Changelog:
Core:
Fixed bug #77339 (__callStatic may get incorrect arguments).
Fixed bug #77494 (Disabling class causes segfault on member access).
Fixed bug #77530 (PHP crashes when parsing `(2)::class`).
Curl:
Fixed bug #76675 (Segfault with H2 server push).
GD:
Fixed bug #73281 (imagescale(…, IMG_BILINEAR_FIXED) can cause black border).
Fixed bug #73614 (gdImageFilledArc() doesn't properly draw pies).
Fixed bug #77272 (imagescale() may return image resource on failure).
Fixed bug #77391 (1bpp BMPs may fail to be loaded).
Fixed bug #77479 (imagewbmp() segfaults with very large images).
ldap:
Fixed bug #77440 (ldap_bind using ldaps or ldap_start_tls()=exception in libcrypto-1_1-x64.dll).
Mbstring:
Fixed bug #77454 (mb_scrub() silently truncates after a null byte).
MySQLnd:
Fixed bug #75684 (In mysqlnd_ext_plugin.h the plugin methods family has no external visibility).
Opcache:
Fixed bug #77361 (configure fails on 64-bit AIX when opcache enabled).
OpenSSL:
Fixed bug #77390 (feof might hang on TLS streams in case of fragmented TLS records).
PDO:
Fixed bug #77273 (array_walk_recursive corrupts value types leading to PDO failure).
Sockets:
Fixed bug #76839 (socket_recvfrom may return an invalid 'from' address on MacOS).
Standard:
Fixed bug #77395 (segfault about array_multisort).
Fixed bug #77439 (parse_str segfaults when inserting item into existing array).
Changelog taken from: http://www.php.net/ChangeLog-7.php#7.2.15
PR: 235575 235577
MFH: 2019Q1
Renaming the option to be inline with the already existing MYSQLND option
in the mysqli and pdo_mysqli ports.
Reported by: Jarrod Sayers <jarrod@downtools.com.au>
Currently PHP is always compiled with --enable-mysqlnd, to allow the use
of the native MySQL Native Driver. MySQL Native Driver is a replacement for the
MySQL Client Library.
While this is handy when working with MySQL there is no need for
it when MySQL is *not* used at all. This happens frequently when
working without databases or simply with other databases.
To avoid POLA the newly introduced option is a default option.
Disabling it will reduce the size of the package by ca. 175 KB,
which also helps in modern constraint VM run environments.
Submitted by: Reko Turja <reko.turja@liukuma.net>
Changelog:
Core:
Fixed bug #77369 (memcpy with negative length via crafted DNS response).
Fixed bug #71041 (zend_signal_startup() needs ZEND_API).
Fixed bug #76046 (PHP generates "FE_FREE" opcode on the wrong line).
COM:
Fixed bug #77177 (Serializing or unserializing COM objects crashes).
Date:
Fixed bug #77097 (DateTime::diff gives wrong diff when the actual diff is less than 1 second).
Exif:
Fixed bug #77184 (Unsigned rational numbers are written out as signed rationals).
GD:
Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to use-after-free).
Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap).
Fixed bug #77195 (Incorrect error handling of imagecreatefromjpeg()).
Fixed bug #77198 (auto cropping has insufficient precision).
Fixed bug #77200 (imagecropauto(…, GD_CROP_SIDES) crops left but not right).
IMAP:
Fixed bug #77020 (null pointer dereference in imap_mail).
Mbstring:
Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token).
Fixed bug #77371 (heap buffer overflow in mb regex functions - compile_string_node).
Fixed bug #77381 (heap buffer overflow in multibyte match_at).
Fixed bug #77382 (heap buffer overflow due to incorrect length in expand_case_fold_string).
Fixed bug #77385 (buffer overflow in fetch_token).
Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode).
Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code).
OCI8:
Fixed bug #76804 (oci_pconnect with OCI_CRED_EXT not working).
Added oci_set_call_timeout() for call timeouts.
Added oci_set_db_operation() for the DBOP end-to-end-tracing attribute.
Opcache:
Fixed bug #77215 (CFG assertion failure on multiple finalizing switch frees in one block).
PDO:
Handle invalid index passed to PDOStatement::fetchColumn() as error.
Phar:
Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext).
Sockets:
Fixed bug #77136 (Unsupported IPV6_RECVPKTINFO constants on macOS).
SQLite3:
Fixed bug #77051 (Issue with re-binding on SQLite3).
Xmlrpc:
Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()).
Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code).
Changelog taken from: http://www.php.net/ChangeLog-7.php#7.2.14
MFH: 2019Q1
Notable changes:
- Switch from PCRE to PCRE2
- Many modules now require PCRE2 for building
- graphics/php73-gd: X11 option is no longer default
Changes to Mk/Uses/php.mk approved by ale
This port links some non-PIC code, which fails with lld as it defaults
to disallowing relocations against read-only segments. For i386 we can
just add -znotext unconditionally: for GNU BFD ld it just affirms BFD's
existing default.
PR: 214864, 230207
Approved by: bapt
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D17193
Changelog: http://www.php.net/ChangeLog-7.php#7.2.8
Also patch out MySQL 8 auth changes, which makes the hash
extension mandatory instead of optional and introduce further
bugs:
d6e81f0bfd
MFH: 2018Q3
script in pre-configure to regenerate configure scripts. Because this
regenerates php_config.h.in, merge a patch for that file into the patch
for configure.in.
- Remove redundant --localstatedir=/var (added by bsd.port.mk).
Add missing file zend_smart_string.h to pkg-plist.
The allows building many more of the pecl-* ports.
PR: 223766
Submitted by: Raivo Hool <raivo.hool@gmail.com>
Reported by: Raivo Hool <raivo.hool@gmail.com>, Daniel Ylitalo <daniel@blodan.se>
Notable changes:
- mcrypt module was removed
- sodium module was added
- sybase_ct artifacts removed
Also many PECL ports will not work with this version
since some files got renamed.
Reviewed by: mat, ale, Rainer Duffner <rainer@ultra-secure.de>
Differential Revision: https://reviews.freebsd.org/D12980
