head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.10
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.8
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.6
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.4
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.2.0.2
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2009Q2:1.1.0.22
	pkgsrc-2009Q2-base:1.1
	pkgsrc-2009Q1:1.1.0.20
	pkgsrc-2009Q1-base:1.1
	pkgsrc-2008Q4:1.1.0.18
	pkgsrc-2008Q4-base:1.1
	pkgsrc-2008Q3:1.1.0.16
	pkgsrc-2008Q3-base:1.1
	cube-native-xorg:1.1.0.14
	cube-native-xorg-base:1.1
	pkgsrc-2008Q2:1.1.0.12
	pkgsrc-2008Q2-base:1.1
	cwrapper:1.1.0.10
	pkgsrc-2008Q1:1.1.0.8
	pkgsrc-2008Q1-base:1.1
	pkgsrc-2007Q4:1.1.0.6
	pkgsrc-2007Q4-base:1.1
	pkgsrc-2007Q3:1.1.0.4
	pkgsrc-2007Q3-base:1.1
	pkgsrc-2007Q2:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2009.07.07.21.57.28;	author jdolecek;	state dead;
branches;
next	1.1;

1.1
date	2007.08.01.01.40.08;	author taca;	state Exp;
branches
	1.1.2.1
	1.1.22.1;
next	;

1.1.2.1
date	2007.08.01.01.40.08;	author ghen;	state dead;
branches;
next	1.1.2.2;

1.1.2.2
date	2007.08.06.21.13.13;	author ghen;	state Exp;
branches;
next	;

1.1.22.1
date	2009.09.30.12.19.49;	author tron;	state dead;
branches;
next	;


desc
@@


1.2
log
@Update lang/php5 to version 5.2.10 - according to the release annoucement:

Security Enhancements and Fixes in PHP 5.2.10:
    * Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files). (Pierre)

Key enhancements in PHP 5.2.10 include:
    * Added "ignore_errors" option to http fopen wrapper. (David Zulke, Sara)
    * Fixed memory corruptions while reading properties of zip files. (Ilia)
    * Fixed memory leak in ob_get_clean/ob_get_flush. (Christian)
    * Fixed segfault on invalid session.save_path. (Hannes)
    * Fixed leaks in imap when a mail_criteria is used. (Pierre)
    * Changed default value of array_unique()'s optional sorting type parameter back to SORT_STRING to fix backwards compatibility breakage introduced in PHP 5.2.9. (Moriyoshi)
    * Fixed bug #47940 (memory leaks in imap_body). (Pierre, Jake Levitt)
    * Fixed bug #47903 ("@@" operator does not work with string offsets). (Felipe)
    * Fixed bug #47644 (Valid integers are truncated with json_decode()). (Scott)
    * Fixed bug #47564 (unpacking unsigned long 32bit big endian returns wrong result). (Ilia)
    * Fixed bug #47365 (ip2long() may allow some invalid values on certain 64bit systems).
    * Over 100 bug fixes.
@
text
@$NetBSD: patch-ad,v 1.1 2007/08/01 01:40:08 taca Exp $

Adapt NetBSD's remap(2).

--- Zend/zend_alloc.c.orig	2007-05-28 19:07:50.000000000 +0900
+++ Zend/zend_alloc.c
@@@@ -148,7 +148,11 @@@@ static zend_mm_segment* zend_mm_mem_mmap
 {
 	zend_mm_segment *ret;
 #ifdef HAVE_MREMAP
+#if defined(__NetBSD__)
+	ret = (zend_mm_segment*)mremap(segment, segment->size, segment, size, MREMAP_MAYMOVE);
+#else
 	ret = (zend_mm_segment*)mremap(segment, segment->size, size, MREMAP_MAYMOVE);
+#endif
 	if (ret == MAP_FAILED) {
 #endif
 		ret = storage->handlers->_alloc(storage, size);
@


1.1
log
@- Add patches to fix CVE-2007-3806 referring CVS repository.
- Fix compile problem on NetBSD with mremap(2).

Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.22.1
log
@Pullup ticket #2903 - requested by taca
php5: security update

Revisions pulled up:
- lang/php5/Makefile.common			1.37
- lang/php5/Makefile.php			1.36-1.37 via patch
- lang/php5/PLIST				1.24
- lang/php5/distinfo				1.66-1.67 via patch
- lang/php5/patches/patch-ad			delete
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sat Sep 26 05:40:05 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile.common Makefile.php PLIST distinfo
Removed Files:
	pkgsrc/lang/php5/patches: patch-ax

Log Message:
Update lang/php5 to 5.2.11, fixing security problem of 5.2.10.
One pkglint warning was fixed, too.

PHP                                                                        NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
17 Sep 2009, PHP 5.2.11
- Fixed certificate validation inside php_openssl_apply_verification_policy.
  (Ryan Sleevi, Ilia)

10 Sep 2009, PHP 5.2.11RC3
- Updated timezone database to version 2009.13 (2009m) (Derick)

- Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). (Ilia)
- Fixed bug #49447 (php engine needs to correctly check for socket API return
  status on windows). (Sriram Natarajan)
- Fixed bug #48060 (pdo_pgsql - large objects are returned as empty). (Matteo)

03 Sep 2009, PHP 5.2.11RC2
- Added missing sanity checks around exif processing. (Ilia)

- Fixed sanity check for the color index in imagecolortransparent. (Pierre)
- Fixed zlib.deflate compress filter to actually accept level parameter. (Jani)
- Fixed leak on error in popen/exec (and related functions) on Windows.
  (Pierre)

- Fixed bug #49361 (wordwrap() wraps incorrectly on end of line boundaries).
  (Ilia, code-it at mail dot ru)
- Fixed bug #49289 (bcmath module doesn't compile with phpize configure).
  (Jani)
- Fixed bug #49286 (php://input (php_stream_input_read) is broken). (Jani)
- Fixed bug #49269 (Ternary operator fails on Iterator object when used inside
  foreach declaration). (Etienne, Dmitry)
- Fixed bug #49236 (Missing PHP_SUBST(PDO_MYSQL_SHARED_LIBADD)). (Jani)
- Fixed bug #49144 (Import of schema from different host transmits original
  authentication details). (Dmitry)
- Fixed bug #49000 (PHP CLI in Interactive mode (php -a) crashes when including
  files from function). (Stas)
- Fixed bug #48696 (ldap_read() segfaults with invalid parameters). (Felipe)
- Fixed bug #47273 (Encoding bug in SoapServer->fault). (Dmitry)
- Fixed bug #28038 (Sent incorrect RCPT TO commands to SMTP server) (Garrett)

13 Aug 2009, PHP 5.2.11RC1
- Fixed regression in cURL extension that prevented flush of data to output
  defined as a file handle. (Ilia)
- Fixed memory leak in stream_is_local(). (Felipe, Tony)

- Fixed bug #49372 (segfault in php_curl_option_curl). (Pierre)
- Fixed bug #49132 (posix_times returns false without error).
  (phpbugs at gunnu dot us)
- Fixed bug #49125 (Error in dba_exists C code). (jdornan at stanford dot edu)
- Fixed bug #49095 (proc_get_status['exitcode'] fails on win32). (Felipe)
- Fixed bug #49074 (private class static fields can be modified by using
  reflection). (Jani)
- Fixed bug #49072 (feof never returns true for damaged file in zip). (Pierre)
- Fixed bug #49052 (context option headers freed too early when using
  --with-curlwrappers). (Jani)
- Fixed bug #49032 (SplFileObject::fscanf() variables passed by reference).
  (Jani)
- Fixed bug #49026 (proc_open() can bypass safe_mode_protected_env_vars
  restrictions). (Ilia)
- Fixed bug #48994 (zlib.output_compression does not output HTTP headers when
  set to a string value). (Jani)
- Fixed bug #48980 (Crash when compiling with pdo_firebird). (Felipe)
- Fixed bug #48962 (cURL does not upload files with specified filename).
  (Ilia)
- Fixed bug #48929 (Double \r\n after HTTP headers when "header" context
  option is an array). (David Z762 (IPv6 address filter still rejects valid address). (Felipe)
- Fixed bug #48733 (CURLOPT_WRITEHEADER|CURLOPT_FILE|CURLOPT_STDERR warns on
  files that have been opened with r+). (Ilia)
- Fixed bug #48732 (TTF Bounding box wrong for letters below baseline).
  (Takeshi Abe)
- Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain
  components). (Ilia)
- Fixed bug #48709 (metaphone and 'wh'). (brettz9 at yahoo dot com, Felipe)
- Fixed bug #48697 (mb_internal_encoding() value gets reset by parse_str()).
  (Moriyoshi)
- Fixed bug #48693 (Double declaration of __lambda_func when lambda wrongly
  formatted). (peter at lvp-media dot com, Felipe)
- Fixed bug #48661 (phpize is broken with non-bash shells). (Jani)
- Fixed bug #48645 (mb_convert_encoding() doesn't understand hexadecimal
  html-entities). (Moriyoshi)
- Fixed bug #48637 ("file" fopen wrapper is overwritten when using
  --with-curlwrappers). (Jani)
- Fixed bug #48636 (Error compiling of ext/date on netware). (guenter at
  php.net, Ilia)
- Fixed bug #48629 (get_defined_constants() ignores categorize parameter).
  (Felipe)
- Fixed bug #48619 (imap_search ALL segfaults). (Pierre)
- Fixed bug #48608 (Invalid libreadline version not detected during configure).
  (Jani)
- Fixed bug #48555 (ImageFTBBox() differs from previous versions for texts
  with new lines) (Takeshi Abe)
- Fixed bug #48539 (pdo_dblib fails to connect, throws empty PDOException
  "SQLSTATE[] (null)"). (Felipe)
- Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using
  TMPDIR). (Ilia)
- Fixed bug #48450 (Compile failure under IRIX 6.5.30 building gd.c). (Kalle)
- Fixed bug #48400 (imap crashes when closing stream opened with
  OP_PROTOTYPE flag). (Jani)
- Fixed bug #48284 (hash "adler32" byte order is reversed). (Scott)
- Fixed bug #48276 (date("Y") on big endian machines produces the
  wrong result). (Scott)
- Fixed bug #48247 (Infinite loop and possible crash during startup with
  errors when errors are logged). (Jani)
- Fixed bug #48116 (Fixed build with Openssl 1ImageLine w/ antialias = 1px shorter). (wojjie at gmail dot
  com, Kalle)
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Sat Sep 26 07:35:31 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile.php distinfo

Log Message:
Update suhosin patch to 5.2.11, too.
@
text
@d1 1
a1 1
$NetBSD: patch-ad,v 1.1 2007/08/01 01:40:08 taca Exp $
@


1.1.2.1
log
@file patch-ad was added on branch pkgsrc-2007Q2 on 2007-08-06 21:13:13 +0000
@
text
@d1 18
@


1.1.2.2
log
@Pullup tickets 2161-2163 - requested by taca
security fix for php

- pkgsrc/lang/php5/Makefile				1.56
- pkgsrc/lang/php5/distinfo				1.45
- pkgsrc/lang/php5/patches/patch-ad			1.1
- pkgsrc/lang/php5/patches/patch-ae			1.1
- pkgsrc/www/ap-php/Makefile				1.15
- pkgsrc/www/php4/Makefile				1.79
- pkgsrc/www/php4/distinfo				1.66
- pkgsrc/www/php4/patches/patch-aw			1.3

   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Aug  1 01:40:55 UTC 2007

   Modified Files:
	   pkgsrc/www/php4: Makefile distinfo
   Added Files:
	   pkgsrc/www/php4/patches: patch-aw

   Log Message:
   Add patches to fix CVE-2007-3806 referring CVS repository.

   Bump PKGREVISION.
---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed Aug  1 01:40:08 UTC 2007

   Modified Files:
	   pkgsrc/lang/php5: Makefile distinfo
   Added Files:
	   pkgsrc/lang/php5/patches: patch-ad patch-ae

   Log Message:
   - Add patches to fix CVE-2007-3806 referring CVS repository.
   - Fix compile problem on NetBSD with mremap(2).

   Bump PKGREVISION.
---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Thu Aug  2 15:10:04 UTC 2007

   Modified Files:
	   pkgsrc/www/ap-php: Makefile

   Log Message:
   Update of www/php5 package affects ap-php, too.

   So, bump PKGREVISION.

   (I just forgot to commit.)
@
text
@a0 18
$NetBSD$

Adapt NetBSD's remap(2).

--- Zend/zend_alloc.c.orig	2007-05-28 19:07:50.000000000 +0900
+++ Zend/zend_alloc.c
@@@@ -148,7 +148,11 @@@@ static zend_mm_segment* zend_mm_mem_mmap
 {
 	zend_mm_segment *ret;
 #ifdef HAVE_MREMAP
+#if defined(__NetBSD__)
+	ret = (zend_mm_segment*)mremap(segment, segment->size, segment, size, MREMAP_MAYMOVE);
+#else
 	ret = (zend_mm_segment*)mremap(segment, segment->size, size, MREMAP_MAYMOVE);
+#endif
 	if (ret == MAP_FAILED) {
 #endif
 		ret = storage->handlers->_alloc(storage, size);
@