Pullup ticket #3312 - requested by taca

pkgsrc/lang/{php5,php53} security fixes Revisions pulled up: - pkgsrc/databases/php-mysql/Makefile 1.14 - pkgsrc/databases/php-mysqli/Makefile 1.3 - pkgsrc/databases/php-pdo_mysql/Makefile 1.12 - pkgsrc/lang/php5/Makefile 1.80, 1.81 - pkgsrc/lang/php5/Makefile.common 1.43, 1.44 - pkgsrc/lang/php5/distinfo 1.80, 1.81, 1.82 - pkgsrc/lang/php5/patches/patch-ak 1.8, deleted - pkgsrc/lang/php5/patches/patch-bf 1.1, deleted - pkgsrc/lang/php5/patches/patch-bg 1.1, deleted - pkgsrc/lang/php53/Makefile 1.5, 1.6 - pkgsrc/lang/php53/Makefile.common 1.3 - pkgsrc/lang/php53/distinfo 1.7, 1.8 - pkgsrc/lang/php53/patches/patch-ab 1.3 - pkgsrc/lang/php53/patches/patch-am 1.1, deleted - pkgsrc/lang/php53/patches/patch-an 1.1, deleted - pkgsrc/lang/php53/patches/patch-ao 1.1, deleted - pkgsrc/lang/php53/patches/patch-ap 1.1, deleted - pkgsrc/lang/php53/patches/patch-aq 1.1, deleted - pkgsrc/mail/php-imap/Makefile 1.21, 1.22 - pkgsrc/www/ap-php/Makefile 1.24 - pkgsrc/www/php-eaccelerator/Makefile 1.13 ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:43:50 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq Log Message: - GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016 - CVE-2010-3710 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=303779 - CVE-2010-3870 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=304959 - CVE-2010-4150 (php-imap) http://svn.php.net/viewvc?view=revision&revision=305032 - CVE-2010-4156 (SA42135) http://svn.php.net/viewvc?view=revision&revision=305214 Bump PKGREVISION. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:44:16 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile distinfo Added Files: pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg Log Message: - CVE-2010-4150 (php-imap) http://svn.php.net/viewvc?view=revision&revision=305032 - CVE-2010-3710 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=303885 - CVE-2010-3870 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=305055 Bump PKGREVISION. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:45:19 UTC 2010 Modified Files: pkgsrc/mail/php-imap: Makefile Log Message: Bump REVISION since CVE-2010-4150 fix was added. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:15:46 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile Makefile.common distinfo Removed Files: pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg Log Message: Update php5 package to 5.2.15 (PHP 5.2.15): The PHP development team would like to announce the immediate availability of PHP 5.2.15. This release marks the end of support for PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. This release focuses on improving the security and stability of the PHP 5.2.x branch with a small number, of predominatly security fixes. Security Enhancements and Fixes in PHP 5.2.15: * Fixed extract() to do not overwrite $GLOBALS and $this when using EXTR_OVERWRITE. * Fixed crash in zip extract method (possible CWE-170). * Fixed a possible double free in imap extension. * Fixed possible flaw in open_basedir (CVE-2010-3436). * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data). Key enhancements in PHP 5.2.15 include: * Fixed bug #47643 (array_diff() takes over 3000 times longer than php 5.2.4). * Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy with SoapClient object). * To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a migration guide available on http://php.net/migration53, details the changes between PHP 5.2 and PHP 5.3. For a full list of changes in PHP 5.2.15 see the ChangeLog at http://www.php.net/ChangeLog-5.php#5.2.15. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:16:37 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common distinfo pkgsrc/lang/php53/patches: patch-ab Removed Files: pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq Log Message: Update lang/php53 package to 5.3.4 (PHP 5.3.4). The PHP development team is proud to announce the immediate release of PHP 5.3.4. This is a maintenance release in the 5.3 series, which includes a large number of bug fixes. Security Enhancements and Fixes in PHP 5.3.4: * Fixed crash in zip extract method (possible CWE-170). * Paths with NULL in them (foo\0bar.txt) are now considered as invalid (CVE-2006-7243). * Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150). * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). * Fixed possible flaw in open_basedir (CVE-2010-3436). * Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). * Fixed symbolic resolution support when the target is a DFS share. * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) (CVE-2010-3710). Key Bug Fixes in PHP 5.3.4 include: * Added stat support for zip stream. * Added follow_location (enabled by default) option for the http stream support. * Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al. * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime. * Multiple improvements to the FPM SAPI. * Over 100 other bug fixes. For users upgrading from PHP 5.2 there is a migration guide available here, detailing the changes between those releases and PHP 5.3. For a full list of changes in PHP 5.3.4, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:18:20 UTC 2010 Modified Files: pkgsrc/databases/php-mysql: Makefile pkgsrc/databases/php-mysqli: Makefile pkgsrc/databases/php-pdo_mysql: Makefile pkgsrc/mail/php-imap: Makefile pkgsrc/www/ap-php: Makefile pkgsrc/www/php-eaccelerator: Makefile Log Message: Reset PKGREVISION by update of base PHP version. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Dec 16 14:20:45 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile.common distinfo Log Message: Update php5 pacakge to 5.2.16: PHP 5.2.16 Released! The PHP development team would like to announce the immediate availability of PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. This release focuses on addressing a regression in open_basedir implementation introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data retrieval when the server is down. All users who have upgraded to 5.2.15 and are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or 5.3.4. To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a migration guide available on http://php.net/migration53, details the changes between PHP 5.2 and PHP 5.3. For a full list of changes in PHP 5.2.16 see the ChangeLog at http://www.php.net/ChangeLog-5.php#5.2.16. ChangeLog: Version 5.2.16 16-Dec-2010 * Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is down). (gyp at balabit dot hu) * Fixed bug #53516 (Regression in open_basedir handling). (Ilia)
author: sbd <sbd@pkgsrc.org> 2010-12-23 10:10:54 +0000
committer: sbd <sbd@pkgsrc.org> 2010-12-23 10:10:54 +0000
commit: caf70e58660ae9da05ae145f50a120f40747acac (patch)
tree: ac04f13fe7289460f2f374b49489b7c76659ccb4
parent: 9be04b8ad1aac5f80f7b4bd5f7aae75941342557 (diff)
download: pkgsrc-caf70e58660ae9da05ae145f50a120f40747acac.tar.gz
10 files changed, 30 insertions, 41 deletions
diff --git a/databases/php-mysql/Makefile b/databases/php-mysql/Makefile
index 3a15f364f71..7c9de40441a 100644
--- a/databases/php-mysql/Makefile
+++ b/databases/php-mysql/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.13 2010/09/30 10:49:15 obache Exp $
+# $NetBSD: Makefile,v 1.13.2.1 2010/12/23 10:10:55 sbd Exp $
 
 MODNAME=		mysql
-PKGREVISION=		1
 CATEGORIES+=		databases
 COMMENT=		PHP extension for MySQL databases
 
diff --git a/databases/php-mysqli/Makefile b/databases/php-mysqli/Makefile
index 65b20d402ac..7072f10e28d 100644
--- a/databases/php-mysqli/Makefile
+++ b/databases/php-mysqli/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.2 2010/09/30 10:49:16 obache Exp $
+# $NetBSD: Makefile,v 1.2.2.1 2010/12/23 10:10:55 sbd Exp $
 
 MODNAME=		mysqli
-PKGREVISION=		1
 CATEGORIES+=		databases
 COMMENT=		PHP5 extension for MySQL 4.1 and later databases
 
diff --git a/databases/php-pdo_mysql/Makefile b/databases/php-pdo_mysql/Makefile
index a04fa57a405..ad5f4754c08 100644
--- a/databases/php-pdo_mysql/Makefile
+++ b/databases/php-pdo_mysql/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.11 2010/09/30 10:49:15 obache Exp $
+# $NetBSD: Makefile,v 1.11.2.1 2010/12/23 10:10:55 sbd Exp $
 
 MODNAME=		pdo_mysql
-PKGREVISION=		1
 CATEGORIES+=		databases
 COMMENT=		PHP extension for PHP Data Objects (MySQL)
 
diff --git a/lang/php5/Makefile.common b/lang/php5/Makefile.common
index 8b05c9261cd..dce070f0e39 100644
--- a/lang/php5/Makefile.common
+++ b/lang/php5/Makefile.common
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.42 2010/07/24 22:23:15 tron Exp $
+# $NetBSD: Makefile.common,v 1.42.2.1 2010/12/23 10:10:54 sbd Exp $
 # used by lang/php5/Makefile.php
 # used by lang/php/ext.mk
 # used by meta-pkgs/php5-extensions/Makefile
@@ -41,7 +41,7 @@ EXTRACT_SUFX?=		.tar.bz2
 MAINTAINER?=		jdolecek@NetBSD.org
 HOMEPAGE?=		http://www.php.net/
 
-PHP_BASE_VERS=		5.2.14
+PHP_BASE_VERS=		5.2.16
 
 PHP_EXTENSION_DIR=	lib/php/20040412
 PLIST_SUBST+=		PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR:Q}
diff --git a/lang/php5/distinfo b/lang/php5/distinfo
index 0e3ec25b6df..d5c907c3ae2 100644
--- a/lang/php5/distinfo
+++ b/lang/php5/distinfo
@@ -1,11 +1,8 @@
-$NetBSD: distinfo,v 1.79 2010/07/24 22:23:15 tron Exp $
+$NetBSD: distinfo,v 1.79.2.1 2010/12/23 10:10:54 sbd Exp $
 
-SHA1 (php-5.2.14/php-5.2.14.tar.bz2) = 311b44b2c0f2eea8ab8dab876d2a6b6e7a55632e
-RMD160 (php-5.2.14/php-5.2.14.tar.bz2) = f699488f5b266a1c5e36df570c4d5896dc4e0aea
-Size (php-5.2.14/php-5.2.14.tar.bz2) = 9055945 bytes
-SHA1 (php-5.2.14/suhosin-patch-5.2.14-0.9.7.patch.gz) = 0a12d3589f9c26dc7d6b6452ef7987b2e6527a30
-RMD160 (php-5.2.14/suhosin-patch-5.2.14-0.9.7.patch.gz) = bc7790cd36dc4101322684b754db3ca2d4385ba6
-Size (php-5.2.14/suhosin-patch-5.2.14-0.9.7.patch.gz) = 23057 bytes
+SHA1 (php-5.2.16/php-5.2.16.tar.bz2) = b4d11c6593614fa4ad8bf133f622208ee5e8e9af
+RMD160 (php-5.2.16/php-5.2.16.tar.bz2) = 2ab6de444af478f3b2b3a8a074c1656e8da0a4e1
+Size (php-5.2.16/php-5.2.16.tar.bz2) = 9090930 bytes
 SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20
 SHA1 (patch-af) = 68c5a31dccf1854ba1aff653e4c524767d6a64f6
 SHA1 (patch-ag) = 5e3e822657925a77fbccaca63f283863a1cc6d94
diff --git a/lang/php53/Makefile.common b/lang/php53/Makefile.common
index 20440975e68..85934e5e9df 100644
--- a/lang/php53/Makefile.common
+++ b/lang/php53/Makefile.common
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.2 2010/07/24 22:23:37 tron Exp $
+# $NetBSD: Makefile.common,v 1.2.2.1 2010/12/23 10:10:54 sbd Exp $
 # used by lang/php53/Makefile.php
 # used by lang/php/ext.mk
 # used by meta-pkgs/php53-extensions/Makefile
@@ -39,7 +39,7 @@ EXTRACT_SUFX?=		.tar.bz2
 MAINTAINER?=		pkgsrc-users@NetBSD.org
 HOMEPAGE?=		http://www.php.net/
 
-PHP_BASE_VERS=		5.3.3
+PHP_BASE_VERS=		5.3.4
 
 PHP_EXTENSION_DIR=	lib/php/20090630
 PLIST_SUBST+=		PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR:Q}
diff --git a/lang/php53/distinfo b/lang/php53/distinfo
index 4995e348c53..64311fce55b 100644
--- a/lang/php53/distinfo
+++ b/lang/php53/distinfo
@@ -1,13 +1,10 @@
-$NetBSD: distinfo,v 1.6 2010/07/24 22:23:37 tron Exp $
+$NetBSD: distinfo,v 1.6.2.1 2010/12/23 10:10:54 sbd Exp $
 
-SHA1 (php-5.3.3/php-5.3.3.tar.bz2) = 9f66716b341119e4e4f8fe3d81b7d0a5daf3cbc8
-RMD160 (php-5.3.3/php-5.3.3.tar.bz2) = 9edb51663feac9b787f8382012893f1ac98fec6a
-Size (php-5.3.3/php-5.3.3.tar.bz2) = 10662227 bytes
-SHA1 (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 76675242cfdeff763767900213346af622002490
-RMD160 (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 8dcd8b51ea0357b6cc51e70e495e18f341c62f7c
-Size (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 41298 bytes
+SHA1 (php-5.3.4/php-5.3.4.tar.bz2) = 0b33926e78e1683e3383b3b5c840ee60ba669b0b
+RMD160 (php-5.3.4/php-5.3.4.tar.bz2) = dffbeced87117fd34c948de3ebdde01a25c24dae
+Size (php-5.3.4/php-5.3.4.tar.bz2) = 10804376 bytes
 SHA1 (patch-aa) = f51491af7c577f36979fc07d52b5857368392e09
-SHA1 (patch-ab) = 8ac388f50afc03f3f4eacbfed42ae295a2e8d700
+SHA1 (patch-ab) = 7aeb5148056e7f0b150388c4cf60a139f6aeec44
 SHA1 (patch-ac) = a896371d3343c07a5cf46c79d9ca9e1b2164797a
 SHA1 (patch-ad) = 1608c58860a43b4e31df8646b5ded253ec9aa881
 SHA1 (patch-ae) = e590db60a60f4e5ef2da4e5edb786335a67a3d56
diff --git a/lang/php53/patches/patch-ab b/lang/php53/patches/patch-ab
index ad8856baaaf..66735d6c9e2 100644
--- a/lang/php53/patches/patch-ab
+++ b/lang/php53/patches/patch-ab
@@ -1,17 +1,17 @@
-$NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
+$NetBSD: patch-ab,v 1.2.2.1 2010/12/23 10:10:54 sbd Exp $
 
---- configure.orig	2010-07-24 22:35:41.000000000 +0100
-+++ configure	2010-07-24 22:39:23.000000000 +0100
-@@ -13778,7 +13778,7 @@
+--- configure.orig	2010-12-08 21:46:58.000000000 +0000
++++ configure
+@@ -13699,7 +13699,7 @@ EOF
    PHP_VAR_SUBST="$PHP_VAR_SUBST SAPI_CGI_PATH"
  
  
 -        INSTALL_IT="@echo \"Installing PHP CGI binary: \$(INSTALL_ROOT)\$(bindir)/\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH) \$(INSTALL_ROOT)\$(bindir)/\$(program_prefix)php-cgi\$(program_suffix)\$(EXEEXT)"
 +        INSTALL_IT="@echo \"Installing PHP CGI binary: \$(INSTALL_ROOT)@CGIDIR@\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH) \$(INSTALL_ROOT)@CGIDIR@/php"
      
-   PHP_SAPI=cgi
-   
-@@ -23206,7 +23206,7 @@
+   if test "$PHP_SAPI" != "default"; then
+ { echo "configure: error: 
+@@ -22963,7 +22963,7 @@ fi
      if test "$found_openssl" = "no"; then
    
      if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -20,7 +20,7 @@ $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
      fi
  
      for i in $PHP_OPENSSL_DIR; do
-@@ -25179,7 +25179,7 @@
+@@ -24930,7 +24930,7 @@ echo "configure:24910: checking bundled 
      PHP_SQLITE3_CFLAGS="-I@ext_srcdir@/libsqlite $other_flags $threadsafe_flags $debug_flags"
      
    
@@ -29,7 +29,7 @@ $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
        
    
    unique=`echo $header_file|$SED 's/[^a-zA-Z0-9]/_/g'`
-@@ -36124,7 +36124,7 @@
+@@ -35788,7 +35788,7 @@ fi
      if test "$found_openssl" = "no"; then
    
      if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -38,7 +38,7 @@ $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
      fi
  
      for i in $PHP_OPENSSL_DIR; do
-@@ -50201,7 +50201,7 @@
+@@ -49814,7 +49814,7 @@ fi
      if test "$found_openssl" = "no"; then
    
      if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -47,7 +47,7 @@ $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
      fi
  
      for i in $PHP_OPENSSL_DIR; do
-@@ -84421,7 +84421,7 @@
+@@ -83900,7 +83900,7 @@ fi
      if test "$found_openssl" = "no"; then
    
      if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -56,7 +56,7 @@ $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
      fi
  
      for i in $PHP_OPENSSL_DIR; do
-@@ -107682,12 +107682,7 @@
+@@ -107040,12 +107040,7 @@ old_CC=$CC
  if test "$PHP_THREAD_SAFETY" = "yes" && test -n "$ac_cv_pthreads_cflags"; then
    CXXFLAGS="$CXXFLAGS $ac_cv_pthreads_cflags"
    INLINE_CFLAGS="$INLINE_CFLAGS $ac_cv_pthreads_cflags"
diff --git a/www/ap-php/Makefile b/www/ap-php/Makefile
index 7a69e24bba9..28648d5a3a5 100644
--- a/www/ap-php/Makefile
+++ b/www/ap-php/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.23 2010/03/16 15:36:39 taca Exp $
+# $NetBSD: Makefile,v 1.23.6.1 2010/12/23 10:10:55 sbd Exp $
 #
 
 PKGNAME=		${APACHE_PKG_PREFIX}-${PHP_PKG_PREFIX}-${PHP_BASE_VERS}
-PKGREVISION=		1
 COMMENT=		Apache (${PKG_APACHE}) module for ${PKG_PHP}
 
 PKG_DESTDIR_SUPPORT=	user-destdir
diff --git a/www/php-eaccelerator/Makefile b/www/php-eaccelerator/Makefile
index 8be747d6408..272dd05e290 100644
--- a/www/php-eaccelerator/Makefile
+++ b/www/php-eaccelerator/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.12 2010/10/02 19:11:35 jdolecek Exp $
+# $NetBSD: Makefile,v 1.12.2.1 2010/12/23 10:10:55 sbd Exp $
 
 MODNAME=	eaccelerator
 PECL_VERSION=	0.9.6
-PKGREVISION=	1
 CATEGORIES+=	sysutils
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=eaccelerator/} \
 		http://bart.eaccelerator.net/source/${PECL_VERSION}/
author	sbd <sbd@pkgsrc.org>	2010-12-23 10:10:54 +0000
committer	sbd <sbd@pkgsrc.org>	2010-12-23 10:10:54 +0000
commit	caf70e58660ae9da05ae145f50a120f40747acac (patch)
tree	ac04f13fe7289460f2f374b49489b7c76659ccb4
parent	9be04b8ad1aac5f80f7b4bd5f7aae75941342557 (diff)
download	pkgsrc-caf70e58660ae9da05ae145f50a120f40747acac.tar.gz