pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2007Q4]: pkgsrc/www/php4 Pullup ticket 2267 - requested by adr...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/9190904824eb
branches:  pkgsrc-2007Q4
changeset: 537037:9190904824eb
user:      ghen <ghen%pkgsrc.org@localhost>
date:      Tue Jan 15 08:33:28 2008 +0000

description:
Pullup ticket 2267 - requested by adrianp
security update for php4

- pkgsrc/lang/php4/Makefile                             1.80
- pkgsrc/lang/php4/Makefile.common                      1.57
- pkgsrc/lang/php4/distinfo                             1.67
- pkgsrc/lang/php4/patches/patch-aw                     removed

   Module Name:         pkgsrc
   Committed By:        adrianp
   Date:                Fri Jan  4 10:07:54 UTC 2008

   Modified Files:
           pkgsrc/www/php4: Makefile Makefile.common distinfo
   Removed Files:
           pkgsrc/www/php4/patches: patch-aw

   Log Message:
   Update to 4.4.8

   Improved fix for MOPB-02-2007.
   Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner.
   Fixed integer overlow in str[c]spn().
   Fixed regression in glob when open_basedir is on introduced by 41655 fix.
   Fixed money_format() not to accept multiple %i or %n tokens.
   Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007.
   Fixed INFILE LOCAL option handling with MySQL - now not allowed when open_basedir or safe_mode is active.
   Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378).
   Fixed bug 43010 (Fixed regression in imagearc with two equivelent angles).
   Fixed bug 41765 (Recode crashes/does not work on amd64).
   Fixed bug 41630 (segfault when an invalid color index is present in the image data).
   Fixed bug 41628 (PHP settings leak between Virtual Hosts in Apache 1.3).
   Fixed bug 38798 (OpenSSL init corrected in php5 but not in php4).

diffstat:

 www/php4/Makefile         |   3 +--
 www/php4/Makefile.common  |   4 ++--
 www/php4/distinfo         |   9 ++++-----
 www/php4/patches/patch-aw |  14 --------------
 4 files changed, 7 insertions(+), 23 deletions(-)

diffs (69 lines):

diff -r 45f7d9a14a8c -r 9190904824eb www/php4/Makefile
--- a/www/php4/Makefile Sun Jan 13 14:58:50 2008 +0000
+++ b/www/php4/Makefile Tue Jan 15 08:33:28 2008 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.79 2007/08/01 01:40:54 taca Exp $
+# $NetBSD: Makefile,v 1.79.4.1 2008/01/15 08:33:28 ghen Exp $
 
 PKGNAME=               php-${PHP_BASE_VERS}
-PKGREVISION=           1
 CATEGORIES+=           lang
 COMMENT=               HTML-embedded scripting language
 
diff -r 45f7d9a14a8c -r 9190904824eb www/php4/Makefile.common
--- a/www/php4/Makefile.common  Sun Jan 13 14:58:50 2008 +0000
+++ b/www/php4/Makefile.common  Tue Jan 15 08:33:28 2008 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.56 2007/05/06 19:50:18 adrianp Exp $
+# $NetBSD: Makefile.common,v 1.56.6.1 2008/01/15 08:33:28 ghen Exp $
 
 DISTNAME?=             php-${PHP_DIST_VERS}
 CATEGORIES+=           www php4
@@ -18,7 +18,7 @@
 # PHP_DIST_VERS                version number on the php distfile
 # PHP_BASE_VERS                pkgsrc-mangled version number (convert pl -> .)
 #
-PHP_DIST_VERS=         4.4.7
+PHP_DIST_VERS=         4.4.8
 PHP_BASE_VERS=         ${PHP_DIST_VERS}
 
 DISTFILES?=            ${PHP_DISTFILE}
diff -r 45f7d9a14a8c -r 9190904824eb www/php4/distinfo
--- a/www/php4/distinfo Sun Jan 13 14:58:50 2008 +0000
+++ b/www/php4/distinfo Tue Jan 15 08:33:28 2008 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.66 2007/08/01 01:40:54 taca Exp $
+$NetBSD: distinfo,v 1.66.4.1 2008/01/15 08:33:28 ghen Exp $
 
-SHA1 (php-4.4.7.tar.bz2) = a6e2d6b5c5aa4e82a718563dc8dbb4b83fc91b78
-RMD160 (php-4.4.7.tar.bz2) = 5eb44c4b7711111dcbc9117e21ad644e9e6562f3
-Size (php-4.4.7.tar.bz2) = 4543531 bytes
+SHA1 (php-4.4.8.tar.bz2) = fca6259fd3e8e3a7a37343e9a81651f5b6d4835c
+RMD160 (php-4.4.8.tar.bz2) = dedf4a1a853b19bd3fb91a6028a256facb2d3224
+Size (php-4.4.8.tar.bz2) = 4546525 bytes
 SHA1 (patch-aa) = feb064407950d0fc732b7240e65cac84420d2407
 SHA1 (patch-ab) = 38a4bcd0d65b26c5d8e54e22b552f60831188469
 SHA1 (patch-ac) = 28288b1e79c14fb2b40eaefed0d6d2bff4775607
@@ -15,4 +15,3 @@
 SHA1 (patch-ap) = 2f852abd1e9d0f089add18b2eade2831253ad00e
 SHA1 (patch-at) = f8b3aebd61fe2d5b5a994e1d973424a1ed397f63
 SHA1 (patch-au) = f9798aa440e174f65dde574c4f3b28183b3d18bc
-SHA1 (patch-aw) = 2cdfd3c194c30f19a102bce66a68125ccfa59697
diff -r 45f7d9a14a8c -r 9190904824eb www/php4/patches/patch-aw
--- a/www/php4/patches/patch-aw Sun Jan 13 14:58:50 2008 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,14 +0,0 @@
-$NetBSD: patch-aw,v 1.3 2007/08/01 01:40:55 taca Exp $
-
-Fix for CVE-2007-3806.
-
---- ext/standard/dir.c.orig    2007-01-01 18:46:47.000000000 +0900
-+++ ext/standard/dir.c
-@@ -382,6 +382,7 @@ PHP_FUNCTION(glob)
-       } 
- #endif
- 
-+      memset(&globbuf, 0, sizeof(glob_t));
-       globbuf.gl_offs = 0;
-       if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) {
- #ifdef GLOB_NOMATCH



Home | Main Index | Thread Index | Old Index