Bug 209145 - lang/php56: Update to 5.6.21
Summary: lang/php56: Update to 5.6.21
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Jason Unovitch
URL:
Keywords: security
Depends on:
Blocks:
 
Reported: 2016-04-29 08:02 UTC by Christian Schwarz
Modified: 2016-05-03 03:21 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (ale)
junovitch: merge-quarterly+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Schwarz 2016-04-29 08:02:30 UTC
From the release announcement:

> The PHP development team announces the immediate availability of PHP 5.6.21.
> Several security related issues were fixed in this release.
> All PHP 5.6 users are encouraged to upgrade to this version.
Comment 1 commit-hook freebsd_committer 2016-05-03 03:06:31 UTC
A commit references this bug:

Author: junovitch
Date: Tue May  3 03:05:32 UTC 2016
New revision: 414508
URL: https://svnweb.freebsd.org/changeset/ports/414508

Log:
  Document php multiple vulnerabilities

  PR:		209145
  Reported by	Christian Schwarz <me@cschwarz.com>
  Security:	CVE-2016-3074
  Security:	https://vuxml.FreeBSD.org/freebsd/5764c634-10d2-11e6-94fa-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml
Comment 2 commit-hook freebsd_committer 2016-05-03 03:06:33 UTC
A commit references this bug:

Author: junovitch
Date: Tue May  3 03:06:06 UTC 2016
New revision: 414510
URL: https://svnweb.freebsd.org/changeset/ports/414510

Log:
  lang/php56: update 5.6.20 -> 5.6.21

  Changelog:	http://www.php.net/ChangeLog-5.php#5.6.21

  PR:		209145
  Reported by	Christian Schwarz <me@cschwarz.com>
  Security:	CVE-2016-3074
  Security:	https://vuxml.FreeBSD.org/freebsd/5764c634-10d2-11e6-94fa-002590263bf5.html

Changes:
  head/lang/php56/Makefile
  head/lang/php56/distinfo
Comment 3 commit-hook freebsd_committer 2016-05-03 03:19:41 UTC
A commit references this bug:

Author: junovitch
Date: Tue May  3 03:18:41 UTC 2016
New revision: 414515
URL: https://svnweb.freebsd.org/changeset/ports/414515

Log:
  MFH: r413091 r414510 r414512

  Add configtest support for php-fpm rc script.

  PR:	208324
  Sponsored by:	A-Team Systems

  lang/php56: update 5.6.20 -> 5.6.21

  Changelog:	http://www.php.net/ChangeLog-5.php#5.6.21

  PR:		209145
  Reported by	Christian Schwarz <me@cschwarz.com>
  Security:	CVE-2016-3074
  Security:	https://vuxml.FreeBSD.org/freebsd/5764c634-10d2-11e6-94fa-002590263bf5.html

  lang/php56: Restore ?= which was removed in r413091

  PR:		208324 (introduced regression)
  Approved by:	portmgr (blanket)

  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2016Q2/
  branches/2016Q2/lang/php56/Makefile
  branches/2016Q2/lang/php56/distinfo
  branches/2016Q2/lang/php56/files/php-fpm.in
Comment 4 Jason Unovitch freebsd_committer 2016-05-03 03:21:18 UTC
Christian,
Thanks for the report.  The port update was committed under the port-secteam@ approval.