Changelog:
Core:
Fixed bug #77369 (memcpy with negative length via crafted DNS response).
Fixed bug #77387 (Recursion detection broken when printing GLOBALS).
Fixed bug #77376 ("undefined function" message no longer includes namespace).
Fixed bug #77357 (base64_encode / base64_decode doest not work on nested VM).
Fixed bug #77339 (__callStatic may get incorrect arguments).
Fixed bug #77317 (__DIR__, __FILE__, realpath() reveal physical path for subst virtual drive).
Fixed bug #77263 (Segfault when using 2 RecursiveFilterIterator).
Fixed bug #77447 (PHP 7.3 built with ASAN crashes in zend_cpu_supports_avx2).
Fixed bug #77484 (Zend engine crashes when calling realpath in invalid working dir).
Curl:
Fixed bug #76675 (Segfault with H2 server push).
Fileinfo:
Fixed bug #77346 (webm files incorrectly detected as application/octet-stream).
FPM:
Fixed bug #77430 (php-fpm crashes with Main process exited, code=dumped, status=11/SEGV).
GD:
Fixed bug #73281 (imagescale(…, IMG_BILINEAR_FIXED) can cause black border).
Fixed bug #73614 (gdImageFilledArc() doesn't properly draw pies).
Fixed bug #77272 (imagescale() may return image resource on failure).
Fixed bug #77391 (1bpp BMPs may fail to be loaded).
Fixed bug #77479 (imagewbmp() segfaults with very large images).
ldap:
Fixed bug #77440 (ldap_bind using ldaps or ldap_start_tls()=exception in libcrypto-1_1-x64.dll).
Mbstring:
Fixed bug #77428 (mb_ereg_replace() doesn't replace a substitution variable).
Fixed bug #77454 (mb_scrub() silently truncates after a null byte).
MySQLnd:
Fixed bug #77308 (Unbuffered queries memory leak).
Fixed bug #75684 (In mysqlnd_ext_plugin.h the plugin methods family has no external visibility).
Opcache:
Fixed bug #77266 (Assertion failed in dce_live_ranges).
Fixed bug #77257 (value of variable assigned in a switch() construct gets lost).
Fixed bug #77434 (php-fpm workers are segfaulting in zend_gc_addre).
Fixed bug #77361 (configure fails on 64-bit AIX when opcache enabled).
Fixed bug #77287 (Opcache literal compaction is incompatible with EXT opcodes).
PCRE:
Fixed bug #77338 (get_browser with empty string).
PDO:
Fixed bug #77273 (array_walk_recursive corrupts value types leading to PDO failure).
PDO MySQL:
Fixed bug #77289 (PDO MySQL segfaults with persistent connection).
SOAP:
Fixed bug #77410 (Segmentation Fault when executing method with an empty parameter).
Sockets:
Fixed bug #76839 (socket_recvfrom may return an invalid 'from' address on MacOS).
SPL:
Fixed bug #77298 (segfault occurs when add property to unserialized empty ArrayObject).
Standard:
Fixed bug #77395 (segfault about array_multisort).
Fixed bug #77439 (parse_str segfaults when inserting item into existing array).
Changelog taken from: http://www.php.net/ChangeLog-7.php#7.3.2
PR: 235576 235578
MFH: 2019Q1
Renaming the option to be inline with the already existing MYSQLND option
in the mysqli and pdo_mysqli ports.
Reported by: Jarrod Sayers <jarrod@downtools.com.au>
Currently PHP is always compiled with --enable-mysqlnd, to allow the use
of the native MySQL Native Driver. MySQL Native Driver is a replacement for the
MySQL Client Library.
While this is handy when working with MySQL there is no need for
it when MySQL is *not* used at all. This happens frequently when
working without databases or simply with other databases.
To avoid POLA the newly introduced option is a default option.
Disabling it will reduce the size of the package by ca. 175 KB,
which also helps in modern constraint VM run environments.
Submitted by: Reko Turja <reko.turja@liukuma.net>
Changelog:
Core:
Fixed bug #76654 (Build failure on Mac OS X on 32-bit Intel).
Fixed bug #71041 (zend_signal_startup() needs ZEND_API).
Fixed bug #76046 (PHP generates "FE_FREE" opcode on the wrong line).
Fixed bug #77291 (magic methods inherited from a trait may be ignored).
CURL:
Fixed bug #77264 (curl_getinfo returning microseconds, not seconds).
COM:
Fixed bug #77177 (Serializing or unserializing COM objects crashes).
Exif:
Fixed bug #77184 (Unsigned rational numbers are written out as signed rationals).
GD:
Fixed bug #77195 (Incorrect error handling of imagecreatefromjpeg()).
Fixed bug #77198 (auto cropping has insufficient precision).
Fixed bug #77200 (imagecropauto(…, GD_CROP_SIDES) crops left but not right).
Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to use-after-free).
Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap).
MBString:
Fixed bug #77367 (Negative size parameter in mb_split).
Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token).
Fixed bug #77371 (heap buffer overflow in mb regex functions - compile_string_node).
Fixed bug #77381 (heap buffer overflow in multibyte match_at).
Fixed bug #77382 (heap buffer overflow due to incorrect length in expand_case_fold_string).
Fixed bug #77385 (buffer overflow in fetch_token).
Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode).
Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code).
OCI8:
Fixed bug #76804 (oci_pconnect with OCI_CRED_EXT not working).
Added oci_set_call_timeout() for call timeouts.
Added oci_set_db_operation() for the DBOP end-to-end-tracing attribute.
Opcache:
Fixed bug #77215 (CFG assertion failure on multiple finalizing switch frees in one block).
Fixed bug #77275 (OPcache optimization problem for ArrayAccess->offsetGet).
PCRE:
Fixed bug #77193 (Infinite loop in preg_replace_callback).
PDO:
Handle invalid index passed to PDOStatement::fetchColumn() as error.
Phar:
Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext).
Soap:
Fixed bug #77088 (Segfault when using SoapClient with null options).
Sockets:
Fixed bug #77136 (Unsupported IPV6_RECVPKTINFO constants on macOS).
Sodium:
Fixed bug #77297 (SodiumException segfaults on PHP 7.3).
SPL:
Fixed bug #77359 (spl_autoload causes segfault).
Fixed bug #77360 (class_uses causes segfault).
SQLite3:
Fixed bug #77051 (Issue with re-binding on SQLite3).
Xmlrpc:
Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()).
Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code).
Changelog taken from: http://www.php.net/ChangeLog-7.php#7.3.1
Also removing the patch committed in r489721. The patch disables the use of
ifuncs and is part of the new relase 7.3.1.
MFH: 2019Q1
This port links some non-PIC code, which fails with lld as it defaults
to disallowing relocations against read-only segments. For i386 we can
just add -znotext unconditionally: for GNU BFD ld it just affirms BFD's
existing default.
PR: 214864, 230207
Sponsored by: The FreeBSD Foundation
Notable changes:
- Switch from PCRE to PCRE2
- Many modules now require PCRE2 for building
- graphics/php73-gd: X11 option is no longer default
Changes to Mk/Uses/php.mk approved by ale
