summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsbd <sbd>2010-12-23 10:10:54 +0000
committersbd <sbd>2010-12-23 10:10:54 +0000
commit74934e6936a8c92f04c243cc18a220d4bbbe081c (patch)
treeac04f13fe7289460f2f374b49489b7c76659ccb4
parentda28a5e3168871a4094df953cac5bdcc189a342e (diff)
downloadpkgsrc-74934e6936a8c92f04c243cc18a220d4bbbe081c.tar.gz
Pullup ticket #3312 - requested by taca
pkgsrc/lang/{php5,php53} security fixes Revisions pulled up: - pkgsrc/databases/php-mysql/Makefile 1.14 - pkgsrc/databases/php-mysqli/Makefile 1.3 - pkgsrc/databases/php-pdo_mysql/Makefile 1.12 - pkgsrc/lang/php5/Makefile 1.80, 1.81 - pkgsrc/lang/php5/Makefile.common 1.43, 1.44 - pkgsrc/lang/php5/distinfo 1.80, 1.81, 1.82 - pkgsrc/lang/php5/patches/patch-ak 1.8, deleted - pkgsrc/lang/php5/patches/patch-bf 1.1, deleted - pkgsrc/lang/php5/patches/patch-bg 1.1, deleted - pkgsrc/lang/php53/Makefile 1.5, 1.6 - pkgsrc/lang/php53/Makefile.common 1.3 - pkgsrc/lang/php53/distinfo 1.7, 1.8 - pkgsrc/lang/php53/patches/patch-ab 1.3 - pkgsrc/lang/php53/patches/patch-am 1.1, deleted - pkgsrc/lang/php53/patches/patch-an 1.1, deleted - pkgsrc/lang/php53/patches/patch-ao 1.1, deleted - pkgsrc/lang/php53/patches/patch-ap 1.1, deleted - pkgsrc/lang/php53/patches/patch-aq 1.1, deleted - pkgsrc/mail/php-imap/Makefile 1.21, 1.22 - pkgsrc/www/ap-php/Makefile 1.24 - pkgsrc/www/php-eaccelerator/Makefile 1.13 ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:43:50 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq Log Message: - GC bug fix: http://svn.php.net/viewvc?view=revision&revision=303016 - CVE-2010-3710 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=303779 - CVE-2010-3870 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=304959 - CVE-2010-4150 (php-imap) http://svn.php.net/viewvc?view=revision&revision=305032 - CVE-2010-4156 (SA42135) http://svn.php.net/viewvc?view=revision&revision=305214 Bump PKGREVISION. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:44:16 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile distinfo Added Files: pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg Log Message: - CVE-2010-4150 (php-imap) http://svn.php.net/viewvc?view=revision&revision=305032 - CVE-2010-3710 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=303885 - CVE-2010-3870 (a part of SA41724) http://svn.php.net/viewvc?view=revision&revision=305055 Bump PKGREVISION. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 25 03:45:19 UTC 2010 Modified Files: pkgsrc/mail/php-imap: Makefile Log Message: Bump REVISION since CVE-2010-4150 fix was added. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:15:46 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile Makefile.common distinfo Removed Files: pkgsrc/lang/php5/patches: patch-ak patch-bf patch-bg Log Message: Update php5 package to 5.2.15 (PHP 5.2.15): The PHP development team would like to announce the immediate availability of PHP 5.2.15. This release marks the end of support for PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. This release focuses on improving the security and stability of the PHP 5.2.x branch with a small number, of predominatly security fixes. Security Enhancements and Fixes in PHP 5.2.15: * Fixed extract() to do not overwrite $GLOBALS and $this when using EXTR_OVERWRITE. * Fixed crash in zip extract method (possible CWE-170). * Fixed a possible double free in imap extension. * Fixed possible flaw in open_basedir (CVE-2010-3436). * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data). Key enhancements in PHP 5.2.15 include: * Fixed bug #47643 (array_diff() takes over 3000 times longer than php 5.2.4). * Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy with SoapClient object). * To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a migration guide available on http://php.net/migration53, details the changes between PHP 5.2 and PHP 5.3. For a full list of changes in PHP 5.2.15 see the ChangeLog at http://www.php.net/ChangeLog-5.php#5.2.15. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:16:37 UTC 2010 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common distinfo pkgsrc/lang/php53/patches: patch-ab Removed Files: pkgsrc/lang/php53/patches: patch-am patch-an patch-ao patch-ap patch-aq Log Message: Update lang/php53 package to 5.3.4 (PHP 5.3.4). The PHP development team is proud to announce the immediate release of PHP 5.3.4. This is a maintenance release in the 5.3 series, which includes a large number of bug fixes. Security Enhancements and Fixes in PHP 5.3.4: * Fixed crash in zip extract method (possible CWE-170). * Paths with NULL in them (foo\0bar.txt) are now considered as invalid (CVE-2006-7243). * Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150). * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709). * Fixed possible flaw in open_basedir (CVE-2010-3436). * Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). * Fixed symbolic resolution support when the target is a DFS share. * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) (CVE-2010-3710). Key Bug Fixes in PHP 5.3.4 include: * Added stat support for zip stream. * Added follow_location (enabled by default) option for the http stream support. * Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al. * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime. * Multiple improvements to the FPM SAPI. * Over 100 other bug fixes. For users upgrading from PHP 5.2 there is a migration guide available here, detailing the changes between those releases and PHP 5.3. For a full list of changes in PHP 5.3.4, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Mon Dec 13 13:18:20 UTC 2010 Modified Files: pkgsrc/databases/php-mysql: Makefile pkgsrc/databases/php-mysqli: Makefile pkgsrc/databases/php-pdo_mysql: Makefile pkgsrc/mail/php-imap: Makefile pkgsrc/www/ap-php: Makefile pkgsrc/www/php-eaccelerator: Makefile Log Message: Reset PKGREVISION by update of base PHP version. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Dec 16 14:20:45 UTC 2010 Modified Files: pkgsrc/lang/php5: Makefile.common distinfo Log Message: Update php5 pacakge to 5.2.16: PHP 5.2.16 Released! The PHP development team would like to announce the immediate availability of PHP 5.2.16. This release marks the end of support for PHP 5.2. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. This release focuses on addressing a regression in open_basedir implementation introduced in 5.2.15 in addition to fixing a crash inside PDO::pgsql on data retrieval when the server is down. All users who have upgraded to 5.2.15 and are utilizing open_basedir are strongly encouraged to upgrade to 5.2.16 or 5.3.4. To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a migration guide available on http://php.net/migration53, details the changes between PHP 5.2 and PHP 5.3. For a full list of changes in PHP 5.2.16 see the ChangeLog at http://www.php.net/ChangeLog-5.php#5.2.16. ChangeLog: Version 5.2.16 16-Dec-2010 * Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is down). (gyp at balabit dot hu) * Fixed bug #53516 (Regression in open_basedir handling). (Ilia)
-rw-r--r--databases/php-mysql/Makefile3
-rw-r--r--databases/php-mysqli/Makefile3
-rw-r--r--databases/php-pdo_mysql/Makefile3
-rw-r--r--lang/php5/Makefile.common4
-rw-r--r--lang/php5/distinfo11
-rw-r--r--lang/php53/Makefile.common4
-rw-r--r--lang/php53/distinfo13
-rw-r--r--lang/php53/patches/patch-ab24
-rw-r--r--www/ap-php/Makefile3
-rw-r--r--www/php-eaccelerator/Makefile3
10 files changed, 30 insertions, 41 deletions
diff --git a/databases/php-mysql/Makefile b/databases/php-mysql/Makefile
index 3a15f364f71..7c9de40441a 100644
--- a/databases/php-mysql/Makefile
+++ b/databases/php-mysql/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.13 2010/09/30 10:49:15 obache Exp $
+# $NetBSD: Makefile,v 1.13.2.1 2010/12/23 10:10:55 sbd Exp $
MODNAME= mysql
-PKGREVISION= 1
CATEGORIES+= databases
COMMENT= PHP extension for MySQL databases
diff --git a/databases/php-mysqli/Makefile b/databases/php-mysqli/Makefile
index 65b20d402ac..7072f10e28d 100644
--- a/databases/php-mysqli/Makefile
+++ b/databases/php-mysqli/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.2 2010/09/30 10:49:16 obache Exp $
+# $NetBSD: Makefile,v 1.2.2.1 2010/12/23 10:10:55 sbd Exp $
MODNAME= mysqli
-PKGREVISION= 1
CATEGORIES+= databases
COMMENT= PHP5 extension for MySQL 4.1 and later databases
diff --git a/databases/php-pdo_mysql/Makefile b/databases/php-pdo_mysql/Makefile
index a04fa57a405..ad5f4754c08 100644
--- a/databases/php-pdo_mysql/Makefile
+++ b/databases/php-pdo_mysql/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.11 2010/09/30 10:49:15 obache Exp $
+# $NetBSD: Makefile,v 1.11.2.1 2010/12/23 10:10:55 sbd Exp $
MODNAME= pdo_mysql
-PKGREVISION= 1
CATEGORIES+= databases
COMMENT= PHP extension for PHP Data Objects (MySQL)
diff --git a/lang/php5/Makefile.common b/lang/php5/Makefile.common
index 8b05c9261cd..dce070f0e39 100644
--- a/lang/php5/Makefile.common
+++ b/lang/php5/Makefile.common
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.42 2010/07/24 22:23:15 tron Exp $
+# $NetBSD: Makefile.common,v 1.42.2.1 2010/12/23 10:10:54 sbd Exp $
# used by lang/php5/Makefile.php
# used by lang/php/ext.mk
# used by meta-pkgs/php5-extensions/Makefile
@@ -41,7 +41,7 @@ EXTRACT_SUFX?= .tar.bz2
MAINTAINER?= jdolecek@NetBSD.org
HOMEPAGE?= http://www.php.net/
-PHP_BASE_VERS= 5.2.14
+PHP_BASE_VERS= 5.2.16
PHP_EXTENSION_DIR= lib/php/20040412
PLIST_SUBST+= PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR:Q}
diff --git a/lang/php5/distinfo b/lang/php5/distinfo
index 0e3ec25b6df..d5c907c3ae2 100644
--- a/lang/php5/distinfo
+++ b/lang/php5/distinfo
@@ -1,11 +1,8 @@
-$NetBSD: distinfo,v 1.79 2010/07/24 22:23:15 tron Exp $
+$NetBSD: distinfo,v 1.79.2.1 2010/12/23 10:10:54 sbd Exp $
-SHA1 (php-5.2.14/php-5.2.14.tar.bz2) = 311b44b2c0f2eea8ab8dab876d2a6b6e7a55632e
-RMD160 (php-5.2.14/php-5.2.14.tar.bz2) = f699488f5b266a1c5e36df570c4d5896dc4e0aea
-Size (php-5.2.14/php-5.2.14.tar.bz2) = 9055945 bytes
-SHA1 (php-5.2.14/suhosin-patch-5.2.14-0.9.7.patch.gz) = 0a12d3589f9c26dc7d6b6452ef7987b2e6527a30
-RMD160 (php-5.2.14/suhosin-patch-5.2.14-0.9.7.patch.gz) = bc7790cd36dc4101322684b754db3ca2d4385ba6
-Size (php-5.2.14/suhosin-patch-5.2.14-0.9.7.patch.gz) = 23057 bytes
+SHA1 (php-5.2.16/php-5.2.16.tar.bz2) = b4d11c6593614fa4ad8bf133f622208ee5e8e9af
+RMD160 (php-5.2.16/php-5.2.16.tar.bz2) = 2ab6de444af478f3b2b3a8a074c1656e8da0a4e1
+Size (php-5.2.16/php-5.2.16.tar.bz2) = 9090930 bytes
SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20
SHA1 (patch-af) = 68c5a31dccf1854ba1aff653e4c524767d6a64f6
SHA1 (patch-ag) = 5e3e822657925a77fbccaca63f283863a1cc6d94
diff --git a/lang/php53/Makefile.common b/lang/php53/Makefile.common
index 20440975e68..85934e5e9df 100644
--- a/lang/php53/Makefile.common
+++ b/lang/php53/Makefile.common
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.2 2010/07/24 22:23:37 tron Exp $
+# $NetBSD: Makefile.common,v 1.2.2.1 2010/12/23 10:10:54 sbd Exp $
# used by lang/php53/Makefile.php
# used by lang/php/ext.mk
# used by meta-pkgs/php53-extensions/Makefile
@@ -39,7 +39,7 @@ EXTRACT_SUFX?= .tar.bz2
MAINTAINER?= pkgsrc-users@NetBSD.org
HOMEPAGE?= http://www.php.net/
-PHP_BASE_VERS= 5.3.3
+PHP_BASE_VERS= 5.3.4
PHP_EXTENSION_DIR= lib/php/20090630
PLIST_SUBST+= PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR:Q}
diff --git a/lang/php53/distinfo b/lang/php53/distinfo
index 4995e348c53..64311fce55b 100644
--- a/lang/php53/distinfo
+++ b/lang/php53/distinfo
@@ -1,13 +1,10 @@
-$NetBSD: distinfo,v 1.6 2010/07/24 22:23:37 tron Exp $
+$NetBSD: distinfo,v 1.6.2.1 2010/12/23 10:10:54 sbd Exp $
-SHA1 (php-5.3.3/php-5.3.3.tar.bz2) = 9f66716b341119e4e4f8fe3d81b7d0a5daf3cbc8
-RMD160 (php-5.3.3/php-5.3.3.tar.bz2) = 9edb51663feac9b787f8382012893f1ac98fec6a
-Size (php-5.3.3/php-5.3.3.tar.bz2) = 10662227 bytes
-SHA1 (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 76675242cfdeff763767900213346af622002490
-RMD160 (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 8dcd8b51ea0357b6cc51e70e495e18f341c62f7c
-Size (php-5.3.3/suhosin-patch-5.3.3-0.9.10.patch.gz) = 41298 bytes
+SHA1 (php-5.3.4/php-5.3.4.tar.bz2) = 0b33926e78e1683e3383b3b5c840ee60ba669b0b
+RMD160 (php-5.3.4/php-5.3.4.tar.bz2) = dffbeced87117fd34c948de3ebdde01a25c24dae
+Size (php-5.3.4/php-5.3.4.tar.bz2) = 10804376 bytes
SHA1 (patch-aa) = f51491af7c577f36979fc07d52b5857368392e09
-SHA1 (patch-ab) = 8ac388f50afc03f3f4eacbfed42ae295a2e8d700
+SHA1 (patch-ab) = 7aeb5148056e7f0b150388c4cf60a139f6aeec44
SHA1 (patch-ac) = a896371d3343c07a5cf46c79d9ca9e1b2164797a
SHA1 (patch-ad) = 1608c58860a43b4e31df8646b5ded253ec9aa881
SHA1 (patch-ae) = e590db60a60f4e5ef2da4e5edb786335a67a3d56
diff --git a/lang/php53/patches/patch-ab b/lang/php53/patches/patch-ab
index ad8856baaaf..66735d6c9e2 100644
--- a/lang/php53/patches/patch-ab
+++ b/lang/php53/patches/patch-ab
@@ -1,17 +1,17 @@
-$NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
+$NetBSD: patch-ab,v 1.2.2.1 2010/12/23 10:10:54 sbd Exp $
---- configure.orig 2010-07-24 22:35:41.000000000 +0100
-+++ configure 2010-07-24 22:39:23.000000000 +0100
-@@ -13778,7 +13778,7 @@
+--- configure.orig 2010-12-08 21:46:58.000000000 +0000
++++ configure
+@@ -13699,7 +13699,7 @@ EOF
PHP_VAR_SUBST="$PHP_VAR_SUBST SAPI_CGI_PATH"
- INSTALL_IT="@echo \"Installing PHP CGI binary: \$(INSTALL_ROOT)\$(bindir)/\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH) \$(INSTALL_ROOT)\$(bindir)/\$(program_prefix)php-cgi\$(program_suffix)\$(EXEEXT)"
+ INSTALL_IT="@echo \"Installing PHP CGI binary: \$(INSTALL_ROOT)@CGIDIR@\"; \$(INSTALL) -m 0755 \$(SAPI_CGI_PATH) \$(INSTALL_ROOT)@CGIDIR@/php"
- PHP_SAPI=cgi
-
-@@ -23206,7 +23206,7 @@
+ if test "$PHP_SAPI" != "default"; then
+ { echo "configure: error:
+@@ -22963,7 +22963,7 @@ fi
if test "$found_openssl" = "no"; then
if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -20,7 +20,7 @@ $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
fi
for i in $PHP_OPENSSL_DIR; do
-@@ -25179,7 +25179,7 @@
+@@ -24930,7 +24930,7 @@ echo "configure:24910: checking bundled
PHP_SQLITE3_CFLAGS="-I@ext_srcdir@/libsqlite $other_flags $threadsafe_flags $debug_flags"
@@ -29,7 +29,7 @@ $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
unique=`echo $header_file|$SED 's/[^a-zA-Z0-9]/_/g'`
-@@ -36124,7 +36124,7 @@
+@@ -35788,7 +35788,7 @@ fi
if test "$found_openssl" = "no"; then
if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -38,7 +38,7 @@ $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
fi
for i in $PHP_OPENSSL_DIR; do
-@@ -50201,7 +50201,7 @@
+@@ -49814,7 +49814,7 @@ fi
if test "$found_openssl" = "no"; then
if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -47,7 +47,7 @@ $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
fi
for i in $PHP_OPENSSL_DIR; do
-@@ -84421,7 +84421,7 @@
+@@ -83900,7 +83900,7 @@ fi
if test "$found_openssl" = "no"; then
if test "$PHP_OPENSSL_DIR" = "yes"; then
@@ -56,7 +56,7 @@ $NetBSD: patch-ab,v 1.2 2010/07/24 22:23:37 tron Exp $
fi
for i in $PHP_OPENSSL_DIR; do
-@@ -107682,12 +107682,7 @@
+@@ -107040,12 +107040,7 @@ old_CC=$CC
if test "$PHP_THREAD_SAFETY" = "yes" && test -n "$ac_cv_pthreads_cflags"; then
CXXFLAGS="$CXXFLAGS $ac_cv_pthreads_cflags"
INLINE_CFLAGS="$INLINE_CFLAGS $ac_cv_pthreads_cflags"
diff --git a/www/ap-php/Makefile b/www/ap-php/Makefile
index 7a69e24bba9..28648d5a3a5 100644
--- a/www/ap-php/Makefile
+++ b/www/ap-php/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.23 2010/03/16 15:36:39 taca Exp $
+# $NetBSD: Makefile,v 1.23.6.1 2010/12/23 10:10:55 sbd Exp $
#
PKGNAME= ${APACHE_PKG_PREFIX}-${PHP_PKG_PREFIX}-${PHP_BASE_VERS}
-PKGREVISION= 1
COMMENT= Apache (${PKG_APACHE}) module for ${PKG_PHP}
PKG_DESTDIR_SUPPORT= user-destdir
diff --git a/www/php-eaccelerator/Makefile b/www/php-eaccelerator/Makefile
index 8be747d6408..272dd05e290 100644
--- a/www/php-eaccelerator/Makefile
+++ b/www/php-eaccelerator/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.12 2010/10/02 19:11:35 jdolecek Exp $
+# $NetBSD: Makefile,v 1.12.2.1 2010/12/23 10:10:55 sbd Exp $
MODNAME= eaccelerator
PECL_VERSION= 0.9.6
-PKGREVISION= 1
CATEGORIES+= sysutils
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=eaccelerator/} \
http://bart.eaccelerator.net/source/${PECL_VERSION}/