pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/php4 Update to 4.4.3
details: https://anonhg.NetBSD.org/pkgsrc/rev/b25a36693f07
branches: trunk
changeset: 517442:b25a36693f07
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Thu Aug 10 23:01:39 2006 +0000
description:
Update to 4.4.3
All PHP 4.x users are encouraged to upgrade to this release as soon as possible.
The security issues resolved include the following:
* Disallow certain characters in session names.
* Fixed a buffer overflow inside the wordwrap() function.
* Prevent jumps to parent directory via the 2nd parameter of the tempnam()
function.
* Improved safe_mode check for the error_log() function.
* Fixed cross-site scripting inside the phpinfo() function.
The release also includes about 20 bug fixes and an upgraded PCRE library
(version 6.6).
For a full list of changes in PHP 4.4.3, see the ChangeLog:
http://www.php.net/ChangeLog-4.php#4.4.3
This also contains a fix for CVE-2006-4020 (SA21403)
diffstat:
www/php4/Makefile | 3 +-
www/php4/Makefile.common | 4 +-
www/php4/distinfo | 16 +++-----
www/php4/files/pear.sh | 2 +-
www/php4/patches/patch-ao | 12 ++----
www/php4/patches/patch-aq | 13 -------
www/php4/patches/patch-ar | 55 -------------------------------
www/php4/patches/patch-as | 43 ------------------------
www/php4/patches/patch-au | 24 -------------
www/php4/patches/patch-av | 15 --------
www/php4/patches/patch-aw | 83 +++++++++++++++++++++++++++++++++++++++++++++++
11 files changed, 97 insertions(+), 173 deletions(-)
diffs (truncated from 347 to 300 lines):
diff -r d46bece1710d -r b25a36693f07 www/php4/Makefile
--- a/www/php4/Makefile Thu Aug 10 17:58:10 2006 +0000
+++ b/www/php4/Makefile Thu Aug 10 23:01:39 2006 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.69 2006/07/18 21:26:17 adrianp Exp $
+# $NetBSD: Makefile,v 1.70 2006/08/10 23:01:40 adrianp Exp $
PKGNAME= php-${PHP_BASE_VERS}
-PKGREVISION= 3
CATEGORIES+= lang
COMMENT= HTML-embedded scripting language
diff -r d46bece1710d -r b25a36693f07 www/php4/Makefile.common
--- a/www/php4/Makefile.common Thu Aug 10 17:58:10 2006 +0000
+++ b/www/php4/Makefile.common Thu Aug 10 23:01:39 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.52 2006/03/03 07:11:34 cube Exp $
+# $NetBSD: Makefile.common,v 1.53 2006/08/10 23:01:40 adrianp Exp $
DISTNAME?= php-${PHP_DIST_VERS}
CATEGORIES+= www php4
@@ -18,7 +18,7 @@
# PHP_DIST_VERS version number on the php distfile
# PHP_BASE_VERS pkgsrc-mangled version number (convert pl -> .)
#
-PHP_DIST_VERS= 4.4.2
+PHP_DIST_VERS= 4.4.3
PHP_BASE_VERS= ${PHP_DIST_VERS}
DISTFILES?= ${PHP_DISTFILE}
diff -r d46bece1710d -r b25a36693f07 www/php4/distinfo
--- a/www/php4/distinfo Thu Aug 10 17:58:10 2006 +0000
+++ b/www/php4/distinfo Thu Aug 10 23:01:39 2006 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.55 2006/07/18 21:21:19 adrianp Exp $
+$NetBSD: distinfo,v 1.56 2006/08/10 23:01:40 adrianp Exp $
-SHA1 (php-4.4.2.tar.bz2) = 88f2e9efff0add8d8e3034d4ce3a948429b88756
-RMD160 (php-4.4.2.tar.bz2) = cbef0fa4e233529422bc0944dcfb79d866013f5e
-Size (php-4.4.2.tar.bz2) = 4371185 bytes
+SHA1 (php-4.4.3.tar.bz2) = 42aec56fec03c13366c0b0aac13169138814a4b5
+RMD160 (php-4.4.3.tar.bz2) = 36c91930af44e8a1ed59eb159e6131ae8f0c77f0
+Size (php-4.4.3.tar.bz2) = 4461353 bytes
SHA1 (patch-aa) = feb064407950d0fc732b7240e65cac84420d2407
SHA1 (patch-ab) = 38a4bcd0d65b26c5d8e54e22b552f60831188469
SHA1 (patch-ad) = 9ca5d2f59bfeea77a98cd0e727546d11669114cd
@@ -12,11 +12,7 @@
SHA1 (patch-aj) = cc68ce876dc5998becbe2f1f74288b5da5bbaca3
SHA1 (patch-ak) = 1f9fbe26c7329e1d18eec053499ee2d574b5b970
SHA1 (patch-al) = 28ad9006b387e2b9984ad49beea21c9d46e63b46
-SHA1 (patch-ao) = cd30bbff10f1d045c829f72d94304c9dcf202fc6
+SHA1 (patch-ao) = 0fd4becf023451ac8cb185df354830efc86c1344
SHA1 (patch-ap) = 2f852abd1e9d0f089add18b2eade2831253ad00e
-SHA1 (patch-aq) = 00f410eb61624aee0c68d2fd6802a6be7adb373e
-SHA1 (patch-ar) = 5606c1ec5a7afaeda2e3cc7879cc0caa4f86ca68
-SHA1 (patch-as) = 7987c293d2290aa5e68fba87d0aa759797ace40d
SHA1 (patch-at) = f8b3aebd61fe2d5b5a994e1d973424a1ed397f63
-SHA1 (patch-au) = b5fa682fa6b03cc91e68db7e7ed6985897a3288f
-SHA1 (patch-av) = fc105360bccbff5a5eae119f24a8aa12b4e08139
+SHA1 (patch-aw) = f8e2f36a4d9bb4a60d255127ac5984c33ea74841
diff -r d46bece1710d -r b25a36693f07 www/php4/files/pear.sh
--- a/www/php4/files/pear.sh Thu Aug 10 17:58:10 2006 +0000
+++ b/www/php4/files/pear.sh Thu Aug 10 23:01:39 2006 +0000
@@ -25,4 +25,4 @@
fi
fi
-exec $PHP -C -q $INCARG -d output_buffering=1 -dmemory_limit=12M $INCDIR/pearcmd.php "$@"
+exec $PHP -C -q $INCARG -d output_buffering=1 -d open_basedir="" -d safe_mode=0 -d memory_limit=12M $INCDIR/pearcmd.php "$@"
diff -r d46bece1710d -r b25a36693f07 www/php4/patches/patch-ao
--- a/www/php4/patches/patch-ao Thu Aug 10 17:58:10 2006 +0000
+++ b/www/php4/patches/patch-ao Thu Aug 10 23:01:39 2006 +0000
@@ -1,13 +1,9 @@
-$NetBSD: patch-ao,v 1.2 2006/03/06 15:57:58 cube Exp $
+$NetBSD: patch-ao,v 1.3 2006/08/10 23:01:39 adrianp Exp $
---- pear/Makefile.frag.orig 2005-11-05 19:19:23.000000000 +0100
+--- pear/Makefile.frag.orig 2006-05-07 17:33:41.000000000 +0100
+++ pear/Makefile.frag
-@@ -3,10 +3,10 @@
- peardir=$(PEAR_INSTALLDIR)
-
- # Skip all php.ini files altogether
--PEAR_INSTALL_FLAGS = -n -dshort_open_tag=0 -dsafe_mode=0
-+PEAR_INSTALL_FLAGS = -n -dshort_open_tag=0 -dsafe_mode=0 -dmemory_limit=16M
+@@ -6,7 +6,7 @@ peardir=$(PEAR_INSTALLDIR)
+ PEAR_INSTALL_FLAGS = -n -dshort_open_tag=0 -dopen_basedir= -dsafe_mode=0 -dmemory_limit=-1
install-pear-packages: $(top_builddir)/sapi/cli/php
- @$(top_builddir)/sapi/cli/php $(PEAR_INSTALL_FLAGS) $(srcdir)/install-pear.php -d "$(peardir)" -b "$(bindir)" $(srcdir)/packages/*.tar
diff -r d46bece1710d -r b25a36693f07 www/php4/patches/patch-aq
--- a/www/php4/patches/patch-aq Thu Aug 10 17:58:10 2006 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,13 +0,0 @@
-$NetBSD: patch-aq,v 1.1 2006/04/14 13:48:33 cube Exp $
-
---- ext/standard/html.c.orig 2006-01-01 14:46:57.000000000 +0100
-+++ ext/standard/html.c
-@@ -793,7 +793,7 @@ PHPAPI char *php_unescape_html_entities(
- enum entity_charset charset = determine_charset(hint_charset TSRMLS_CC);
- unsigned char replacement[15];
-
-- ret = estrdup(old);
-+ ret = estrndup(old, oldlen);
- retlen = oldlen;
- if (!retlen) {
- goto empty_source;
diff -r d46bece1710d -r b25a36693f07 www/php4/patches/patch-ar
--- a/www/php4/patches/patch-ar Thu Aug 10 17:58:10 2006 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,55 +0,0 @@
-$NetBSD: patch-ar,v 1.1 2006/04/14 13:48:33 cube Exp $
-
---- ext/standard/info.c.orig 2006-01-01 14:46:57.000000000 +0100
-+++ ext/standard/info.c
-@@ -58,6 +58,23 @@ ZEND_EXTERN_MODULE_GLOBALS(iconv)
-
- PHPAPI extern char *php_ini_opened_path;
- PHPAPI extern char *php_ini_scanned_files;
-+
-+static int php_info_write_wrapper(const char *str, uint str_length)
-+{
-+ int new_len, written;
-+ char *elem_esc;
-+
-+ TSRMLS_FETCH();
-+
-+ elem_esc = php_escape_html_entities((char *)str, str_length, &new_len, 0, ENT_QUOTES, NULL TSRMLS_CC);
-+
-+ written = php_body_write(elem_esc, new_len TSRMLS_CC);
-+
-+ efree(elem_esc);
-+
-+ return written;
-+}
-+
-
- /* {{{ _display_module_info
- */
-@@ -133,23 +150,12 @@ static void php_print_gpcse_array(char *
- PUTS(" => ");
- }
- if (Z_TYPE_PP(tmp) == IS_ARRAY) {
-- zval *tmp3;
-- MAKE_STD_ZVAL(tmp3);
- if (!sapi_module.phpinfo_as_text) {
- PUTS("<pre>");
-- }
-- php_start_ob_buffer(NULL, 4096, 1 TSRMLS_CC);
-- zend_print_zval_r(*tmp, 0);
-- php_ob_get_buffer(tmp3 TSRMLS_CC);
-- php_end_ob_buffer(0, 0 TSRMLS_CC);
--
-- elem_esc = php_info_html_esc(Z_STRVAL_P(tmp3) TSRMLS_CC);
-- PUTS(elem_esc);
-- efree(elem_esc);
-- zval_ptr_dtor(&tmp3);
--
-- if (!sapi_module.phpinfo_as_text) {
-+ zend_print_zval_ex((zend_write_func_t) php_info_write_wrapper, *tmp, 0);
- PUTS("</pre>");
-+ } else {
-+ zend_print_zval_r(*tmp, 0 TSRMLS_CC);
- }
- } else if (Z_TYPE_PP(tmp) != IS_STRING) {
- tmp2 = **tmp;
diff -r d46bece1710d -r b25a36693f07 www/php4/patches/patch-as
--- a/www/php4/patches/patch-as Thu Aug 10 17:58:10 2006 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,43 +0,0 @@
-$NetBSD: patch-as,v 1.1 2006/04/14 13:48:33 cube Exp $
-
---- ext/standard/file.c.orig 2006-01-01 14:46:57.000000000 +0100
-+++ ext/standard/file.c
-@@ -552,7 +552,7 @@ PHP_FUNCTION(tempnam)
- pval **arg1, **arg2;
- char *d;
- char *opened_path;
-- char p[64];
-+ char *p;
- FILE *fp;
-
- if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &arg1, &arg2) == FAILURE) {
-@@ -566,7 +566,11 @@ PHP_FUNCTION(tempnam)
- }
-
- d = estrndup(Z_STRVAL_PP(arg1), Z_STRLEN_PP(arg1));
-- strlcpy(p, Z_STRVAL_PP(arg2), sizeof(p));
-+
-+ p = php_basename(Z_STRVAL_PP(arg2), Z_STRLEN_PP(arg2), NULL, 0);
-+ if (strlen(p) > 64) {
-+ p[63] = '\0';
-+ }
-
- if ((fp = php_open_temporary_file(d, p, &opened_path TSRMLS_CC))) {
- fclose(fp);
-@@ -574,6 +578,7 @@ PHP_FUNCTION(tempnam)
- } else {
- RETVAL_FALSE;
- }
-+ efree(p);
- efree(d);
- }
- /* }}} */
-@@ -2196,7 +2201,7 @@ no_stat:
- safe_to_copy:
-
- srcstream = php_stream_open_wrapper(src, "rb",
-- STREAM_DISABLE_OPEN_BASEDIR | REPORT_ERRORS,
-+ ENFORCE_SAFE_MODE | REPORT_ERRORS,
- NULL);
-
- if (!srcstream)
diff -r d46bece1710d -r b25a36693f07 www/php4/patches/patch-au
--- a/www/php4/patches/patch-au Thu Aug 10 17:58:10 2006 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,24 +0,0 @@
-$NetBSD: patch-au,v 1.1 2006/07/18 21:21:19 adrianp Exp $
-
-# This is CVE-2006-1990
-
---- ext/standard/string.c.orig 2006-01-01 13:46:58.000000000 +0000
-+++ ext/standard/string.c
-@@ -672,15 +672,13 @@ PHP_FUNCTION(wordwrap)
- /* Multiple character line break or forced cut */
- if (linelength > 0) {
- chk = (int)(textlen/linelength + 1);
-+ newtext = safe_emalloc(chk, breakcharlen, textlen + 1);
- alloced = textlen + chk * breakcharlen + 1;
- } else {
- chk = textlen;
-+ newtext = safe_emalloc(textlen, (breakcharlen + 1), 1);
- alloced = textlen * (breakcharlen + 1) + 1;
- }
-- if (alloced <= 0) {
-- RETURN_FALSE;
-- }
-- newtext = emalloc(alloced);
-
- /* now keep track of the actual new text length */
- newtextlen = 0;
diff -r d46bece1710d -r b25a36693f07 www/php4/patches/patch-av
--- a/www/php4/patches/patch-av Thu Aug 10 17:58:10 2006 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-av,v 1.1 2006/07/18 21:21:19 adrianp Exp $
-
-# This is CVE-2006-3011
-
---- ext/standard/basic_functions.c.orig 2006-01-01 13:46:57.000000000 +0000
-+++ ext/standard/basic_functions.c
-@@ -1866,7 +1866,7 @@ PHPAPI int _php_error_log(int opt_err, c
- break;
-
- case 3: /*save to a file */
-- stream = php_stream_open_wrapper(opt, "a", IGNORE_URL | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL);
-+ stream = php_stream_open_wrapper(opt, "a", IGNORE_URL_WIN | ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL);
- if (!stream)
- return FAILURE;
- php_stream_write(stream, message, strlen(message));
diff -r d46bece1710d -r b25a36693f07 www/php4/patches/patch-aw
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/php4/patches/patch-aw Thu Aug 10 23:01:39 2006 +0000
@@ -0,0 +1,83 @@
+--- ext/standard/scanf.c.orig 2006-01-01 13:46:58.000000000 +0000
++++ ext/standard/scanf.c 2006-08-10 23:00:19.000000000 +0100
+@@ -732,7 +732,7 @@
+ if (*end == '$') {
+ format = end+1;
+ ch = format++;
+- objIndex = varStart + value;
++ objIndex = varStart + value - 1;
+ }
+ }
+
+@@ -762,8 +762,10 @@
+ switch (*ch) {
+ case 'n':
+ if (!(flags & SCAN_SUPPRESS)) {
+- if (numVars) {
+- current = args[objIndex++];
++ if (numVars && objIndex >= argCount) {
++ break;
++ } else if (numVars) {
++ current = args[objIndex++];
+ zval_dtor( *current );
+ ZVAL_LONG( *current, (long)(string - baseString) );
+ } else {
+@@ -883,8 +885,10 @@
+ }
+ }
+ if (!(flags & SCAN_SUPPRESS)) {
+- if (numVars) {
+- current = args[objIndex++];
++ if (numVars && objIndex >= argCount) {
++ break;
++ } else if (numVars) {
++ current = args[objIndex++];
+ zval_dtor( *current );
+ ZVAL_STRINGL( *current, string, end-string, 1);
Home |
Main Index |
Thread Index |
Old Index