[pkgsrc/pkgsrc-2022Q4]: pkgsrc/lang Pullup ticket #6719 - requested by taca

[bsiegert <bsiegert%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/ae6cad073d08
branches:  pkgsrc-2022Q4
changeset: 391367:ae6cad073d08
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Sun Jan 08 19:18:28 2023 +0000

description:
Pullup ticket #6719 - requested by taca
lang/php80: security fix

Revisions pulled up:
- lang/php/phpversion.mk                                        1.386
- lang/php80/distinfo                                           1.28
- lang/php80/patches/patch-sapi_fpm_fpm_events_port.c           deleted

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Jan  7 07:43:34 UTC 2023

   Modified Files:
        pkgsrc/lang/php: phpversion.mk
        pkgsrc/lang/php80: distinfo
   Removed Files:
        pkgsrc/lang/php80/patches: patch-sapi_fpm_fpm_events_port.c

   Log Message:
   lang/php80: update to 8.0.27

   (2023-01-05)

   - PDO/SQLite:
     . Fixed bug #81740 (PDO::quote() may return unquoted string). (CVE-2022-31631)
       (cmb)

diffstat:

 lang/php/phpversion.mk                              |   4 +-
 lang/php80/distinfo                                 |   9 ++---
 lang/php80/patches/patch-sapi_fpm_fpm_events_port.c |  33 ---------------------
 3 files changed, 6 insertions(+), 40 deletions(-)

diffs (77 lines):

diff -r 3d878de025cc -r ae6cad073d08 lang/php/phpversion.mk
--- a/lang/php/phpversion.mk    Sun Jan 08 17:57:21 2023 +0000
+++ b/lang/php/phpversion.mk    Sun Jan 08 19:18:28 2023 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: phpversion.mk,v 1.383.2.2 2023/01/08 17:57:21 bsiegert Exp $
+# $NetBSD: phpversion.mk,v 1.383.2.3 2023/01/08 19:18:28 bsiegert Exp $
 #
 # This file selects a PHP version, based on the user's preferences and
 # the installed packages. It does not add a dependency on the PHP
@@ -89,7 +89,7 @@
 # Define each PHP's version.
 PHP56_VERSION= 5.6.40
 PHP74_VERSION= 7.4.33
-PHP80_VERSION= 8.0.26
+PHP80_VERSION= 8.0.27
 PHP81_VERSION= 8.1.14
 PHP82_VERSION= 8.2.1
 
diff -r 3d878de025cc -r ae6cad073d08 lang/php80/distinfo
--- a/lang/php80/distinfo       Sun Jan 08 17:57:21 2023 +0000
+++ b/lang/php80/distinfo       Sun Jan 08 19:18:28 2023 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.27 2022/11/27 02:53:03 taca Exp $
+$NetBSD: distinfo,v 1.27.2.1 2023/01/08 19:18:28 bsiegert Exp $
 
-BLAKE2s (php-8.0.26.tar.xz) = e71cb18ab1bac16ccf12279fb797875622cbbb347c06027f93db49bdbebf9ae5
-SHA512 (php-8.0.26.tar.xz) = 2c285bd0d4516e188b8f9fe45db12bb0631c8298c97b3fcf99b7d56bed8c90920649d613c19821cbb38592211f5a3e7980679f2a59ad2d920da5b669251a99d5
-Size (php-8.0.26.tar.xz) = 10868588 bytes
+BLAKE2s (php-8.0.27.tar.xz) = 53f8f186ed81a1c9c013e49a6002877081e4aee8e7f36b65680f2b872f0dd9e2
+SHA512 (php-8.0.27.tar.xz) = 443d4fe5d3165e2806e6ce03356f38b1d70fb4c86054f10b22e62191d5961bb51b10a31c49f3d74e6360836254db3107a8910589966481ebc7f5e06886b5e026
+Size (php-8.0.27.tar.xz) = 10802096 bytes
 SHA1 (patch-build_libtool.m4) = e58a2bcebe9e9d7dc7255354fd9fe57878e3f8a6
 SHA1 (patch-configure) = 6c3d2537eb4d1c2ed05e8e1e411701d316c67d8b
 SHA1 (patch-disable-filter-url) = 0a2c19c18f089448a8d842e99738b292ab9e5640
@@ -16,5 +16,4 @@
 SHA1 (patch-php.ini-production) = 3ee4d2e2e4fb4dbcb5b64df86751f7feeef0e20d
 SHA1 (patch-sapi_cgi_Makefile.frag) = f4cd64d334884c49787d8854115c8cd69cc79bb8
 SHA1 (patch-sapi_cli_Makefile.frag) = 1cd29d09042863acbf5330e406410fdcf75d06b3
-SHA1 (patch-sapi_fpm_fpm_events_port.c) = 30ecee10f6d34b7422972e1e275b4f73c7fd964d
 SHA1 (patch-sapi_fpm_php-fpm.conf.in) = acf9b4e70d4c5ea2b96e37e7bbf9005379ecc4d0
diff -r 3d878de025cc -r ae6cad073d08 lang/php80/patches/patch-sapi_fpm_fpm_events_port.c
--- a/lang/php80/patches/patch-sapi_fpm_fpm_events_port.c       Sun Jan 08 17:57:21 2023 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,33 +0,0 @@
-$NetBSD: patch-sapi_fpm_fpm_events_port.c,v 1.2 2021/06/04 13:56:31 taca Exp $
-
-Similar to upstream bug #65800. We should resubmit this patch and
-get that bugfix intergrated, by changing port_associate() call to
-use the wrapper fpm_event_port_add().
-
---- sapi/fpm/fpm/events/port.c.orig    2021-06-01 18:43:05.000000000 +0000
-+++ sapi/fpm/fpm/events/port.c
-@@ -145,14 +145,23 @@ static int fpm_event_port_wait(struct fp
-       }
- 
-       for (i = 0; i < nget; i++) {
-+              struct fpm_event_s *ev;
- 
-               /* do we have a ptr to the event ? */
-               if (!events[i].portev_user) {
-                       continue;
-               }
- 
-+              ev = (struct fpm_event_s *)events[i].portev_user;
-+
-+              if (port_associate(pfd, PORT_SOURCE_FD,
-+                  ev->fd, POLLIN, (void *)ev) < 0) {
-+                      zlog(ZLOG_ERROR, "port: unable to add the event");
-+                      return -1;
-+              }
-+
-               /* fire the event */
--              fpm_event_fire((struct fpm_event_s *)events[i].portev_user);
-+              fpm_event_fire(ev);
- 
-               /* sanity check */
-               if (fpm_globals.parent_pid != getpid()) {