pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2007Q1]: pkgsrc/lang/php5 Pullup ticket 2113 - requested by ad...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/76c6935d5758
branches:  pkgsrc-2007Q1
changeset: 527423:76c6935d5758
user:      salo <salo%pkgsrc.org@localhost>
date:      Thu Jun 14 23:34:08 2007 +0000

description:
Pullup ticket 2113 - requested by adrianp
security update for php5

Revisions pulled up:
- pkgsrc/lang/php5/Makefile                     1.52, 1.53, 1.54, 1.55
- pkgsrc/lang/php5/Makefile.common              1.26
- pkgsrc/lang/php5/distinfo                     1.41, 1.42, 1.43, 1.44
- pkgsrc/lang/php5/patches/patch-am             1.3
- pkgsrc/lang/php5/patches/patch-an             1.3, 1.4

   Module Name:         pkgsrc
   Committed By:        adrianp
   Date:                Wed Jun  6 19:33:13 UTC 2007

   Modified Files:
        pkgsrc/lang/php5: Makefile Makefile.common distinfo

   Log Message:
   Update to php-5.2.3

   Security Fixes
   * Fixed an integer overflow inside chunk_split() (by Gerhard Wagner,
     CVE-2007-2872)
   * Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche,
     CVE-2007-2756)
   * Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan
     Esser, CVE-2007-1900)
   * Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath())
     (by bugs dot php dot net at chsc dot dk)
   * Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
   * Added mysql_set_charset() to allow runtime altering of connection
     encoding.

   * Upgraded bundled SQLite 3 to version 3.3.17. (Ilia)
   * Fixed gd build when used with freetype 1.x (Pierre, Tony)

   And a fair few bugs fixed, see: http://www.php.net/ChangeLog-5.php#5.2.3
   for all the details.
---
   Module Name:         pkgsrc
   Committed By:        adrianp
   Date:                Thu Jun  7 10:45:18 UTC 2007

   Added Files:
        pkgsrc/lang/php5/patches: patch-am

   Log Message:
   Add in the correct patch to fix CVE-2007-2872
   Spotted by Takahiro Kambe
---
   Module Name:         pkgsrc
   Committed By:        adrianp
   Date:                Thu Jun  7 10:45:42 UTC 2007

   Modified Files:
        pkgsrc/lang/php5: Makefile distinfo

   Log Message:
   Add in the correct patch to fix CVE-2007-2872
   Spotted by Takahiro Kambe
---
   Module Name:         pkgsrc
   Committed By:        adrianp
   Date:                Fri Jun  8 12:29:53 UTC 2007

   Modified Files:
        pkgsrc/lang/php5: Makefile distinfo
   Added Files:
        pkgsrc/lang/php5/patches: patch-an

   Log Message:
   Fix the install path for the CGI binary so it ends up where we want it.
   Pointed out by schmonz@ and taca@
   Bump PKGREVISION
---
   Module Name:         pkgsrc
   Committed By:        heinz
   Date:                Mon Jun 11 17:45:30 UTC 2007

   Modified Files:
        pkgsrc/lang/php5: Makefile distinfo
        pkgsrc/lang/php5/patches: patch-an

   Log Message:
   Added support for installation to DESTDIR. patch-an had removed correct
   support for this before, probably unintentionally.

diffstat:

 lang/php5/Makefile         |  35 ++++++++++++++++++++++++++---------
 lang/php5/Makefile.common  |   4 ++--
 lang/php5/distinfo         |  10 ++++++----
 lang/php5/patches/patch-am |  28 ++++++++++++++++++++++++++++
 lang/php5/patches/patch-an |  13 +++++++++++++
 5 files changed, 75 insertions(+), 15 deletions(-)

diffs (147 lines):

diff -r d9d15f82affc -r 76c6935d5758 lang/php5/Makefile
--- a/lang/php5/Makefile        Thu Jun 14 22:04:10 2007 +0000
+++ b/lang/php5/Makefile        Thu Jun 14 23:34:08 2007 +0000
@@ -1,11 +1,14 @@
-# $NetBSD: Makefile,v 1.48.2.1 2007/05/15 23:42:38 salo Exp $
+# $NetBSD: Makefile,v 1.48.2.2 2007/06/14 23:34:08 salo Exp $
 
 PKGNAME=               php-${PHP_BASE_VERS}
+PKGREVISION=           2
 CATEGORIES=            lang
 
 HOMEPAGE=              http://www.php.net/
 COMMENT=               PHP Hypertext Preprocessor version 5
 
+PKG_DESTDIR_SUPPORT=   user-destdir
+
 USE_TOOLS+=            gmake lex
 LIBTOOL_OVERRIDE=      # empty
 
@@ -28,17 +31,31 @@
 EGDIR=                 ${PREFIX}/share/examples/php
 MESSAGE_SUBST+=                CGIDIR=${CGIDIR:Q}
 
+MAKE_ENV+=             INSTALL_ROOT=${DESTDIR:Q}
+
 CONF_FILES=            ${EGDIR}/php.ini-recommended ${PKG_SYSCONFDIR}/php.ini
 OWN_DIRS=              ${PREFIX}/${PHP_EXTENSION_DIR}
 
+SUBST_CLASSES+=                cgi
+SUBST_MESSAGE.cgi=     Fixing CGI path.
+SUBST_STAGE.cgi=       pre-configure
+SUBST_FILES.cgi=       configure
+SUBST_SED.cgi=         -e 's,@CGIDIR@,${CGIDIR},g'
+
+pre-install:
+       ${INSTALL_DATA_DIR} ${DESTDIR:Q}${CGIDIR:Q}
+
 post-install:
-       ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cli/php ${PREFIX}/bin/php
-       ${INSTALL_DATA} ${WRKSRC}/sapi/cli/php.1 ${PREFIX}/${PKGMANDIR}/man1/php.1
-       ${INSTALL_DATA_DIR} ${CGIDIR}
-       ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cgi/php ${CGIDIR}
-       ${INSTALL_DATA_DIR} ${EGDIR}
-       cd ${WRKSRC}; ${INSTALL_DATA} php.ini-dist php.ini-recommended ${EGDIR}
-       ${INSTALL_DATA_DIR} ${PREFIX}/share/php
-       ${INSTALL_DATA} ${WRKSRC}/php.gif ${PREFIX}/share/php
+       ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cli/php \
+               ${DESTDIR:Q}${PREFIX:Q}/bin/php
+       ${INSTALL_DATA} ${WRKSRC}/sapi/cli/php.1 \
+               ${DESTDIR:Q}${PREFIX:Q}/${PKGMANDIR}/man1/php.1
+       ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cgi/php-cgi \
+               ${DESTDIR:Q}${CGIDIR:Q}/php
+       ${INSTALL_DATA_DIR} ${DESTDIR:Q}${EGDIR:Q}
+       cd ${WRKSRC}; ${INSTALL_DATA} php.ini-dist php.ini-recommended \
+               ${DESTDIR:Q}${EGDIR:Q}
+       ${INSTALL_DATA_DIR} ${DESTDIR:Q}${PREFIX:Q}/share/php
+       ${INSTALL_DATA} ${WRKSRC}/php.gif ${DESTDIR:Q}${PREFIX:Q}/share/php
 
 .include "../../mk/bsd.pkg.mk"
diff -r d9d15f82affc -r 76c6935d5758 lang/php5/Makefile.common
--- a/lang/php5/Makefile.common Thu Jun 14 22:04:10 2007 +0000
+++ b/lang/php5/Makefile.common Thu Jun 14 23:34:08 2007 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.24.2.1 2007/05/15 23:42:38 salo Exp $
+# $NetBSD: Makefile.common,v 1.24.2.2 2007/06/14 23:34:08 salo Exp $
 
 .if !defined(DISTNAME)
 DISTNAME=              php-${PHP_BASE_VERS}
@@ -15,7 +15,7 @@
 MAINTAINER?=           jdolecek%NetBSD.org@localhost
 HOMEPAGE?=             http://www.php.net/
 
-PHP_BASE_VERS=         5.2.2
+PHP_BASE_VERS=         5.2.3
 
 PHP_EXTENSION_DIR=     lib/php/20040412
 PLIST_SUBST+=          PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR:Q}
diff -r d9d15f82affc -r 76c6935d5758 lang/php5/distinfo
--- a/lang/php5/distinfo        Thu Jun 14 22:04:10 2007 +0000
+++ b/lang/php5/distinfo        Thu Jun 14 23:34:08 2007 +0000
@@ -1,11 +1,13 @@
-$NetBSD: distinfo,v 1.36.2.2 2007/05/15 23:42:39 salo Exp $
+$NetBSD: distinfo,v 1.36.2.3 2007/06/14 23:34:08 salo Exp $
 
-SHA1 (php-5.2.2/php-5.2.2.tar.bz2) = b9b0b8f778eee61afcff24e286e626baed8d2934
-RMD160 (php-5.2.2/php-5.2.2.tar.bz2) = 15e844530bced2960e35fd291fb71a416562aec0
-Size (php-5.2.2/php-5.2.2.tar.bz2) = 7310926 bytes
+SHA1 (php-5.2.3/php-5.2.3.tar.bz2) = 0a02e05e1c663c0d4ee0b253917c0e140e606261
+RMD160 (php-5.2.3/php-5.2.3.tar.bz2) = 3c895cf7e513e5a3d7d9f742a9d56102cbb3a79b
+Size (php-5.2.3/php-5.2.3.tar.bz2) = 7417635 bytes
 SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20
 SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e
 SHA1 (patch-ah) = c7cbd4b9ea0796ea3b7491c2cffb6ddddc518587
 SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc
 SHA1 (patch-ak) = 0a6445b5cf390cb63de8474d75c6e8a4c058afab
 SHA1 (patch-al) = 0ee37782cc0d3bf5ede1a583de0589c2c1316b50
+SHA1 (patch-am) = 430a79a913aa0885ff6ef9a8d7b938732747445a
+SHA1 (patch-an) = 8e33ce700049bdb05e5f56f0a8132b55e357abeb
diff -r d9d15f82affc -r 76c6935d5758 lang/php5/patches/patch-am
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php5/patches/patch-am        Thu Jun 14 23:34:08 2007 +0000
@@ -0,0 +1,28 @@
+$NetBSD: patch-am,v 1.2.12.1 2007/06/14 23:34:09 salo Exp $
+
+--- ext/standard/string.c.orig 2007-05-30 01:33:13.000000000 +0100
++++ ext/standard/string.c
+@@ -1956,18 +1956,20 @@ static char *php_chunk_split(char *src, 
+       char *p, *q;
+       int chunks; /* complete chunks! */
+       int restlen;
+-      int out_len; 
++      float out_len; 
+ 
+       chunks = srclen / chunklen;
+       restlen = srclen - chunks * chunklen; /* srclen % chunklen */
+ 
+-      out_len = (srclen + (chunks + 1) * endlen + 1);
++      out_len = chunks + 1;
++      out_len *= endlen;
++      out_len += srclen + 1;
+ 
+       if (out_len > INT_MAX || out_len <= 0) {
+               return NULL;
+       }
+ 
+-      dest = safe_emalloc(out_len, sizeof(char), 0);
++      dest = safe_emalloc((int)out_len, sizeof(char), 0);
+ 
+       for (p = src, q = dest; p < (src + srclen - chunklen + 1); ) {
+               memcpy(q, p, chunklen);
diff -r d9d15f82affc -r 76c6935d5758 lang/php5/patches/patch-an
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php5/patches/patch-an        Thu Jun 14 23:34:08 2007 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-an,v 1.2.12.1 2007/06/14 23:34:09 salo Exp $
+
+--- configure.orig     2007-05-30 20:50:52.000000000 +0200
++++ configure
+@@ -11985,7 +11985,7 @@ EOF
+ 
+     echo "$ac_t""$PHP_ENABLE_FASTCGI" 1>&6
+ 
+-    INSTALL_IT="@echo \"Installing PHP CGI binary: \$(INSTALL_ROOT)\$(bindir)/\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH) 
\$(INSTALL_ROOT)\$(bindir)/\$(program_prefix)php-cgi\$(program_suffix)\$(EXEEXT)"
++    INSTALL_IT="@echo \"Installing PHP CGI binary: \$(INSTALL_ROOT)@CGIDIR@/\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH) \$(INSTALL_ROOT)@CGIDIR@/php"
+     
+   PHP_SAPI=cgi
+   



Home | Main Index | Thread Index | Old Index