diff options
| author | taca <taca@pkgsrc.org> | 2011-06-20 13:38:19 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2011-06-20 13:38:19 +0000 |
| commit | 0170b9631e909c6b8eea1b939344aac9459a429b (patch) | |
| tree | 09026c796e4159b453065da53ac390d96eda8ec9 /lang | |
| parent | 2fde764b809eb7902b744848933f551accd8b7db (diff) | |
| download | pkgsrc-0170b9631e909c6b8eea1b939344aac9459a429b.tar.gz | |
* Add a fix of potential security problem by char signedness processing:
http://www.openwall.com/lists/oss-security/2011/06/20/2
Noted by Matthias Drochner via private mail.
* Add LICENSE.
Bump PKGREVISION.
Diffstat (limited to 'lang')
| -rw-r--r-- | lang/php53/Makefile | 6 | ||||
| -rw-r--r-- | lang/php53/distinfo | 3 | ||||
| -rw-r--r-- | lang/php53/patches/patch-ext_standard_crypt__blowfish.c | 16 |
3 files changed, 22 insertions, 3 deletions
diff --git a/lang/php53/Makefile b/lang/php53/Makefile index 80b1c7344c9..b9b8d6090be 100644 --- a/lang/php53/Makefile +++ b/lang/php53/Makefile @@ -1,13 +1,15 @@ -# $NetBSD: Makefile,v 1.10 2011/06/15 14:42:03 taca Exp $ +# $NetBSD: Makefile,v 1.11 2011/06/20 13:38:19 taca Exp $ # # We can't omit PKGNAME here to handle PKG_OPTIONS. # PKGNAME= php-${PHP_BASE_VERS} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= lang + HOMEPAGE= http://www.php.net/ COMMENT= PHP Hypertext Preprocessor version 5 +LICENSE= php-license TEST_TARGET= test PKG_DESTDIR_SUPPORT= user-destdir diff --git a/lang/php53/distinfo b/lang/php53/distinfo index 11114cbf2c4..116d8f43b1f 100644 --- a/lang/php53/distinfo +++ b/lang/php53/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.15 2011/06/15 14:42:03 taca Exp $ +$NetBSD: distinfo,v 1.16 2011/06/20 13:38:19 taca Exp $ SHA1 (php-5.3.6/php-5.3.6.tar.bz2) = 0e0b9b4d9117f22080e2204afa9383469eb0dbbd RMD160 (php-5.3.6/php-5.3.6.tar.bz2) = 619bf96cf24bf6aa0988494186f8914fde94d44d @@ -15,5 +15,6 @@ SHA1 (patch-ai) = d4766893a2c47a4e4a744248dda265b0a9a66a1f SHA1 (patch-aj) = d611d13fcc28c5d2b9e9586832ce4b8ae5707b48 SHA1 (patch-al) = fbbee5502e0cd1c47c6e7c15e0d54746414ec32e SHA1 (patch-ext_sockets_sockets.c) = 99137af0e3307f1b379e4a4012ebd56978a88a15 +SHA1 (patch-ext_standard_crypt__blowfish.c) = 816a8404322c336bada83587761254318966191a SHA1 (patch-ext_standard_string.c) = fe16ffedd894a6d580f3c998b9f571f403f4a764 SHA1 (patch-main_rfc1867.c) = 2f7efd3ebc6eadb377ce308d5d8293bda07bbc42 diff --git a/lang/php53/patches/patch-ext_standard_crypt__blowfish.c b/lang/php53/patches/patch-ext_standard_crypt__blowfish.c new file mode 100644 index 00000000000..0e6d346facc --- /dev/null +++ b/lang/php53/patches/patch-ext_standard_crypt__blowfish.c @@ -0,0 +1,16 @@ +$NetBSD: patch-ext_standard_crypt__blowfish.c,v 1.1 2011/06/20 13:38:19 taca Exp $ + +- Fix potential security problem by char signedness processing: + http://www.openwall.com/lists/oss-security/2011/06/20/2 + +--- ext/standard/crypt_blowfish.c.orig 2010-02-21 23:47:14.000000000 +0000 ++++ ext/standard/crypt_blowfish.c +@@ -565,7 +565,7 @@ static void BF_set_key(__CONST char *key + tmp = 0; + for (j = 0; j < 4; j++) { + tmp <<= 8; +- tmp |= *ptr; ++ tmp |= (unsigned char)*ptr; + + if (!*ptr) ptr = key; else ptr++; + } |