diff options
| author | taca <taca@pkgsrc.org> | 2012-06-16 01:27:24 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2012-06-16 01:27:24 +0000 |
| commit | c95c9fcc2dda53bb006ccf278fbdeebc39b7eabb (patch) | |
| tree | 105c6a9f85561f9bff4e276a4240d2fbd5873117 /lang/php53 | |
| parent | ff816060bd39b709e662c5359d1d123457590836 (diff) | |
| download | pkgsrc-c95c9fcc2dda53bb006ccf278fbdeebc39b7eabb.tar.gz | |
Update php53 to 5.3.14 (PHP 5.3.14).
Version 5.3.14
06-June-2012
* CLI SAPI
- Fixed bug #61546 (functions related to current script failed when
chdir() in cli sapi)
* Core
- Fixed CVE-2012-2143
- Fixed bug #62005 (unexpected behavior when incrementally assigning to a
member of a null object)
- Fixed bug #61730 (Segfault from array_walk modifying an array passed by
reference)
- Fixed missing bound check in iptcparse()
- Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64)
- Fixed bug #54197 ([PATH=] sections incompatibility with
user_ini.filename set to null)
- Fixed bug #61713 (Logic error in charset detection for htmlentities)
- Fixed bug #61991 (long overflow in realpath_cache_get())
- Changed php://fd to be available only for CLI.
* CURL
- Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
* COM
- Fixed bug #62146 com_dotnet cannot be built shared
* Fileinfo
- Fixed bug #61812 (Uninitialised value used in libmagic)
* Iconv
- Fixed a bug that iconv extension fails to link to the correct library
when another extension makes use of a library that links to the iconv
library. See https://bugs.gentoo.org/show_bug.cgi?id=364139 for detail
* Intl
- Fixed bug #62082 (Memory corruption in internal function
get_icu_disp_value_src_php()
* JSON
- Fixed bug #61537 (json_encode() incorrectly truncates/discards
information)
* PDO
- Fixed bug #61755 (A parsing bug in the prepared statements can lead to
access violations)
* Phar
- Fixed bug #61065 (Secunia SA44335)
* Streams
- Fixed bug #61961 (file_get_contents leaks when access empty file with
maxlen set)
Diffstat (limited to 'lang/php53')
| -rw-r--r-- | lang/php53/Makefile | 3 | ||||
| -rw-r--r-- | lang/php53/Makefile.common | 4 | ||||
| -rw-r--r-- | lang/php53/Makefile.php | 4 | ||||
| -rw-r--r-- | lang/php53/distinfo | 10 | ||||
| -rw-r--r-- | lang/php53/patches/patch-ext_phar_tar.c | 23 | ||||
| -rw-r--r-- | lang/php53/patches/patch-ext_standard_crypt__freesec.c | 16 |
6 files changed, 9 insertions, 51 deletions
diff --git a/lang/php53/Makefile b/lang/php53/Makefile index 0d5e0490019..1c175963e94 100644 --- a/lang/php53/Makefile +++ b/lang/php53/Makefile @@ -1,10 +1,9 @@ -# $NetBSD: Makefile,v 1.31 2012/06/14 07:43:11 sbd Exp $ +# $NetBSD: Makefile,v 1.32 2012/06/16 01:27:24 taca Exp $ # # We can't omit PKGNAME here to handle PKG_OPTIONS. # PKGNAME= php-${PHP_BASE_VERS} -PKGREVISION= 3 CATEGORIES= lang HOMEPAGE= http://www.php.net/ diff --git a/lang/php53/Makefile.common b/lang/php53/Makefile.common index fd6e6567251..7b7459902b1 100644 --- a/lang/php53/Makefile.common +++ b/lang/php53/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.13 2012/05/09 06:52:51 taca Exp $ +# $NetBSD: Makefile.common,v 1.14 2012/06/16 01:27:24 taca Exp $ # used by lang/php53/Makefile.php # used by lang/php/ext.mk # used by meta-pkgs/php53-extensions/Makefile @@ -38,7 +38,7 @@ EXTRACT_SUFX?= .tar.bz2 MAINTAINER?= pkgsrc-users@NetBSD.org HOMEPAGE?= http://www.php.net/ -PHP_BASE_VERS= 5.3.13 +PHP_BASE_VERS= 5.3.14 PHP_EXTENSION_DIR= lib/php/20090630 PLIST_SUBST+= PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR} diff --git a/lang/php53/Makefile.php b/lang/php53/Makefile.php index a79c30e4cab..030b093d484 100644 --- a/lang/php53/Makefile.php +++ b/lang/php53/Makefile.php @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.php,v 1.17 2012/05/13 16:11:19 taca Exp $ +# $NetBSD: Makefile.php,v 1.18 2012/06/16 01:27:24 taca Exp $ # used by lang/php53/Makefile # used by www/ap-php/Makefile @@ -58,7 +58,7 @@ PKG_SUGGESTED_OPTIONS+= inet6 ssl .if !empty(PKG_OPTIONS:Msuhosin) SUHOSIN_PHPVER= 5.3.9 -. if ${SUHOSIN_PHPVER} != ${PHP_BASE_VERS} && ${PHP_BASE_VERS} != 5.3.13 +. if ${SUHOSIN_PHPVER} != ${PHP_BASE_VERS} && ${PHP_BASE_VERS} != 5.3.14 PKG_FAIL_REASON+= "The suhosin patch is currently not available for" PKG_FAIL_REASON+= "this version of PHP. You may have to wait until" PKG_FAIL_REASON+= "an updated patch is released or temporarily" diff --git a/lang/php53/distinfo b/lang/php53/distinfo index 23801896690..14ffed15a35 100644 --- a/lang/php53/distinfo +++ b/lang/php53/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.44 2012/06/12 14:45:51 taca Exp $ +$NetBSD: distinfo,v 1.45 2012/06/16 01:27:24 taca Exp $ -SHA1 (php-5.3.13.tar.bz2) = 8a52dae3fc9e27814c15fc0ebd744bee38305248 -RMD160 (php-5.3.13.tar.bz2) = 1ad55e7bd1262471c66d2236fbba76c137960029 -Size (php-5.3.13.tar.bz2) = 11396389 bytes +SHA1 (php-5.3.14.tar.bz2) = 71f3840395eb35f730d8dd255513e4ebdae4b1b0 +RMD160 (php-5.3.14.tar.bz2) = 07a798ee7f8ce1818be09e7aee0f6014160145f9 +Size (php-5.3.14.tar.bz2) = 11408016 bytes SHA1 (suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed RMD160 (suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 Size (suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes @@ -17,8 +17,6 @@ SHA1 (patch-ah) = b20c29c64b3099f77855a5ec28960dc1c4f65c83 SHA1 (patch-ai) = d4766893a2c47a4e4a744248dda265b0a9a66a1f SHA1 (patch-aj) = d611d13fcc28c5d2b9e9586832ce4b8ae5707b48 SHA1 (patch-al) = fbbee5502e0cd1c47c6e7c15e0d54746414ec32e -SHA1 (patch-ext_phar_tar.c) = a19b4e6c2e663dbd254dbb1d5bb25de57d6cef27 SHA1 (patch-ext_standard_basic__functions.c) = 18596d281017760293189d87d19de9c5c772232d -SHA1 (patch-ext_standard_crypt__freesec.c) = 5851993e4197bec2b61d6e58601173d564fed112 SHA1 (patch-main_streams_cast.c) = c169ccb73dc660e40eff9f9e168374f35eedadad SHA1 (patch-php__mssql.c) = b46c688ff2d8da33ca2f9beb0eb9182b6edf7e23 diff --git a/lang/php53/patches/patch-ext_phar_tar.c b/lang/php53/patches/patch-ext_phar_tar.c deleted file mode 100644 index 9586abfdd70..00000000000 --- a/lang/php53/patches/patch-ext_phar_tar.c +++ /dev/null @@ -1,23 +0,0 @@ -$NetBSD: patch-ext_phar_tar.c,v 1.1 2012/06/12 14:45:51 taca Exp $ - -Fix for http://secunia.com/advisories/44335/, also CVE-2012-2386. - ---- ext/phar/tar.c.orig 2012-05-08 09:22:27.000000000 +0000 -+++ ext/phar/tar.c -@@ -337,6 +337,16 @@ bail: - last_was_longlink = 1; - /* support the ././@LongLink system for storing long filenames */ - entry.filename_len = entry.uncompressed_filesize; -+ -+ /* Check for overflow - bug 61065 */ -+ if (entry.filename_len == UINT_MAX) { -+ if (error) { -+ spprintf(error, 4096, "phar error: \"%s\" is a corrupted tar file (invalid entry size)", fname); -+ } -+ php_stream_close(fp); -+ phar_destroy_phar_data(myphar TSRMLS_CC); -+ return FAILURE; -+ } - entry.filename = pemalloc(entry.filename_len+1, myphar->is_persistent); - - read = php_stream_read(fp, entry.filename, entry.filename_len); diff --git a/lang/php53/patches/patch-ext_standard_crypt__freesec.c b/lang/php53/patches/patch-ext_standard_crypt__freesec.c deleted file mode 100644 index c9bc743a103..00000000000 --- a/lang/php53/patches/patch-ext_standard_crypt__freesec.c +++ /dev/null @@ -1,16 +0,0 @@ -$NetBSD: patch-ext_standard_crypt__freesec.c,v 1.1 2012/05/31 15:58:10 taca Exp $ - -Fix for CVE_2012-2143. - ---- ext/standard/crypt_freesec.c.orig 2012-05-08 09:22:27.000000000 +0000 -+++ ext/standard/crypt_freesec.c -@@ -629,7 +629,8 @@ _crypt_extended_r(const char *key, const - */ - q = (u_char *) keybuf; - while (q - (u_char *) keybuf < sizeof(keybuf)) { -- if ((*q++ = *key << 1)) -+ *q++ = *key << 1; -+ if (*key) - key++; - } - if (des_setkey((u_char *) keybuf, data)) |