diff options
| author | adrianp <adrianp@pkgsrc.org> | 2006-10-22 13:19:19 +0000 |
|---|---|---|
| committer | adrianp <adrianp@pkgsrc.org> | 2006-10-22 13:19:19 +0000 |
| commit | defbabb02943a2bc8166e89cfbe86155c5f84599 (patch) | |
| tree | 719fb5bafda7bfd483276cfbd66d4ee385de3158 /lang | |
| parent | 20625c2bcae674b9a30449fe9bb8873f77fff20c (diff) | |
| download | pkgsrc-defbabb02943a2bc8166e89cfbe86155c5f84599.tar.gz | |
Fixes for CVE-2006-4812 and CVE-2006-4625
Bump nb
Diffstat (limited to 'lang')
| -rw-r--r-- | lang/php5/Makefile | 4 | ||||
| -rw-r--r-- | lang/php5/distinfo | 4 | ||||
| -rw-r--r-- | lang/php5/patches/patch-aa | 21 | ||||
| -rw-r--r-- | lang/php5/patches/patch-ab | 17 |
4 files changed, 43 insertions, 3 deletions
diff --git a/lang/php5/Makefile b/lang/php5/Makefile index 1076073b34c..d755cb26b05 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.44 2006/10/20 22:10:33 jdolecek Exp $ +# $NetBSD: Makefile,v 1.45 2006/10/22 13:19:19 adrianp Exp $ PKGNAME= php-${PHP_BASE_VERS} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= lang HOMEPAGE= http://www.php.net/ diff --git a/lang/php5/distinfo b/lang/php5/distinfo index 78a6b99ad0b..a3777169b83 100644 --- a/lang/php5/distinfo +++ b/lang/php5/distinfo @@ -1,8 +1,10 @@ -$NetBSD: distinfo,v 1.29 2006/08/28 12:17:10 taca Exp $ +$NetBSD: distinfo,v 1.30 2006/10/22 13:19:19 adrianp Exp $ SHA1 (php-5.1.6/php-5.1.6.tar.bz2) = a20b946f1de0a8a35a8a6bf437adbba4e5448d27 RMD160 (php-5.1.6/php-5.1.6.tar.bz2) = 7ac52f4674532397c982f6ced594b70dd17522af Size (php-5.1.6/php-5.1.6.tar.bz2) = 6454408 bytes +SHA1 (patch-aa) = c1ba60ea1e8df9242b1f3c5078808c7968cf0de8 +SHA1 (patch-ab) = e91b34cd6cfadcc7f39e5832241ea711f1c0f827 SHA1 (patch-ag) = 4ccb67ba6f5370b1d16b087e3e714de3e5ae604e SHA1 (patch-ah) = c7cbd4b9ea0796ea3b7491c2cffb6ddddc518587 SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc diff --git a/lang/php5/patches/patch-aa b/lang/php5/patches/patch-aa new file mode 100644 index 00000000000..050db59148a --- /dev/null +++ b/lang/php5/patches/patch-aa @@ -0,0 +1,21 @@ +$NetBSD: patch-aa,v 1.1 2006/10/22 13:19:19 adrianp Exp $ + +# CVE-2006-4812 + +--- Zend/zend_alloc.c.orig 2006-08-10 18:16:24.000000000 +0100 ++++ Zend/zend_alloc.c +@@ -331,12 +331,12 @@ ZEND_API void *_ecalloc(size_t nmemb, si + int final_size = size*nmemb; + + HANDLE_BLOCK_INTERRUPTIONS(); +- p = _emalloc(final_size ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_ORIG_RELAY_CC); ++ p = _safe_emalloc(nmemb, size, 0 ZEND_FILE_LINE_RELAY_CC ZEND_FILE_LINE_ORIG_RELAY_CC); + if (!p) { + HANDLE_UNBLOCK_INTERRUPTIONS(); + return (void *) p; + } +- memset(p, 0, final_size); ++ memset(p, 0, size * nmemb); + HANDLE_UNBLOCK_INTERRUPTIONS(); + return p; + } diff --git a/lang/php5/patches/patch-ab b/lang/php5/patches/patch-ab new file mode 100644 index 00000000000..4a10646122e --- /dev/null +++ b/lang/php5/patches/patch-ab @@ -0,0 +1,17 @@ +$NetBSD: patch-ab,v 1.1 2006/10/22 13:19:19 adrianp Exp $ + +# CVE-2006-4625 + +--- Zend/zend_ini.c.orig 2006-01-04 23:53:04.000000000 +0000 ++++ Zend/zend_ini.c +@@ -256,8 +256,8 @@ ZEND_API int zend_restore_ini_entry(char + zend_ini_entry *ini_entry; + TSRMLS_FETCH(); + +- if (zend_hash_find(EG(ini_directives), name, name_length, (void **) &ini_entry)==FAILURE) { +- return FAILURE; ++ if (zend_hash_find(EG(ini_directives), name, name_length, (void **) &ini_entry)==FAILURE || ++ (stage == ZEND_INI_STAGE_RUNTIME && (ini_entry->modifiable & ZEND_INI_USER) == 0)) { return FAILURE; + } + + zend_restore_ini_entry_cb(ini_entry, stage TSRMLS_CC); |