Pullup ticket #6858 - requested by taca

lang/php83: security fix Revisions pulled up: - lang/php/phpversion.mk 1.431 - lang/php83/distinfo 1.7 - lang/php83/patches/patch-configure 1.5 --- Module Name: pkgsrc Committed By: taca Date: Fri May 10 15:50:34 UTC 2024 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php83: distinfo pkgsrc/lang/php83/patches: patch-configure Log Message: lang/php83: update to 8.3.7 I missed update of 8.3.6. PHP 8.3.7 (2024-05-09) - Core: . Fixed zend_call_stack build with Linux/uclibc-ng without thread support. (Fabrice Fontaine) . Fixed bug GH-13772 (Invalid execute_data->opline pointers in observer fcall handlers when JIT is enabled). (Bob) . Fixed bug GH-13931 (Applying zero offset to null pointer in Zend/zend_opcode.c). (nielsdos) . Fixed bug GH-13942 (Align the behavior of zend-max-execution-timers with other timeout implementations). (Kévin Dunglas) . Fixed bug GH-14003 (Broken cleanup of unfinished calls with callable convert parameters). (ilutov) . Fixed bug GH-14013 (Erroneous dnl appended in configure). (Peter Kokot) . Fixed bug GH-10232 (If autoloading occurs during constant resolution filename and lineno are identified incorrectly). (ranvis) . Fixed bug GH-13727 (Missing void keyword). (Peter Kokot) - Fibers: . Fixed bug GH-13903 (ASAN false positive underflow when executing copy()). (nielsdos) - Fileinfo: . Fixed bug GH-13795 (Test failing in ext/fileinfo/tests/bug78987.phpt on big-endian PPC). (orlitzky) - FPM: . Fixed bug GH-13563 (Setting bool values via env in FPM config fails). (Jakub Zelenka) - Intl: . Fixed build for icu 74 and onwards. (dunglas) - MySQLnd: . Fix shift out of bounds on 32-bit non-fast-path platforms. (nielsdos) - Opcache: . Fixed bug GH-13433 (Segmentation Fault in zend_class_init_statics when using opcache.preload). (nielsdos) . Fixed incorrect assumptions across compilation units for static calls. (ilutov) - OpenSSL: . Fixed bug GH-10495 (feof on OpenSSL stream hangs indefinitely). (Jakub Zelenka) - PDO SQLite: . Fix GH-13984 (Buffer size is now checked before memcmp). (Saki Takamachi) . Fix GH-13998 (Manage refcount of agg_context->val correctly). (Saki Takamachi) - Phar: . Fixed bug GH-13836 (Renaming a file in a Phar to an already existing filename causes a NULL pointer dereference). (nielsdos) . Fixed bug GH-13833 (Applying zero offset to null pointer in zend_hash.c). (nielsdos) . Fix potential NULL pointer dereference before calling EVP_SignInit. (icy17) - PHPDBG: . Fixed bug GH-13827 (Null pointer access of type 'zval' in phpdbg_frame). (nielsdos) - Posix: . Fix usage of reentrant functions in ext/posix. (Arnaud) - Session: . Fixed bug GH-13856 (Member access within null pointer of type 'ps_files' in ext/session/mod_files.c). (nielsdos) . Fixed bug GH-13891 (memleak and segfault when using ini_set with session.trans_sid_hosts). (nielsdos, kamil-tekiela) . Fixed buffer _read/_write size limit on windows for the file mode. (David Carlier) - Streams: . Fixed file_get_contents() on Windows fails with "errno=22 Invalid argument". (Damian Wójcik) . Fixed bug GH-13264 (Part 1 - Memory leak on stream filter failure). (Jakub Zelenka) . Fixed bug GH-13860 (Incorrect PHP_STREAM_OPTION_CHECK_LIVENESS case in ext/openssl/xp_ssl.c - causing use of dead socket). (nielsdos) . Fixed bug GH-11678 (Build fails on musl 1.2.4 - lfs64). (Arnaud) - Treewide: . Fix gcc-14 Wcalloc-transposed-args warnings. (Cristian Rodríguez) PHP 8.3.6 (2024-04-10) - Standard: . Fixed bug GHSA-fjp9-9hwx-59fq (mb_encode_mimeheader runs endlessly for some inputs). (CVE-2024-2757) (Alex Dowad) . Fix bug GH-13932 (Attempt to fix mbstring on windows build) (msvc). (David Carlier)
NetBSD · Jun 13, 2024 · fa5677d · fa5677d
1 parent d305dc4
commit fa5677d
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 17 deletions.
diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.426.2.4 2024/04/28 07:14:45 spz Exp $
+# $NetBSD: phpversion.mk,v 1.426.2.5 2024/06/13 13:47:09 bsiegert Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -93,7 +93,7 @@ PHP74_VERSION=	7.4.33
 PHP80_VERSION=	8.0.30
 PHP81_VERSION=	8.1.28
 PHP82_VERSION=	8.2.18
-PHP83_VERSION=	8.3.5
+PHP83_VERSION=	8.3.7
 
 # Define API version or initial release of major version.
 PHP56_RELDATE=	20140828

diff --git a/lang/php83/distinfo b/lang/php83/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.5.2.1 2024/04/22 12:49:08 bsiegert Exp $
+$NetBSD: distinfo,v 1.5.2.2 2024/06/13 13:47:10 bsiegert Exp $
 
-BLAKE2s (php-8.3.5.tar.xz) = cf85b04006f4ac04268c3cf86f57e0be5800813accf93e10ae36842b642bb49f
-SHA512 (php-8.3.5.tar.xz) = 6ae60efe2e4df60bf217808cbd710fb3b71a4494de8ded8e0ae7ed9ad5f737fcb49acd004abcb2f7dfcc216108b39143e8094dc40096aefcce72a59b55d4c4bd
-Size (php-8.3.5.tar.xz) = 12461308 bytes
-SHA1 (patch-configure) = fdeb39ffcd2abd085c4cda6ced05de748b1a0a68
+BLAKE2s (php-8.3.7.tar.xz) = 009b796292f0f05c1a21a6f0f40886e1ec5c6a01f4cbae0c7de34a4fc5c9db96
+SHA512 (php-8.3.7.tar.xz) = ff2c16a5cc08b1a59a61eee9df75c4c9a6dda7054d48198b75d104c194e934109fed3665005ba798eeca3d7294d7dc81df3a14e63a527baf9f196e229068d9a3
+Size (php-8.3.7.tar.xz) = 12456020 bytes
+SHA1 (patch-configure) = 3d7106a039a3bffaf9f439c8fed77048f1072749
 SHA1 (patch-ext_enchant_enchant.c) = 7d999de1b2fde2ea11e4a6e16e7b59c085924b9b
 SHA1 (patch-ext_phar_Makefile.frag) = 53ea5c58b0bc27d236118d5750a74b1cba43e5dd
 SHA1 (patch-ext_standard_php__fopen__wrapper.c) = 0a2c19c18f089448a8d842e99738b292ab9e5640

diff --git a/lang/php83/patches/patch-configure b/lang/php83/patches/patch-configure
@@ -1,23 +1,23 @@
-$NetBSD: patch-configure,v 1.3.2.1 2024/04/22 12:49:08 bsiegert Exp $
+$NetBSD: patch-configure,v 1.3.2.2 2024/06/13 13:47:10 bsiegert Exp $
 
 * Do not include "PKG_CONFIG*" in CONFIGURE_OPTIONS.
 * Don't autodetect maintainer-zts.
 * Shell portability.
 
---- configure.orig	2024-04-09 21:35:09.000000000 +0000
+--- configure.orig	2024-05-07 16:35:26.000000000 +0000
 +++ configure
-@@ -4326,6 +4326,10 @@ EOF
-    else
+@@ -3737,6 +3737,10 @@ EOF
      break
     fi
+    $as_echo "$CURRENT_ARG \\" >>config.nice
 +   case "$CURRENT_ARG" in
 +       \'PKG_CONFIG\=*)	CURRENT_ARG="'PKG_CONFIG=@TOOLS_PATH.pkg-config@'";;
 +       \'PKG_CONFIG_LIBDIR\=*)	CURRENT_ARG="'PKG_CONFIG_LIBDIR=@PHP_PKGCONFIG_PATH@'";;
 +   esac
-    printf "%s\n" "$CURRENT_ARG \\" >>config.nice
     CONFIGURE_OPTIONS="$CONFIGURE_OPTIONS $CURRENT_ARG"
    done
-@@ -7548,30 +7552,6 @@ EOF
+   echo '"$@"' >> config.nice
+@@ -7017,30 +7021,6 @@ EOF
      ;;
    esac
 
@@ -42,18 +42,18 @@ $NetBSD: patch-configure,v 1.3.2.1 2024/04/22 12:49:08 bsiegert Exp $
 -
 -    fi
 -  fi
--  { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
--printf "%s\n" "yes" >&6; }
+-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+-$as_echo "yes" >&6; }
 -
    PHP_VAR_SUBST="$PHP_VAR_SUBST APXS"
 
  else
-@@ -80460,7 +80440,7 @@ printf "%s\n" "#define HAVE_TIDYBUFFIO_H
+@@ -78641,7 +78621,7 @@ $as_echo "#define HAVE_TIDYBUFFIO_H 1" >
    fi
 
    TIDY_LIBDIR=$TIDY_DIR/$PHP_LIBDIR
 -  if test "$TIDY_LIB_NAME" == 'tidyp'; then
 +  if test "$TIDY_LIB_NAME" = 'tidyp'; then
 
- printf "%s\n" "#define HAVE_TIDYP_H 1" >>confdefs.h
+ $as_echo "#define HAVE_TIDYP_H 1" >>confdefs.h