pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/lang/php5 Add fixes for http://secunia.com/advisories/...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/6b18151ec06d
branches:  trunk
changeset: 567969:6b18151ec06d
user:      taca <taca%pkgsrc.org@localhost>
date:      Mon Nov 30 06:14:08 2009 +0000

description:
Add fixes for http://secunia.com/advisories/37412/ from PHP's repositry.

1. CVE-2009-3292 is already fixed in 5.2.11.

2. CVE-2009-3558

        http://svn.php.net/viewvc?view=revision&revision=288934

3. CVE-2009-3557

        http://svn.php.net/viewvc?view=revision&revision=288945
        http://svn.php.net/viewvc?view=revision&revision=288971

4. CVE-2009-4017

        http://svn.php.net/viewvc?view=revision&revision=289990
        http://svn.php.net/viewvc?view=revision&revision=290820
        http://svn.php.net/viewvc?view=revision&revision=290885

Other pkgsrc changes:

* Don't hardcord /usr/pkg in php.ini-dist and php.ini-recommended.
* Add comments to some of patch files.

Bump PKGREVISION.

diffstat:

 lang/php5/Makefile         |  20 ++++++++++----------
 lang/php5/distinfo         |  14 +++++++++-----
 lang/php5/patches/patch-ag |  29 ++++++++++++++++++++++++-----
 lang/php5/patches/patch-ah |  27 +++++++++++++++++++++++----
 lang/php5/patches/patch-ay |   4 ++--
 lang/php5/patches/patch-az |   7 ++++++-
 lang/php5/patches/patch-ba |  17 +++++++++++++++++
 lang/php5/patches/patch-bb |  19 +++++++++++++++++++
 lang/php5/patches/patch-bc |  15 +++++++++++++++
 lang/php5/patches/patch-bd |  46 ++++++++++++++++++++++++++++++++++++++++++++++
 10 files changed, 171 insertions(+), 27 deletions(-)

diffs (truncated from 311 to 300 lines):

diff -r 833f5d61ebb4 -r 6b18151ec06d lang/php5/Makefile
--- a/lang/php5/Makefile        Mon Nov 30 01:30:18 2009 +0000
+++ b/lang/php5/Makefile        Mon Nov 30 06:14:08 2009 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.73 2009/10/22 14:49:06 taca Exp $
+# $NetBSD: Makefile,v 1.74 2009/11/30 06:14:08 taca Exp $
 
 PKGNAME=               php-${PHP_BASE_VERS}
-PKGREVISION=           1
+PKGREVISION=           2
 CATEGORIES=            lang
 HOMEPAGE=              http://www.php.net/
 COMMENT=               PHP Hypertext Preprocessor version 5
@@ -37,20 +37,20 @@
 CONF_FILES=            ${EGDIR}/php.ini-recommended ${PKG_SYSCONFDIR}/php.ini
 OWN_DIRS=              ${PREFIX}/${PHP_EXTENSION_DIR}
 
-SUBST_CLASSES+=                cgi
-SUBST_MESSAGE.cgi=     Fixing CGI path.
-SUBST_STAGE.cgi=       pre-configure
-SUBST_FILES.cgi=       configure
-SUBST_SED.cgi=         -e 's,@CGIDIR@,${CGIDIR},g'
+SUBST_CLASSES+=                path
+SUBST_MESSAGE.path=    Fixing common paths.
+SUBST_STAGE.path=      pre-configure
+SUBST_FILES.path=      configure php.ini-dist php.ini-recommended
+SUBST_SED.path=                -e 's,@CGIDIR@,${CGIDIR},g'
+SUBST_SED.path+=       -e 's,@PREFIX@,${PREFIX},g'
+
+INSTALLATION_DIRS+=    ${CGIDIR}
 
 # Make sure modules can link correctly
 .if ${OPSYS} == "Darwin"
 INSTALL_UNSTRIPPED=    yes
 .endif
 
-pre-install:
-       ${INSTALL_DATA_DIR} ${DESTDIR:Q}${CGIDIR:Q}
-
 post-install:
        ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cli/php \
                ${DESTDIR:Q}${PREFIX:Q}/bin/php
diff -r 833f5d61ebb4 -r 6b18151ec06d lang/php5/distinfo
--- a/lang/php5/distinfo        Mon Nov 30 01:30:18 2009 +0000
+++ b/lang/php5/distinfo        Mon Nov 30 06:14:08 2009 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.69 2009/10/22 14:49:06 taca Exp $
+$NetBSD: distinfo,v 1.70 2009/11/30 06:14:08 taca Exp $
 
 SHA1 (php-5.2.11/php-5.2.11.tar.bz2) = 819c853ce657ef260d4a73b5a21f961115b97eef
 RMD160 (php-5.2.11/php-5.2.11.tar.bz2) = 6aad53dee864ab89f794a9d3c2aa32d435ed5654
@@ -7,8 +7,8 @@
 RMD160 (php-5.2.11/suhosin-patch-5.2.11-0.9.7.patch.gz) = 0f6d442aace34c221f9fbff42a63e7f3b4489f15
 Size (php-5.2.11/suhosin-patch-5.2.11-0.9.7.patch.gz) = 23050 bytes
 SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20
-SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e
-SHA1 (patch-ah) = c7cbd4b9ea0796ea3b7491c2cffb6ddddc518587
+SHA1 (patch-ag) = 901552355a3d57d9b8e23b31cd0edfd28db8b2bb
+SHA1 (patch-ah) = 7702da73f3a457ee381542b454d19b1f4b421e01
 SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc
 SHA1 (patch-al) = 0ee37782cc0d3bf5ede1a583de0589c2c1316b50
 SHA1 (patch-an) = 8f4174627b8cb5f8bfbc59413c95f71e26b9e602
@@ -16,5 +16,9 @@
 SHA1 (patch-aq) = 0c9d48547da2fa80aa8357d23ad8505d1c0330df
 SHA1 (patch-ar) = 2d74ec926cc00bfbb67d16210af78c33ad9ac38d
 SHA1 (patch-as) = f7ce5caffe2acdd1f8e9fc8ae6c7ba1d8c6a25c1
-SHA1 (patch-ay) = c2667dd398c1c58e55f459f2df02613dc028e9cc
-SHA1 (patch-az) = ebdd76b8a5e6cf853b467a67fc6c8948a91d822a
+SHA1 (patch-ay) = 7ae502db6574a91fcbb487d37c14a5de644b01b6
+SHA1 (patch-az) = 04e69038e693cc72fb0f67ce04dd1778dacb1756
+SHA1 (patch-ba) = d9483f61b19c297eced12ae3d84d5163e33327b4
+SHA1 (patch-bb) = abbc8747e520d3665d3bcccf9c87741ecc6dc210
+SHA1 (patch-bc) = 9cb2e7fcd6f91d3382a69d68a80d72fdb8fbf2a7
+SHA1 (patch-bd) = 85c891ada42c062b365051b43a3b53c33fa39a92
diff -r 833f5d61ebb4 -r 6b18151ec06d lang/php5/patches/patch-ag
--- a/lang/php5/patches/patch-ag        Mon Nov 30 01:30:18 2009 +0000
+++ b/lang/php5/patches/patch-ag        Mon Nov 30 06:14:08 2009 +0000
@@ -1,8 +1,21 @@
-$NetBSD: patch-ag,v 1.2 2006/02/06 06:39:59 martti Exp $
+$NetBSD: patch-ag,v 1.3 2009/11/30 06:14:08 taca Exp $
+
+* Ajust for pkgsrc.
+* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017:
+       http://svn.php.net/viewvc?view=revision&revision=289990
 
---- php.ini-dist.orig  2005-12-30 19:15:55.000000000 +0200
-+++ php.ini-dist       2006-02-05 15:36:13.000000000 +0200
-@@ -457,8 +457,9 @@
+--- php.ini-dist.orig  2009-02-14 01:55:18.000000000 +0900
++++ php.ini-dist
+@@ -471,7 +471,7 @@ default_mimetype = "text/html"
+ ;;;;;;;;;;;;;;;;;;;;;;;;;
+ 
+ ; UNIX: "/path1:/path2"
+-;include_path = ".:/php/includes"
++include_path = ".:@PREFIX@/lib/php"
+ ;
+ ; Windows: "\path1;\path2"
+ ;include_path = ".;c:\php\includes"
+@@ -487,8 +487,9 @@ doc_root =
  ; if nonempty.
  user_dir =
  
@@ -14,7 +27,7 @@
  
  ; Whether or not to enable the dl() function.  The dl() function does NOT work
  ; properly in multithreaded servers, such as IIS or Zeus, and is automatically
-@@ -508,7 +509,7 @@
+@@ -546,11 +547,13 @@ file_uploads = On
  
  ; Temporary directory for HTTP uploaded files (will use system default if not
  ; specified).
@@ -23,3 +36,9 @@
  
  ; Maximum allowed size for uploaded files.
  upload_max_filesize = 2M
+ 
++; Maximum number of files that can be uploaded via a single request
++max_file_uploads = 100
+ 
+ ;;;;;;;;;;;;;;;;;;
+ ; Fopen wrappers ;
diff -r 833f5d61ebb4 -r 6b18151ec06d lang/php5/patches/patch-ah
--- a/lang/php5/patches/patch-ah        Mon Nov 30 01:30:18 2009 +0000
+++ b/lang/php5/patches/patch-ah        Mon Nov 30 06:14:08 2009 +0000
@@ -1,8 +1,21 @@
-$NetBSD: patch-ah,v 1.1 2005/12/06 08:32:22 jdolecek Exp $
+$NetBSD: patch-ah,v 1.2 2009/11/30 06:14:08 taca Exp $
+
+* Ajust for pkgsrc.
+* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017:
+       http://svn.php.net/viewvc?view=revision&revision=289990
 
---- php.ini-recommended.orig   2005-11-15 00:14:23.000000000 +0100
+--- php.ini-recommended.orig   2009-03-02 13:44:35.000000000 +0900
 +++ php.ini-recommended
-@@ -515,8 +515,9 @@ doc_root =
+@@ -522,7 +522,7 @@ default_mimetype = "text/html"
+ ;;;;;;;;;;;;;;;;;;;;;;;;;
+ 
+ ; UNIX: "/path1:/path2"
+-;include_path = ".:/php/includes"
++include_path = ".:@PREFIX@/lib/php"
+ ;
+ ; Windows: "\path1;\path2"
+ ;include_path = ".;c:\php\includes"
+@@ -538,8 +538,9 @@ doc_root =
  ; if nonempty.
  user_dir =
  
@@ -14,7 +27,7 @@
  
  ; Whether or not to enable the dl() function.  The dl() function does NOT work
  ; properly in multithreaded servers, such as IIS or Zeus, and is automatically
-@@ -566,7 +567,7 @@ file_uploads = On
+@@ -597,11 +598,13 @@ file_uploads = On
  
  ; Temporary directory for HTTP uploaded files (will use system default if not
  ; specified).
@@ -23,3 +36,9 @@
  
  ; Maximum allowed size for uploaded files.
  upload_max_filesize = 2M
+ 
++; Maximum number of files that can be uploaded via a single request
++max_file_uploads = 100
+ 
+ ;;;;;;;;;;;;;;;;;;
+ ; Fopen wrappers ;
diff -r 833f5d61ebb4 -r 6b18151ec06d lang/php5/patches/patch-ay
--- a/lang/php5/patches/patch-ay        Mon Nov 30 01:30:18 2009 +0000
+++ b/lang/php5/patches/patch-ay        Mon Nov 30 06:14:08 2009 +0000
@@ -1,7 +1,7 @@
-$NetBSD: patch-ay,v 1.1 2009/10/22 14:37:47 taca Exp $
+$NetBSD: patch-ay,v 1.2 2009/11/30 06:14:08 taca Exp $
 
 * Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
-  from PHP's SVN repositry r289557.
+       http://svn.php.net/viewvc?view=revision&revision=289557
 
 --- ext/gd/libgd/gd_gd.c.orig  2007-08-09 23:21:38.000000000 +0900
 +++ ext/gd/libgd/gd_gd.c
diff -r 833f5d61ebb4 -r 6b18151ec06d lang/php5/patches/patch-az
--- a/lang/php5/patches/patch-az        Mon Nov 30 01:30:18 2009 +0000
+++ b/lang/php5/patches/patch-az        Mon Nov 30 06:14:08 2009 +0000
@@ -1,6 +1,11 @@
 $NetBSD$
 
-* Fix for htmlspecialchars(): r289411, r289554, r289565, r289567, r289605.
+* Fix for htmlspecialchars():
+       http://svn.php.net/viewvc?view=revision&revision=289411
+       http://svn.php.net/viewvc?view=revision&revision=289554
+       http://svn.php.net/viewvc?view=revision&revision=289565
+       http://svn.php.net/viewvc?view=revision&revision=289567
+       http://svn.php.net/viewvc?view=revision&revision=289605
 
 --- ext/standard/html.c.orig   2008-12-31 20:17:49.000000000 +0900
 +++ ext/standard/html.c
diff -r 833f5d61ebb4 -r 6b18151ec06d lang/php5/patches/patch-ba
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php5/patches/patch-ba        Mon Nov 30 06:14:08 2009 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-ba,v 1.1 2009/11/30 06:14:08 taca Exp $
+
+Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558:
+       http://svn.php.net/viewvc?view=revision&revision=288934
+
+--- ext/posix/posix.c.orig     2009-08-06 20:11:15.000000000 +0900
++++ ext/posix/posix.c
+@@ -679,7 +679,8 @@ PHP_FUNCTION(posix_mkfifo)
+               RETURN_FALSE;
+       }
+ 
+-      if (PG(safe_mode) && (!php_checkuid(path, NULL, CHECKUID_ALLOW_ONLY_DIR))) {
++      if (php_check_open_basedir_ex(path, 0 TSRMLS_CC) ||
++              (PG(safe_mode) && (!php_checkuid(path, NULL, CHECKUID_ALLOW_ONLY_DIR))) {
+               RETURN_FALSE;
+       }
+ 
diff -r 833f5d61ebb4 -r 6b18151ec06d lang/php5/patches/patch-bb
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php5/patches/patch-bb        Mon Nov 30 06:14:08 2009 +0000
@@ -0,0 +1,19 @@
+$NetBSD: patch-bb,v 1.1 2009/11/30 06:14:08 taca Exp $
+
+Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557:
+       http://svn.php.net/viewvc?view=revision&revision=288945
+       http://svn.php.net/viewvc?view=revision&revision=288971
+
+--- ext/standard/file.c.orig   2009-11-30 10:04:51.000000000 +0900
++++ ext/standard/file.c
+@@ -838,6 +838,10 @@ PHP_FUNCTION(tempnam)
+       convert_to_string_ex(arg1);
+       convert_to_string_ex(arg2);
+ 
++      if (PG(safe_mode) &&(!php_checkuid(Z_STRVAL_PP(arg1), NULL, CHECKUID_ALLOW_ONLY_DIR))) {
++              RETURN_FALSE;
++      }
++
+       if (php_check_open_basedir(Z_STRVAL_PP(arg1) TSRMLS_CC)) {
+               RETURN_FALSE;
+       }
diff -r 833f5d61ebb4 -r 6b18151ec06d lang/php5/patches/patch-bc
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php5/patches/patch-bc        Mon Nov 30 06:14:08 2009 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-bc,v 1.1 2009/11/30 06:14:08 taca Exp $
+
+Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017:
+       http://svn.php.net/viewvc?view=revision&revision=289990
+
+--- main/main.c.orig   2009-11-30 10:04:51.000000000 +0900
++++ main/main.c
+@@ -455,6 +455,7 @@ PHP_INI_BEGIN()
+       PHP_INI_ENTRY("mail.force_extra_parameters",NULL,               PHP_INI_SYSTEM|PHP_INI_PERDIR,          OnChangeMailForceExtra)
+       PHP_INI_ENTRY("disable_functions",                      "",                     PHP_INI_SYSTEM,         NULL)
+       PHP_INI_ENTRY("disable_classes",                        "",                     PHP_INI_SYSTEM,         NULL)
++      PHP_INI_ENTRY("max_file_uploads",                       "100",          PHP_INI_SYSTEM,         NULL)
+ 
+       STD_PHP_INI_BOOLEAN("allow_url_fopen",          "1",            PHP_INI_SYSTEM,         OnUpdateBool,           allow_url_fopen,                php_core_globals,       core_globals)
+       STD_PHP_INI_BOOLEAN("allow_url_include",        "0",            PHP_INI_SYSTEM,         OnUpdateBool,           allow_url_include,              php_core_globals,       core_globals)
diff -r 833f5d61ebb4 -r 6b18151ec06d lang/php5/patches/patch-bd
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php5/patches/patch-bd        Mon Nov 30 06:14:08 2009 +0000
@@ -0,0 +1,46 @@
+$NetBSD: patch-bd,v 1.1 2009/11/30 06:14:08 taca Exp $
+
+Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017:
+       http://svn.php.net/viewvc?view=revision&revision=289990
+       http://svn.php.net/viewvc?view=revision&revision=290820
+       http://svn.php.net/viewvc?view=revision&revision=290885
+
+--- main/rfc1867.c.orig        2008-12-31 20:17:49.000000000 +0900
++++ main/rfc1867.c
+@@ -32,6 +32,7 @@
+ #include "php_globals.h"
+ #include "php_variables.h"
+ #include "rfc1867.h"
++#include "php_ini.h"
+ 
+ #define DEBUG_FILE_UPLOAD ZEND_DEBUG
+ 
+@@ -794,8 +795,9 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_
+       zend_llist header;
+       void *event_extra_data = NULL;
+       int llen = 0;
++      int upload_cnt = INI_INT("max_file_uploads");
+ 
+-      if (SG(request_info).content_length > SG(post_max_size)) {
++      if (SG(post_max_size) > 0 && SG(request_info).content_length > SG(post_max_size)) {
+               sapi_module.sapi_error(E_WARNING, "POST Content-Length of %ld bytes exceeds the limit of %ld bytes", SG(request_info).content_length, SG(post_max_size));
+               return;
+       }
+@@ -972,6 +974,9 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_
+                       /* If file_uploads=off, skip the file part */
+                       if (!PG(file_uploads)) {
+                               skip_upload = 1;
++                      } else if (upload_cnt <= 0) {
++                              skip_upload = 1;
++                              sapi_module.sapi_error(E_WARNING, "Maximum number of allowable file uploads has been exceeded");



Home | Main Index | Thread Index | Old Index