pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/lang/php53 Update "php53" package to version 5.3.3. Ch...
details: https://anonhg.NetBSD.org/pkgsrc/rev/cf4519d1eb36
branches: trunk
changeset: 577948:cf4519d1eb36
user: tron <tron%pkgsrc.org@localhost>
date: Sat Jul 24 22:23:37 2010 +0000
description:
Update "php53" package to version 5.3.3. Changes since version 5.3.2:
- Rewrote var_export() to use smart_str rather than output buffering,
prevents data disclosure if a fatal error occurs (CVE-2010-2531).
(Scott)
- Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
- Fixed SplObjectStorage unserialization problems (CVE-2010-2225).
(Stas)
- A large number of not security related bug fixes
diffstat:
lang/php53/Makefile | 3 +--
lang/php53/Makefile.common | 8 +++++---
lang/php53/Makefile.php | 8 ++++----
lang/php53/distinfo | 17 ++++++++---------
lang/php53/patches/patch-ab | 27 ++++++++++++++++++---------
lang/php53/patches/patch-ak | 35 -----------------------------------
6 files changed, 36 insertions(+), 62 deletions(-)
diffs (219 lines):
diff -r 7c91f409be58 -r cf4519d1eb36 lang/php53/Makefile
--- a/lang/php53/Makefile Sat Jul 24 22:23:14 2010 +0000
+++ b/lang/php53/Makefile Sat Jul 24 22:23:37 2010 +0000
@@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.3 2010/04/16 15:19:23 taca Exp $
+# $NetBSD: Makefile,v 1.4 2010/07/24 22:23:37 tron Exp $
#
# We can't omit PKGNAME here to handle PKG_OPTIONS.
#
PKGNAME= php-${PHP_BASE_VERS}
-PKGREVISION= 2
CATEGORIES= lang
HOMEPAGE= http://www.php.net/
COMMENT= PHP Hypertext Preprocessor version 5
diff -r 7c91f409be58 -r cf4519d1eb36 lang/php53/Makefile.common
--- a/lang/php53/Makefile.common Sat Jul 24 22:23:14 2010 +0000
+++ b/lang/php53/Makefile.common Sat Jul 24 22:23:37 2010 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.1.1.1 2010/03/16 15:31:58 taca Exp $
+# $NetBSD: Makefile.common,v 1.2 2010/07/24 22:23:37 tron Exp $
# used by lang/php53/Makefile.php
# used by lang/php/ext.mk
# used by meta-pkgs/php53-extensions/Makefile
@@ -30,14 +30,16 @@
.if !defined(PECL_VERSION)
MASTER_SITES?= http://www.php.net/distributions/ \
- http://php3.de/distributions/
+ http://uk.php.net/distributions/ \
+ http://de.php.net/distributions/ \
+ http://us.php.net/distributions/
EXTRACT_SUFX?= .tar.bz2
.endif
MAINTAINER?= pkgsrc-users%NetBSD.org@localhost
HOMEPAGE?= http://www.php.net/
-PHP_BASE_VERS= 5.3.2
+PHP_BASE_VERS= 5.3.3
PHP_EXTENSION_DIR= lib/php/20090630
PLIST_SUBST+= PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR:Q}
diff -r 7c91f409be58 -r cf4519d1eb36 lang/php53/Makefile.php
--- a/lang/php53/Makefile.php Sat Jul 24 22:23:14 2010 +0000
+++ b/lang/php53/Makefile.php Sat Jul 24 22:23:37 2010 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.php,v 1.2 2010/03/21 17:10:01 jdolecek Exp $
+# $NetBSD: Makefile.php,v 1.3 2010/07/24 22:23:37 tron Exp $
# used by lang/php53/Makefile
# used by www/ap-php/Makefile
@@ -47,7 +47,7 @@
# not defined yet, so we cannot use it here.
PKG_OPTIONS_VAR= PKG_OPTIONS.${PKGNAME:C/-[0-9].*//}
PKG_SUPPORTED_OPTIONS+= inet6 ssl maintainer-zts suhosin
-PKG_SUGGESTED_OPTIONS+= ssl
+PKG_SUGGESTED_OPTIONS+= inet6 ssl
#SUBST_CLASSES+= ini
#SUBST_STAGE.ini= post-patch
@@ -59,7 +59,7 @@
.include "../../mk/bsd.options.mk"
.if !empty(PKG_OPTIONS:Msuhosin)
-SUHOSIN_PHPVER= 5.3.2
+SUHOSIN_PHPVER= 5.3.3
. if ${SUHOSIN_PHPVER} != ${PHP_BASE_VERS}
PKG_FAIL_REASON+= "The suhosin patch is currently not available for"
PKG_FAIL_REASON+= "this version of PHP. You may have to wait until"
@@ -67,7 +67,7 @@
PKG_FAIL_REASON+= "build this package without the suhosin option."
. else
PATCH_SITES= http://download.suhosin.org/
-PATCHFILES+= suhosin-patch-${SUHOSIN_PHPVER}-0.9.9.1.patch.gz
+PATCHFILES+= suhosin-patch-${SUHOSIN_PHPVER}-0.9.10.patch.gz
PATCH_DIST_STRIP= -p1
PLIST.suhosin= yes
MESSAGE_SRC= ${.CURDIR}/../../lang/php53/MESSAGE
diff -r 7c91f409be58 -r cf4519d1eb36 lang/php53/distinfo
--- a/lang/php53/distinfo Sat Jul 24 22:23:14 2010 +0000
+++ b/lang/php53/distinfo Sat Jul 24 22:23:37 2010 +0000
@@ -1,13 +1,13 @@
-$NetBSD: distinfo,v 1.5 2010/06/13 22:44:51 wiz Exp $
+$NetBSD: distinfo,v 1.6 2010/07/24 22:23:37 tron Exp $
-SHA1 (php-5.3.2/php-5.3.2.tar.bz2) = 79ea4ee3da3a7542d1e348ac963a5b38bcbb4b6b
-RMD160 (php-5.3.2/php-5.3.2.tar.bz2) = 60a8aac0d51511ecaf8dcad9d31bdf072c0c99cf
-Size (php-5.3.2/php-5.3.2.tar.bz2) = 10477662 bytes
-SHA1 (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = c48d3f24341d3b0214ca3e980320b23864aa93ba
-RMD160 (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = 64d8b7ec2ec91fd7a43b0cd95c0aa0df5b666768
-Size (php-5.3.2/suhosin-patch-5.3.2-0.9.9.1.patch.gz) = 40847 bytes
+SHA1 (php-5.3.3/php-5.3.3.tar.bz2) = 9f66716b341119e4e4f8fe3d81b7d0a5daf3cbc8
+RMD160 (php-5.3.3/php-5.3.3.tar.bz2) = 9edb51663feac9b787f8382012893f1ac98fec6a
+Size (php-5.3.3/php-5.3.3.tar.bz2) = 10662227 bytes
+SHA1 (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 76675242cfdeff763767900213346af622002490
+RMD160 (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 8dcd8b51ea0357b6cc51e70e495e18f341c62f7c
+Size (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 41298 bytes
SHA1 (patch-aa) = f51491af7c577f36979fc07d52b5857368392e09
-SHA1 (patch-ab) = 07c1a5463a302ea155aba10da0d6b0ee0aee43a8
+SHA1 (patch-ab) = 8ac388f50afc03f3f4eacbfed42ae295a2e8d700
SHA1 (patch-ac) = a896371d3343c07a5cf46c79d9ca9e1b2164797a
SHA1 (patch-ad) = 1608c58860a43b4e31df8646b5ded253ec9aa881
SHA1 (patch-ae) = e590db60a60f4e5ef2da4e5edb786335a67a3d56
@@ -16,5 +16,4 @@
SHA1 (patch-ah) = b20c29c64b3099f77855a5ec28960dc1c4f65c83
SHA1 (patch-ai) = d4766893a2c47a4e4a744248dda265b0a9a66a1f
SHA1 (patch-aj) = d611d13fcc28c5d2b9e9586832ce4b8ae5707b48
-SHA1 (patch-ak) = f80a23158ea9105be47fc90465a1fee46673cc74
SHA1 (patch-al) = fbbee5502e0cd1c47c6e7c15e0d54746414ec32e
diff -r 7c91f409be58 -r cf4519d1eb36 lang/php53/patches/patch-ab
--- a/lang/php53/patches/patch-ab Sat Jul 24 22:23:14 2010 +0000
+++ b/lang/php53/patches/patch-ab Sat Jul 24 22:23:37 2010 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ab,v 1.1.1.1 2010/03/16 15:31:58 taca Exp $
+$NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
---- configure.orig 2010-03-13 06:01:16.000000000 +0000
-+++ configure
-@@ -12194,7 +12194,7 @@ EOF
+--- configure.orig 2010-07-24 22:35:41.000000000 +0100
++++ configure 2010-07-24 22:39:23.000000000 +0100
+@@ -13778,7 +13778,7 @@
PHP_VAR_SUBST="$PHP_VAR_SUBST SAPI_CGI_PATH"
@@ -11,7 +11,7 @@
PHP_SAPI=cgi
-@@ -21515,7 +21515,7 @@ fi
+@@ -23206,7 +23206,7 @@
if test "$found_openssl" = "no"; then
if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -20,7 +20,16 @@
fi
for i in $PHP_OPENSSL_DIR; do
-@@ -34398,7 +34398,7 @@ fi
+@@ -25179,7 +25179,7 @@
+ PHP_SQLITE3_CFLAGS="-I@ext_srcdir@/libsqlite $other_flags $threadsafe_flags $debug_flags"
+
+
+- for header_file in ext/sqlite3/libsqlite/sqlite3.h; do
++ for header_file; do
+
+
+ unique=`echo $header_file|$SED 's/[^a-zA-Z0-9]/_/g'`
+@@ -36124,7 +36124,7 @@
if test "$found_openssl" = "no"; then
if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -29,7 +38,7 @@
fi
for i in $PHP_OPENSSL_DIR; do
-@@ -48467,7 +48467,7 @@ fi
+@@ -50201,7 +50201,7 @@
if test "$found_openssl" = "no"; then
if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -38,7 +47,7 @@
fi
for i in $PHP_OPENSSL_DIR; do
-@@ -82684,7 +82684,7 @@ fi
+@@ -84421,7 +84421,7 @@
if test "$found_openssl" = "no"; then
if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -47,7 +56,7 @@
fi
for i in $PHP_OPENSSL_DIR; do
-@@ -104623,12 +104623,7 @@ old_CC=$CC
+@@ -107682,12 +107682,7 @@
if test "$PHP_THREAD_SAFETY" = "yes" && test -n "$ac_cv_pthreads_cflags"; then
CXXFLAGS="$CXXFLAGS $ac_cv_pthreads_cflags"
INLINE_CFLAGS="$INLINE_CFLAGS $ac_cv_pthreads_cflags"
diff -r 7c91f409be58 -r cf4519d1eb36 lang/php53/patches/patch-ak
--- a/lang/php53/patches/patch-ak Sat Jul 24 22:23:14 2010 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,35 +0,0 @@
-$NetBSD: patch-ak,v 1.1 2010/03/27 06:23:13 taca Exp $
-
-Fix for CVE-2010-0397: r296152, r296153 from svn from PHP.
-
---- ext/xmlrpc/xmlrpc-epi-php.c.orig 2010-02-03 20:19:05.000000000 +0000
-+++ ext/xmlrpc/xmlrpc-epi-php.c
-@@ -778,6 +778,7 @@ zval* decode_request_worker(char *xml_in
- zval* retval = NULL;
- XMLRPC_REQUEST response;
- STRUCT_XMLRPC_REQUEST_INPUT_OPTIONS opts = {{0}};
-+ const char *method_name;
- opts.xml_elem_opts.encoding = encoding_in ? utf8_get_encoding_id_from_string(encoding_in) : ENCODING_DEFAULT;
-
- /* generate XMLRPC_REQUEST from raw xml */
-@@ -788,10 +789,16 @@ zval* decode_request_worker(char *xml_in
-
- if (XMLRPC_RequestGetRequestType(response) == xmlrpc_request_call) {
- if (method_name_out) {
-- zval_dtor(method_name_out);
-- Z_TYPE_P(method_name_out) = IS_STRING;
-- Z_STRVAL_P(method_name_out) = estrdup(XMLRPC_RequestGetMethodName(response));
-- Z_STRLEN_P(method_name_out) = strlen(Z_STRVAL_P(method_name_out));
-+ method_name = XMLRPC_RequestGetMethodName(response);
-+ if (method_name) {
-+ zval_dtor(method_name_out);
-+ Z_TYPE_P(method_name_out) = IS_STRING;
-+ Z_STRVAL_P(method_name_out) = estrdup(method_name);
-+ Z_STRLEN_P(method_name_out) = strlen(Z_STRVAL_P(method_name_out));
-+ } else if (retval) {
-+ zval_ptr_dtor(&retval);
-+ retval = NULL;
-+ }
- }
- }
-
Home |
Main Index |
Thread Index |
Old Index