3 files changed, 18 insertions, 2 deletions

diff --git a/www/php4/Makefile b/www/php4/Makefile
index c65757b6929..afb9ed4e83d 100644
--- a/www/php4/Makefile
+++ b/www/php4/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.78 2007/06/11 15:24:43 heinz Exp $
+# $NetBSD: Makefile,v 1.78.2.1 2007/08/06 21:13:14 ghen Exp $
 
 PKGNAME=		php-${PHP_BASE_VERS}
+PKGREVISION=		1
 CATEGORIES+=		lang
 COMMENT=		HTML-embedded scripting language
 
diff --git a/www/php4/distinfo b/www/php4/distinfo
index 2e345b9156f..5a29e586c3f 100644
--- a/www/php4/distinfo
+++ b/www/php4/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.65 2007/05/06 19:50:18 adrianp Exp $
+$NetBSD: distinfo,v 1.65.2.1 2007/08/06 21:13:14 ghen Exp $
 
 SHA1 (php-4.4.7.tar.bz2) = a6e2d6b5c5aa4e82a718563dc8dbb4b83fc91b78
 RMD160 (php-4.4.7.tar.bz2) = 5eb44c4b7711111dcbc9117e21ad644e9e6562f3
@@ -15,3 +15,4 @@ SHA1 (patch-ak) = 1f9fbe26c7329e1d18eec053499ee2d574b5b970
 SHA1 (patch-ap) = 2f852abd1e9d0f089add18b2eade2831253ad00e
 SHA1 (patch-at) = f8b3aebd61fe2d5b5a994e1d973424a1ed397f63
 SHA1 (patch-au) = f9798aa440e174f65dde574c4f3b28183b3d18bc
+SHA1 (patch-aw) = 2cdfd3c194c30f19a102bce66a68125ccfa59697
diff --git a/www/php4/patches/patch-aw b/www/php4/patches/patch-aw
new file mode 100644
index 00000000000..1924f88efb2
--- /dev/null
+++ b/www/php4/patches/patch-aw
@@ -0,0 +1,14 @@
+$NetBSD: patch-aw,v 1.2.8.1 2007/08/06 21:13:15 ghen Exp $
+
+Fix for CVE-2007-3806.
+
+--- ext/standard/dir.c.orig	2007-01-01 18:46:47.000000000 +0900
++++ ext/standard/dir.c
+@@ -382,6 +382,7 @@ PHP_FUNCTION(glob)
+ 	} 
+ #endif
+ 
++	memset(&globbuf, 0, sizeof(glob_t));
+ 	globbuf.gl_offs = 0;
+ 	if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) {
+ #ifdef GLOB_NOMATCH