From a7db1491b8e2789fafee5ede5137869312bf9694 Mon Sep 17 00:00:00 2001 From: bsiegert Date: Sun, 8 May 2016 14:08:45 +0000 Subject: Pullup ticket #4973 - requested by taca lang/php56: security fix Revisions pulled up: - lang/php/phpversion.mk 1.134 - lang/php56/distinfo 1.26 - lang/php56/patches/patch-configure 1.3 - lang/php56/patches/patch-ext_opcache_config.m4 deleted - lang/php56/patches/patch-ext_standard_php__dns.h 1.2 --- Module Name: pkgsrc Committed By: taca Date: Mon May 2 13:08:00 UTC 2016 Modified Files: pkgsrc/lang/php: phpversion.mk pkgsrc/lang/php56: distinfo pkgsrc/lang/php56/patches: patch-configure patch-ext_standard_php__dns.h Removed Files: pkgsrc/lang/php56/patches: patch-ext_opcache_config.m4 Log Message: Update php56 to 5.6.21. pkgsrc change: Fix build problem on Linux noted by Matthias Ferdinand on pkgsrc-users@. 28 Apr 2016, PHP 5.6.21 - Core: . Fixed bug #69537 (__debugInfo with empty string for key gives error). (krakjoe) . Fixed bug #71841 (EG(error_zval) is not handled well). (Laruence) - BCmath: . Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition). (Stas) - Curl: . Fixed bug #71831 (CURLOPT_NOPROXY applied as long instead of string). (Michael Sierks) - Date: . Fixed bug #71889 (DateInterval::format Segmentation fault). (Thomas Punt) - EXIF: . Fixed bug #72094 (Out of bounds heap read access in exif header processing). (Stas) - GD: . Fixed bug #71952 (Corruption inside imageaffinematrixget). (Stas) . Fixed bug #71912 (libgd: signedness vulnerability). (Stas) - Intl: . Fixed bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative offset). (Stas) - OCI8: . Fixed bug #71422 (Fix ORA-01438: value larger than specified precision allowed for this column). (Chris Jones) - ODBC: . Fixed bug #63171 (Script hangs after max_execution_time). (Remi) - Opcache: . Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER). (Laruence) - PDO: . Fixed bug #52098 (Own PDOStatement implementation ignore __call()). (Daniel Kalaspuffar, Julien) . Fixed bug #71447 (Quotes inside comments not properly handled). (Matteo) - Postgres: . Fixed bug #71820 (pg_fetch_object binds parameters before call constructor). (Anatol) - SPL: . Fixed bug #67582 (Cloned SplObjectStorage with overwritten getHash fails offsetExists()). (Nikita) - Standard: . Fixed bug #71840 (Unserialize accepts wrongly data). (Ryat, Laruence) . Fixed bug #67512 (php_crypt() crashes if crypt_r() does not exist or _REENTRANT is not defined). (Nikita) - XML: . Fixed bug #72099 (xml_parse_into_struct segmentation fault). (Stas) --- lang/php/phpversion.mk | 4 ++-- lang/php56/distinfo | 15 +++++++-------- lang/php56/patches/patch-configure | 19 +++++-------------- lang/php56/patches/patch-ext_opcache_config.m4 | 15 --------------- lang/php56/patches/patch-ext_standard_php__dns.h | 14 +++++++++++--- 5 files changed, 25 insertions(+), 42 deletions(-) delete mode 100644 lang/php56/patches/patch-ext_opcache_config.m4 diff --git a/lang/php/phpversion.mk b/lang/php/phpversion.mk index 83fcacb840e..021fd774200 100644 --- a/lang/php/phpversion.mk +++ b/lang/php/phpversion.mk @@ -1,4 +1,4 @@ -# $NetBSD: phpversion.mk,v 1.131.2.1 2016/05/08 08:10:06 bsiegert Exp $ +# $NetBSD: phpversion.mk,v 1.131.2.2 2016/05/08 14:08:45 bsiegert Exp $ # # This file selects a PHP version, based on the user's preferences and # the installed packages. It does not add a dependency on the PHP @@ -82,7 +82,7 @@ PHPVERSION_MK= defined # Define each PHP's version. PHP55_VERSION= 5.5.35 -PHP56_VERSION= 5.6.20 +PHP56_VERSION= 5.6.21 PHP70_VERSION= 7.0.5 # Define initial release of major version. diff --git a/lang/php56/distinfo b/lang/php56/distinfo index 3f9140055e1..1c2ee6bd388 100644 --- a/lang/php56/distinfo +++ b/lang/php56/distinfo @@ -1,15 +1,14 @@ -$NetBSD: distinfo,v 1.25 2016/04/02 09:00:25 taca Exp $ +$NetBSD: distinfo,v 1.25.2.1 2016/05/08 14:08:45 bsiegert Exp $ -SHA1 (php-5.6.20.tar.bz2) = 41fcaf7a61936baf3ea9543697291865f9870a59 -RMD160 (php-5.6.20.tar.bz2) = 6cde7ace4a02711b46a2853cb43dc10edf72e167 -SHA512 (php-5.6.20.tar.bz2) = 9e26f2564ee7329ab50d4d8d27f029c4f88317ea761888138e60d13a3cf51e49676ded406a3ec18433be2ec5d2a49c904eaa9f32d473b99d11550025e026a61c -Size (php-5.6.20.tar.bz2) = 14162188 bytes +SHA1 (php-5.6.21.tar.bz2) = 057a3bffc052b907c5bb5a879b8606b5671eb69f +RMD160 (php-5.6.21.tar.bz2) = a5bd55526af390bbdc514a736587a2c778a221e2 +SHA512 (php-5.6.21.tar.bz2) = 028d62434e7932b4a07fa7d404b8ad938f0ca7968ae2b23386038f77482984d2b6145523e11f37b9e72621c8bf40f08e38a6db1d209493770ac99e13e2fac0d0 +Size (php-5.6.21.tar.bz2) = 14165919 bytes SHA1 (patch-acinclude.m4) = b38fc34c3a3847dc317e8e286612b21ec8fd5ce8 -SHA1 (patch-configure) = a72aa43759c6f3d3ad350659397570582c3ca3ff +SHA1 (patch-configure) = 5d76f71aa903efa3c3491b908ff76419aa4af27c SHA1 (patch-ext_gd_config.m4) = 4b44853250eb4a638af4c663e618307ff25d2cbd SHA1 (patch-ext_imap_config.m4) = 9c6ed6966366c4fe1b7cfd34b5910e2ff0e68577 SHA1 (patch-ext_mssql_php__mssql.c) = c4fa9231dc539ffb027f1beb6f182f21ddb94a3c -SHA1 (patch-ext_opcache_config.m4) = 031db201f68a120615561a5abd3e84aff58b523d SHA1 (patch-ext_pcre_pcrelib_config.h) = 26588e9932ee715e32c872a1c7e2f9c640bd9cf8 SHA1 (patch-ext_pdo__mysql_config.m4) = 9d25c673fc151e1b8ae137f2a0fc540189ef5398 SHA1 (patch-ext_pdo_config.m4) = f6deef3ac631769baa587dd7c27e55bd2e9ca6a5 @@ -17,7 +16,7 @@ SHA1 (patch-ext_phar_Makefile.frag) = 1564c188e57d48f83de7c2420fdde183598539e2 SHA1 (patch-ext_phar_phar_phar.php) = 5a82d55c7965027115065412f9b68defb278db64 SHA1 (patch-ext_sqlite3_libsqlite_sqlite3.c) = 85cd8f3e115705aa2eeab0e7229f24422e322a7f SHA1 (patch-ext_standard_basic__functions.c) = 669fe55c975bf2d971f6fdcb5b3004f7e20304d2 -SHA1 (patch-ext_standard_php__dns.h) = 4a1c0d9abff6ee1d278f9c680414530530efc6f7 +SHA1 (patch-ext_standard_php__dns.h) = 57c5d6d8ae60da58925abc2c51d66b56762fecda SHA1 (patch-makedist) = 8e8660b2e0a34f06f433e24dbb0a9c872963e419 SHA1 (patch-php.ini-development) = 3c54a41310d28ecff4996c966934350368657c2f SHA1 (patch-php.ini-production) = 9b7ae64f3133139f0c3d42753ad5d8622873423d diff --git a/lang/php56/patches/patch-configure b/lang/php56/patches/patch-configure index 46514d60d9a..fa6a2a7b396 100644 --- a/lang/php56/patches/patch-configure +++ b/lang/php56/patches/patch-configure @@ -1,6 +1,6 @@ -$NetBSD: patch-configure,v 1.2 2015/10/02 14:37:40 taca Exp $ +$NetBSD: patch-configure,v 1.2.4.1 2016/05/08 14:08:45 bsiegert Exp $ ---- configure.orig 2015-09-30 07:18:32.000000000 +0000 +--- configure.orig 2016-04-28 00:53:20.000000000 +0000 +++ configure @@ -8315,27 +8315,6 @@ EOF ;; @@ -76,7 +76,7 @@ $NetBSD: patch-configure,v 1.2 2015/10/02 14:37:40 taca Exp $ unique=`echo $header_file|$SED 's/[^a-zA-Z0-9]/_/g'` -@@ -37981,7 +37939,7 @@ fi +@@ -37985,7 +37943,7 @@ fi if test "$found_openssl" = "no"; then if test "$PHP_OPENSSL_DIR" = "yes"; then @@ -85,7 +85,7 @@ $NetBSD: patch-configure,v 1.2 2015/10/02 14:37:40 taca Exp $ fi for i in $PHP_OPENSSL_DIR; do -@@ -49593,7 +49551,7 @@ fi +@@ -49597,7 +49555,7 @@ fi if test "$found_openssl" = "no"; then if test "$PHP_OPENSSL_DIR" = "yes"; then @@ -94,16 +94,7 @@ $NetBSD: patch-configure,v 1.2 2015/10/02 14:37:40 taca Exp $ fi for i in $PHP_OPENSSL_DIR; do -@@ -66618,7 +66576,7 @@ rm -f core *.core core.conftest.* gmon.o - fi - - --if test "$flock_type" == "unknown"; then -+if test "$flock_type" = "unknown"; then - as_fn_error $? "Don't know how to define struct flock on this system, set --enable-opcache=no" "$LINENO" 5 - fi - -@@ -107099,12 +107057,7 @@ old_CC=$CC +@@ -107117,12 +107075,7 @@ old_CC=$CC if test "$PHP_THREAD_SAFETY" = "yes" && test -n "$ac_cv_pthreads_cflags"; then CXXFLAGS="$CXXFLAGS $ac_cv_pthreads_cflags" INLINE_CFLAGS="$INLINE_CFLAGS $ac_cv_pthreads_cflags" diff --git a/lang/php56/patches/patch-ext_opcache_config.m4 b/lang/php56/patches/patch-ext_opcache_config.m4 deleted file mode 100644 index ebfe712861b..00000000000 --- a/lang/php56/patches/patch-ext_opcache_config.m4 +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-ext_opcache_config.m4,v 1.1 2014/11/24 15:37:08 taca Exp $ - -Avoid use "==" in test(1). - ---- ext/opcache/config.m4.orig 2014-11-12 13:52:21.000000000 +0000 -+++ ext/opcache/config.m4 -@@ -359,7 +359,7 @@ AC_TRY_RUN([ - AC_MSG_RESULT("yes") - ], AC_MSG_RESULT("no") ) - --if test "$flock_type" == "unknown"; then -+if test "$flock_type" = "unknown"; then - AC_MSG_ERROR([Don't know how to define struct flock on this system[,] set --enable-opcache=no]) - fi - diff --git a/lang/php56/patches/patch-ext_standard_php__dns.h b/lang/php56/patches/patch-ext_standard_php__dns.h index 114f295f9bf..79c7641aa40 100644 --- a/lang/php56/patches/patch-ext_standard_php__dns.h +++ b/lang/php56/patches/patch-ext_standard_php__dns.h @@ -1,15 +1,23 @@ -$NetBSD: patch-ext_standard_php__dns.h,v 1.1 2016/04/02 09:00:25 taca Exp $ +$NetBSD: patch-ext_standard_php__dns.h,v 1.1.2.1 2016/05/08 14:08:45 bsiegert Exp $ Fix memory leak. ---- ext/standard/php_dns.h.orig 2016-03-30 23:35:38.000000000 +0000 +--- ext/standard/php_dns.h.orig 2016-04-28 00:33:49.000000000 +0000 +++ ext/standard/php_dns.h -@@ -33,7 +33,7 @@ +@@ -32,9 +32,15 @@ + #elif defined(HAVE_RES_NSEARCH) #define php_dns_search(res, dname, class, type, answer, anslen) \ res_nsearch(res, dname, class, type, answer, anslen); ++#ifdef __GLIBC__ #define php_dns_free_handle(res) \ - res_nclose(res); \ ++ res_nclose(res); \ ++ php_dns_free_res(*res) ++#else ++#define php_dns_free_handle(res) \ + res_ndestroy(res); \ php_dns_free_res(*res) ++#endif #elif defined(HAVE_RES_SEARCH) + #define php_dns_search(res, dname, class, type, answer, anslen) \ -- cgit v1.2.3