pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2007Q1]: pkgsrc/lang/php5 Pullup ticket 2113 - requested by ad...
details: https://anonhg.NetBSD.org/pkgsrc/rev/76c6935d5758
branches: pkgsrc-2007Q1
changeset: 527423:76c6935d5758
user: salo <salo%pkgsrc.org@localhost>
date: Thu Jun 14 23:34:08 2007 +0000
description:
Pullup ticket 2113 - requested by adrianp
security update for php5
Revisions pulled up:
- pkgsrc/lang/php5/Makefile 1.52, 1.53, 1.54, 1.55
- pkgsrc/lang/php5/Makefile.common 1.26
- pkgsrc/lang/php5/distinfo 1.41, 1.42, 1.43, 1.44
- pkgsrc/lang/php5/patches/patch-am 1.3
- pkgsrc/lang/php5/patches/patch-an 1.3, 1.4
Module Name: pkgsrc
Committed By: adrianp
Date: Wed Jun 6 19:33:13 UTC 2007
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common distinfo
Log Message:
Update to php-5.2.3
Security Fixes
* Fixed an integer overflow inside chunk_split() (by Gerhard Wagner,
CVE-2007-2872)
* Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche,
CVE-2007-2756)
* Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan
Esser, CVE-2007-1900)
* Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath())
(by bugs dot php dot net at chsc dot dk)
* Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
* Added mysql_set_charset() to allow runtime altering of connection
encoding.
* Upgraded bundled SQLite 3 to version 3.3.17. (Ilia)
* Fixed gd build when used with freetype 1.x (Pierre, Tony)
And a fair few bugs fixed, see: http://www.php.net/ChangeLog-5.php#5.2.3
for all the details.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Jun 7 10:45:18 UTC 2007
Added Files:
pkgsrc/lang/php5/patches: patch-am
Log Message:
Add in the correct patch to fix CVE-2007-2872
Spotted by Takahiro Kambe
---
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Jun 7 10:45:42 UTC 2007
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Log Message:
Add in the correct patch to fix CVE-2007-2872
Spotted by Takahiro Kambe
---
Module Name: pkgsrc
Committed By: adrianp
Date: Fri Jun 8 12:29:53 UTC 2007
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-an
Log Message:
Fix the install path for the CGI binary so it ends up where we want it.
Pointed out by schmonz@ and taca@
Bump PKGREVISION
---
Module Name: pkgsrc
Committed By: heinz
Date: Mon Jun 11 17:45:30 UTC 2007
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
pkgsrc/lang/php5/patches: patch-an
Log Message:
Added support for installation to DESTDIR. patch-an had removed correct
support for this before, probably unintentionally.
diffstat:
lang/php5/Makefile | 35 ++++++++++++++++++++++++++---------
lang/php5/Makefile.common | 4 ++--
lang/php5/distinfo | 10 ++++++----
lang/php5/patches/patch-am | 28 ++++++++++++++++++++++++++++
lang/php5/patches/patch-an | 13 +++++++++++++
5 files changed, 75 insertions(+), 15 deletions(-)
diffs (147 lines):
diff -r d9d15f82affc -r 76c6935d5758 lang/php5/Makefile
--- a/lang/php5/Makefile Thu Jun 14 22:04:10 2007 +0000
+++ b/lang/php5/Makefile Thu Jun 14 23:34:08 2007 +0000
@@ -1,11 +1,14 @@
-# $NetBSD: Makefile,v 1.48.2.1 2007/05/15 23:42:38 salo Exp $
+# $NetBSD: Makefile,v 1.48.2.2 2007/06/14 23:34:08 salo Exp $
PKGNAME= php-${PHP_BASE_VERS}
+PKGREVISION= 2
CATEGORIES= lang
HOMEPAGE= http://www.php.net/
COMMENT= PHP Hypertext Preprocessor version 5
+PKG_DESTDIR_SUPPORT= user-destdir
+
USE_TOOLS+= gmake lex
LIBTOOL_OVERRIDE= # empty
@@ -28,17 +31,31 @@
EGDIR= ${PREFIX}/share/examples/php
MESSAGE_SUBST+= CGIDIR=${CGIDIR:Q}
+MAKE_ENV+= INSTALL_ROOT=${DESTDIR:Q}
+
CONF_FILES= ${EGDIR}/php.ini-recommended ${PKG_SYSCONFDIR}/php.ini
OWN_DIRS= ${PREFIX}/${PHP_EXTENSION_DIR}
+SUBST_CLASSES+= cgi
+SUBST_MESSAGE.cgi= Fixing CGI path.
+SUBST_STAGE.cgi= pre-configure
+SUBST_FILES.cgi= configure
+SUBST_SED.cgi= -e 's,@CGIDIR@,${CGIDIR},g'
+
+pre-install:
+ ${INSTALL_DATA_DIR} ${DESTDIR:Q}${CGIDIR:Q}
+
post-install:
- ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cli/php ${PREFIX}/bin/php
- ${INSTALL_DATA} ${WRKSRC}/sapi/cli/php.1 ${PREFIX}/${PKGMANDIR}/man1/php.1
- ${INSTALL_DATA_DIR} ${CGIDIR}
- ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cgi/php ${CGIDIR}
- ${INSTALL_DATA_DIR} ${EGDIR}
- cd ${WRKSRC}; ${INSTALL_DATA} php.ini-dist php.ini-recommended ${EGDIR}
- ${INSTALL_DATA_DIR} ${PREFIX}/share/php
- ${INSTALL_DATA} ${WRKSRC}/php.gif ${PREFIX}/share/php
+ ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cli/php \
+ ${DESTDIR:Q}${PREFIX:Q}/bin/php
+ ${INSTALL_DATA} ${WRKSRC}/sapi/cli/php.1 \
+ ${DESTDIR:Q}${PREFIX:Q}/${PKGMANDIR}/man1/php.1
+ ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cgi/php-cgi \
+ ${DESTDIR:Q}${CGIDIR:Q}/php
+ ${INSTALL_DATA_DIR} ${DESTDIR:Q}${EGDIR:Q}
+ cd ${WRKSRC}; ${INSTALL_DATA} php.ini-dist php.ini-recommended \
+ ${DESTDIR:Q}${EGDIR:Q}
+ ${INSTALL_DATA_DIR} ${DESTDIR:Q}${PREFIX:Q}/share/php
+ ${INSTALL_DATA} ${WRKSRC}/php.gif ${DESTDIR:Q}${PREFIX:Q}/share/php
.include "../../mk/bsd.pkg.mk"
diff -r d9d15f82affc -r 76c6935d5758 lang/php5/Makefile.common
--- a/lang/php5/Makefile.common Thu Jun 14 22:04:10 2007 +0000
+++ b/lang/php5/Makefile.common Thu Jun 14 23:34:08 2007 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.24.2.1 2007/05/15 23:42:38 salo Exp $
+# $NetBSD: Makefile.common,v 1.24.2.2 2007/06/14 23:34:08 salo Exp $
.if !defined(DISTNAME)
DISTNAME= php-${PHP_BASE_VERS}
@@ -15,7 +15,7 @@
MAINTAINER?= jdolecek%NetBSD.org@localhost
HOMEPAGE?= http://www.php.net/
-PHP_BASE_VERS= 5.2.2
+PHP_BASE_VERS= 5.2.3
PHP_EXTENSION_DIR= lib/php/20040412
PLIST_SUBST+= PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR:Q}
diff -r d9d15f82affc -r 76c6935d5758 lang/php5/distinfo
--- a/lang/php5/distinfo Thu Jun 14 22:04:10 2007 +0000
+++ b/lang/php5/distinfo Thu Jun 14 23:34:08 2007 +0000
@@ -1,11 +1,13 @@
-$NetBSD: distinfo,v 1.36.2.2 2007/05/15 23:42:39 salo Exp $
+$NetBSD: distinfo,v 1.36.2.3 2007/06/14 23:34:08 salo Exp $
-SHA1 (php-5.2.2/php-5.2.2.tar.bz2) = b9b0b8f778eee61afcff24e286e626baed8d2934
-RMD160 (php-5.2.2/php-5.2.2.tar.bz2) = 15e844530bced2960e35fd291fb71a416562aec0
-Size (php-5.2.2/php-5.2.2.tar.bz2) = 7310926 bytes
+SHA1 (php-5.2.3/php-5.2.3.tar.bz2) = 0a02e05e1c663c0d4ee0b253917c0e140e606261
+RMD160 (php-5.2.3/php-5.2.3.tar.bz2) = 3c895cf7e513e5a3d7d9f742a9d56102cbb3a79b
+Size (php-5.2.3/php-5.2.3.tar.bz2) = 7417635 bytes
SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20
SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e
SHA1 (patch-ah) = c7cbd4b9ea0796ea3b7491c2cffb6ddddc518587
SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc
SHA1 (patch-ak) = 0a6445b5cf390cb63de8474d75c6e8a4c058afab
SHA1 (patch-al) = 0ee37782cc0d3bf5ede1a583de0589c2c1316b50
+SHA1 (patch-am) = 430a79a913aa0885ff6ef9a8d7b938732747445a
+SHA1 (patch-an) = 8e33ce700049bdb05e5f56f0a8132b55e357abeb
diff -r d9d15f82affc -r 76c6935d5758 lang/php5/patches/patch-am
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php5/patches/patch-am Thu Jun 14 23:34:08 2007 +0000
@@ -0,0 +1,28 @@
+$NetBSD: patch-am,v 1.2.12.1 2007/06/14 23:34:09 salo Exp $
+
+--- ext/standard/string.c.orig 2007-05-30 01:33:13.000000000 +0100
++++ ext/standard/string.c
+@@ -1956,18 +1956,20 @@ static char *php_chunk_split(char *src,
+ char *p, *q;
+ int chunks; /* complete chunks! */
+ int restlen;
+- int out_len;
++ float out_len;
+
+ chunks = srclen / chunklen;
+ restlen = srclen - chunks * chunklen; /* srclen % chunklen */
+
+- out_len = (srclen + (chunks + 1) * endlen + 1);
++ out_len = chunks + 1;
++ out_len *= endlen;
++ out_len += srclen + 1;
+
+ if (out_len > INT_MAX || out_len <= 0) {
+ return NULL;
+ }
+
+- dest = safe_emalloc(out_len, sizeof(char), 0);
++ dest = safe_emalloc((int)out_len, sizeof(char), 0);
+
+ for (p = src, q = dest; p < (src + srclen - chunklen + 1); ) {
+ memcpy(q, p, chunklen);
diff -r d9d15f82affc -r 76c6935d5758 lang/php5/patches/patch-an
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php5/patches/patch-an Thu Jun 14 23:34:08 2007 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-an,v 1.2.12.1 2007/06/14 23:34:09 salo Exp $
+
+--- configure.orig 2007-05-30 20:50:52.000000000 +0200
++++ configure
+@@ -11985,7 +11985,7 @@ EOF
+
+ echo "$ac_t""$PHP_ENABLE_FASTCGI" 1>&6
+
+- INSTALL_IT="@echo \"Installing PHP CGI binary: \$(INSTALL_ROOT)\$(bindir)/\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH)
\$(INSTALL_ROOT)\$(bindir)/\$(program_prefix)php-cgi\$(program_suffix)\$(EXEEXT)"
++ INSTALL_IT="@echo \"Installing PHP CGI binary: \$(INSTALL_ROOT)@CGIDIR@/\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH) \$(INSTALL_ROOT)@CGIDIR@/php"
+
+ PHP_SAPI=cgi
+
Home |
Main Index |
Thread Index |
Old Index