensitive).
Fixed bug #79806 (realpath() erroneously resolves link to link).
Fixed bug #79895 (PHP_CHECK_GCC_ARG does not allow flags with equal
sign).
Fixed bug #79919 (Stack use-after-scope in define()).
Fixed bug #79934 (CRLF-only line in heredoc causes parsing error).
Fixed bug #79947 (Memory leak on invalid offset type in compound
assignment).
COM:
Fixed bug #48585 (com_load_typelib holds reference, fails on second
call).
Exif:
Fixed bug #75785 (Many errors from exif_read_data).
Gettext:
Fixed bug #70574 (Tests fail due to relying on Linux fallback behavior
for gettext()).
LDAP:
Fixed memory leaks.
OPcache:
Fixed bug #73060 (php failed with error after temp folder cleaned up).
Fixed bug #79917 (File cache segfault with a static variable in
inherited method).
PDO:
Fixed bug #64705 (errorInfo property of PDOException is null when
PDO::__construct() fails).
Session:
Fixed bug #79724 (Return type does not match in ext/session/mod_mm.c).
Standard:
Fixed bug #79930 (array_merge_recursive() crashes when called with array
with single reference).
Fixed bug #79944 (getmxrr always returns true on Alpine linux).
Fixed bug #79951 (Memory leak in str_replace of empty string).
XML:
Fixed bug #79922 (Crash after multiple calls to xml_parser_free()).
Sponsored by: Bounce Experts
|
|
Wednesday, 19 Aug 2020
|
21:31 tz
lang/php74: Update from 7.4.8 to 7.4.9
Changelog:
Apache:
Fixed bug #79030 (Upgrade apache2handler's
php_apache_sapi_get_request_time to return usec).
COM:
Fixed bug #63208 (BSTR to PHP string conversion not binary safe).
Fixed bug #63527 (DCOM does not work with Username, Password parameter).
Core:
Fixed bug #79740 (serialize() and unserialize() methods can not be
called statically).
Fixed bug #79783 (Segfault in php_str_replace_common).
Fixed bug #79778 (Assertion failure if dumping closure with unresolved
static variable).
Fixed bug #79779 (Assertion failure when assigning property of string
offset by reference).
Fixed bug #79792 (HT iterators not removed if empty array is destroyed).
Fixed bug #78598 (Changing array during undef index RW error segfaults).
Fixed bug #79784 (Use after free if changing array during undef var
during array write fetch).
Fixed bug #79793 (Use after free if string used in undefined index
warning is changed).
Fixed bug #79862 (Public non-static property in child should take
priority over private static).
Fixed bug #79877 (getimagesize function silently truncates after a null
byte) (cmb)
Fileinfo:
Fixed bug #79756 (finfo_file crash (FILEINFO_MIME)).
FTP:
Fixed bug #55857 (ftp_size on large files).
Mbstring:
Fixed bug #79787 (mb_strimwidth does not trim string).
Phar:
Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile
function). (CVE-2020-7068)
Reflection:
Fixed bug #79487 (::getStaticProperties() ignores property
modifications).
Fixed bug #69804 (::getStaticPropertyValue() throws on protected props).
Fixed bug #79820 (Use after free when type duplicated into
ReflectionProperty gets resolved).
Standard:
Fixed bug #70362 (Can't copy() large 'data://' with open_basedir).
Fixed bug #78008 (dns_check_record() always return true on Alpine).
Fixed bug #79839 (array_walk() does not respect property types).
Sponsored by: Bounce Experts
|
|
Friday, 10 Jul 2020
|
11:25 tz
lang/php74: Upgrade from 7.4.7 to 7.4.8
Changelog:
Core:
Fixed bug #79595 (zend_init_fpu() alters FPU precision).
Fixed bug #79650 (php-win.exe 100% cpu lockup).
Fixed bug #79668 (get_defined_functions(true) may miss functions).
Fixed bug #79657 ("yield from" hangs when invalid value encountered).
Fixed bug #79683 (Fake reflection scope affects __toString()).
Fixed possibly unsupported timercmp() usage.
Exif:
Fixed bug #79687 (Sony picture - PHP Warning - Make, Model, MakerNotes).
Fileinfo:
Fixed bug #79681 (mime_content_type/finfo returning incorrect mimetype).
Filter:
Fixed bug #73527 (Invalid memory access in php_filter_strip).
GD:
Fixed bug #79676 (imagescale adds black border with IMG_BICUBIC).
OpenSSL:
Fixed bug #62890 (default_socket_timeout=-1 causes connection to
timeout).
PDO SQLite:
Fixed bug #79664 (PDOStatement::getColumnMeta fails on empty result
set).
phpdbg:
Fixed bug #73926 (phpdbg will not accept input on restart execution).
Fixed bug #73927 (phpdbg fails with windows error prompt at "watch
array").
Fixed several mostly Windows related phpdbg bugs.
SPL:
Fixed bug #79710 (Reproducible segfault in error_handler during GC
involved an SplFileObject).
Standard:
Fixed bug #74267 (segfault with streams and invalid data).
Sponsored by: Bounce Experts
|
|
Sunday, 14 Jun 2020
|
10:38 tz
lang/php74: Update from 7.4.6 to 7.4.7
Core:
Fixed bug #78434 (Generator yields no items after valid() call).
Fixed bug #79477 (casting object into array creates references).
Fixed bug #79514 (Memory leaks while including unexistent file).
Fixed bug #79470 (PHP incompatible with 3rd party file system on
demand).
Fixed bug #78784 (Unable to interact with files inside a VFS for Git
repository).
Fixed bug #78875 (Long variables cause OOM and temp files are not
cleaned). (CVE-2019-11048).
Fixed bug #78876 (Long variables in multipart/form-data cause OOM and
temp files are not cleaned). (CVE-2019-11048).
DOM:
Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes).
EXIF:
Fixed bug #79336 (ext/exif/tests/bug79046.phpt fails on Big endian
arch).
FCGI:
Fixed bug #79491 (Search for .user.ini extends up to root dir).
MBString:
Fixed bug #79441 (Segfault in mb_chr() if internal encoding is
unsupported).
OpenSSL:
Fixed bug #79497 (stream_socket_client() throws an unknown error
sometimes with <1s timeout).
PCRE:
Upgraded to PCRE2 10.34.
Phar:
Fixed bug #79503 (Memory leak on duplicate metadata).
SimpleXML:
Fixed bug #79528 (Different object of the same xml between 7.4.5 and
7.4.4).
SPL:
Fixed bug #69264 (__debugInfo() ignored while extending SPL classes).
Fixed bug #67369 (ArrayObject serialization drops the iterator class).
Standard:
Fixed bug #79468 (SIGSEGV when closing stream handle with a stream
filter appended).
Fixed bug #79447 (Serializing uninitialized typed properties with
__sleep should not throw).
Sponsored by: Bounce Experts
|
|
Friday, 15 May 2020
|
19:42 tz
lang/php74: Update from 7.4.5 to 7.4.6
Changelog:
Core:
Fixed bug #78434 (Generator yields no items after valid() call).
Fixed bug #79477 (casting object into array creates references).
Fixed bug #79514 (Memory leaks while including unexistent file).
Fixed bug #79470 (PHP incompatible with 3rd party file system on
demand).
Fixed bug #78784 (Unable to interact with files inside a VFS for Git
repository).
Fixed bug #78875 (Long variables cause OOM and temp files are not
cleaned). (CVE-2019-11048).
Fixed bug #78876 (Long variables in multipart/form-data cause OOM and
temp files are not cleaned). (CVE-2019-11048).
DOM:
Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes).
EXIF:
Fixed bug #79336 (ext/exif/tests/bug79046.phpt fails on Big endian
arch).
FCGI:
Fixed bug #79491 (Search for .user.ini extends up to root dir).
MBString:
Fixed bug #79441 (Segfault in mb_chr() if internal encoding is
unsupported).
OpenSSL:
Fixed bug #79497 (stream_socket_client() throws an unknown error
sometimes with <1s timeout).
PCRE:
Upgraded to PCRE2 10.34.
Phar:
Fixed bug #79503 (Memory leak on duplicate metadata).
SimpleXML:
Fixed bug #79528 (Different object of the same xml between 7.4.5 and
7.4.4).
SPL:
Fixed bug #69264 (__debugInfo() ignored while extending SPL classes).
Fixed bug #67369 (ArrayObject serialization drops the iterator class).
Standard:
Fixed bug #79468 (SIGSEGV when closing stream handle with a stream
filter appended).
Fixed bug #79447 (Serializing uninitialized typed properties with
__sleep should not throw).
Sponsored by: Bounce Experts
|
|
Saturday, 18 Apr 2020
|
21:10 tz
lang/php74: Upgrade from 7.4.4 to 7.4.5
Changelog:
Core:
Fixed bug #79364 (When copy empty array, next key is unspecified).
Fixed bug #78210 (Invalid pointer address).
CURL:
Fixed bug #79199 (curl_copy_handle() memory leak).
Date:
Fixed bug #79396 (DateTime hour incorrect during DST jump forward).
Fixed bug #74940 (DateTimeZone loose comparison always true).
FPM:
Implement request #77062 (Allow numeric [UG]ID in FPM
listen.{owner,group}) (Andre Nathan)
Iconv:
Fixed bug #79200 (Some iconv functions cut Windows-1258).
OPcache:
Fixed bug #79412 (Opcache chokes and uses 100% CPU on specific script).
Session:
Fixed bug #79413 (session_create_id() fails for active sessions).
Shmop:
Fixed bug #79427 (Integer Overflow in shmop_open()).
SimpleXML:
Fixed bug #61597 (SXE properties may lack attributes and content).
SOAP:
Fixed bug #79357 (SOAP request segfaults when any request parameter is
missing).
Spl:
Fixed bug #75673 (SplStack::unserialize() behavior).
Fixed bug #79393 (Null coalescing operator failing with SplFixedArray).
Standard:
Fixed bug #79330 (shell_exec() silently truncates after a null byte).
Fixed bug #79410 (system() swallows last chunk if it is exactly 4095
bytes without newline).
Fixed bug #79465 (OOB Read in urldecode()). (CVE-2020-7067)
Zip:
Fixed bug #79296 (ZipArchive::open fails on empty file).
Fixed bug #79424 (php_zip_glob uses gl_pathc after call to globfree).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.4.5
MFH: 2020Q2
|
|
Monday, 23 Mar 2020
|
22:08 tz
lang/php74: Update from 7.4.3 to 7.4.4
Changelog:
Core:
Fixed bug #79329 (get_headers() silently truncates after a null byte)
(CVE-2020-7066)
Fixed bug #79244 (php crashes during parsing INI file).
Fixed bug #63206 (restore_error_handler does not restore previous errors
mask).
COM:
Fixed bug #66322 (COMPersistHelper::SaveToFile can save to wrong
location).
Fixed bug #79242 (COM error constants don't match com_exception codes on
x86).
Fixed bug #79247 (Garbage collecting variant objects segfaults).
Fixed bug #79248 (Traversing empty VT_ARRAY throws com_exception).
Fixed bug #79299 (com_print_typeinfo prints duplicate variables).
Fixed bug #79332 (php_istreams are never freed).
Fixed bug #79333 (com_print_typeinfo() leaks memory).
CURL:
Fixed bug #79019 (Copied cURL handles upload empty file).
Fixed bug #79013 (Content-Length missing when posting a curlFile with
curl).
DOM:
Fixed bug #77569: (Write Access Violation in DomImplementation).
Fixed bug #79271 (DOMDocumentType::$childNodes is NULL).
Enchant:
Fixed bug #79311 (enchant_dict_suggest() fails on big endian
architecture).
EXIF:
Fixed bug #79282 (Use-of-uninitialized-value in exif) (CVE-2020-7064).
Fileinfo:
Fixed bug #79283 (Segfault in libmagic patch contains a buffer
overflow).
FPM:
Fixed bug #77653 (operator displayed instead of the real error message).
Fixed bug #79014 (PHP-FPM & Primary script unknown).
MBstring:
Fixed bug #79371 (mb_strtolower (UTF-32LE): stack-buffer-overflow at
php_unicode_tolower_full) (CVE-2020-7065).
MySQLi:
Fixed bug #64032 (mysqli reports different client_version).
MySQLnd:
Implemented FR #79275 (Support auth_plugin_caching_sha2_password on
Windows).
Opcache:
Fixed bug #79252 (preloading causes php-fpm to segfault during exit).
PCRE:
Fixed bug #79188 (Memory corruption in
preg_replace/preg_replace_callback and unicode).
Fixed bug #79241 (Segmentation fault on preg_match()).
Fixed bug #79257 (Duplicate named groups (?J) prefer last alternative
even if not matched).
PDO_ODBC:
Fixed bug #79038 (PDOStatement::nextRowset() leaks column values).
Reflection:
Fixed bug #79062 (Property with heredoc default value returns false for
getDocComment).
SQLite3:
Fixed bug #79294 (::columnType() may fail after SQLite3Stmt::reset()).
Standard:
Fixed bug #79254 (getenv() w/o arguments not showing changes).
Fixed bug #79265 (Improper injection of Host header when using fopen for
http requests).
Zip:
Fixed bug #79315 (ZipArchive::addFile doesn't honor start/length
parameters).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.4.4
MFH: 2020Q1
Sponsored by: PHP Update Service
|
|
Friday, 21 Feb 2020
|
22:03 tz
lang/php74: Upgrade from 7.4.2 to 7.4.3
Changelog:
Core:
Fixed bug #79146 (cscript can fail to run on some systems).
Fixed bug #79155 (Property nullability lost when using multiple property
definition).
Fixed bug #78323 (Code 0 is returned on invalid options).
Fixed bug #78989 (Delayed variance check involving trait segfaults).
Fixed bug #79174 (cookie values with spaces fail to round-trip).
Fixed bug #76047 (Use-after-free when accessing already destructed
backtrace arguments).
COM:
Fixed bug #79247 (Garbage collecting variant objects segfaults).
CURL:
Fixed bug #79078 (Hypothetical use-after-free in
curl_multi_add_handle()).
FFI:
Fixed bug #79096 (FFI Struct Segfault).
IMAP:
Fixed bug #79112 (IMAP extension can't find OpenSSL libraries at
configure time).
Intl:
Fixed bug #79212 (NumberFormatter::format() may detect wrong type).
Libxml:
Fixed bug #79191 (Error in SoapClient ctor disables
DOMDocument::save()).
MBString:
Fixed bug #79149 (SEGV in mb_convert_encoding with non-string
encodings).
MySQLi:
Fixed bug #78666 (Properties may emit a warning on var_dump()).
MySQLnd:
Fixed bug #79084 (mysqlnd may fetch wrong column indexes with
MYSQLI_BOTH).
Fixed bug #79011 (MySQL caching_sha2_password Access denied for password
with more than 20 chars).
Opcache:
Fixed bug #79114 (Eval class during preload causes class to be only half
available).
Fixed bug #79128 (Preloading segfaults if preload_user is used).
Fixed bug #79193 (Incorrect type inference for self::$field =& $field).
OpenSSL:
Fixed bug #79145 (openssl memory leak).
Phar:
Fixed bug #79082 (Files added to tar with Phar::buildFromIterator have
all-access permissions). (CVE-2020-7063)
Fixed bug #79171 (heap-buffer-overflow in phar_extract_file).
(CVE-2020-7061)
Fixed bug #76584 (PharFileInfo::decompress not working).
Reflection:
Fixed bug #79115 (ReflectionClass::isCloneable call reflected class
__destruct).
Session:
Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload
Progress). (CVE-2020-7062)
Standard:
Fixed bug #78902 (Memory leak when using stream_filter_append).
Fixed bug #78969 (PASSWORD_DEFAULT should match PASSWORD_BCRYPT instead
of being null).
Testing:
Fixed bug #78090 (bug45161.phpt takes forever to finish).
XSL:
Fixed bug #70078 (XSL callbacks with nodes as parameter leak memory).
Zip:
Add ZipArchive::CM_LZMA2 and ZipArchive::CM_XZ constants (since libzip
1.6.0).
Add ZipArchive::RDONLY (since libzip 1.0.0).
Add ZipArchive::ER_* missing constants.
Add ZipArchive::LIBZIP_VERSION constant.
Fixed bug #73119 (Wrong return for ZipArchive::addEmptyDir Method).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.4.3
MFH: 2020Q1
|
|
Sunday, 9 Feb 2020
|
12:11 pkubaj
lang/php74: disable DTRACE on powerpc and powerpc64
DTRACE works on 12.1 and head with php72 and php73, but seems to have problems
with php74 and 12.1 (head works fine).
|
|
Friday, 7 Feb 2020
|
09:49 pkubaj
lang/php7?: enable DTRACE on powerpc, powerpc64
Tested to work now.
|
|
Saturday, 25 Jan 2020
|
00:11 tz
lang/php74: Upgrade from 7.4.1 to 7.4.2
Changelog:
Core:
Preloading support on Windows has been disabled.
Fixed bug #79022 (class_exists returns True for classes that are not
ready to be used).
Fixed bug #78929 (plus signs in cookie values are converted to spaces).
Fixed bug #78973 (Destructor during CV freeing causes segfault if opline
never saved).
Fixed bug #78776 (Abstract method implementation from trait does not
check "static").
Fixed bug #78999 (Cycle leak when using function result as temporary).
Fixed bug #79008 (General performance regression with PHP 7.4 on
Windows).
Fixed bug #79002 (Serializing uninitialized typed properties with
__sleep makes unserialize throw).
CURL:
Fixed bug #79033 (Curl timeout error with specific url and post).
Fixed bug #79063 (curl openssl does not respect PKG_CONFIG_PATH).
Date:
Fixed bug #79015 (undefined-behavior in php_date.c).
DBA:
Fixed bug #78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit
reached).
Exif:
Fixed bug #79046 (NaN to int cast undefined behavior in exif).
Fileinfo:
Fixed bug #74170 (locale information change after mime_content_type).
GD:
Fixed bug #79067 (gdTransformAffineCopy() may use unitialized values).
Fixed bug #79068 (gdTransformAffineCopy() changes interpolation method).
Libxml:
Fixed bug #79029 (Use After Free's in XMLReader / XMLWriter).
Mbstring:
Fixed bug #79037 (global buffer-overflow in
`mbfl_filt_conv_big5_wchar`). (CVE-2020-7060)
OPcache:
Fixed bug #78961 (erroneous optimization of re-assigned $GLOBALS).
Fixed bug #78950 (Preloading trait method with static variables).
Fixed bug #78903 (Conflict in RTD key for closures results in crash).
Fixed bug #78986 (Opcache segfaults when inheriting ctor from immutable
into mutable class).
Fixed bug #79040 (Warning Opcode handlers are unusable due to ASLR).
Fixed bug #79055 (Typed property become unknown with OPcache file
cache).
Pcntl:
Fixed bug #78402 (Converting null to string in error message is bad DX).
PDO_PgSQL:
Fixed bug #78983 (pdo_pgsql config.w32 cannot find libpq-fe.h).
Fixed bug #78980 (pgsqlGetNotify() overlooks dead connection).
Fixed bug #78982 (pdo_pgsql returns dead persistent connection).
Session:
Fixed bug #79091 (heap use-after-free in session_create_id()).
Fixed bug #79031 (Session unserialization problem).
Shmop:
Fixed bug #78538 (shmop memory leak).
Sqlite3:
Fixed bug #79056 (sqlite does not respect PKG_CONFIG_PATH during
compilation).
Spl:
Fixed bug #78976 (SplFileObject::fputcsv returns -1 on failure).
Standard:
Fixed bug #79099 (OOB read in php_strip_tags_ex). (CVE-2020-7059)
Fixed bug #79000 (Non-blocking socket stream reports EAGAIN as error).
Fixed bug #54298 (Using empty additional_headers adding extraneous
CRLF).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.4.2
MFH: 2020Q1
|
|
Sunday, 22 Dec 2019
|
14:35 tz
lang/php74: Upgrade from 7.4.0 to 7.4.1
Changelog:
Bcmath:
Fixed bug #78878 (Buffer underflow in bc_shift_addsub).
(CVE-2019-11046).
Core:
Fixed bug #78862 (link() silently truncates after a null byte on
Windows). (CVE-2019-11044).
Fixed bug #78863 (DirectoryIterator class silently truncates after a
null byte). (CVE-2019-11045).
Fixed bug #78943 (mail() may release string with refcount==1 twice).
(CVE-2019-11049).
Fixed bug #78810 (RW fetches do not throw "uninitialized property"
exception).
Fixed bug #78868 (Calling __autoload() with incorrect EG(fake_scope)
value).
Fixed bug #78296 (is_file fails to detect file).
Fixed bug #78883 (fgets(STDIN) fails on Windows).
Fixed bug #78898 (call_user_func(['parent', ...]) fails while other
succeed).
Fixed bug #78904 (Uninitialized property triggers __get()).
Fixed bug #78926 (Segmentation fault on Symfony cache:clear).
GD:
Fixed bug #78849 (GD build broken with -D SIGNED_COMPARE_SLOW).
Fixed bug #78923 (Artifacts when convoluting image with transparency).
EXIF:
Fixed bug #78793 (Use-after-free in exif parsing under memory
sanitizer). (CVE-2019-11050).
Fixed bug #78910 (Heap-buffer-overflow READ in exif). (CVE-2019-11047).
FPM:
Fixed bug #76601 (Partially working php-fpm ater incomplete reload).
Fixed bug #78889 (php-fpm service fails to start).
Fixed bug #78916 (php-fpm 7.4.0 don't send mail via mail()).
Intl:
Implemented FR #78912 (INTL Support for accounting format).
Mysqlnd:
Fixed bug #78823 (ZLIB_LIBS not added to EXTRA_LIBS).
OPcache:
Fixed $x = (bool)$x; with opcache (should emit undeclared variable
notice).
Fixed bug #78935 (Preloading removes classes that have dependencies).
PCRE:
Fixed bug #78853 (preg_match() may return integer > 1).
Reflection:
Fixed bug #78895 (Reflection detects abstract non-static class as
abstract static. IS_IMPLICIT_ABSTRACT is not longer used).
Standard:
Fixed bug #77638 (var_export'ing certain class instances segfaults).
Fixed bug #78840 (imploding $GLOBALS crashes).
Fixed bug #78833 (Integer overflow in pack causes out-of-bound access).
Fixed bug #78814 (strip_tags allows / in tag name => whitelist bypass).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.4.1
MFH: 2019Q4
|
|
Thursday, 28 Nov 2019
|
13:07 tz
lang/php74: Update from 7.4.0RC 6 to 7.4.0
The PHP development team announces the immediate availability of PHP 7.4.0. This
release marks the fourth feature update to the PHP 7 series.
PHP 7.4.0 comes with numerous improvements and new features such as:
Typed Properties
Arrow Functions
Limited Return Type Covariance and Argument Type Contravariance
Unpacking Inside Arrays
Numeric Literal Separator
Weak References
Allow Exceptions from __toString()
Opcache Preloading
Several Deprecations
Extensions Removed from the Core
Full Changelog:
Core:
Implemented RFC: Deprecate curly brace syntax for accessing array
elements and string offsets.
Implemented RFC: Deprecations for PHP 7.4.
Fixed bug #52752 (Crash when lexing).
Fixed bug #60677 (CGI doesn't properly validate shebang line contains
#!).
Fixed bug #71030 (Self-assignment in list() may have inconsistent
behavior).
Fixed bug #72530 (Use After Free in GC with Certain Destructors).
Fixed bug #75921 (Inconsistent: No warning in some cases when stdObj is
created on the fly).
Implemented FR #76148 (Add array_key_exists() to the list of specially
compiled functions).
Fixed bug #76430 (__METHOD__ inconsistent outside of method).
Fixed bug #76451 (Aliases during inheritance type checks affected by
opcache).
Implemented FR #77230 (Support custom CFLAGS and LDFLAGS from
environment).
Fixed bug #77345 (Stack Overflow caused by circular reference in garbage
collection).
Fixed bug #77812 (Interactive mode does not support PHP 7.3-style
heredoc).
Fixed bug #77877 (call_user_func() passes $this to static methods).
Fixed bug #78066 (PHP eats the first byte of a program that comes from
process substitution).
Fixed bug #78151 (Segfault caused by indirect expressions in PHP 7.4a1).
Fixed bug #78154 (SEND_VAR_NO_REF does not always send reference).
Fixed bug #78182 (Segmentation fault during by-reference property
assignment).
Fixed bug #78212 (Segfault in built-in webserver).
Fixed bug #78220 (Can't access OneDrive folder).
Fixed bug #78226 (Unexpected __set behavior with typed properties).
Fixed bug #78239 (Deprecation notice during string conversion converted
to exception hangs).
Fixed bug #78335 (Static properties/variables containing cycles report
as leak).
Fixed bug #78340 (Include of stream wrapper not reading whole file).
Fixed bug #78344 (Segmentation fault on zend_check_protected).
Fixed bug #78356 (Array returned from ArrayAccess is incorrectly
unpacked as argument).
Fixed bug #78379 (Cast to object confuses GC, causes crash).
Fixed bug #78386 (fstat mode has unexpected value on PHP 7.4).
Fixed bug #78396 (Second file_put_contents in Shutdown hangs script).
Fixed bug #78406 (Broken file includes with user-defined stream
filters).
Fixed bug #78438 (Corruption when __unserializing deeply nested
structures).
Fixed bug #78441 (Parse error due to heredoc identifier followed by
digit).
Fixed bug #78454 (Consecutive numeric separators cause OOM error).
Fixed bug #78460 (PEAR installation failure).
Fixed bug #78531 (Crash when using undefined variable as object).
Fixed bug #78535 (auto_detect_line_endings value not parsed as bool).
Fixed bug #78604 (token_get_all() does not properly tokenize FOO<?php
with short_open_tag=0).
Fixed bug #78614 (Does not compile with DTRACE anymore).
Fixed bug #78620 (Out of memory error).
Fixed bug #78632 (method_exists() in php74 works differently from php73
in checking priv. methods).
Fixed bug #78644 (SEGFAULT in ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER).
Fixed bug #78658 (Memory corruption using Closure::bindTo).
Fixed bug #78656 (Parse errors classified as highest log-level).
Fixed bug #78662 (stream_write bad error detection).
Fixed bug #78768 (redefinition of typedef zend_property_info).
Fixed bug #78788 (./configure generates invalid php_version.h).
Fixed incorrect usage of QM_ASSIGN instruction. It must not return
IS_VAR. As a side effect, this allowed passing left hand list() "by reference",
instead of compile-time error.
CLI:
The built-in CLI server now reports the request method in log files.
COM:
Deprecated registering of case-insensitive constants from typelibs.
Fixed bug #78650 (new COM Crash).
Fixed bug #78694 (Appending to a variant array causes segfault).
CURL:
Fixed bug #76480 (Use curl_multi_wait() so that timeouts are respected).
Implemented FR #77711 (CURLFile should support UNICODE filenames).
Deprecated CURLPIPE_HTTP1.
Deprecated $version parameter of curl_version().
Date:
Updated timelib to 2018.02.
Fixed bug #69044 (discrepency between time and microtime).
Fixed bug #70153 (\DateInterval incorrectly unserialized).
Fixed bug #75232 (print_r of DateTime creating side-effect).
Fixed bug #78383 (Casting a DateTime to array no longer returns its
properties).
Fixed bug #78751 (Serialising DatePeriod converts DateTimeImmutable).
Exif:
Fixed bug #78333 (Exif crash (bus error) due to wrong alignment and
invalid cast).
Fixed bug #78256 (heap-buffer-overflow on exif_process_user_comment).
(CVE-2019-11042)
Fixed bug #78222 (heap-buffer-overflow on exif_scan_thumbnail).
(CVE-2019-11041)
Fileinfo:
Fixed bug #78075 (finfo_file treats JSON file as text/plain).
Fixed bug #78183 (finfo_file shows wrong mime-type for .tga file).
Filter:
The filter extension no longer has the --with-pcre-dir on Unix builds,
allowing the extension to be once more compiled as shared using ./configure.
FFI:
Added FFI extension.
Fixed bug #78488 (OOB in ZEND_FUNCTION(ffi_trampoline)).
Fixed bug #78543 (is_callable() on FFI\CData throws Exception).
Fixed bug #78716 (Function name mangling is wrong for some parameter
types).
Fixed bug #78762 (Failing FFI::cast() may leak memory).
Fixed bug #78761 (Zend memory heap corruption with preload and casting).
Implement FR #78270 (Support __vectorcall convention with FFI).
Added missing FFI::isNull().
FPM:
Implemented FR #72510 (systemd service should be hardened).
Fixed bug #74083 (master PHP-fpm is stopped on multiple reloads).
Fixed bug #78334 (fpm log prefix message includes wrong stdout/stderr
notation).
Fixed bug #78599 (env_path_info underflow in fpm_main.c can lead to
RCE). (CVE-2019-11043)
GD:
Implemented the scatter filter (IMG_FILTER_SCATTER).
The bundled libgd behaves now like system libgd wrt. IMG_CROP_DEFAULT
never falling back to IMG_CROP_SIDES.
The default $mode parameter of imagecropauto() has been changed to
IMG_CROP_DEFAULT; passing -1 is now deprecated.
Added support for aspect ratio preserving scaling to a fixed height for
imagescale().
Added TGA read support.
Fixed bug #73291 (imagecropauto() $threshold differs from external
libgd).
Fixed bug #76324 (cannot detect recent versions of freetype with
pkg-config).
Fixed bug #78314 (missing freetype support/functions with external gd).
GMP:
Fixed bug #78574 (broken shared build).
Hash:
Implemented RFC: The hash extension is now an integral part of PHP and
cannot be disabled.
Implemented FR #71890 (crc32c checksum algorithm).
Iconv:
Fixed bug #78342 (Bus error in configure test for iconv //IGNORE).
Fixed bug #78642 (Wrong libiconv version displayed).
Libxml:
Fixed bug #78279 (libxml_disable_entity_loader settings is shared
between requests (cgi-fcgi)).
InterBase:
Unbundled the InterBase extension and moved it to PECL.
Intl:
Raised requirements to ICU [?] 50.1.
Changed ResourceBundle to implement Countable.
Changed default of $variant parameter of idn_to_ascii() and
idn_to_utf8().
LDAP:
Deprecated ldap_control_paged_result_response and
ldap_control_paged_result
LiteSpeed:
Updated to LiteSpeed SAPI V7.5 (Fixed clean shutdown).
Updated to LiteSpeed SAPI V7.4.3 (increased response header count limit
from 100 to 1000, added crash handler to cleanly shutdown PHP request, added
CloudLinux mod_lsapi mode).
Fixed bug #76058 (After "POST data can't be buffered", using php://input
makes huge tmp files).
MBString:
Fixed bug #77907 (mb-functions do not respect default_encoding).
Fixed bug #78579 (mb_decode_numericentity: args number inconsistency).
Fixed bug #78609 (mb_check_encoding() no longer supports stringable
objects).
MySQLi:
Fixed bug #67348 (Reading $dbc->stat modifies $dbc->affected_rows).
Fixed bug #76809 (SSL settings aren't respected when persistent
connections are used).
Fixed bug #78179 (MariaDB server version incorrectly detected).
Fixed bug #78213 (Empty row pocket).
MySQLnd:
Fixed connect_attr issues and added the _server_host connection
attribute.
Fixed bug #60594 (mysqlnd exposes 160 lines of stats in phpinfo).
ODBC:
Fixed bug #78473 (odbc_close() closes arbitrary resources).
Opcache:
Implemented preloading RFC.
Add opcache.preload_user INI directive.
Added new INI directive opcache.cache_id (Windows only).
Fixed bug #78106 (Path resolution fails if opcache disabled during
request).
Fixed bug #78175 (Preloading segfaults at preload time and at runtime).
Fixed bug #78202 (Opcache stats for cache hits are capped at 32bit NUM).
Fixed bug #78271 (Invalid result of if-else).
Fixed bug #78341 (Failure to detect smart branch in DFA pass).
Fixed bug #78376 (Incorrect preloading of constant static properties).
Fixed bug #78429 (opcache_compile_file(__FILE__); segfaults).
Fixed bug #78512 (Cannot make preload work).
Fixed bug #78514 (Preloading segfaults with inherited typed property).
Fixed bug #78654 (Incorrectly computed opcache checksum on files with
non-ascii characters).
OpenSSL:
Added TLS 1.3 support to streams including new tlsv1.3 stream.
Added openssl_x509_verify function.
openssl_random_pseudo_bytes() now throws in error conditions.
Changed the default config path (Windows only).
Fixed bug #78231 (Segmentation fault upon stream_socket_accept of
exported socket-to-stream).
Fixed bug #78391 (Assertion failure in openssl_random_pseudo_bytes).
Fixed bug #78775 (TLS issues from HTTP request affecting other encrypted
connections).
Pcntl:
Fixed bug #77335 (PHP is preventing SIGALRM from specifying SA_RESTART).
PCRE:
Implemented FR #77094 (Support flags in preg_replace_callback).
Fixed bug #72685 (Repeated UTF-8 validation of same string in UTF-8
mode).
Fixed bug #73948 (Preg_match_all should return NULLs on trailing
optional capture groups).
Fixed bug #78338 (Array cross-border reading in PCRE).
Fixed bug #78349 (Bundled pcre2 library missing LICENCE file).
PDO:
Implemented FR #71885 (Allow escaping question mark placeholders).
https://wiki.php.net/rfc/pdo_escape_placeholders
Fixed bug #77849 (Disable cloning of PDO handle/connection objects).
Implemented FR #78033 (PDO - support username and password specified in
DSN).
PDO_Firebird:
Implemented FR #65690 (PDO_Firebird should also support dialect 1).
Implemented FR #77863 (PDO firebird support type Boolean in input
parameters).
PDO_MySQL:
Fixed bug #41997 (SP call yields additional empty result set).
Fixed bug #78623 (Regression caused by "SP call yields additional empty
result set").
PDO_OCI:
Support Oracle Database tracing attributes ACTION, MODULE, CLIENT_INFO,
and CLIENT_IDENTIFIER.
Implemented FR #76908 (PDO_OCI getColumnMeta() not implemented).
PDO_SQLite:
Implemented sqlite_stmt_readonly in PDO_SQLite.
Raised requirements to SQLite 3.5.0.
Fixed bug #78192 (SegFault when reuse statement after schema has
changed).
Fixed bug #78348 (Remove -lrt from pdo_sqlite.so).
Phar:
Fixed bug #77919 (Potential UAF in Phar RSHUTDOWN).
phpdbg:
Fixed bug #76596 (phpdbg support for display_errors=stderr).
Fixed bug #76801 (too many open files).
Fixed bug #77800 (phpdbg segfaults on listing some conditional
breakpoints).
Fixed bug #77805 (phpdbg build fails when readline is shared).
Recode:
Unbundled the recode extension.
Reflection:
Fixed bug #76737 (Unserialized reflection objects are broken, they
shouldn't be serializable).
Fixed bug #78263 (\ReflectionReference::fromArrayElement() returns null
while item is a reference).
Fixed bug #78410 (Cannot "manually" unserialize class that is final and
extends an internal one).
Fixed bug #78697 (ReflectionClass::implementsInterface - inaccurate
error message with traits).
Fixed bug #78774 (ReflectionNamedType on Typed Properties Crash).
Session:
Fixed bug #78624 (session_gc return value for user defined session
handlers).
SimpleXML:
Implemented FR #65215 (SimpleXMLElement could register as implementing
Countable).
Fixed bug #75245 (Don't set content of elements with only whitespaces).
Sockets:
Fixed bug #67619 (Validate length on socket_write).
Fixed bug #78665 (Multicasting may leak memory).
sodium:
Fixed bug #77646 (sign_detached() strings not terminated).
Fixed bug #78510 (Partially uninitialized buffer returned by
sodium_crypto_generichash_init()).
Fixed bug #78516 (password_hash(): Memory cost is not in allowed range).
SPL:
Fixed bug #77518 (SeekableIterator::seek() should accept 'int' typehint
as documented).
Fixed bug #78409 (Segfault when creating instance of ArrayIterator
without constructor).
Fixed bug #78436 (Missing addref in SplPriorityQueue EXTR_BOTH mode).
Fixed bug #78456 (Segfault when serializing SplDoublyLinkedList).
SQLite3:
Unbundled libsqlite.
Raised requirements to SQLite 3.7.4.
Forbid (un)serialization of SQLite3, SQLite3Stmt and SQLite3Result.
Added support for the SQLite @name notation.
Added SQLite3Stmt::getSQL() to retrieve the SQL of the statement.
Implement FR ##70950 (Make SQLite3 Online Backup API available).
Standard:
Implemented RFC password hashing registry.
Implemented RFC where password_hash() has argon2i(d) implementations
from ext/sodium when PHP is built without libargon.
Implemented FR #38301 (field enclosure behavior in fputcsv).
Implemented FR #51496 (fgetcsv should take empty string as an escape).
Fixed bug #73535 (php_sockop_write() returns 0 on error, can be used to
trigger Denial of Service).
Fixed bug #74764 (Bindto IPv6 works with file_get_contents but fails
with stream_socket_client).
Fixed bug #76859 (stream_get_line skips data if used with
data-generating filter).
Implemented FR #77377 (No way to handle CTRL+C in Windows).
Fixed bug #77930 (stream_copy_to_stream should use mmap more often).
Implemented FR #78177 (Make proc_open accept command array).
Fixed bug #78208 (password_needs_rehash() with an unknown algo should
always return true).
Fixed bug #78241 (touch() does not handle dates after 2038 in PHP
64-bit).
Fixed bug #78282 (atime and mtime mismatch).
Fixed bug #78326 (improper memory deallocation on stream_get_contents()
with fixed length buffer).
Fixed bug #78346 (strip_tags no longer handling nested php tags).
Fixed bug #78506 (Error in a php_user_filter::filter() is not reported).
Fixed bug #78549 (Stack overflow due to nested serialized input).
Fixed bug #78759 (array_search in $GLOBALS).
Testing:
Fixed bug #78684 (PCRE bug72463_2 test is sending emails on Linux).
Tidy:
Added TIDY_TAG_* constants for HTML5 elements.
Fixed bug #76736 (wrong reflection for tidy_get_head, tidy_get_html,
tidy_get_root, and tidy_getopt)
WDDX:
Deprecated and unbundled the WDDX extension.
Zip:
Fixed bug #78641 (addGlob can modify given remove_path value).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.4.0
MFH: 2019Q4
Sponsored by: Professionelles Bounce Management
|
|
Tuesday, 12 Nov 2019
|
18:13 tz
lang/php74: Update from RC5 to RC6
Changelog:
- Core:
. Fixed bug #78768 (redefinition of typedef zend_property_info). (Nikita)
. Fixed bug #78788 (./configure generates invalid php_version.h). (max)
- Standard:
. Fixed bug #77930 (stream_copy_to_stream should use mmap more often).
(Nikita)
. Fixed bug #78759 (array_search in $GLOBALS). (Nikita)
- OpenSSL:
. Fixed bug #78775 (TLS issues from HTTP request affecting other encrypted
connections). (Nikita)
- Reflection:
. Fixed bug #78774 (ReflectionNamedType on Typed Properties Crash). (Nikita)
Changelog taken from: https://github.com/php/php-src/blob/php-7.4.0RC6/NEWS
MFH: 2019Q4
|
|
Wednesday, 30 Oct 2019
|
22:42 tz
lang/php74: Upgrade from RC4 to RC5
Changelog:
- Core:
. Fixed bug #78226 (Unexpected __set behavior with typed properties).
(Nikita)
- COM:
. Fixed bug #78694 (Appending to a variant array causes segfault). (cmb)
- Date:
. Fixed bug #70153 (\DateInterval incorrectly unserialized). (Maksim
Iakunin)
. Fixed bug #78751 (Serialising DatePeriod converts DateTimeImmutable).
(cmb)
- FFI:
. Fixed bug #78716 (Function name mangling is wrong for some parameter
types). (cmb)
. Implement FR #78270 (Support __vectorcall convention with FFI). (cmb)
- FPM:
. Fixed bug #78599 (env_path_info underflow in fpm_main.c can lead to RCE).
(CVE-2019-11043) (Jakub Zelenka)
. Fixed bug #74083 (master PHP-fpm is stopped on multiple reloads).
(Maksim Nikulin)
-Opcache:
. Fixed bug #78512 (Cannot make preload work). (Dmitry)
- PDO_Firebird:
. Implemented FR #65690 (PDO_Firebird should also support dialect 1).
(Simonov Denis)
- Reflection:
. Fixed bug #78697 (ReflectionClass::implementsInterface - inaccurate error
message with traits). (villfa)
- Testing:
. Fixed bug #78684 (PCRE bug72463_2 test is sending emails on Linux). (cmb)
Changelog taken from: https://github.com/php/php-src/blob/php-7.4.0RC5/NEWS
Sponsored by: 2019Q4
|
|
Friday, 18 Oct 2019
|
17:35 tz
lang/php74: Update from RC3 to RC4
Changelog:
- Core:
. Fixed bug #78614 (Does not compile with DTRACE anymore).
(tz at FreeBSD dot org)
. Fixed bug #78620 (Out of memory error). (cmb, Nikita)
. Fixed bug #78632 (method_exists() in php74 works differently from php73 in
checking priv. methods). (Nikita)
. Fixed bug #78644 (SEGFAULT in ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER).
(Nikita)
. Fixed bug #78658 (Memory corruption using Closure::bindTo). (Nikita)
. Fixed bug #78656 (Parse errors classified as highest log-level). (Erik
Lundin)
. Fixed bug #78662 (stream_write bad error detection). (Remi)
- COM:
. Fixed bug #78650 (new COM Crash). (cmb)
- Iconv:
. Fixed bug #78642 (Wrong libiconv version displayed). (gedas at martynas,
cmb).
- Pcntl:
. Fixed bug #77335 (PHP is preventing SIGALRM from specifying SA_RESTART).
(Nikita)
- MySQLi:
. Fixed bug #76809 (SSL settings aren't respected when persistent connections
are used). (fabiomsouto)
- OpCache:
. Fixed bug #78654 (Incorrectly computed opcache checksum on files with
non-ascii characters). (mhagstrand)
- PDO_MySQL:
. Fixed bug #78623 (Regression caused by "SP call yields additional empty
result set"). (cmb)
- SimpleXML:
. Fixed bug #75245 (Don't set content of elements with only whitespaces).
(eriklundin)
- Sockets:
. Fixed bug #78665 (Multicasting may leak memory). (cmb)
- Standard:
. Fixed bug #76859 (stream_get_line skips data if used with data-generating
filter). (kkopachev)
- Zip:
. Fixed bug #78641 (addGlob can modify given remove_path value). (cmb)
Changlog taken from: https://github.com/php/php-src/blob/php-7.4.0RC4/NEWS
MFH: 2019Q4
|
|
Thursday, 3 Oct 2019
|
21:54 tz
lang/php74: Upgrade from RC1 to RC3
Changelog:
03 Oct 2019, PHP 7.4.0RC3
- Core:
. Fixed bug #78604 (token_get_all() does not properly tokenize FOO<?php with
short_open_tag=0). (Nikita)
- FFI:
. Fixed bug #78543 (is_callable() on FFI\CData throws Exception). (cmb)
- GMP:
. Fixed bug #78574 (broken shared build). (Remi)
- MBString:
. Fixed bug #78579 (mb_decode_numericentity: args number inconsistency).
(cmb)
. Fixed bug #78609 (mb_check_encoding() no longer supports stringable
objects). (cmb)
- OpenSSL:
. Changed the default config path (Windows only). (cmb)
- Standard:
. Fixed bug #78549 (Stack overflow due to nested serialized input). (Nikita)
19 Sep 2019, PHP 7.4.0RC2
- Core:
. Fixed incorrect usage of QM_ASSIGN instruction. It must not return IS_VAR.
As a side effect, this allowed passing left hand list() "by reference",
instead of compile-time error. (Dmitry)
. Fixed bug #78531 (Crash when using undefined variable as object). (Dmitry)
. Fixed bug #78535 (auto_detect_line_endings value not parsed as bool).
(bugreportuser)
- FFI:
. Added missing FFI::isNull(). (Philip Hofstetter)
. Fixed bug #78488 (OOB in ZEND_FUNCTION(ffi_trampoline)). (Dmitry)
- Opcache:
. Add opcache.preload_user INI directive. (Dmitry)
. Fixed bug #78514 (Preloading segfaults with inherited typed property).
(Nikita)
. Fixed bug #78429 (opcache_compile_file(__FILE__); segfaults). (cmb)
- PCRE:
. Fixed bug #78349 (Bundled pcre2 library missing LICENCE file). (Peter Kokot)
- PDO_Firebird:
. Implemented FR #77863 (PDO firebird support type Boolean in input
parameters). (Simonov Denis)
- PDO_MySQL:
. Fixed bug #41997 (SP call yields additional empty result set). (cmb)
- sodium:
. Fixed bug #78510 (Partially uninitialized buffer returned by
sodium_crypto_generichash_init()). (Frank Denis, cmb)
. Fixed bug #78516 (password_hash(): Memory cost is not in allowed range).
(cmb, Nikita)
- Standard:
. Fixed bug #78506 (Error in a php_user_filter::filter() is not reported).
(Nikita)
Changelog taken from: https://github.com/php/php-src/blob/php-7.4.0RC3/NEWS
MFH: 2019Q4
|
|
Monday, 30 Sep 2019
|
14:16 pkubaj
lang/php74: fix build on GCC architectures
Use C11 compiler because of:
/wrkdirs/usr/ports/lang/php74/work/php-7.4.0RC1/Zend/zend_compile.h:363: error:
redefinition of typedef 'zend_property_info'
/wrkdirs/usr/ports/lang/php74/work/php-7.4.0RC1/Zend/zend_types.h:385: error:
previous declaration of 'zend_property_info' was here
Disable DTRACE on powerpc64 due to:
dtrace: failed to link script
/usr/local/poudriere/ports/default/lang/php74/work/php-7.4.0RC1/Zend/zend_dtrace.d:
an error was encountered while processing main/.libs/main.o
PR: 240733
Approved by: tz (maintainer), linimon (mentor)
|
|
Friday, 20 Sep 2019
|
19:24 tz
lang/php74: add module hash to PHP_EXT_INC
The hash module is now part of the core and can't be disabled anymore.
Therefore add it to the list
Reported by: ale
Sponsored by: PHP Update Service
Differential Revision: https://reviews.freebsd.org/D21349
|
12:21 tz
Welcome PHP 7.4 RC 1 in the ports-tree.
There are many greater changes including:
- New module ffi
- Remove interbase module
- Remove recode module
- Remove wddx module
- Many modules changes the build switches
- Many modules changes the config format, so patches needed to be recreated
Special thanks to tobik and ale for their support.
Reviewed by: tobik, ale, joneum
Sponsored by: PHP Update Service
Differential Revision: https://reviews.freebsd.org/D21349
|
Number of commits found: 61 |
As an Amazon Associate I earn from qualifying purchases.