diff options
author | ghen <ghen@pkgsrc.org> | 2007-08-06 21:13:13 +0000 |
---|---|---|
committer | ghen <ghen@pkgsrc.org> | 2007-08-06 21:13:13 +0000 |
commit | c7a4f1f34176af0d50cf7587bff3d905359cc914 (patch) | |
tree | 0885a97b73c48b04df13cbb8d037a2c500f0a47b | |
parent | ff99b27b6027a89ed199071a0b464927c2a45bb0 (diff) | |
download | pkgsrc-c7a4f1f34176af0d50cf7587bff3d905359cc914.tar.gz |
Pullup tickets 2161-2163 - requested by taca
security fix for php
- pkgsrc/lang/php5/Makefile 1.56
- pkgsrc/lang/php5/distinfo 1.45
- pkgsrc/lang/php5/patches/patch-ad 1.1
- pkgsrc/lang/php5/patches/patch-ae 1.1
- pkgsrc/www/ap-php/Makefile 1.15
- pkgsrc/www/php4/Makefile 1.79
- pkgsrc/www/php4/distinfo 1.66
- pkgsrc/www/php4/patches/patch-aw 1.3
Module Name: pkgsrc
Committed By: taca
Date: Wed Aug 1 01:40:55 UTC 2007
Modified Files:
pkgsrc/www/php4: Makefile distinfo
Added Files:
pkgsrc/www/php4/patches: patch-aw
Log Message:
Add patches to fix CVE-2007-3806 referring CVS repository.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Wed Aug 1 01:40:08 UTC 2007
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-ad patch-ae
Log Message:
- Add patches to fix CVE-2007-3806 referring CVS repository.
- Fix compile problem on NetBSD with mremap(2).
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 2 15:10:04 UTC 2007
Modified Files:
pkgsrc/www/ap-php: Makefile
Log Message:
Update of www/php5 package affects ap-php, too.
So, bump PKGREVISION.
(I just forgot to commit.)
-rw-r--r-- | lang/php5/Makefile | 4 | ||||
-rw-r--r-- | lang/php5/distinfo | 4 | ||||
-rw-r--r-- | lang/php5/patches/patch-ad | 18 | ||||
-rw-r--r-- | lang/php5/patches/patch-ae | 14 | ||||
-rw-r--r-- | www/ap-php/Makefile | 3 | ||||
-rw-r--r-- | www/php4/Makefile | 3 | ||||
-rw-r--r-- | www/php4/distinfo | 3 | ||||
-rw-r--r-- | www/php4/patches/patch-aw | 14 |
8 files changed, 57 insertions, 6 deletions
diff --git a/lang/php5/Makefile b/lang/php5/Makefile index d63c490d2f6..d72adf66168 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.55 2007/06/11 17:45:30 heinz Exp $ +# $NetBSD: Makefile,v 1.55.2.1 2007/08/06 21:13:13 ghen Exp $ PKGNAME= php-${PHP_BASE_VERS} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= lang HOMEPAGE= http://www.php.net/ diff --git a/lang/php5/distinfo b/lang/php5/distinfo index 37d165bcde7..7d48a7cedcb 100644 --- a/lang/php5/distinfo +++ b/lang/php5/distinfo @@ -1,9 +1,11 @@ -$NetBSD: distinfo,v 1.44 2007/06/11 17:45:30 heinz Exp $ +$NetBSD: distinfo,v 1.44.2.1 2007/08/06 21:13:13 ghen Exp $ SHA1 (php-5.2.3/php-5.2.3.tar.bz2) = 0a02e05e1c663c0d4ee0b253917c0e140e606261 RMD160 (php-5.2.3/php-5.2.3.tar.bz2) = 3c895cf7e513e5a3d7d9f742a9d56102cbb3a79b Size (php-5.2.3/php-5.2.3.tar.bz2) = 7417635 bytes SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20 +SHA1 (patch-ad) = b324c33b1e70adee5b89dcecdd7690dcadcc18ec +SHA1 (patch-ae) = b137b8527c42ed73dd3589a9e7cbc4a47267f21c SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e SHA1 (patch-ah) = c7cbd4b9ea0796ea3b7491c2cffb6ddddc518587 SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc diff --git a/lang/php5/patches/patch-ad b/lang/php5/patches/patch-ad new file mode 100644 index 00000000000..841bd23524d --- /dev/null +++ b/lang/php5/patches/patch-ad @@ -0,0 +1,18 @@ +$NetBSD: patch-ad,v 1.1.2.2 2007/08/06 21:13:13 ghen Exp $ + +Adapt NetBSD's remap(2). + +--- Zend/zend_alloc.c.orig 2007-05-28 19:07:50.000000000 +0900 ++++ Zend/zend_alloc.c +@@ -148,7 +148,11 @@ static zend_mm_segment* zend_mm_mem_mmap + { + zend_mm_segment *ret; + #ifdef HAVE_MREMAP ++#if defined(__NetBSD__) ++ ret = (zend_mm_segment*)mremap(segment, segment->size, segment, size, MREMAP_MAYMOVE); ++#else + ret = (zend_mm_segment*)mremap(segment, segment->size, size, MREMAP_MAYMOVE); ++#endif + if (ret == MAP_FAILED) { + #endif + ret = storage->handlers->_alloc(storage, size); diff --git a/lang/php5/patches/patch-ae b/lang/php5/patches/patch-ae new file mode 100644 index 00000000000..5dd475b8d45 --- /dev/null +++ b/lang/php5/patches/patch-ae @@ -0,0 +1,14 @@ +$NetBSD: patch-ae,v 1.1.2.2 2007/08/06 21:13:14 ghen Exp $ + +Fix for CVE-2007-3806. + +--- ext/standard/dir.c.orig 2007-02-25 02:16:23.000000000 +0900 ++++ ext/standard/dir.c +@@ -395,6 +395,7 @@ PHP_FUNCTION(glob) + } + #endif + ++ memset(&globbuf, 0, sizeof(glob_t)); + globbuf.gl_offs = 0; + if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) { + #ifdef GLOB_NOMATCH diff --git a/www/ap-php/Makefile b/www/ap-php/Makefile index b7dbd9d5baf..b3860e28502 100644 --- a/www/ap-php/Makefile +++ b/www/ap-php/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.14 2007/05/08 11:30:49 adrianp Exp $ +# $NetBSD: Makefile,v 1.14.2.1 2007/08/06 21:13:14 ghen Exp $ # PKGNAME= ${APACHE_PKG_PREFIX}-${PHP_PKG_PREFIX}-${PHP_BASE_VERS} +PKGREVISION= 1 COMMENT= Apache (${PKG_APACHE}) module for ${PKG_PHP} CONFLICTS= ap-php-[0-9]* diff --git a/www/php4/Makefile b/www/php4/Makefile index c65757b6929..afb9ed4e83d 100644 --- a/www/php4/Makefile +++ b/www/php4/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.78 2007/06/11 15:24:43 heinz Exp $ +# $NetBSD: Makefile,v 1.78.2.1 2007/08/06 21:13:14 ghen Exp $ PKGNAME= php-${PHP_BASE_VERS} +PKGREVISION= 1 CATEGORIES+= lang COMMENT= HTML-embedded scripting language diff --git a/www/php4/distinfo b/www/php4/distinfo index 2e345b9156f..5a29e586c3f 100644 --- a/www/php4/distinfo +++ b/www/php4/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.65 2007/05/06 19:50:18 adrianp Exp $ +$NetBSD: distinfo,v 1.65.2.1 2007/08/06 21:13:14 ghen Exp $ SHA1 (php-4.4.7.tar.bz2) = a6e2d6b5c5aa4e82a718563dc8dbb4b83fc91b78 RMD160 (php-4.4.7.tar.bz2) = 5eb44c4b7711111dcbc9117e21ad644e9e6562f3 @@ -15,3 +15,4 @@ SHA1 (patch-ak) = 1f9fbe26c7329e1d18eec053499ee2d574b5b970 SHA1 (patch-ap) = 2f852abd1e9d0f089add18b2eade2831253ad00e SHA1 (patch-at) = f8b3aebd61fe2d5b5a994e1d973424a1ed397f63 SHA1 (patch-au) = f9798aa440e174f65dde574c4f3b28183b3d18bc +SHA1 (patch-aw) = 2cdfd3c194c30f19a102bce66a68125ccfa59697 diff --git a/www/php4/patches/patch-aw b/www/php4/patches/patch-aw new file mode 100644 index 00000000000..1924f88efb2 --- /dev/null +++ b/www/php4/patches/patch-aw @@ -0,0 +1,14 @@ +$NetBSD: patch-aw,v 1.2.8.1 2007/08/06 21:13:15 ghen Exp $ + +Fix for CVE-2007-3806. + +--- ext/standard/dir.c.orig 2007-01-01 18:46:47.000000000 +0900 ++++ ext/standard/dir.c +@@ -382,6 +382,7 @@ PHP_FUNCTION(glob) + } + #endif + ++ memset(&globbuf, 0, sizeof(glob_t)); + globbuf.gl_offs = 0; + if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) { + #ifdef GLOB_NOMATCH |