CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2010/08/08 04:46:34
Modified files:
www/php5/core : Makefile
www/php5/extensions: Makefile
Added files:
www/php5/core/patches: patch-ext_spl_spl_observer_c
www/php5/extensions/patches: patch-ext_xmlrpc_xmlrpc-epi-php_c
Log message:
SECURITY: limited fixes cherry picked from 5.2.14. If upstream had
mentioned the release on their announcements list maybe we would have
had time to get the full update in but, as it is, we just found out
about it and there are too many changes to test properly at short
notice, so we are just fixing these for now.
CVE-2010-2225: fix SplObjectStorage unserialization, upstream r300843
CVE-2010-0397: null pointer dereference when processing invalid XML-RPC
requests, upstream r296152
ok espie@
