diff options
| author | taca <taca@pkgsrc.org> | 2013-12-05 16:16:40 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2013-12-05 16:16:40 +0000 |
| commit | fa3dae632a7bd8b3412bcc55b4e4e500e79cf89c (patch) | |
| tree | a415a96be2d23371905dfd95a397d299bcfa9427 /lang/php53 | |
| parent | e3d429323769013e8dab805d9cbaa81b949330dd (diff) | |
| download | pkgsrc-fa3dae632a7bd8b3412bcc55b4e4e500e79cf89c.tar.gz | |
Add fix for CVE-2013-6712, ext/date DoS vulnerability.
Bump PKGREVISION.
Diffstat (limited to 'lang/php53')
| -rw-r--r-- | lang/php53/Makefile | 4 | ||||
| -rw-r--r-- | lang/php53/distinfo | 4 | ||||
| -rw-r--r-- | lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.c | 15 | ||||
| -rw-r--r-- | lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.re | 15 |
4 files changed, 35 insertions, 3 deletions
diff --git a/lang/php53/Makefile b/lang/php53/Makefile index c327b4f69fa..e34f8ab6579 100644 --- a/lang/php53/Makefile +++ b/lang/php53/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.43 2013/08/14 15:42:56 taca Exp $ +# $NetBSD: Makefile,v 1.44 2013/12/05 16:16:40 taca Exp $ # # We can't omit PKGNAME here to handle PKG_OPTIONS. # PKGNAME= php-${PHP_BASE_VERS} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= lang HOMEPAGE= http://www.php.net/ diff --git a/lang/php53/distinfo b/lang/php53/distinfo index 2b319c58c92..ed7fde9c82c 100644 --- a/lang/php53/distinfo +++ b/lang/php53/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.68 2013/08/16 00:38:13 taca Exp $ +$NetBSD: distinfo,v 1.69 2013/12/05 16:16:40 taca Exp $ SHA1 (php-5.3.27.tar.bz2) = 4f95682940ebe1bc1a93812d593460625a2aae64 RMD160 (php-5.3.27.tar.bz2) = c2887004859f32b25229ffe52d86270c8de194b7 @@ -17,6 +17,8 @@ SHA1 (patch-ah) = 697156508da2d837a1ea1a41f036eab4fb87e94b SHA1 (patch-ai) = 9659f73eef1b4fcca9b844bdaa785ac6d5e582a1 SHA1 (patch-aj) = 181658ae523bd60f67750566711fc078b49191b7 SHA1 (patch-al) = fe534d7d50a529e3c7d0ffed76afdb70bb55a521 +SHA1 (patch-ext_date_lib_parse__iso__intervals.c) = 1243e4cda1d6446ee4f8b6cab61556fa07837139 +SHA1 (patch-ext_date_lib_parse__iso__intervals.re) = 75d4abd666c17d7d5f8a4ee9e489bf2565f83524 SHA1 (patch-ext_openssl_openssl.c) = f45f4322ac875db7b0bb86efb7cfda1f659ac6cc SHA1 (patch-ext_standard_basic__functions.c) = 017fd25e646af4d7eb2a0bd13b3c8da34eaee8c5 SHA1 (patch-main_streams_cast.c) = d68b69c9418a8780b1610b8755487771f7c46a5a diff --git a/lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.c b/lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.c new file mode 100644 index 00000000000..e895589cb76 --- /dev/null +++ b/lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.c @@ -0,0 +1,15 @@ +$NetBSD: patch-ext_date_lib_parse__iso__intervals.c,v 1.1 2013/12/05 16:16:40 taca Exp $ + +Fix for CVE-2013-6712. + +--- ext/date/lib/parse_iso_intervals.c.orig 2013-07-10 17:43:08.000000000 +0000 ++++ ext/date/lib/parse_iso_intervals.c +@@ -415,7 +415,7 @@ yy6: + break; + } + ptr++; +- } while (*ptr); ++ } while (!s->errors->error_count && *ptr); + s->have_period = 1; + TIMELIB_DEINIT; + return TIMELIB_PERIOD; diff --git a/lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.re b/lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.re new file mode 100644 index 00000000000..39c23175ab0 --- /dev/null +++ b/lang/php53/patches/patch-ext_date_lib_parse__iso__intervals.re @@ -0,0 +1,15 @@ +$NetBSD: patch-ext_date_lib_parse__iso__intervals.re,v 1.1 2013/12/05 16:16:40 taca Exp $ + +Fix for CVE-2013-6712. + +--- ext/date/lib/parse_iso_intervals.re.orig 2013-07-10 17:43:08.000000000 +0000 ++++ ext/date/lib/parse_iso_intervals.re +@@ -383,7 +383,7 @@ isoweek = year4 "-"? "W" weekof + break; + } + ptr++; +- } while (*ptr); ++ } while (!s->errors->error_count && *ptr); + s->have_period = 1; + TIMELIB_DEINIT; + return TIMELIB_PERIOD; |