diff options
| -rw-r--r-- | lang/php/phpversion.mk | 4 | ||||
| -rw-r--r-- | lang/php72/Makefile | 9 | ||||
| -rw-r--r-- | lang/php72/Makefile.php | 12 | ||||
| -rw-r--r-- | lang/php72/distinfo | 11 | ||||
| -rw-r--r-- | lang/php72/patches/patch-disable-filter-url | 34 |
5 files changed, 55 insertions, 15 deletions
diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index 2bf38f8914b..53c7d53e19f 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.221.2.1 2018/08/17 16:04:00 bsiegert Exp $ +# $NetBSD: phpversion.mk,v 1.221.2.2 2018/08/17 16:08:38 bsiegert Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -90,7 +90,7 @@ PHPVERSION_MK= defined PHP56_VERSION= 5.6.36 PHP70_VERSION= 7.0.30 PHP71_VERSION= 7.1.20 -PHP72_VERSION= 7.2.7 +PHP72_VERSION= 7.2.8 # Define initial release of major version. PHP56_RELDATE= 20140828 diff --git a/lang/php72/Makefile b/lang/php72/Makefile index e8a30063f95..6d825481f3e 100644 --- a/lang/php72/Makefile +++ b/lang/php72/Makefile @@ -1,10 +1,9 @@ -# $NetBSD: Makefile,v 1.8 2018/04/26 15:44:15 taca Exp $ +# $NetBSD: Makefile,v 1.8.2.1 2018/08/17 16:08:38 bsiegert Exp $ # # We can't omit PKGNAME here to handle PKG_OPTIONS. # PKGNAME= php-${PHP_VERSION:S/RC/rc/} -CATEGORIES= lang HOMEPAGE= http://www.php.net/ COMMENT= PHP Hypertext Preprocessor version 7.2 @@ -41,6 +40,12 @@ SUBST_SED.path+= -e 's,@PREFIX@,${PREFIX},g' INSTALLATION_DIRS+= ${CGIDIR} ${PHP_EXTENSION_DIR} ${EGDIR} share/php +# segfaults when buidling with many compilers +# https://bugs.php.net/bug.php?id=74527 +.if ${MACHINE_ARCH} == "i386" +CONFIGURE_ARGS+= --disable-gcc-global-regs +.endif + # Make sure modules can link correctly .if ${OPSYS} == "Darwin" INSTALL_UNSTRIPPED= yes diff --git a/lang/php72/Makefile.php b/lang/php72/Makefile.php index 94efbcc28a8..e1988591478 100644 --- a/lang/php72/Makefile.php +++ b/lang/php72/Makefile.php @@ -1,13 +1,8 @@ -# $NetBSD: Makefile.php,v 1.4 2018/02/05 08:51:25 jdolecek Exp $ +# $NetBSD: Makefile.php,v 1.4.4.1 2018/08/17 16:08:38 bsiegert Exp $ # used by lang/php72/Makefile # used by www/ap-php/Makefile # used by www/php-fpm/Makefile -# PHP bug #74526 - segfaults on build with GCC 4.8.5 i386 -.if ${MACHINE_ARCH} == "i386" -GCC_REQD+= 4.9 -.endif - # the binary actually needs full dep on PCRE BUILDLINK_DEPMETHOD.pcre= full @@ -51,6 +46,7 @@ CONFIGURE_ARGS+= --with-pcre-regex=${BUILDLINK_PREFIX.pcre} PKG_OPTIONS_VAR= PKG_OPTIONS.${PHP_PKG_PREFIX} PKG_SUPPORTED_OPTIONS+= inet6 ssl maintainer-zts readline argon2 sqlite3 +PKG_SUPPORTED_OPTIONS+= disable-filter-url PKG_SUGGESTED_OPTIONS+= inet6 ssl readline sqlite3 .if ${OPSYS} == "SunOS" || ${OPSYS} == "Darwin" || ${OPSYS} == "FreeBSD" @@ -109,5 +105,9 @@ CONFIGURE_ARGS+= --with-sqlite3=${BUILDLINK_PREFIX.sqlite3} CONFIGURE_ARGS+= --without-sqlite3 .endif +.if !empty(PKG_OPTIONS:Mdisable-filter-url) +CFLAGS+= -DDISABLE_FILTER_URL +.endif + DL_AUTO_VARS= yes .include "../../mk/dlopen.buildlink3.mk" diff --git a/lang/php72/distinfo b/lang/php72/distinfo index 1cfe1d48c45..0701ff72289 100644 --- a/lang/php72/distinfo +++ b/lang/php72/distinfo @@ -1,10 +1,11 @@ -$NetBSD: distinfo,v 1.26 2018/06/24 10:34:47 taca Exp $ +$NetBSD: distinfo,v 1.26.2.1 2018/08/17 16:08:38 bsiegert Exp $ -SHA1 (php-7.2.7.tar.bz2) = e56adc671e9a19bcbe2b84e510cd2c2cec571970 -RMD160 (php-7.2.7.tar.bz2) = ba76b61f709eda603bf6c6b2d31baf6111210e13 -SHA512 (php-7.2.7.tar.bz2) = 7817e082963a4f185c5dd4a7bdd9358e25ae1dc83fa6b353313660c9907a2ead308676be86d5e1f7d586d394308e451dd8139a7879a68ab5d0c4a59fcbe73027 -Size (php-7.2.7.tar.bz2) = 15050410 bytes +SHA1 (php-7.2.8.tar.bz2) = b0aa50ba30be0e93bf4b1087f6a6326ffe0dd06f +RMD160 (php-7.2.8.tar.bz2) = b73b220a5ef91d3d17de726adbe9fc04abc6c0ba +SHA512 (php-7.2.8.tar.bz2) = 4eaab35ff99c6829e4e67b99d0dbc1d25b83210c9d894fbb9e6810dd3de8b7d5bd62b2d8a9f2ecb3c1f2f5a9c28116a22b36f019a21b8770f02fe1e3149728d9 +Size (php-7.2.8.tar.bz2) = 15035638 bytes SHA1 (patch-configure) = 47f2ede97390cc7e46d04c2769dd97459b19450a +SHA1 (patch-disable-filter-url) = e9e92d686ddd1d1a1ece10fe4feee4e368fe510c SHA1 (patch-ext_gd_config.m4) = 67730ccc13410adaf8829f77a6b044f16e412489 SHA1 (patch-ext_phar_Makefile.frag) = 558869b60f8ed6674a3ba1d595a65f010df4c426 SHA1 (patch-ext_phar_phar_phar.php) = f630e3946b21b76d4fe857a43e00e25c9445f2c8 diff --git a/lang/php72/patches/patch-disable-filter-url b/lang/php72/patches/patch-disable-filter-url new file mode 100644 index 00000000000..b9b758aab4e --- /dev/null +++ b/lang/php72/patches/patch-disable-filter-url @@ -0,0 +1,34 @@ +$NetBSD: patch-disable-filter-url,v 1.1.2.2 2018/08/17 16:08:38 bsiegert Exp $ + +Add build-time disable option for dangerous php://filter URL + +php://filter URL is a feature documented here: +http://php.net/manual/en/wrappers.php.php + +Unfortunately, it allows remote control of include() behavior +beyond what many developpers expected, enabling easy dump of +PHP source files. The administrator may want to disable the +feature for security sake, and this patch makes that possible. + +--- ./ext/standard/php_fopen_wrapper.c.orig ++++ ./ext/standard/php_fopen_wrapper.c +@@ -345,8 +345,9 @@ + "Error duping file descriptor " ZEND_LONG_FMT "; possibly it doesn't exist: " + "[%d]: %s", fildes_ori, errno, strerror(errno)); + return NULL; + } ++#ifndef DISABLE_FILTER_URL + } else if (!strncasecmp(path, "filter/", 7)) { + /* Save time/memory when chain isn't specified */ + if (strchr(mode, 'r') || strchr(mode, '+')) { + mode_rw |= PHP_STREAM_FILTER_READ; +@@ -382,8 +383,9 @@ + } + efree(pathdup); + + return stream; ++#endif /* !DISABLE_FILTER_URL */ + } else { + /* invalid php://thingy */ + php_error_docref(NULL, E_WARNING, "Invalid php:// URL specified"); + return NULL; |