diff options
| author | adam <adam> | 2014-03-07 15:58:27 +0000 |
|---|---|---|
| committer | adam <adam> | 2014-03-07 15:58:27 +0000 |
| commit | bb320d756dfcb6d142cc9fb61184357c523fbb0b (patch) | |
| tree | dd80970f89b39c827d826ce336c2ec255b571f98 /www | |
| parent | 3118d49b7f35c72d2ecf7f147c6a2a4a8445d367 (diff) | |
| download | pkgsrc-bb320d756dfcb6d142cc9fb61184357c523fbb0b.tar.gz | |
Changes 0.7.2:
This release fixes a security issue that was introduced with the 0.7.0 release. This issue affected the source-highlighting feature and could only be exploited, if the suPHP_PHPPath option was set. In this case local users which could create or edit .htaccess files could possibly execute arbitrary code with the privileges of the user the webserver was running as.
Diffstat (limited to 'www')
| -rw-r--r-- | www/ap2-suphp/Makefile | 28 | ||||
| -rw-r--r-- | www/ap2-suphp/distinfo | 8 |
2 files changed, 20 insertions, 16 deletions
diff --git a/www/ap2-suphp/Makefile b/www/ap2-suphp/Makefile index 8aa55afc109..f3f13d18969 100644 --- a/www/ap2-suphp/Makefile +++ b/www/ap2-suphp/Makefile @@ -1,20 +1,19 @@ -# $NetBSD: Makefile,v 1.17 2012/10/28 06:30:08 asau Exp $ -# +# $NetBSD: Makefile,v 1.18 2014/03/07 15:58:27 adam Exp $ -DISTNAME= suphp-0.7.1 -PKGNAME= ${APACHE_PKG_PREFIX}-${DISTNAME} -CATEGORIES= www -MASTER_SITES= http://www.suphp.org/download/ +DISTNAME= suphp-0.7.2 +PKGNAME= ${APACHE_PKG_PREFIX}-${DISTNAME} +CATEGORIES= www +MASTER_SITES= http://www.suphp.org/download/ -MAINTAINER= pkgsrc-users@NetBSD.org -HOMEPAGE= http://www.suphp.org/ -COMMENT= SuEXEC-like wrapper for PHP scripts -LICENSE= gnu-gpl-v2 +MAINTAINER= pkgsrc-users@NetBSD.org +HOMEPAGE= http://www.suphp.org/ +COMMENT= SuEXEC-like wrapper for PHP scripts +LICENSE= gnu-gpl-v2 -USE_TOOLS+= lex +USE_LANGUAGES= c c++ USE_PKGLOCALEDIR= yes +USE_TOOLS+= aclocal autoconf autoheader automake lex GNU_CONFIGURE= yes -USE_LANGUAGES= c c++ GCC_REQD+= 3.0 # the C++ code uses the .at() method CONFIGURE_ARGS+= APXS=${APXS} CONFIGURE_ARGS+= --with-apache-user=${APACHE_USER} @@ -37,6 +36,11 @@ SUBST_SED.suphp= -e "s,wwwrun,${APACHE_USER},g" SUBST_SED.suphp+= -e "s,/var/log/suphp.log,${VARBASE}/httpd/suphp_log,g" SUBST_SED.suphp+= -e "s,/usr/bin/php,${PREFIX}/libexec/cgi-bin/php,g" +# suPHP 0.7.2 is missing some configuration files +pre-configure: + set -e; cd ${WRKSRC}; \ + aclocal; autoheader; automake -a --foreign -i; autoconf + post-install: ${INSTALL_DATA_DIR} ${DESTDIR}${EGDIR} ${INSTALL_DATA} ${WRKSRC}/doc/suphp.conf-example ${DESTDIR}${EGDIR}/suphp.conf diff --git a/www/ap2-suphp/distinfo b/www/ap2-suphp/distinfo index e7f701fb6b8..578520e9dcd 100644 --- a/www/ap2-suphp/distinfo +++ b/www/ap2-suphp/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.7 2013/05/06 15:01:30 joerg Exp $ +$NetBSD: distinfo,v 1.8 2014/03/07 15:58:27 adam Exp $ -SHA1 (suphp-0.7.1.tar.gz) = 9eb82b62b5f71c01d7d8b2510c685141b78e54f5 -RMD160 (suphp-0.7.1.tar.gz) = e5e7e71494af322c3ab33d6a35fbcf96334c098c -Size (suphp-0.7.1.tar.gz) = 386521 bytes +SHA1 (suphp-0.7.2.tar.gz) = 2a83dcbf6dc8ede37c6556529783425aae7e4754 +RMD160 (suphp-0.7.2.tar.gz) = 8b7acea73bba36a22b81f0535ebf5bdcdd7e683a +Size (suphp-0.7.2.tar.gz) = 343223 bytes SHA1 (patch-src_IniSection.cpp) = 8effa733d567c6a724370e53b008e271aab23ad3 SHA1 (patch-src_IniSection.hpp) = c97e0e71fc2041d19026bae41838018d5fb991d3 SHA1 (patch-src_SmartPtr.hpp) = 91c20832b140d6fa49ddb2a6fa9b616ff7fc565d |