diff options
| author | taca <taca> | 2009-11-30 06:14:08 +0000 |
|---|---|---|
| committer | taca <taca> | 2009-11-30 06:14:08 +0000 |
| commit | d023ae97efcac79db789044b0be5e39ee20eefdd (patch) | |
| tree | ccbfe9b7c80e59b4b6e1ddf559dc5a9131d63c13 /lang/php5 | |
| parent | 5cbb96ee7ceef877c885969c0f7e90e83a5395c9 (diff) | |
| download | pkgsrc-d023ae97efcac79db789044b0be5e39ee20eefdd.tar.gz | |
Add fixes for http://secunia.com/advisories/37412/ from PHP's repositry.
1. CVE-2009-3292 is already fixed in 5.2.11.
2. CVE-2009-3558
http://svn.php.net/viewvc?view=revision&revision=288934
3. CVE-2009-3557
http://svn.php.net/viewvc?view=revision&revision=288945
http://svn.php.net/viewvc?view=revision&revision=288971
4. CVE-2009-4017
http://svn.php.net/viewvc?view=revision&revision=289990
http://svn.php.net/viewvc?view=revision&revision=290820
http://svn.php.net/viewvc?view=revision&revision=290885
Other pkgsrc changes:
* Don't hardcord /usr/pkg in php.ini-dist and php.ini-recommended.
* Add comments to some of patch files.
Bump PKGREVISION.
Diffstat (limited to 'lang/php5')
| -rw-r--r-- | lang/php5/Makefile | 20 | ||||
| -rw-r--r-- | lang/php5/distinfo | 14 | ||||
| -rw-r--r-- | lang/php5/patches/patch-ag | 29 | ||||
| -rw-r--r-- | lang/php5/patches/patch-ah | 27 | ||||
| -rw-r--r-- | lang/php5/patches/patch-ay | 4 | ||||
| -rw-r--r-- | lang/php5/patches/patch-az | 7 | ||||
| -rw-r--r-- | lang/php5/patches/patch-ba | 17 | ||||
| -rw-r--r-- | lang/php5/patches/patch-bb | 19 | ||||
| -rw-r--r-- | lang/php5/patches/patch-bc | 15 | ||||
| -rw-r--r-- | lang/php5/patches/patch-bd | 46 |
10 files changed, 171 insertions, 27 deletions
diff --git a/lang/php5/Makefile b/lang/php5/Makefile index 2d820441930..39fb2e1a999 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.73 2009/10/22 14:49:06 taca Exp $ +# $NetBSD: Makefile,v 1.74 2009/11/30 06:14:08 taca Exp $ PKGNAME= php-${PHP_BASE_VERS} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= lang HOMEPAGE= http://www.php.net/ COMMENT= PHP Hypertext Preprocessor version 5 @@ -37,20 +37,20 @@ MAKE_ENV+= INSTALL_ROOT=${DESTDIR:Q} CONF_FILES= ${EGDIR}/php.ini-recommended ${PKG_SYSCONFDIR}/php.ini OWN_DIRS= ${PREFIX}/${PHP_EXTENSION_DIR} -SUBST_CLASSES+= cgi -SUBST_MESSAGE.cgi= Fixing CGI path. -SUBST_STAGE.cgi= pre-configure -SUBST_FILES.cgi= configure -SUBST_SED.cgi= -e 's,@CGIDIR@,${CGIDIR},g' +SUBST_CLASSES+= path +SUBST_MESSAGE.path= Fixing common paths. +SUBST_STAGE.path= pre-configure +SUBST_FILES.path= configure php.ini-dist php.ini-recommended +SUBST_SED.path= -e 's,@CGIDIR@,${CGIDIR},g' +SUBST_SED.path+= -e 's,@PREFIX@,${PREFIX},g' + +INSTALLATION_DIRS+= ${CGIDIR} # Make sure modules can link correctly .if ${OPSYS} == "Darwin" INSTALL_UNSTRIPPED= yes .endif -pre-install: - ${INSTALL_DATA_DIR} ${DESTDIR:Q}${CGIDIR:Q} - post-install: ${INSTALL_PROGRAM} ${WRKSRC}/sapi/cli/php \ ${DESTDIR:Q}${PREFIX:Q}/bin/php diff --git a/lang/php5/distinfo b/lang/php5/distinfo index 337ae2ed592..dacc5ed2454 100644 --- a/lang/php5/distinfo +++ b/lang/php5/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.69 2009/10/22 14:49:06 taca Exp $ +$NetBSD: distinfo,v 1.70 2009/11/30 06:14:08 taca Exp $ SHA1 (php-5.2.11/php-5.2.11.tar.bz2) = 819c853ce657ef260d4a73b5a21f961115b97eef RMD160 (php-5.2.11/php-5.2.11.tar.bz2) = 6aad53dee864ab89f794a9d3c2aa32d435ed5654 @@ -7,8 +7,8 @@ SHA1 (php-5.2.11/suhosin-patch-5.2.11-0.9.7.patch.gz) = 248419332131efc53f3306c2 RMD160 (php-5.2.11/suhosin-patch-5.2.11-0.9.7.patch.gz) = 0f6d442aace34c221f9fbff42a63e7f3b4489f15 Size (php-5.2.11/suhosin-patch-5.2.11-0.9.7.patch.gz) = 23050 bytes SHA1 (patch-aa) = 20bc3831e435182d014b11ae9f1f6c537a21af20 -SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e -SHA1 (patch-ah) = c7cbd4b9ea0796ea3b7491c2cffb6ddddc518587 +SHA1 (patch-ag) = 901552355a3d57d9b8e23b31cd0edfd28db8b2bb +SHA1 (patch-ah) = 7702da73f3a457ee381542b454d19b1f4b421e01 SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc SHA1 (patch-al) = 0ee37782cc0d3bf5ede1a583de0589c2c1316b50 SHA1 (patch-an) = 8f4174627b8cb5f8bfbc59413c95f71e26b9e602 @@ -16,5 +16,9 @@ SHA1 (patch-ap) = 5eb0e0e4244a993da93e36f8fcb5553454207fce SHA1 (patch-aq) = 0c9d48547da2fa80aa8357d23ad8505d1c0330df SHA1 (patch-ar) = 2d74ec926cc00bfbb67d16210af78c33ad9ac38d SHA1 (patch-as) = f7ce5caffe2acdd1f8e9fc8ae6c7ba1d8c6a25c1 -SHA1 (patch-ay) = c2667dd398c1c58e55f459f2df02613dc028e9cc -SHA1 (patch-az) = ebdd76b8a5e6cf853b467a67fc6c8948a91d822a +SHA1 (patch-ay) = 7ae502db6574a91fcbb487d37c14a5de644b01b6 +SHA1 (patch-az) = 04e69038e693cc72fb0f67ce04dd1778dacb1756 +SHA1 (patch-ba) = d9483f61b19c297eced12ae3d84d5163e33327b4 +SHA1 (patch-bb) = abbc8747e520d3665d3bcccf9c87741ecc6dc210 +SHA1 (patch-bc) = 9cb2e7fcd6f91d3382a69d68a80d72fdb8fbf2a7 +SHA1 (patch-bd) = 85c891ada42c062b365051b43a3b53c33fa39a92 diff --git a/lang/php5/patches/patch-ag b/lang/php5/patches/patch-ag index a2304bc5e11..c5174b6e385 100644 --- a/lang/php5/patches/patch-ag +++ b/lang/php5/patches/patch-ag @@ -1,8 +1,21 @@ -$NetBSD: patch-ag,v 1.2 2006/02/06 06:39:59 martti Exp $ +$NetBSD: patch-ag,v 1.3 2009/11/30 06:14:08 taca Exp $ ---- php.ini-dist.orig 2005-12-30 19:15:55.000000000 +0200 -+++ php.ini-dist 2006-02-05 15:36:13.000000000 +0200 -@@ -457,8 +457,9 @@ +* Ajust for pkgsrc. +* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017: + http://svn.php.net/viewvc?view=revision&revision=289990 + +--- php.ini-dist.orig 2009-02-14 01:55:18.000000000 +0900 ++++ php.ini-dist +@@ -471,7 +471,7 @@ default_mimetype = "text/html" + ;;;;;;;;;;;;;;;;;;;;;;;;; + + ; UNIX: "/path1:/path2" +-;include_path = ".:/php/includes" ++include_path = ".:@PREFIX@/lib/php" + ; + ; Windows: "\path1;\path2" + ;include_path = ".;c:\php\includes" +@@ -487,8 +487,9 @@ doc_root = ; if nonempty. user_dir = @@ -14,7 +27,7 @@ $NetBSD: patch-ag,v 1.2 2006/02/06 06:39:59 martti Exp $ ; Whether or not to enable the dl() function. The dl() function does NOT work ; properly in multithreaded servers, such as IIS or Zeus, and is automatically -@@ -508,7 +509,7 @@ +@@ -546,11 +547,13 @@ file_uploads = On ; Temporary directory for HTTP uploaded files (will use system default if not ; specified). @@ -23,3 +36,9 @@ $NetBSD: patch-ag,v 1.2 2006/02/06 06:39:59 martti Exp $ ; Maximum allowed size for uploaded files. upload_max_filesize = 2M + ++; Maximum number of files that can be uploaded via a single request ++max_file_uploads = 100 + + ;;;;;;;;;;;;;;;;;; + ; Fopen wrappers ; diff --git a/lang/php5/patches/patch-ah b/lang/php5/patches/patch-ah index 6d2b7dd9bb8..dfa5a9c1c67 100644 --- a/lang/php5/patches/patch-ah +++ b/lang/php5/patches/patch-ah @@ -1,8 +1,21 @@ -$NetBSD: patch-ah,v 1.1 2005/12/06 08:32:22 jdolecek Exp $ +$NetBSD: patch-ah,v 1.2 2009/11/30 06:14:08 taca Exp $ ---- php.ini-recommended.orig 2005-11-15 00:14:23.000000000 +0100 +* Ajust for pkgsrc. +* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017: + http://svn.php.net/viewvc?view=revision&revision=289990 + +--- php.ini-recommended.orig 2009-03-02 13:44:35.000000000 +0900 +++ php.ini-recommended -@@ -515,8 +515,9 @@ doc_root = +@@ -522,7 +522,7 @@ default_mimetype = "text/html" + ;;;;;;;;;;;;;;;;;;;;;;;;; + + ; UNIX: "/path1:/path2" +-;include_path = ".:/php/includes" ++include_path = ".:@PREFIX@/lib/php" + ; + ; Windows: "\path1;\path2" + ;include_path = ".;c:\php\includes" +@@ -538,8 +538,9 @@ doc_root = ; if nonempty. user_dir = @@ -14,7 +27,7 @@ $NetBSD: patch-ah,v 1.1 2005/12/06 08:32:22 jdolecek Exp $ ; Whether or not to enable the dl() function. The dl() function does NOT work ; properly in multithreaded servers, such as IIS or Zeus, and is automatically -@@ -566,7 +567,7 @@ file_uploads = On +@@ -597,11 +598,13 @@ file_uploads = On ; Temporary directory for HTTP uploaded files (will use system default if not ; specified). @@ -23,3 +36,9 @@ $NetBSD: patch-ah,v 1.1 2005/12/06 08:32:22 jdolecek Exp $ ; Maximum allowed size for uploaded files. upload_max_filesize = 2M + ++; Maximum number of files that can be uploaded via a single request ++max_file_uploads = 100 + + ;;;;;;;;;;;;;;;;;; + ; Fopen wrappers ; diff --git a/lang/php5/patches/patch-ay b/lang/php5/patches/patch-ay index 1388c10dc5c..7713377776d 100644 --- a/lang/php5/patches/patch-ay +++ b/lang/php5/patches/patch-ay @@ -1,7 +1,7 @@ -$NetBSD: patch-ay,v 1.1 2009/10/22 14:37:47 taca Exp $ +$NetBSD: patch-ay,v 1.2 2009/11/30 06:14:08 taca Exp $ * Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 - from PHP's SVN repositry r289557. + http://svn.php.net/viewvc?view=revision&revision=289557 --- ext/gd/libgd/gd_gd.c.orig 2007-08-09 23:21:38.000000000 +0900 +++ ext/gd/libgd/gd_gd.c diff --git a/lang/php5/patches/patch-az b/lang/php5/patches/patch-az index c2a2190c26b..184f591054b 100644 --- a/lang/php5/patches/patch-az +++ b/lang/php5/patches/patch-az @@ -1,6 +1,11 @@ $NetBSD$ -* Fix for htmlspecialchars(): r289411, r289554, r289565, r289567, r289605. +* Fix for htmlspecialchars(): + http://svn.php.net/viewvc?view=revision&revision=289411 + http://svn.php.net/viewvc?view=revision&revision=289554 + http://svn.php.net/viewvc?view=revision&revision=289565 + http://svn.php.net/viewvc?view=revision&revision=289567 + http://svn.php.net/viewvc?view=revision&revision=289605 --- ext/standard/html.c.orig 2008-12-31 20:17:49.000000000 +0900 +++ ext/standard/html.c diff --git a/lang/php5/patches/patch-ba b/lang/php5/patches/patch-ba new file mode 100644 index 00000000000..a5b41e01043 --- /dev/null +++ b/lang/php5/patches/patch-ba @@ -0,0 +1,17 @@ +$NetBSD: patch-ba,v 1.1 2009/11/30 06:14:08 taca Exp $ + +Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558: + http://svn.php.net/viewvc?view=revision&revision=288934 + +--- ext/posix/posix.c.orig 2009-08-06 20:11:15.000000000 +0900 ++++ ext/posix/posix.c +@@ -679,7 +679,8 @@ PHP_FUNCTION(posix_mkfifo) + RETURN_FALSE; + } + +- if (PG(safe_mode) && (!php_checkuid(path, NULL, CHECKUID_ALLOW_ONLY_DIR))) { ++ if (php_check_open_basedir_ex(path, 0 TSRMLS_CC) || ++ (PG(safe_mode) && (!php_checkuid(path, NULL, CHECKUID_ALLOW_ONLY_DIR))) { + RETURN_FALSE; + } + diff --git a/lang/php5/patches/patch-bb b/lang/php5/patches/patch-bb new file mode 100644 index 00000000000..2b8d9a830cb --- /dev/null +++ b/lang/php5/patches/patch-bb @@ -0,0 +1,19 @@ +$NetBSD: patch-bb,v 1.1 2009/11/30 06:14:08 taca Exp $ + +Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557: + http://svn.php.net/viewvc?view=revision&revision=288945 + http://svn.php.net/viewvc?view=revision&revision=288971 + +--- ext/standard/file.c.orig 2009-11-30 10:04:51.000000000 +0900 ++++ ext/standard/file.c +@@ -838,6 +838,10 @@ PHP_FUNCTION(tempnam) + convert_to_string_ex(arg1); + convert_to_string_ex(arg2); + ++ if (PG(safe_mode) &&(!php_checkuid(Z_STRVAL_PP(arg1), NULL, CHECKUID_ALLOW_ONLY_DIR))) { ++ RETURN_FALSE; ++ } ++ + if (php_check_open_basedir(Z_STRVAL_PP(arg1) TSRMLS_CC)) { + RETURN_FALSE; + } diff --git a/lang/php5/patches/patch-bc b/lang/php5/patches/patch-bc new file mode 100644 index 00000000000..25421d738be --- /dev/null +++ b/lang/php5/patches/patch-bc @@ -0,0 +1,15 @@ +$NetBSD: patch-bc,v 1.1 2009/11/30 06:14:08 taca Exp $ + +Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017: + http://svn.php.net/viewvc?view=revision&revision=289990 + +--- main/main.c.orig 2009-11-30 10:04:51.000000000 +0900 ++++ main/main.c +@@ -455,6 +455,7 @@ PHP_INI_BEGIN() + PHP_INI_ENTRY("mail.force_extra_parameters",NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnChangeMailForceExtra) + PHP_INI_ENTRY("disable_functions", "", PHP_INI_SYSTEM, NULL) + PHP_INI_ENTRY("disable_classes", "", PHP_INI_SYSTEM, NULL) ++ PHP_INI_ENTRY("max_file_uploads", "100", PHP_INI_SYSTEM, NULL) + + STD_PHP_INI_BOOLEAN("allow_url_fopen", "1", PHP_INI_SYSTEM, OnUpdateBool, allow_url_fopen, php_core_globals, core_globals) + STD_PHP_INI_BOOLEAN("allow_url_include", "0", PHP_INI_SYSTEM, OnUpdateBool, allow_url_include, php_core_globals, core_globals) diff --git a/lang/php5/patches/patch-bd b/lang/php5/patches/patch-bd new file mode 100644 index 00000000000..8eed556e09b --- /dev/null +++ b/lang/php5/patches/patch-bd @@ -0,0 +1,46 @@ +$NetBSD: patch-bd,v 1.1 2009/11/30 06:14:08 taca Exp $ + +Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017: + http://svn.php.net/viewvc?view=revision&revision=289990 + http://svn.php.net/viewvc?view=revision&revision=290820 + http://svn.php.net/viewvc?view=revision&revision=290885 + +--- main/rfc1867.c.orig 2008-12-31 20:17:49.000000000 +0900 ++++ main/rfc1867.c +@@ -32,6 +32,7 @@ + #include "php_globals.h" + #include "php_variables.h" + #include "rfc1867.h" ++#include "php_ini.h" + + #define DEBUG_FILE_UPLOAD ZEND_DEBUG + +@@ -794,8 +795,9 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_ + zend_llist header; + void *event_extra_data = NULL; + int llen = 0; ++ int upload_cnt = INI_INT("max_file_uploads"); + +- if (SG(request_info).content_length > SG(post_max_size)) { ++ if (SG(post_max_size) > 0 && SG(request_info).content_length > SG(post_max_size)) { + sapi_module.sapi_error(E_WARNING, "POST Content-Length of %ld bytes exceeds the limit of %ld bytes", SG(request_info).content_length, SG(post_max_size)); + return; + } +@@ -972,6 +974,9 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_ + /* If file_uploads=off, skip the file part */ + if (!PG(file_uploads)) { + skip_upload = 1; ++ } else if (upload_cnt <= 0) { ++ skip_upload = 1; ++ sapi_module.sapi_error(E_WARNING, "Maximum number of allowable file uploads has been exceeded"); + } + + /* Return with an error if the posted data is garbled */ +@@ -1016,6 +1021,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_ + if (!skip_upload) { + /* Handle file */ + fd = php_open_temporary_fd_ex(PG(upload_tmp_dir), "php", &temp_filename, 1 TSRMLS_CC); ++ upload_cnt--; + if (fd==-1) { + sapi_module.sapi_error(E_WARNING, "File upload error - unable to create a temporary file"); + cancel_upload = UPLOAD_ERROR_E; |