summaryrefslogtreecommitdiff
path: root/lang/php5
diff options
context:
space:
mode:
authoradrianp <adrianp>2006-10-22 13:19:19 +0000
committeradrianp <adrianp>2006-10-22 13:19:19 +0000
commit24d2a193129d73d3a3e1b5b450dbe3a9e49778b2 (patch)
tree719fb5bafda7bfd483276cfbd66d4ee385de3158 /lang/php5
parente8f4002572c70db6f2986e888206862e4e06beba (diff)
downloadpkgsrc-24d2a193129d73d3a3e1b5b450dbe3a9e49778b2.tar.gz
Fixes for CVE-2006-4812 and CVE-2006-4625
Bump nb
Diffstat (limited to 'lang/php5')
-rw-r--r--lang/php5/Makefile4
-rw-r--r--lang/php5/distinfo4
-rw-r--r--lang/php5/patches/patch-aa21
-rw-r--r--lang/php5/patches/patch-ab17
4 files changed, 43 insertions, 3 deletions
diff --git a/lang/php5/Makefile b/lang/php5/Makefile
index 1076073b34c..d755cb26b05 100644
--- a/lang/php5/Makefile
+++ b/lang/php5/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.44 2006/10/20 22:10:33 jdolecek Exp $
+# $NetBSD: Makefile,v 1.45 2006/10/22 13:19:19 adrianp Exp $
PKGNAME= php-${PHP_BASE_VERS}
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= lang
HOMEPAGE= http://www.php.net/
diff --git a/lang/php5/distinfo b/lang/php5/distinfo
index 78a6b99ad0b..a3777169b83 100644
--- a/lang/php5/distinfo
+++ b/lang/php5/distinfo
@@ -1,8 +1,10 @@
-$NetBSD: distinfo,v 1.29 2006/08/28 12:17:10 taca Exp $
+$NetBSD: distinfo,v 1.30 2006/10/22 13:19:19 adrianp Exp $
SHA1 (php-5.1.6/php-5.1.6.tar.bz2) = a20b946f1de0a8a35a8a6bf437adbba4e5448d27
RMD160 (php-5.1.6/php-5.1.6.tar.bz2) = 7ac52f4674532397c982f6ced594b70dd17522af
Size (php-5.1.6/php-5.1.6.tar.bz2) = 6454408 bytes
+SHA1 (patch-aa) = c1ba60ea1e8df9242b1f3c5078808c7968cf0de8
+SHA1 (patch-ab) = e91b34cd6cfadcc7f39e5832241ea711f1c0f827
SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e
SHA1 (patch-ah) = c7cbd4b9ea0796ea3b7491c2cffb6ddddc518587
SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc
diff --git a/lang/php5/patches/patch-aa b/lang/php5/patches/patch-aa
new file mode 100644
index 00000000000..050db59148a
--- /dev/null
+++ b/lang/php5/patches/patch-aa
@@ -0,0 +1,21 @@
+$NetBSD: patch-aa,v 1.1 2006/10/22 13:19:19 adrianp Exp $
+
+# CVE-2006-4812
+
+--- Zend/zend_alloc.c.orig 2006-08-10 18:16:24.000000000 +0100
++++ Zend/zend_alloc.c
+@@ -331,12 +331,12 @@ ZEND_API void *_ecalloc(size_t nmemb, si
+ int final_size = size*nmemb;
+
+ HANDLE_BLOCK_INTERRUPTIONS();
+- p = _emalloc(final_size ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_ORIG_RELAY_CC);
++ p = _safe_emalloc(nmemb, size, 0 ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_ORIG_RELAY_CC);
+ if (!p) {
+ HANDLE_UNBLOCK_INTERRUPTIONS();
+ return (void *) p;
+ }
+- memset(p, 0, final_size);
++ memset(p, 0, size * nmemb);
+ HANDLE_UNBLOCK_INTERRUPTIONS();
+ return p;
+ }
diff --git a/lang/php5/patches/patch-ab b/lang/php5/patches/patch-ab
new file mode 100644
index 00000000000..4a10646122e
--- /dev/null
+++ b/lang/php5/patches/patch-ab
@@ -0,0 +1,17 @@
+$NetBSD: patch-ab,v 1.1 2006/10/22 13:19:19 adrianp Exp $
+
+# CVE-2006-4625
+
+--- Zend/zend_ini.c.orig 2006-01-04 23:53:04.000000000 +0000
++++ Zend/zend_ini.c
+@@ -256,8 +256,8 @@ ZEND_API int zend_restore_ini_entry(char
+ zend_ini_entry *ini_entry;
+ TSRMLS_FETCH();
+
+- if (zend_hash_find(EG(ini_directives), name, name_length, (void **) &ini_entry)==FAILURE) {
+- return FAILURE;
++ if (zend_hash_find(EG(ini_directives), name, name_length, (void **) &ini_entry)==FAILURE ||
++ (stage == ZEND_INI_STAGE_RUNTIME && (ini_entry->modifiable & ZEND_INI_USER) == 0)) { return FAILURE;
+ }
+
+ zend_restore_ini_entry_cb(ini_entry, stage TSRMLS_CC);