From b405486529a892d3ca5ca7ec3f83cabe2a3eb128 Mon Sep 17 00:00:00 2001
From: tron <tron@pkgsrc.org>
Date: Mon, 30 Nov 2009 23:10:19 +0000
Subject: Pullup ticket #2939 - requested by taca php5: security patch

Revisions pulled up:
- lang/php5/Makefile				1.73-1.74
- lang/php5/distinfo				1.69-1.70
- lang/php5/patches/patch-ag			1.3
- lang/php5/patches/patch-ah			1.2
- lang/php5/patches/patch-ay			1.2
- lang/php5/patches/patch-az			1.1-1.2
- lang/php5/patches/patch-ba			1.1
- lang/php5/patches/patch-bb			1.1
- lang/php5/patches/patch-bc			1.1
- lang/php5/patches/patch-bd			1.1
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Thu Oct 22 14:49:06 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile distinfo
Added Files:
	pkgsrc/lang/php5/patches: patch-az

Log Message:
Add patch to check byte sequence more strictly in htmlspecialchars().

	http://bugs.php.net/bug.php?id=49785

These are patch refrects r289411, r289554, r289565, r289567 and r289605
in PHP svn repositry.

Bump PKGREVISION.
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Mon Nov 30 06:14:08 UTC 2009

Modified Files:
	pkgsrc/lang/php5: Makefile distinfo
	pkgsrc/lang/php5/patches: patch-ag patch-ah patch-ay patch-az
Added Files:
	pkgsrc/lang/php5/patches: patch-ba patch-bb patch-bc patch-bd

Log Message:
Add fixes for http://secunia.com/advisories/37412/ from PHP's repositry.

1. CVE-2009-3292 is already fixed in 5.2.11.

2. CVE-2009-3558

	http://svn.php.net/viewvc?view=revision&revision=288934

3. CVE-2009-3557

	http://svn.php.net/viewvc?view=revision&revision=288945
	http://svn.php.net/viewvc?view=revision&revision=288971

4. CVE-2009-4017

	http://svn.php.net/viewvc?view=revision&revision=289990
	http://svn.php.net/viewvc?view=revision&revision=290820
	http://svn.php.net/viewvc?view=revision&revision=290885

Other pkgsrc changes:

* Don't hardcord /usr/pkg in php.ini-dist and php.ini-recommended.
* Add comments to some of patch files.

Bump PKGREVISION.
---
 lang/php5/patches/patch-ay | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lang/php5/patches/patch-ay')

diff --git a/lang/php5/patches/patch-ay b/lang/php5/patches/patch-ay
index 8b841ef5fdc..2d6c27d875f 100644
--- a/lang/php5/patches/patch-ay
+++ b/lang/php5/patches/patch-ay
@@ -1,7 +1,7 @@
-$NetBSD: patch-ay,v 1.1.2.2 2009/10/22 21:25:08 tron Exp $
+$NetBSD: patch-ay,v 1.1.2.3 2009/11/30 23:10:20 tron Exp $
 
 * Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
-  from PHP's SVN repositry r289557.
+	http://svn.php.net/viewvc?view=revision&revision=289557
 
 --- ext/gd/libgd/gd_gd.c.orig	2007-08-09 23:21:38.000000000 +0900
 +++ ext/gd/libgd/gd_gd.c
-- 
cgit v1.2.3