diff options
| author | sean finney <seanius@debian.org> | 2007-05-05 19:56:30 +0200 |
|---|---|---|
| committer | Mark A. Hershberger <mah@debian.(none)> | 2009-03-25 00:37:35 -0400 |
| commit | cb6f7355b1d7b3b64376d9af7227e50a05eb0204 (patch) | |
| tree | 5a5f696ed531b20f739baa8cb9be0c232bdb6b00 | |
| parent | 3ed66b87fc1f23e66d7a03603d7df0f8c11508a7 (diff) | |
| download | php-debian/5.2.2-1.tar.gz | |
Imported Debian patch 5.2.2-1debian/5.2.2-1
47 files changed, 500 insertions, 787 deletions
diff --git a/debian/changelog b/debian/changelog index 4596940af..9799db936 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,21 +1,97 @@ +php5 (5.2.2-1) unstable; urgency=low + + [ sean finney ] + * new upstream release (closes: #422405). + * /most/ of the previous CVE patches have been committed upstream, though: + - the patch for MOPB-41 was fixed in a different way and we'll be keeping + our fix for the time being. + - it doesn't seem like MOPB-45 has been fixed yet. + * remove build-dependency option on libmysqlclient12-dev, since the mysqli + option requires it, and 15 is in stable now anyway. thanks to + Henk van de kamer for finding this (closes: #422224). + * now includes requested fix for mysql row counts (closes: #418471). + * needle/haystack issues are reported fixed (closes: #399924). + * oh yeah, because we're using quilt now: (closes: #338315). + * update build-deps to libdb4.5-dev | libdb4.4-dev (closes: #421929). + note that the resulting php packages won't actually build against + libdb4.5 until all of our build-dependant packages do too. + + -- sean finney <seanius@debian.org> Sat, 05 May 2007 19:56:30 +0200 + +php5 (5.2.0-12) unstable; urgency=high + + [ sean finney ] + * modify the build-depends to play more nicely when the net-snmp + maintainers decide to change their package names (closes: #421061). + + -- sean finney <seanius@debian.org> Tue, 01 May 2007 14:24:01 +0200 + +php5 (5.2.0-11) unstable; urgency=high + + [ sean finney ] + * The following security issues are addressed with this update: + - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability + * note that this is an update to the previous version of the upstream + fix for CVE-2007-0910, which introduced a seperate exploit path. + - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow + - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak + - CVE-2007-1375/MOPB-14 substr_compare() Information Leak Vulnerability + - CVE-2007-1376/MOPB-15 shmop Functions Resource Verification Vulnerability + - CVE-2007-1453/MOPB-18 ext/filter HTML Tag Stripping Bypass Vulnerability + - CVE-2007-1453/MOPB-19 ext/filter Space Trimming Buffer Underflow Vuln. + - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability + - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. + - CVE-2007-1700/MOPB-30 _SESSION unset() Vulnerability + - CVE-2007-1718/MOPB-34 mail() Header Injection + - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability + - CVE-2007-1887-1888/MOPB-41 sqlite_udf_decode_binary() Buffer Overflow + - CVE-2007-1824/MOPB-42 php_stream_filter_create() Off By One Vulnerablity + - CVE-2007-1889/MOPB-44 Memory Manager Signed Comparision Vulnerability + - CVE-2007-1900/MOPB-45 ext/filter Email Validation Vulnerability + * The other security issues resulting from the "Month of PHP bugs" either + did not affect the version of php5 shipped in unstable, or did not merit + a security update according to the established security policy for php + in debian. You are encouraged to verify that your configuration is not + affected by any of the other vulnerabilities by visiting: + http://www.php-security.org/ + * other, less interesting changes: + - now use quilt for managing local patches. + - massage all of the patches, eliminating fuzz and offsets. + + -- sean finney <seanius@debian.org> Mon, 23 Apr 2007 19:02:51 +0200 + +php5 (5.2.0-10) unstable; urgency=high + + [ sean finney ] + * The php security update contained a regression in the streams + module. this version contains an updated version of the patch + for CVE-2007-0906 (116-CVE-2007-0906_streams.patch), which should + fix the regression. Thanks to Martin Pitt for noticing this. + * Fix the patch names in the previous changelog entry, and fix a factual + inaccuracy that was accidentally pasted from the php4 changelog. + * The previous update was missing two fixes from CVE-2007-0906: + * interbase: (116-CVE-2007-0906_interbase.patch) + * zip: (116-CVE-2007-0906_zip.patch) + + -- sean finney <seanius@debian.org> Wed, 07 Mar 2007 23:11:29 +0100 + php5 (5.2.0-9) unstable; urgency=high [ sean finney ] * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: - * session (addressed in patch for CVE-2007-0910 below) - * imap (062-CVE-2007-0906-imap.patch) - * str_replace: (064-CVE-2007-0906-strreplace.patch) - * interbase: (063-CVE-2007-0906-interbase.patch) - * the zip, sqlite, stream filters, and mail related vulnerabilities - in this CVE do not affect the debian sarge php4 source package. - - CVE-2007-0907: sapi_header_op buffer underflow (065-CVE-2007-0907.patch) - - CVE-2007-0908: wddx information disclosure (066-CVE-2007-0908.patch) + * session (116-CVE-2007-0906_session.patch) + * imap (116-CVE-2007-0906_imap.patch) + * str_replace: (116-CVE-2007-0906_string.patch) + * the sqlite and mail related vulnerabilities in this CVE do not + affect the php5 source packages. + - CVE-2007-0907: sapi_header_op buffer underflow (116-CVE-2007-0907.patch) + - CVE-2007-0908: wddx information disclosure (116-CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: - * the odbc_result_all function (067-CVE-2007-0909-odbc.patch) - * various formatted print functions (068-CVE-2007-0909-printf.patch) - - CVE-2007-0910: Clobbering of super-globals (069-CVE-2007-0910.patch) - - CVE-2007-0988: 64bit unserialize DoS (070-CVE-2007-0988.patch) + * the odbc_result_all function (116-CVE-2007-0909_odbc.patch) + * various formatted print functions (116-CVE-2007-0909_print.patch) + - CVE-2007-0910: Clobbering of super-globals (116-CVE-2007-0910.patch) + - CVE-2007-0988: 64bit unserialize DoS (116-CVE-2007-0988.patch) Closes: #410995. * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in preparation of this update. diff --git a/debian/control b/debian/control index daec7134d..0c3650faa 100644 --- a/debian/control +++ b/debian/control @@ -3,7 +3,7 @@ Section: web Priority: optional Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org> Uploaders: Adam Conrad <adconrad@0c3.net>, Steve Langasek <vorlon@debian.org>, Jeroen van Wolffelaar <jeroen@wolffelaar.nl>, Ondřej Surý <ondrej@debian.org>, sean finney <seanius@debian.org> -Build-Depends: apache-dev (>= 1.3.23), apache2-prefork-dev (>= 2.0.53-3), autoconf, automake1.4, bison, chrpath, debhelper (>= 3), firebird2-dev [i386 amd64], flex (>= 2.5.4), freetds-dev, libapr1-dev (>= 1.2.7-8), libbz2-dev (>= 1.0.0), libc-client-dev, libcurl3-openssl-dev | libcurl3-dev, libdb4.4-dev, libexpat1-dev (>= 1.95.2-2.1), libfreetype6-dev, libgcrypt11-dev, libgd2-xpm-dev (>= 2.0.28-3), libjpeg62-dev, libkrb5-dev, libldap2-dev, libmcrypt-dev, libmhash-dev (>= 0.8.8), libmysqlclient15-dev | libmysqlclient12-dev, libncurses5-dev, libpam0g-dev, libpcre3-dev (>= 6.6), libpng12-dev, libpq-dev | postgresql-dev, libpspell-dev, librecode-dev, libsnmp9-dev | libsnmp-dev, libsqlite0-dev, libssl-dev (>= 0.9.6), libt1-dev, libtidy-dev, libtool (>= 1.4.2-4), libwrap0-dev, libxmltok1-dev, libxml2-dev (>= 2.4.14), libxslt1-dev (>= 1.0.18), re2c, unixodbc-dev, zlib1g-dev (>= 1.0.9) +Build-Depends: apache-dev (>= 1.3.23), apache2-prefork-dev (>= 2.0.53-3), autoconf, automake1.4, bison, chrpath, debhelper (>= 3), firebird2-dev [i386 amd64], flex (>= 2.5.4), freetds-dev, libapr1-dev (>= 1.2.7-8), libbz2-dev (>= 1.0.0), libc-client-dev, libcurl3-openssl-dev | libcurl3-dev, libdb4.4-dev, libexpat1-dev (>= 1.95.2-2.1), libfreetype6-dev, libgcrypt11-dev, libgd2-xpm-dev (>= 2.0.28-3), libjpeg62-dev, libkrb5-dev, libldap2-dev, libmcrypt-dev, libmhash-dev (>= 0.8.8), libmysqlclient15-dev, libncurses5-dev, libpam0g-dev, libpcre3-dev (>= 6.6), libpng12-dev, libpq-dev | postgresql-dev, libpspell-dev, librecode-dev, libsnmp10-dev | libsnmp-dev, libsqlite0-dev, libssl-dev (>= 0.9.6), libt1-dev, libtidy-dev, libtool (>= 1.4.2-4), libwrap0-dev, libxmltok1-dev, libxml2-dev (>= 2.4.14), libxslt1-dev (>= 1.0.18), quilt, re2c, unixodbc-dev, zlib1g-dev (>= 1.0.9) Build-Conflicts: bind-dev Standards-Version: 3.7.2 diff --git a/debian/patches/001-libtool_fixes.patch b/debian/patches/001-libtool_fixes.patch index 1c714fc11..f29df69fa 100644 --- a/debian/patches/001-libtool_fixes.patch +++ b/debian/patches/001-libtool_fixes.patch @@ -1,6 +1,7 @@ -diff -urN php4-4.3.4.orig/TSRM/configure.in php4-4.3.4/TSRM/configure.in ---- php4-4.3.4.orig/TSRM/configure.in 2001-08-08 06:26:21.000000000 -0400 -+++ php4-4.3.4/TSRM/configure.in 2004-02-16 00:57:50.000000000 -0500 +Index: php5-5.2.2/TSRM/configure.in +=================================================================== +--- php5-5.2.2.orig/TSRM/configure.in 2007-05-04 17:08:09.000000000 +0200 ++++ php5-5.2.2/TSRM/configure.in 2007-05-04 17:08:11.000000000 +0200 @@ -13,9 +13,6 @@ TSRM_THREADS_CHECKS @@ -11,10 +12,11 @@ diff -urN php4-4.3.4.orig/TSRM/configure.in php4-4.3.4/TSRM/configure.in dnl TSRM_PTHREAD -diff -urN php4-4.3.4.orig/configure.in php4-4.3.4/configure.in ---- php4-4.3.4.orig/configure.in 2003-11-02 17:15:05.000000000 -0500 -+++ php4-4.3.4/configure.in 2004-02-16 01:00:52.000000000 -0500 -@@ -1226,9 +1226,6 @@ +Index: php5-5.2.2/configure.in +=================================================================== +--- php5-5.2.2.orig/configure.in 2007-05-04 17:08:09.000000000 +0200 ++++ php5-5.2.2/configure.in 2007-05-04 17:08:11.000000000 +0200 +@@ -1279,9 +1279,6 @@ LDFLAGS="$LDFLAGS $PHP_AIX_LDFLAGS" AC_PROG_LIBTOOL diff --git a/debian/patches/002-static_openssl.patch b/debian/patches/002-static_openssl.patch index 347882f36..c1da6760c 100644 --- a/debian/patches/002-static_openssl.patch +++ b/debian/patches/002-static_openssl.patch @@ -1,8 +1,9 @@ -diff -urN php4-4.3.4.orig/acinclude.m4 php4-4.3.4/acinclude.m4 ---- php4-4.3.4.orig/acinclude.m4 2004-02-16 01:01:22.000000000 -0500 -+++ php4-4.3.4/acinclude.m4 2004-02-16 01:03:12.000000000 -0500 -@@ -2221,9 +2221,7 @@ - +Index: php5-5.2.0/acinclude.m4 +=================================================================== +--- php5-5.2.0.orig/acinclude.m4 2007-03-18 22:57:01.000000000 +0100 ++++ php5-5.2.0/acinclude.m4 2007-03-18 22:58:39.000000000 +0100 +@@ -2228,9 +2228,7 @@ + PHP_ADD_INCLUDE($OPENSSL_INCDIR) - PHP_CHECK_LIBRARY(crypto, CRYPTO_free, [ diff --git a/debian/patches/004-ldap_fix.patch b/debian/patches/004-ldap_fix.patch index c210f60a7..20cc4b94b 100644 --- a/debian/patches/004-ldap_fix.patch +++ b/debian/patches/004-ldap_fix.patch @@ -1,6 +1,8 @@ ---- php4-4.3.4.orig/ext/ldap/ldap.c -+++ php4-4.3.4/ext/ldap/ldap.c -@@ -1356,7 +1356,7 @@ +Index: php5-5.2.2/ext/ldap/ldap.c +=================================================================== +--- php5-5.2.2.orig/ext/ldap/ldap.c 2007-05-04 17:08:08.000000000 +0200 ++++ php5-5.2.2/ext/ldap/ldap.c 2007-05-04 17:08:23.000000000 +0200 +@@ -1320,7 +1320,7 @@ } i=0; @@ -9,7 +11,7 @@ count = i; array_init(return_value); -@@ -1366,7 +1366,8 @@ +@@ -1330,7 +1330,8 @@ add_index_string(return_value, i, ldap_value[i], 1); } diff --git a/debian/patches/006-debian_quirks.patch b/debian/patches/006-debian_quirks.patch index 5f4d00bac..d17f865c5 100644 --- a/debian/patches/006-debian_quirks.patch +++ b/debian/patches/006-debian_quirks.patch @@ -1,7 +1,8 @@ -diff -uNr php-5.0.4.orig/configure.in php-5.0.4/configure.in ---- php-5.0.4.orig/configure.in 2005-03-30 23:43:12.000000000 +0200 -+++ php-5.0.4/configure.in 2005-04-27 11:15:29.276399240 +0200 -@@ -925,7 +925,7 @@ +Index: php5-5.2.2/configure.in +=================================================================== +--- php5-5.2.2.orig/configure.in 2007-05-04 17:00:49.000000000 +0200 ++++ php5-5.2.2/configure.in 2007-05-04 17:06:47.000000000 +0200 +@@ -968,7 +968,7 @@ fi PHP_ARG_WITH(pear, [whether to install PEAR], @@ -10,7 +11,7 @@ diff -uNr php-5.0.4.orig/configure.in php-5.0.4/configure.in --without-pear Do not install PEAR], DEFAULT, yes) if test "$PHP_PEAR" != "no"; then -@@ -959,7 +959,7 @@ +@@ -1002,7 +1002,7 @@ if test "$PHP_PEAR" = "DEFAULT" || test "$PHP_PEAR" = "yes"; then case $PHP_LAYOUT in GNU) PEAR_INSTALLDIR=$datadir/pear;; @@ -19,7 +20,7 @@ diff -uNr php-5.0.4.orig/configure.in php-5.0.4/configure.in esac fi -@@ -1014,12 +1014,12 @@ +@@ -1057,12 +1057,12 @@ case $libdir in '${exec_prefix}/lib') @@ -34,7 +35,7 @@ diff -uNr php-5.0.4.orig/configure.in php-5.0.4/configure.in ;; *) ;; esac -@@ -1076,7 +1076,7 @@ +@@ -1128,7 +1128,7 @@ EXPANDED_DATADIR=$datadir EXPANDED_PHP_CONFIG_FILE_PATH=`eval echo "$PHP_CONFIG_FILE_PATH"` EXPANDED_PHP_CONFIG_FILE_SCAN_DIR=`eval echo "$PHP_CONFIG_FILE_SCAN_DIR"` @@ -43,9 +44,10 @@ diff -uNr php-5.0.4.orig/configure.in php-5.0.4/configure.in exec_prefix=$old_exec_prefix libdir=$old_libdir -diff -uNr php-5.0.4.orig/ext/ext_skel php-5.0.4/ext/ext_skel ---- php-5.0.4.orig/ext/ext_skel 2004-05-16 14:10:35.000000000 +0200 -+++ php-5.0.4/ext/ext_skel 2005-04-27 11:14:32.914967480 +0200 +Index: php5-5.2.2/ext/ext_skel +=================================================================== +--- php5-5.2.2.orig/ext/ext_skel 2004-05-16 14:10:35.000000000 +0200 ++++ php5-5.2.2/ext/ext_skel 2007-05-04 17:06:47.000000000 +0200 @@ -70,7 +70,7 @@ fi @@ -55,10 +57,11 @@ diff -uNr php-5.0.4.orig/ext/ext_skel php-5.0.4/ext/ext_skel fi ## convert skel_dir to full path -diff -uNr php-5.0.4.orig/ext/session/session.c php-5.0.4/ext/session/session.c ---- php-5.0.4.orig/ext/session/session.c 2005-03-24 01:17:53.000000000 +0100 -+++ php-5.0.4/ext/session/session.c 2005-04-27 11:14:32.923966112 +0200 -@@ -152,11 +152,11 @@ +Index: php5-5.2.2/ext/session/session.c +=================================================================== +--- php5-5.2.2.orig/ext/session/session.c 2007-04-04 21:52:19.000000000 +0200 ++++ php5-5.2.2/ext/session/session.c 2007-05-04 17:06:47.000000000 +0200 +@@ -180,11 +180,11 @@ PHP_INI_BEGIN() STD_PHP_INI_BOOLEAN("session.bug_compat_42", "1", PHP_INI_ALL, OnUpdateBool, bug_compat, php_ps_globals, ps_globals) STD_PHP_INI_BOOLEAN("session.bug_compat_warn", "1", PHP_INI_ALL, OnUpdateBool, bug_compat_warn, php_ps_globals, ps_globals) @@ -72,10 +75,11 @@ diff -uNr php-5.0.4.orig/ext/session/session.c php-5.0.4/ext/session/session.c STD_PHP_INI_ENTRY("session.gc_divisor", "100", PHP_INI_ALL, OnUpdateLong, gc_divisor, php_ps_globals, ps_globals) STD_PHP_INI_ENTRY("session.gc_maxlifetime", "1440", PHP_INI_ALL, OnUpdateLong, gc_maxlifetime, php_ps_globals, ps_globals) PHP_INI_ENTRY("session.serialize_handler", "php", PHP_INI_ALL, OnUpdateSerializer) -diff -uNr php-5.0.4.orig/php.ini-dist php-5.0.4/php.ini-dist ---- php-5.0.4.orig/php.ini-dist 2005-03-01 01:25:09.000000000 +0100 -+++ php-5.0.4/php.ini-dist 2005-04-27 11:14:32.929965200 +0200 -@@ -441,7 +441,7 @@ +Index: php5-5.2.2/php.ini-dist +=================================================================== +--- php5-5.2.2.orig/php.ini-dist 2007-04-12 14:31:39.000000000 +0200 ++++ php5-5.2.2/php.ini-dist 2007-05-04 17:07:30.000000000 +0200 +@@ -455,7 +455,7 @@ ;;;;;;;;;;;;;;;;;;;;;;;;; ; UNIX: "/path1:/path2" @@ -84,7 +88,7 @@ diff -uNr php-5.0.4.orig/php.ini-dist php-5.0.4/php.ini-dist ; ; Windows: "\path1;\path2" ;include_path = ".;c:\php\includes" -@@ -458,7 +458,7 @@ +@@ -472,7 +472,7 @@ user_dir = ; Directory in which the loadable extensions (modules) reside. @@ -93,7 +97,7 @@ diff -uNr php-5.0.4.orig/php.ini-dist php-5.0.4/php.ini-dist ; Whether or not to enable the dl() function. The dl() function does NOT work ; properly in multithreaded servers, such as IIS or Zeus, and is automatically -@@ -560,46 +560,10 @@ +@@ -577,58 +577,6 @@ ; extension_dir directive above. @@ -103,47 +107,56 @@ diff -uNr php-5.0.4.orig/php.ini-dist php-5.0.4/php.ini-dist -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. - --;extension=php_mbstring.dll -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_dba.dll -;extension=php_dbase.dll -;extension=php_exif.dll -;extension=php_fdf.dll --;extension=php_filepro.dll -;extension=php_gd2.dll -;extension=php_gettext.dll +-;extension=php_gmp.dll -;extension=php_ifx.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll +-;extension=php_mbstring.dll -;extension=php_mcrypt.dll -;extension=php_mhash.dll -;extension=php_mime_magic.dll -;extension=php_ming.dll --;extension=php_mssql.dll -;extension=php_msql.dll +-;extension=php_mssql.dll -;extension=php_mysql.dll +-;extension=php_mysqli.dll -;extension=php_oci8.dll -;extension=php_openssl.dll --;extension=php_oracle.dll +-;extension=php_pdo.dll +-;extension=php_pdo_firebird.dll +-;extension=php_pdo_mssql.dll +-;extension=php_pdo_mysql.dll +-;extension=php_pdo_oci.dll +-;extension=php_pdo_oci8.dll +-;extension=php_pdo_odbc.dll +-;extension=php_pdo_pgsql.dll +-;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll +-;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll +-;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -+; Example lines: - -+;extension=mysql.so -+;extension=gd.so - +-;extension=php_zip.dll +- ;;;;;;;;;;;;;;;;;;; ; Module Settings ; -@@ -878,7 +837,7 @@ + ;;;;;;;;;;;;;;;;;;; +@@ -969,7 +917,7 @@ ; ; where MODE is the octal representation of the mode. Note that this ; does not overwrite the process's umask. @@ -152,7 +165,7 @@ diff -uNr php-5.0.4.orig/php.ini-dist php-5.0.4/php.ini-dist ; Whether to use cookies. session.use_cookies = 1 -@@ -911,7 +870,10 @@ +@@ -1007,7 +955,10 @@ ; e.g. 1/100 means there is a 1% chance that the GC process starts ; on each request. @@ -164,10 +177,11 @@ diff -uNr php-5.0.4.orig/php.ini-dist php-5.0.4/php.ini-dist session.gc_divisor = 100 ; After this number of seconds, stored data will be seen as 'garbage' and -diff -uNr php-5.0.4.orig/php.ini-recommended php-5.0.4/php.ini-recommended ---- php-5.0.4.orig/php.ini-recommended 2005-03-01 01:25:09.000000000 +0100 -+++ php-5.0.4/php.ini-recommended 2005-04-27 11:14:32.930965048 +0200 -@@ -499,7 +499,7 @@ +Index: php5-5.2.2/php.ini-recommended +=================================================================== +--- php5-5.2.2.orig/php.ini-recommended 2007-04-12 14:31:39.000000000 +0200 ++++ php5-5.2.2/php.ini-recommended 2007-05-04 17:07:50.000000000 +0200 +@@ -500,7 +500,7 @@ ;;;;;;;;;;;;;;;;;;;;;;;;; ; UNIX: "/path1:/path2" @@ -176,7 +190,7 @@ diff -uNr php-5.0.4.orig/php.ini-recommended php-5.0.4/php.ini-recommended ; ; Windows: "\path1;\path2" ;include_path = ".;c:\php\includes" -@@ -516,7 +516,7 @@ +@@ -517,7 +517,7 @@ user_dir = ; Directory in which the loadable extensions (modules) reside. @@ -185,11 +199,9 @@ diff -uNr php-5.0.4.orig/php.ini-recommended php-5.0.4/php.ini-recommended ; Whether or not to enable the dl() function. The dl() function does NOT work ; properly in multithreaded servers, such as IIS or Zeus, and is automatically -@@ -617,47 +617,10 @@ - ; needs to go here. Specify the location of the extension with the +@@ -622,58 +622,6 @@ ; extension_dir directive above. -+; Example lines: -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. @@ -197,46 +209,56 @@ diff -uNr php-5.0.4.orig/php.ini-recommended php-5.0.4/php.ini-recommended -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. - --;extension=php_mbstring.dll -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_dba.dll -;extension=php_dbase.dll -;extension=php_exif.dll -;extension=php_fdf.dll --;extension=php_filepro.dll -;extension=php_gd2.dll -;extension=php_gettext.dll +-;extension=php_gmp.dll -;extension=php_ifx.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll +-;extension=php_mbstring.dll -;extension=php_mcrypt.dll -;extension=php_mhash.dll -;extension=php_mime_magic.dll -;extension=php_ming.dll --;extension=php_mssql.dll -;extension=php_msql.dll +-;extension=php_mssql.dll -;extension=php_mysql.dll +-;extension=php_mysqli.dll -;extension=php_oci8.dll -;extension=php_openssl.dll --;extension=php_oracle.dll +-;extension=php_pdo.dll +-;extension=php_pdo_firebird.dll +-;extension=php_pdo_mssql.dll +-;extension=php_pdo_mysql.dll +-;extension=php_pdo_oci.dll +-;extension=php_pdo_oci8.dll +-;extension=php_pdo_odbc.dll +-;extension=php_pdo_pgsql.dll +-;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll +-;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll +-;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll +-;extension=php_zip.dll - -+;extension=mysql.so -+;extension=gd.so - ;;;;;;;;;;;;;;;;;;; ; Module Settings ; -@@ -936,7 +894,7 @@ + ;;;;;;;;;;;;;;;;;;; +@@ -1014,7 +962,7 @@ ; ; where MODE is the octal representation of the mode. Note that this ; does not overwrite the process's umask. @@ -245,7 +267,7 @@ diff -uNr php-5.0.4.orig/php.ini-recommended php-5.0.4/php.ini-recommended ; Whether to use cookies. session.use_cookies = 1 -@@ -969,7 +927,10 @@ +@@ -1052,7 +1000,10 @@ ; e.g. 1/100 means there is a 1% chance that the GC process starts ; on each request. @@ -257,9 +279,10 @@ diff -uNr php-5.0.4.orig/php.ini-recommended php-5.0.4/php.ini-recommended session.gc_divisor = 1000 ; After this number of seconds, stored data will be seen as 'garbage' and -diff -uNr php-5.0.4.orig/sapi/caudium/config.m4 php-5.0.4/sapi/caudium/config.m4 ---- php-5.0.4.orig/sapi/caudium/config.m4 2004-01-17 14:00:10.000000000 +0100 -+++ php-5.0.4/sapi/caudium/config.m4 2005-04-27 11:14:32.935964288 +0200 +Index: php5-5.2.2/sapi/caudium/config.m4 +=================================================================== +--- php5-5.2.2.orig/sapi/caudium/config.m4 2005-11-29 19:26:02.000000000 +0100 ++++ php5-5.2.2/sapi/caudium/config.m4 2007-05-04 17:06:47.000000000 +0200 @@ -24,8 +24,8 @@ AC_MSG_ERROR(Couldn't find a pike in $withval/bin/) fi @@ -282,10 +305,11 @@ diff -uNr php-5.0.4.orig/sapi/caudium/config.m4 php-5.0.4/sapi/caudium/config.m4 RESULT=" *** Pike binary used: $PIKE *** Pike include dir(s) used: $PIKE_INCLUDE_DIR *** Pike version: $PIKE_VERSION" -diff -uNr php-5.0.4.orig/sapi/cli/php.1.in php-5.0.4/sapi/cli/php.1.in ---- php-5.0.4.orig/sapi/cli/php.1.in 2004-05-02 11:14:02.000000000 +0200 -+++ php-5.0.4/sapi/cli/php.1.in 2005-04-27 11:14:32.936964136 +0200 -@@ -296,13 +296,17 @@ +Index: php5-5.2.2/sapi/cli/php.1.in +=================================================================== +--- php5-5.2.2.orig/sapi/cli/php.1.in 2007-04-23 22:54:22.000000000 +0200 ++++ php5-5.2.2/sapi/cli/php.1.in 2007-05-04 17:06:47.000000000 +0200 +@@ -306,13 +306,17 @@ .B name .SH FILES .TP 15 @@ -308,9 +332,10 @@ diff -uNr php-5.0.4.orig/sapi/cli/php.1.in php-5.0.4/sapi/cli/php.1.in .SH EXAMPLES .TP 5 \fIphp -r 'echo "Hello World\\n";'\fP -diff -uNr php-5.0.4.orig/scripts/Makefile.frag php-5.0.4/scripts/Makefile.frag ---- php-5.0.4.orig/scripts/Makefile.frag 2005-02-28 06:28:25.000000000 +0100 -+++ php-5.0.4/scripts/Makefile.frag 2005-04-27 11:14:32.936964136 +0200 +Index: php5-5.2.2/scripts/Makefile.frag +=================================================================== +--- php5-5.2.2.orig/scripts/Makefile.frag 2005-11-22 00:08:02.000000000 +0100 ++++ php5-5.2.2/scripts/Makefile.frag 2007-05-04 17:06:47.000000000 +0200 @@ -3,8 +3,8 @@ # Build environment install # @@ -322,23 +347,25 @@ diff -uNr php-5.0.4.orig/scripts/Makefile.frag php-5.0.4/scripts/Makefile.frag BUILD_FILES = \ scripts/phpize.m4 \ -diff -uNr php-5.0.4.orig/scripts/php-config.in php-5.0.4/scripts/php-config.in ---- php-5.0.4.orig/scripts/php-config.in 2005-03-16 07:36:54.000000000 +0100 -+++ php-5.0.4/scripts/php-config.in 2005-04-27 11:14:32.936964136 +0200 -@@ -3,8 +3,8 @@ +Index: php5-5.2.2/scripts/php-config.in +=================================================================== +--- php5-5.2.2.orig/scripts/php-config.in 2006-07-27 10:53:16.000000000 +0200 ++++ php5-5.2.2/scripts/php-config.in 2007-05-04 17:06:47.000000000 +0200 +@@ -4,8 +4,8 @@ exec_prefix="@exec_prefix@" version="@PHP_VERSION@" version_id="@PHP_VERSION_ID@" -includedir="@includedir@/php" -+includedir="@includedir@/php5" -includes="-I$includedir -I$includedir/main -I$includedir/TSRM -I$includedir/Zend -I$includedir/ext -I$includedir/ext/date/lib" ++includedir="@includedir@/php5" +includes="-I$includedir -I$includedir/main -I$includedir/TSRM -I$includedir/Zend -I$includedir/ext -I$includedir/ext/date/lib $(getconf LFS_CFLAGS)" ldflags="@PHP_LDFLAGS@" libs="@EXTRA_LIBS@" extension_dir='@EXTENSION_DIR@' -diff -uNr php-5.0.4.orig/scripts/phpize.in php-5.0.4/scripts/phpize.in ---- php-5.0.4.orig/scripts/phpize.in 2005-01-25 13:54:57.000000000 +0100 -+++ php-5.0.4/scripts/phpize.in 2005-04-27 11:14:32.943963072 +0200 +Index: php5-5.2.2/scripts/phpize.in +=================================================================== +--- php5-5.2.2.orig/scripts/phpize.in 2005-12-12 12:51:45.000000000 +0100 ++++ php5-5.2.2/scripts/phpize.in 2007-05-04 17:06:47.000000000 +0200 @@ -3,8 +3,8 @@ # Variable declaration prefix='@prefix@' diff --git a/debian/patches/013-force_getaddrinfo.patch b/debian/patches/013-force_getaddrinfo.patch index 782527fd7..c6290ea90 100644 --- a/debian/patches/013-force_getaddrinfo.patch +++ b/debian/patches/013-force_getaddrinfo.patch @@ -1,6 +1,8 @@ ---- php4-4.3.10/configure.in 2004-12-15 17:00:57.000000000 -0700 -+++ php4-4.3.10/configure.in 2004-12-15 17:03:30.000000000 -0700 -@@ -533,50 +533,50 @@ +Index: php5-5.2.2/configure.in +=================================================================== +--- php5-5.2.2.orig/configure.in 2007-05-04 17:08:28.000000000 +0200 ++++ php5-5.2.2/configure.in 2007-05-04 17:08:32.000000000 +0200 +@@ -553,50 +553,50 @@ dnl Check for getaddrinfo, should be a better way, but... dnl Also check for working getaddrinfo diff --git a/debian/patches/017-pread_pwrite_disable.patch b/debian/patches/017-pread_pwrite_disable.patch index f81bf17e6..a6d50bb26 100644 --- a/debian/patches/017-pread_pwrite_disable.patch +++ b/debian/patches/017-pread_pwrite_disable.patch @@ -1,5 +1,7 @@ ---- php4-4.3.8/acinclude.m4.orig 2004-08-09 07:41:27.000000000 -0600 -+++ php4-4.3.8/acinclude.m4 2004-08-09 07:42:19.000000000 -0600 +Index: php5-5.2.0/acinclude.m4 +=================================================================== +--- php5-5.2.0.orig/acinclude.m4 2007-03-18 22:58:39.000000000 +0100 ++++ php5-5.2.0/acinclude.m4 2007-03-18 22:58:40.000000000 +0100 @@ -1134,7 +1134,7 @@ } diff --git a/debian/patches/019-z_off_t_as_long.patch b/debian/patches/019-z_off_t_as_long.patch index ff7737277..88f625c82 100644 --- a/debian/patches/019-z_off_t_as_long.patch +++ b/debian/patches/019-z_off_t_as_long.patch @@ -1,6 +1,7 @@ -diff -urN php4-4.3.8.orig/ext/zlib/zconf.h php4-4.3.8/ext/zlib/zconf.h ---- php4-4.3.8.orig/ext/zlib/zconf.h 1969-12-31 17:00:00.000000000 -0700 -+++ php4-4.3.8/ext/zlib/zconf.h 2004-08-04 03:34:18.000000000 -0600 +Index: php5-5.2.0/ext/zlib/zconf.h +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ php5-5.2.0/ext/zlib/zconf.h 2007-03-18 22:58:40.000000000 +0100 @@ -0,0 +1,326 @@ +/* zconf.h -- configuration of the zlib compression library + * Copyright (C) 1995-2003 Jean-loup Gailly. @@ -328,9 +329,10 @@ diff -urN php4-4.3.8.orig/ext/zlib/zconf.h php4-4.3.8/ext/zlib/zconf.h +#endif + +#endif /* ZCONF_H */ -diff -urN php4-4.3.8.orig/ext/zlib/zlib.h php4-4.3.8/ext/zlib/zlib.h ---- php4-4.3.8.orig/ext/zlib/zlib.h 1969-12-31 17:00:00.000000000 -0700 -+++ php4-4.3.8/ext/zlib/zlib.h 2004-08-04 03:34:18.000000000 -0600 +Index: php5-5.2.0/ext/zlib/zlib.h +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ php5-5.2.0/ext/zlib/zlib.h 2007-03-18 22:58:40.000000000 +0100 @@ -0,0 +1,1200 @@ +/* zlib.h -- interface of the 'zlib' general purpose compression library + version 1.2.1.1, January 9th, 2004 diff --git a/debian/patches/027-readline_is_editline.patch b/debian/patches/027-readline_is_editline.patch index a07e52b1c..3541e5759 100644 --- a/debian/patches/027-readline_is_editline.patch +++ b/debian/patches/027-readline_is_editline.patch @@ -1,5 +1,7 @@ ---- php4-4.3.9/ext/readline/config.m4 2003-09-30 20:54:04.000000000 -0600 -+++ php4-4.3.9/ext/readline/config.m4 2004-10-04 21:40:38.000000000 -0600 +Index: php5-5.2.0/ext/readline/config.m4 +=================================================================== +--- php5-5.2.0.orig/ext/readline/config.m4 2007-03-18 22:57:00.000000000 +0100 ++++ php5-5.2.0/ext/readline/config.m4 2007-03-18 22:58:41.000000000 +0100 @@ -12,7 +12,7 @@ if test "$PHP_READLINE" && test "$PHP_READLINE" != "no"; then @@ -18,8 +20,10 @@ done if test -z "$LIBEDIT_DIR"; then ---- php4-4.3.9/ext/readline/readline.c 2002-12-31 09:35:15.000000000 -0700 -+++ php4-4.3.9/ext/readline/readline.c 2004-10-04 21:42:15.000000000 -0600 +Index: php5-5.2.0/ext/readline/readline.c +=================================================================== +--- php5-5.2.0.orig/ext/readline/readline.c 2007-03-18 22:57:00.000000000 +0100 ++++ php5-5.2.0/ext/readline/readline.c 2007-03-18 22:58:41.000000000 +0100 @@ -33,9 +33,9 @@ #define rl_completion_matches completion_matches #endif diff --git a/debian/patches/029-php.ini_paranoid.patch b/debian/patches/029-php.ini_paranoid.patch index 2199e83b7..996f4d10f 100644 --- a/debian/patches/029-php.ini_paranoid.patch +++ b/debian/patches/029-php.ini_paranoid.patch @@ -1,6 +1,7 @@ -diff -Nru php4-4.3.9.orig/php.ini-paranoid php4-4.3.9/php.ini-paranoid ---- php4-4.3.9.orig/php.ini-paranoid 1970-01-01 01:00:00.000000000 +0100 -+++ php4-4.3.9/php.ini-paranoid 2004-11-13 17:09:30.000000000 +0100 +Index: php5-5.2.0/php.ini-paranoid +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ php5-5.2.0/php.ini-paranoid 2007-03-18 22:58:41.000000000 +0100 @@ -0,0 +1,1195 @@ +[PHP] + diff --git a/debian/patches/033-we_WANT_libtool.patch b/debian/patches/033-we_WANT_libtool.patch index d5e79c029..cc718f626 100644 --- a/debian/patches/033-we_WANT_libtool.patch +++ b/debian/patches/033-we_WANT_libtool.patch @@ -1,5 +1,7 @@ ---- php4-4.3.10/build/build2.mk.orig 2005-02-06 00:49:53.000000000 -0700 -+++ php4-4.3.10/build/build2.mk 2005-02-06 00:51:58.000000000 -0700 +Index: php5-5.2.0/build/build2.mk +=================================================================== +--- php5-5.2.0.orig/build/build2.mk 2007-03-18 22:57:00.000000000 +0100 ++++ php5-5.2.0/build/build2.mk 2007-03-18 22:58:41.000000000 +0100 @@ -52,6 +52,11 @@ aclocal.m4: configure.in acinclude.m4 diff --git a/debian/patches/034-apache2_umask_fix.patch b/debian/patches/034-apache2_umask_fix.patch index 76e48dc6f..cfec0859e 100644 --- a/debian/patches/034-apache2_umask_fix.patch +++ b/debian/patches/034-apache2_umask_fix.patch @@ -1,9 +1,11 @@ Save and restore umask across requests correctly. ---- php-4.3.10/sapi/apache2handler/sapi_apache2.c.umask -+++ php-4.3.10/sapi/apache2handler/sapi_apache2.c -@@ -401,6 +401,19 @@ +Index: php5-5.2.2/sapi/apache2handler/sapi_apache2.c +=================================================================== +--- php5-5.2.2.orig/sapi/apache2handler/sapi_apache2.c 2007-01-01 10:36:12.000000000 +0100 ++++ php5-5.2.2/sapi/apache2handler/sapi_apache2.c 2007-05-04 17:12:47.000000000 +0200 +@@ -426,6 +426,19 @@ return APR_SUCCESS; } @@ -22,8 +24,8 @@ Save and restore umask across requests correctly. + static int php_apache_request_ctor(request_rec *r, php_struct *ctx TSRMLS_DC) { - char *content_type; -@@ -575,6 +588,8 @@ + char *content_length; +@@ -614,6 +627,8 @@ } else { zend_file_handle zfd; @@ -32,13 +34,13 @@ Save and restore umask across requests correctly. zfd.type = ZEND_HANDLE_FILENAME; zfd.filename = (char *) r->filename; zfd.free_filename = 0; -@@ -585,6 +600,9 @@ - } else { +@@ -625,6 +640,9 @@ zend_execute_scripts(ZEND_INCLUDE TSRMLS_CC, NULL, 1, &zfd); } -+ + + php_restore_umask(); + - #if MEMORY_LIMIT - { - char *mem_usage; ++ + apr_table_set(r->notes, "mod_php_memory_usage", + apr_psprintf(ctx->r->pool, "%u", zend_memory_peak_usage(1 TSRMLS_CC))); + } diff --git a/debian/patches/036-fd_setsize_fix.patch b/debian/patches/036-fd_setsize_fix.patch index ba1fe7252..9a5debff7 100644 --- a/debian/patches/036-fd_setsize_fix.patch +++ b/debian/patches/036-fd_setsize_fix.patch @@ -1,7 +1,8 @@ -diff -urN php-5.0.4.orig/ext/sockets/sockets.c php-5.0.4/ext/sockets/sockets.c ---- php-5.0.4.orig/ext/sockets/sockets.c 2005-02-15 00:44:31.000000000 +0100 -+++ php-5.0.4/ext/sockets/sockets.c 2005-04-10 17:32:15.851738072 +0200 -@@ -542,6 +542,7 @@ +Index: php5-5.2.2/ext/sockets/sockets.c +=================================================================== +--- php5-5.2.2.orig/ext/sockets/sockets.c 2007-02-25 23:59:32.000000000 +0100 ++++ php5-5.2.2/ext/sockets/sockets.c 2007-05-04 17:12:55.000000000 +0200 +@@ -548,6 +548,7 @@ php_sock = (php_socket*) zend_fetch_resource(element TSRMLS_CC, -1, le_socket_name, NULL, 1, le_socket); if (!php_sock) continue; /* If element is not a resource, skip it */ @@ -9,10 +10,11 @@ diff -urN php-5.0.4.orig/ext/sockets/sockets.c php-5.0.4/ext/sockets/sockets.c PHP_SAFE_FD_SET(php_sock->bsd_socket, fds); if (php_sock->bsd_socket > *max_fd) { -diff -urN php-5.0.4.orig/ext/standard/streamsfuncs.c php-5.0.4/ext/standard/streamsfuncs.c ---- php-5.0.4.orig/ext/standard/streamsfuncs.c 2005-01-15 05:51:03.000000000 +0100 -+++ php-5.0.4/ext/standard/streamsfuncs.c 2005-04-10 17:34:29.274454736 +0200 -@@ -588,6 +588,9 @@ +Index: php5-5.2.2/ext/standard/streamsfuncs.c +=================================================================== +--- php5-5.2.2.orig/ext/standard/streamsfuncs.c 2007-04-09 17:38:58.000000000 +0200 ++++ php5-5.2.2/ext/standard/streamsfuncs.c 2007-05-04 17:12:55.000000000 +0200 +@@ -592,6 +592,9 @@ * is not displayed. * */ if (SUCCESS == php_stream_cast(stream, PHP_STREAM_AS_FD_FOR_SELECT | PHP_STREAM_CAST_INTERNAL, (void*)&this_fd, 1) && this_fd >= 0) { diff --git a/debian/patches/043-recode_size_t.patch b/debian/patches/043-recode_size_t.patch index e90f21bc4..1df705c44 100644 --- a/debian/patches/043-recode_size_t.patch +++ b/debian/patches/043-recode_size_t.patch @@ -1,6 +1,8 @@ ---- php-5.0.4/ext/recode/recode.c 2005-07-13 14:43:06.000000000 +1000 -+++ php-5.0.4/ext/recode/recode.c 2005-07-13 14:43:45.000000000 +1000 -@@ -129,8 +129,8 @@ +Index: php5-5.2.0/ext/recode/recode.c +=================================================================== +--- php5-5.2.0.orig/ext/recode/recode.c 2007-03-18 22:57:00.000000000 +0100 ++++ php5-5.2.0/ext/recode/recode.c 2007-03-18 22:58:42.000000000 +0100 +@@ -132,8 +132,8 @@ { RECODE_REQUEST request = NULL; char *r = NULL; diff --git a/debian/patches/044-strtod_arm_fix.patch b/debian/patches/044-strtod_arm_fix.patch index 97f1d5a4a..f0c7b8e28 100644 --- a/debian/patches/044-strtod_arm_fix.patch +++ b/debian/patches/044-strtod_arm_fix.patch @@ -1,16 +1,17 @@ -diff -urN php-5.1.6.orig/Zend/zend_strtod.c php-5.1.6/Zend/zend_strtod.c ---- php-5.1.6.orig/Zend/zend_strtod.c 2006-04-15 14:54:14.000000000 +0200 -+++ php-5.1.6/Zend/zend_strtod.c 2006-09-01 15:05:22.000000000 +0200 -@@ -123,14 +123,25 @@ +Index: php5-5.2.2/Zend/zend_strtod.c +=================================================================== +--- php5-5.2.2.orig/Zend/zend_strtod.c 2007-04-27 01:13:25.000000000 +0200 ++++ php5-5.2.2/Zend/zend_strtod.c 2007-05-04 17:42:18.000000000 +0200 +@@ -141,14 +141,25 @@ #define IEEE_LITTLE_ENDIAN #endif -#if defined(__arm__) && !defined(__VFP_FP__) -/* -- * Although the CPU is little endian the FP has different -- * byte and word endianness. The byte order is still little endian -- * but the word order is big endian. -- */ +- * * Although the CPU is little endian the FP has different +- * * byte and word endianness. The byte order is still little endian +- * * but the word order is big endian. +- * */ -#define IEEE_BIG_ENDIAN +#if defined(__arm__) || defined(__thumb__) +/* ARM traditionally used big-endian words; and within those words the @@ -34,22 +35,22 @@ diff -urN php-5.1.6.orig/Zend/zend_strtod.c php-5.1.6/Zend/zend_strtod.c #endif #ifdef __vax__ -@@ -238,8 +249,7 @@ +@@ -255,8 +266,7 @@ #if defined(IEEE_LITTLE_ENDIAN) + defined(IEEE_BIG_ENDIAN) + defined(VAX) + \ - defined(IBM) != 1 --Exactly one of IEEE_LITTLE_ENDIAN IEEE_BIG_ENDIAN, VAX, or --IBM should be defined. + defined(IBM) != 1 +- Exactly one of IEEE_LITTLE_ENDIAN IEEE_BIG_ENDIAN, VAX, or +- IBM should be defined. +#error "Exactly one of IEEE_LITTLE_ENDIAN IEEE_BIG_ENDIAN, VAX, or IBM should be defined." #endif - typedef union { -@@ -259,7 +269,7 @@ - * An alternative that might be better on some machines is - * #define Storeinc(a,b,c) (*a++ = b << 16 | c & 0xffff) - */ + typedef union { +@@ -276,7 +286,7 @@ + * * An alternative that might be better on some machines is + * * #define Storeinc(a,b,c) (*a++ = b << 16 | c & 0xffff) + * */ -#if defined(IEEE_LITTLE_ENDIAN) + defined(VAX) + defined(__arm__) +#if defined(IEEE_LITTLE_ENDIAN) + defined(VAX) + defined(IEEE_BYTES_LITTLE_ENDIAN) #define Storeinc(a,b,c) (((unsigned short *)a)[1] = (unsigned short)b, \ - ((unsigned short *)a)[0] = (unsigned short)c, a++) + ((unsigned short *)a)[0] = (unsigned short)c, a++) #else diff --git a/debian/patches/045-exif_nesting_level.patch b/debian/patches/045-exif_nesting_level.patch index 60603472b..6cfa7b737 100644 --- a/debian/patches/045-exif_nesting_level.patch +++ b/debian/patches/045-exif_nesting_level.patch @@ -1,11 +1,13 @@ ---- php4-4.3.10/ext/exif/exif.c.orig 2005-02-14 16:13:09.000000000 -0700 -+++ php4-4.3.10/ext/exif/exif.c 2005-02-14 16:13:40.000000000 -0700 -@@ -96,7 +96,7 @@ +Index: php5-5.2.2/ext/exif/exif.c +=================================================================== +--- php5-5.2.2.orig/ext/exif/exif.c 2007-02-27 04:04:40.000000000 +0100 ++++ php5-5.2.2/ext/exif/exif.c 2007-05-04 17:42:23.000000000 +0200 +@@ -99,7 +99,7 @@ #define EFREE_IF(ptr) if (ptr) efree(ptr) -#define MAX_IFD_NESTING_LEVEL 100 +#define MAX_IFD_NESTING_LEVEL 250 + /* {{{ arginfo */ static - ZEND_BEGIN_ARG_INFO(exif_thumbnail_force_ref, 1) diff --git a/debian/patches/047-zts_with_dl.patch b/debian/patches/047-zts_with_dl.patch index 329e3cc00..7daa10fdc 100644 --- a/debian/patches/047-zts_with_dl.patch +++ b/debian/patches/047-zts_with_dl.patch @@ -1,5 +1,7 @@ ---- php5-5.1.1/ext/standard/dl.c 2005-08-09 02:49:43.000000000 +1000 -+++ php5-5.1.1/ext/standard/dl.c 2005-12-15 15:40:28.000000000 +1100 +Index: php5-5.2.2/ext/standard/dl.c +=================================================================== +--- php5-5.2.2.orig/ext/standard/dl.c 2007-02-23 01:37:35.000000000 +0100 ++++ php5-5.2.2/ext/standard/dl.c 2007-05-04 17:42:34.000000000 +0200 @@ -76,12 +76,7 @@ if ((strncmp(sapi_module.name, "cgi", 3)!=0) && (strcmp(sapi_module.name, "cli")!=0) && diff --git a/debian/patches/052-phpinfo_no_configure.patch b/debian/patches/052-phpinfo_no_configure.patch index 5374bb207..5df800fa8 100644 --- a/debian/patches/052-phpinfo_no_configure.patch +++ b/debian/patches/052-phpinfo_no_configure.patch @@ -1,6 +1,8 @@ ---- php4-4.3.11/ext/standard/info.c.orig 2005-07-10 06:23:11.000000000 +1000 -+++ php4-4.3.11/ext/standard/info.c 2005-07-10 06:23:33.000000000 +1000 -@@ -443,7 +443,7 @@ +Index: php5-5.2.2/ext/standard/info.c +=================================================================== +--- php5-5.2.2.orig/ext/standard/info.c 2007-04-02 14:41:07.000000000 +0200 ++++ php5-5.2.2/ext/standard/info.c 2007-05-04 17:42:37.000000000 +0200 +@@ -461,7 +461,7 @@ php_info_print_table_start(); php_info_print_table_row(2, "System", php_uname ); php_info_print_table_row(2, "Build Date", __DATE__ " " __TIME__ ); diff --git a/debian/patches/053-extension_api.patch b/debian/patches/053-extension_api.patch index 5bffaaa65..a02f2b8d2 100644 --- a/debian/patches/053-extension_api.patch +++ b/debian/patches/053-extension_api.patch @@ -1,7 +1,8 @@ -diff -ur php-5.0.4/configure.in php5-5.0.4/configure.in ---- php-5.0.4/configure.in 2005-03-31 07:43:12.000000000 +1000 -+++ php5-5.0.4/configure.in 2005-07-31 02:35:46.000000000 +1000 -@@ -1039,8 +1039,13 @@ +Index: php5-5.2.2/configure.in +=================================================================== +--- php5-5.2.2.orig/configure.in 2007-05-04 17:08:32.000000000 +0200 ++++ php5-5.2.2/configure.in 2007-05-04 17:42:39.000000000 +0200 +@@ -1082,8 +1082,13 @@ ZEND_MODULE_API_NO=`$EGREP '#define ZEND_MODULE_API_NO ' $srcdir/Zend/zend_modules.h|$SED 's/#define ZEND_MODULE_API_NO //'` @@ -16,7 +17,7 @@ diff -ur php-5.0.4/configure.in php5-5.0.4/configure.in if test "$oldstyleextdir" = "yes"; then if test "$PHP_DEBUG" = "1"; then part1=debug -@@ -1169,6 +1171,7 @@ +@@ -1222,6 +1227,7 @@ PHP_SUBST(CXXFLAGS) PHP_SUBST(CXXFLAGS_CLEAN) PHP_SUBST_OLD(DEBUG_CFLAGS) @@ -24,10 +25,11 @@ diff -ur php-5.0.4/configure.in php5-5.0.4/configure.in PHP_SUBST_OLD(EXTENSION_DIR) PHP_SUBST_OLD(EXTRA_LDFLAGS) PHP_SUBST_OLD(EXTRA_LDFLAGS_PROGRAM) -diff -ur php-5.0.4/scripts/php-config.in php5-5.0.4/scripts/php-config.in ---- php-5.0.4/scripts/php-config.in 2005-03-16 17:36:54.000000000 +1100 -+++ php5-5.0.4/scripts/php-config.in 2005-07-31 02:34:52.000000000 +1000 -@@ -12,6 +12,7 @@ +Index: php5-5.2.2/scripts/php-config.in +=================================================================== +--- php5-5.2.2.orig/scripts/php-config.in 2007-05-04 17:08:28.000000000 +0200 ++++ php5-5.2.2/scripts/php-config.in 2007-05-04 17:42:39.000000000 +0200 +@@ -13,6 +13,7 @@ program_suffix="@program_suffix@" exe_extension="@EXEEXT@" php_binary="@bindir@/${program_prefix}php${program_suffix}${exe_extension}" @@ -35,7 +37,7 @@ diff -ur php-5.0.4/scripts/php-config.in php5-5.0.4/scripts/php-config.in case "$1" in --prefix) -@@ -28,12 +29,14 @@ +@@ -29,12 +30,14 @@ echo $includedir;; --php-binary) echo $php_binary;; diff --git a/debian/patches/056-mime_magic_liberal.patch b/debian/patches/056-mime_magic_liberal.patch index af747a7c1..7244bb89c 100644 --- a/debian/patches/056-mime_magic_liberal.patch +++ b/debian/patches/056-mime_magic_liberal.patch @@ -1,6 +1,8 @@ ---- php-5.1.1/ext/mime_magic/mime_magic.c 2005-10-19 01:04:07.000000000 +1000 -+++ php5-5.1.1/ext/mime_magic/mime_magic.c 2005-12-20 19:25:24.000000000 +1100 -@@ -494,7 +494,7 @@ +Index: php5-5.2.2/ext/mime_magic/mime_magic.c +=================================================================== +--- php5-5.2.2.orig/ext/mime_magic/mime_magic.c 2007-02-15 01:05:42.000000000 +0100 ++++ php5-5.2.2/ext/mime_magic/mime_magic.c 2007-05-04 17:42:41.000000000 +0200 +@@ -501,7 +501,7 @@ } while (*(++p) != '/'); ++p; do { @@ -9,7 +11,7 @@ return 0; } } while (*(++p)); -@@ -627,6 +627,15 @@ +@@ -634,6 +634,15 @@ else if (strncmp(l, "string", NSTRING) == 0) { m->type = STRING; l += NSTRING; @@ -25,7 +27,7 @@ } else if (strncmp(l, "date", NDATE) == 0) { m->type = DATE; -@@ -720,7 +729,7 @@ +@@ -727,7 +736,7 @@ if (!is_valid_mimetype(l, strlen(l))) { if(MIME_MAGIC_G(debug)) php_error_docref("http://www.php.net/mime_magic" TSRMLS_CC, E_WARNING, ": (%s:%d) '%s' is not a valid mimetype, entry skipped", MIME_MAGIC_G(magicfile), lineno, l); @@ -33,4 +35,4 @@ + return 0; } - strncpy(m->desc, l, sizeof(m->desc) - 1); + strlcpy(m->desc, l, sizeof(m->desc)); diff --git a/debian/patches/057-no_apache_installed.patch b/debian/patches/057-no_apache_installed.patch index a0837c40f..4327988a8 100644 --- a/debian/patches/057-no_apache_installed.patch +++ b/debian/patches/057-no_apache_installed.patch @@ -1,5 +1,7 @@ ---- php5-5.1.1/sapi/apache/config.m4 2005-05-30 09:16:45.000000000 +1000 -+++ php5-5.1.1/sapi/apache/config.m4 2005-12-20 20:02:26.000000000 +1100 +Index: php5-5.2.0/sapi/apache/config.m4 +=================================================================== +--- php5-5.2.0.orig/sapi/apache/config.m4 2007-03-18 22:56:59.000000000 +0100 ++++ php5-5.2.0/sapi/apache/config.m4 2007-03-18 22:58:44.000000000 +0100 @@ -52,11 +52,11 @@ APXS_HTTPD=`$APXS -q SBINDIR`/`$APXS -q TARGET` APACHE_INCLUDE=-I$APXS_INCLUDEDIR @@ -17,8 +19,10 @@ for flag in $APXS_CFLAGS; do case $flag in ---- php5-5.1.1/sapi/apache2handler/config.m4 2005-09-02 00:33:47.000000000 +1000 -+++ php5-5.1.1/sapi/apache2handler/config.m4 2005-12-20 19:57:17.000000000 +1100 +Index: php5-5.2.0/sapi/apache2handler/config.m4 +=================================================================== +--- php5-5.2.0.orig/sapi/apache2handler/config.m4 2007-03-18 22:56:59.000000000 +0100 ++++ php5-5.2.0/sapi/apache2handler/config.m4 2007-03-18 22:58:44.000000000 +0100 @@ -56,13 +56,13 @@ APACHE_CFLAGS="$APACHE_CPPFLAGS -I$APXS_INCLUDEDIR $APR_CFLAGS $APU_CFLAGS" diff --git a/debian/patches/100-recode_is_shared.patch b/debian/patches/100-recode_is_shared.patch index 49e86c712..b0f7c9db6 100644 --- a/debian/patches/100-recode_is_shared.patch +++ b/debian/patches/100-recode_is_shared.patch @@ -1,5 +1,7 @@ ---- php-5.0.4/ext/recode/config9.m4.orig 2005-07-13 04:06:02.000000000 +1000 -+++ php-5.0.4/ext/recode/config9.m4 2005-07-13 04:06:28.000000000 +1000 +Index: php5-5.2.0/ext/recode/config9.m4 +=================================================================== +--- php5-5.2.0.orig/ext/recode/config9.m4 2007-03-18 22:56:59.000000000 +0100 ++++ php5-5.2.0/ext/recode/config9.m4 2007-03-18 22:58:44.000000000 +0100 @@ -8,6 +8,6 @@ test "$PHP_MYSQL" != "no" && recode_conflict="$recode_conflict mysql" diff --git a/debian/patches/101-sqlite_is_shared.patch b/debian/patches/101-sqlite_is_shared.patch index 9d10c7c79..cf39ac667 100644 --- a/debian/patches/101-sqlite_is_shared.patch +++ b/debian/patches/101-sqlite_is_shared.patch @@ -1,5 +1,7 @@ ---- php5-5.1.1/ext/sqlite/config.m4 2005-06-14 11:44:16.000000000 +1000 -+++ php5-5.1.1/ext/sqlite/config.m4 2005-12-15 16:32:04.000000000 +1100 +Index: php5-5.2.0/ext/sqlite/config.m4 +=================================================================== +--- php5-5.2.0.orig/ext/sqlite/config.m4 2007-03-18 22:56:59.000000000 +0100 ++++ php5-5.2.0/ext/sqlite/config.m4 2007-03-18 22:58:44.000000000 +0100 @@ -86,7 +86,7 @@ ]) SQLITE_MODULE_TYPE=external diff --git a/debian/patches/107-reflection_is_ext.patch b/debian/patches/107-reflection_is_ext.patch index cc8b3418a..3db11cbd8 100644 --- a/debian/patches/107-reflection_is_ext.patch +++ b/debian/patches/107-reflection_is_ext.patch @@ -1,5 +1,7 @@ ---- php5-5.1.2/ext/reflection/config.m4.orig 2005-12-03 12:12:45.000000000 +1100 -+++ php5-5.1.2/ext/reflection/config.m4 2006-01-16 16:04:28.000000000 +1100 +Index: php5-5.2.0/ext/reflection/config.m4 +=================================================================== +--- php5-5.2.0.orig/ext/reflection/config.m4 2007-03-18 22:56:59.000000000 +0100 ++++ php5-5.2.0/ext/reflection/config.m4 2007-03-18 22:58:44.000000000 +0100 @@ -2,7 +2,7 @@ dnl config.m4 for extension reflection @@ -8,4 +10,4 @@ +[ --disable-reflection Disable reflection support], yes) if test "$PHP_REFLECTION" != "no"; then - if test "$ext_shared" = "yes"; then + AC_DEFINE(HAVE_REFLECTION, 1, [Whether Reflection is enabled]) diff --git a/debian/patches/108-64_bit_datetime.patch b/debian/patches/108-64_bit_datetime.patch index be0f0e4e4..735acdc60 100644 --- a/debian/patches/108-64_bit_datetime.patch +++ b/debian/patches/108-64_bit_datetime.patch @@ -1,8 +1,10 @@ ---- php5-5.1.4.orig/ext/standard/datetime.c-orig 2006-03-20 08:20:54.000000000 -0800 -+++ php5-5.1.4/ext/standard/datetime.c 2006-03-20 08:13:05.000000000 -0800 +Index: php5-5.2.2/ext/standard/datetime.c +=================================================================== +--- php5-5.2.2.orig/ext/standard/datetime.c 2007-05-04 17:44:19.000000000 +0200 ++++ php5-5.2.2/ext/standard/datetime.c 2007-05-04 17:45:05.000000000 +0200 @@ -20,6 +20,9 @@ - /* $Id: datetime.c,v 1.134.2.2 2006/01/01 12:50:14 sniper Exp $ */ + /* $Id: datetime.c,v 1.134.2.2.2.3 2007/01/01 09:36:08 sebastian Exp $ */ +#define _XOPEN_SOURCE /* needed to get strptime() declared */ +#define _BSD_SOURCE /* needed to get ulong declared */ diff --git a/debian/patches/109-libdb4.4.patch b/debian/patches/109-libdb4.4.patch deleted file mode 100644 index be27775c7..000000000 --- a/debian/patches/109-libdb4.4.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- php5-5.1.6.old/ext/dba/config.m4 2006-10-02 17:35:48.000000000 +0200 -+++ php5-5.1.6/ext/dba/config.m4 2006-10-02 17:35:59.000000000 +0200 -@@ -262,7 +262,7 @@ - break - fi - done -- PHP_DBA_DB_CHECK(4, db-4.3 db-4.2 db-4.1 db-4.0 db-4 db4 db, [(void)db_create((DB**)0, (DB_ENV*)0, 0)]) -+ PHP_DBA_DB_CHECK(4, db-4.4 db-4.3 db-4.2 db-4.1 db-4.0 db-4 db4 db, [(void)db_create((DB**)0, (DB_ENV*)0, 0)]) - fi - ]) - AC_DBA_STD_RESULT(db4,Berkeley DB4) diff --git a/debian/patches/112-proc_open.patch b/debian/patches/112-proc_open.patch index 57e6cd09c..a8fb639fb 100644 --- a/debian/patches/112-proc_open.patch +++ b/debian/patches/112-proc_open.patch @@ -1,5 +1,7 @@ ---- php.old/ext/standard/proc_open.c 2006-10-27 17:47:34.000000000 +0200 -+++ php/ext/standard/proc_open.c 2006-10-27 17:47:47.000000000 +0200 +Index: php5-5.2.0/ext/standard/proc_open.c +=================================================================== +--- php5-5.2.0.orig/ext/standard/proc_open.c 2007-03-18 22:56:59.000000000 +0100 ++++ php5-5.2.0/ext/standard/proc_open.c 2007-03-18 22:58:45.000000000 +0100 @@ -61,7 +61,7 @@ * */ #ifdef PHP_CAN_SUPPORT_PROC_OPEN diff --git a/debian/patches/113-php.ini_securitynotes.patch b/debian/patches/113-php.ini_securitynotes.patch index bc872bfd7..f0989a26f 100644 --- a/debian/patches/113-php.ini_securitynotes.patch +++ b/debian/patches/113-php.ini_securitynotes.patch @@ -1,6 +1,8 @@ ---- old/php.ini-dist 2006-10-30 18:39:00.000000000 +0100 -+++ new/php.ini-dist 2006-10-30 18:40:49.000000000 +0100 -@@ -165,6 +165,11 @@ +Index: php5-5.2.0/php.ini-dist +=================================================================== +--- php5-5.2.0.orig/php.ini-dist 2007-03-18 22:58:39.000000000 +0100 ++++ php5-5.2.0/php.ini-dist 2007-03-18 22:58:45.000000000 +0100 +@@ -166,6 +166,11 @@ ; ; Safe Mode ; @@ -12,7 +14,7 @@ safe_mode = Off ; By default, Safe Mode does a UID compare check when -@@ -201,6 +206,13 @@ +@@ -202,6 +207,13 @@ ; and below. This directive makes most sense if used in a per-directory ; or per-virtualhost web server configuration file. This directive is ; *NOT* affected by whether Safe Mode is turned On or Off. @@ -26,7 +28,7 @@ ;open_basedir = ; This directive allows you to disable certain functions for security reasons. -@@ -396,6 +408,11 @@ +@@ -400,6 +412,11 @@ ; You should do your best to write your scripts so that they do not require ; register_globals to be on; Using form variables as globals can easily lead ; to possible security problems, if the code is not very well thought of. diff --git a/debian/patches/114-zend_alloc.c_m68k_alignment.patch b/debian/patches/114-zend_alloc.c_m68k_alignment.patch deleted file mode 100644 index a048ac9f2..000000000 --- a/debian/patches/114-zend_alloc.c_m68k_alignment.patch +++ /dev/null @@ -1,14 +0,0 @@ ---- php.old/Zend/zend_alloc.c 2006/12/01 13:54:19 1.144.2.3.2.17 -+++ php.new/Zend/zend_alloc.c 2006/12/01 15:32:55 1.144.2.3.2.18 -@@ -373,6 +373,11 @@ - #ifndef ZEND_MM_ALIGNMENT - # define ZEND_MM_ALIGNMENT 8 - # define ZEND_MM_ALIGNMENT_LOG2 3 -+#elif ZEND_MM_ALIGNMENT < 4 -+# undef ZEND_MM_ALIGNMENT -+# undef ZEND_MM_ALIGNMENT_LOG2 -+# define ZEND_MM_ALIGNMENT 4 -+# define ZEND_MM_ALIGNMENT_LOG2 2 - #endif - - #define ZEND_MM_ALIGNMENT_MASK ~(ZEND_MM_ALIGNMENT-1) diff --git a/debian/patches/115-zend_alloc.c_memleak.patch b/debian/patches/115-zend_alloc.c_memleak.patch deleted file mode 100644 index 768804f4e..000000000 --- a/debian/patches/115-zend_alloc.c_memleak.patch +++ /dev/null @@ -1,48 +0,0 @@ ---- php.old/Zend/zend_alloc.c 2006/12/01 19:41:57 1.144.2.3.2.19 -+++ php.new/Zend/zend_alloc.c 2006/12/01 20:01:19 1.144.2.3.2.20 -@@ -472,6 +472,10 @@ - } - } else { - prev = &heap->free_buckets[0]; -+ while (prev->next_free_block != &heap->free_buckets[0] && -+ ZEND_MM_FREE_BLOCK_SIZE(prev->next_free_block) < size) { -+ prev = prev->next_free_block; -+ } - } - next = prev->next_free_block; - mm_block->prev_free_block = prev; -@@ -1098,10 +1102,8 @@ - - static void *_zend_mm_alloc_int(zend_mm_heap *heap, size_t size ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC) - { -- size_t true_size, best_size = 0x7fffffff; - zend_mm_free_block *p, *end, *best_fit = NULL; -- -- true_size = ZEND_MM_TRUE_SIZE(size); -+ size_t true_size = ZEND_MM_TRUE_SIZE(size); - - if (ZEND_MM_SMALL_SIZE(true_size)) { - size_t index = ZEND_MM_BUCKET_INDEX(true_size); -@@ -1154,16 +1156,14 @@ - - end = &heap->free_buckets[0]; - for (p = end->next_free_block; p != end; p = p->next_free_block) { -- size_t s = ZEND_MM_FREE_BLOCK_SIZE(p); -- if (s > true_size) { -- if (s < best_size) { /* better fit */ -+ if (ZEND_MM_FREE_BLOCK_SIZE(p) >= true_size) { -+ if (ZEND_MM_IS_FIRST_BLOCK(p) || -+ !ZEND_MM_IS_FIRST_BLOCK(ZEND_MM_PREV_BLOCK(p)) || -+ !ZEND_MM_IS_GUARD_BLOCK(ZEND_MM_NEXT_BLOCK(p)) || -+ p->next_free_block == end) { - best_fit = p; -- best_size = s; -+ goto zend_mm_finished_searching_for_block; - } -- } else if (s == true_size) { -- /* Found "big" free block of exactly the same size */ -- best_fit = p; -- goto zend_mm_finished_searching_for_block; - } - } - diff --git a/debian/patches/116-CVE-2007-0906_imap.patch b/debian/patches/116-CVE-2007-0906_imap.patch deleted file mode 100644 index 6c0ec5ffc..000000000 --- a/debian/patches/116-CVE-2007-0906_imap.patch +++ /dev/null @@ -1,159 +0,0 @@ -diff -Nurp orig/ext/imap/php_imap.c new/ext/imap/php_imap.c ---- orig/ext/imap/php_imap.c 2007-02-21 08:35:44.000000000 +0100 -+++ new/ext/imap/php_imap.c 2007-02-21 08:37:15.000000000 +0100 -@@ -62,6 +62,9 @@ - #define CRLF_LEN sizeof("\015\012") - 1 - #define PHP_EXPUNGE 32768 - #define PHP_IMAP_ADDRESS_SIZE_BUF 10 -+#ifndef SENDBUFLEN -+#define SENDBUFLEN 16385 -+#endif - - static void _php_make_header_object(zval *myzvalue, ENVELOPE *en TSRMLS_DC); - static void _php_imap_add_body(zval *arg, BODY *body TSRMLS_DC); -@@ -1152,13 +1152,13 @@ PHP_FUNCTION(imap_headers) - if ((i = cache->user_flags)) { - strcat(tmp, "{"); - while (i) { -- strcat(tmp, imap_le_struct->imap_stream->user_flags[find_rightmost_bit (&i)]); -- if (i) strcat(tmp, " "); -+ strlcat(tmp, imap_le_struct->imap_stream->user_flags[find_rightmost_bit (&i)], sizeof(tmp)); -+ if (i) strlcat(tmp, " ", sizeof(tmp)); - } -- strcat(tmp, "} "); -+ strlcat(tmp, "} ", sizeof(tmp)); - } - mail_fetchsubject(t = tmp + strlen(tmp), imap_le_struct->imap_stream, msgno, (long)25); -- sprintf(t += strlen(t), " (%ld chars)", cache->rfc822_size); -+ snprintf(t += strlen(t), sizeof(tmp) - strlen(tmp), " (%ld chars)", cache->rfc822_size); - add_next_index_string(return_value, tmp, 1); - } - } -@@ -2915,7 +2915,7 @@ PHP_FUNCTION(imap_mail_compose) - BODY *bod=NULL, *topbod=NULL; - PART *mypart=NULL, *part; - PARAMETER *param, *disp_param = NULL, *custom_headers_param = NULL, *tmp_param = NULL; -- char tmp[8 * MAILTMPLEN], *mystring=NULL, *t=NULL, *tempstring=NULL; -+ char tmp[SENDBUFLEN + 1], *mystring=NULL, *t=NULL, *tempstring=NULL; - int toppart = 0; - - if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &envelope, &body) == FAILURE) { -@@ -3216,8 +3216,8 @@ PHP_FUNCTION(imap_mail_compose) - goto done; - } - -- rfc822_encode_body_7bit(env, topbod); -- rfc822_header (tmp, env, topbod); -+ rfc822_encode_body_7bit(env, topbod); -+ rfc822_header(tmp, env, topbod); - - /* add custom envelope headers */ - if (custom_headers_param) { -@@ -3266,43 +3266,42 @@ PHP_FUNCTION(imap_mail_compose) - /* yucky default */ - if (!cookie) { - cookie = "-"; -+ } else if (strlen(cookie) > (sizeof(tmp) - 2 - 2)) { /* validate cookie length -- + CRLF */ -+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "The boudary should be no longer then 4kb"); -+ RETVAL_FALSE; -+ goto done; - } - - /* for each part */ - do { - t=tmp; - /* build cookie */ -- sprintf (t, "--%s%s", cookie, CRLF); -+ sprintf(t, "--%s%s", cookie, CRLF); - - /* append mini-header */ - rfc822_write_body_header(&t, &part->body); - - /* write terminating blank line */ -- strcat (t, CRLF); -+ strcat(t, CRLF); - - /* output cookie, mini-header, and contents */ -- tempstring=emalloc(strlen(mystring)+strlen(tmp)+1); -- sprintf(tempstring, "%s%s", mystring, tmp); -+ spprintf(&tempstring, 0, "%s%s", mystring, tmp); - efree(mystring); - mystring=tempstring; - - bod=&part->body; - -- tempstring=emalloc(strlen(bod->contents.text.data)+strlen(CRLF)+strlen(mystring)+1); -- sprintf(tempstring, "%s%s%s", mystring, bod->contents.text.data, CRLF); -+ spprintf(&tempstring, 0, "%s%s%s", mystring, bod->contents.text.data, CRLF); - efree(mystring); - mystring=tempstring; - } while ((part = part->next)); /* until done */ - - /* output trailing cookie */ -- sprintf(tmp, "--%s--", cookie); -- tempstring=emalloc(strlen(tmp)+strlen(CRLF)+strlen(mystring)+1); -- sprintf(tempstring, "%s%s%s", mystring, tmp, CRLF); -+ spprintf(&tempstring, 0, "%s--%s--%s", mystring, tmp, CRLF); - efree(mystring); - mystring=tempstring; - } else if (bod) { -- tempstring = emalloc(strlen(bod->contents.text.data)+strlen(CRLF)+strlen(mystring)+1); -- sprintf(tempstring, "%s%s%s", mystring, bod->contents.text.data, CRLF); -+ spprintf(&tempstring, 0, "%s%s%s", mystring, bod->contents.text.data, CRLF); - efree(mystring); - mystring=tempstring; - } else { -@@ -3350,14 +3349,14 @@ int _php_imap_mail(char *to, char *subje - #define PHP_IMAP_CLEAN if (bufferTo) efree(bufferTo); if (bufferCc) efree(bufferCc); if (bufferBcc) efree(bufferBcc); if (bufferHeader) efree(bufferHeader); - #define PHP_IMAP_BAD_DEST PHP_IMAP_CLEAN; efree(tempMailTo); return (BAD_MSG_DESTINATION); - -- bufferHeader = (char *)emalloc(bufferLen); -+ bufferHeader = (char *)emalloc(bufferLen + 1); - memset(bufferHeader, 0, bufferLen); - if (to && *to) { -- strcat(bufferHeader, "To: "); -- strcat(bufferHeader, to); -- strcat(bufferHeader, "\r\n"); -+ strlcat(bufferHeader, "To: ", bufferLen + 1); -+ strlcat(bufferHeader, to, bufferLen + 1); -+ strlcat(bufferHeader, "\r\n", bufferLen + 1); - tempMailTo = estrdup(to); -- bufferTo = (char *)emalloc(strlen(to)); -+ bufferTo = (char *)emalloc(strlen(to) + 1); - offset = 0; - addr = NULL; - rfc822_parse_adrlist(&addr, tempMailTo, NULL); -@@ -3376,11 +3375,11 @@ int _php_imap_mail(char *to, char *subje - } - - if (cc && *cc) { -- strcat(bufferHeader, "Cc: "); -- strcat(bufferHeader, cc); -- strcat(bufferHeader, "\r\n"); -+ strlcat(bufferHeader, "Cc: ", bufferLen + 1); -+ strlcat(bufferHeader, cc, bufferLen + 1); -+ strlcat(bufferHeader, "\r\n", bufferLen + 1); - tempMailTo = estrdup(cc); -- bufferCc = (char *)emalloc(strlen(cc)); -+ bufferCc = (char *)emalloc(strlen(cc) + 1); - offset = 0; - addr = NULL; - rfc822_parse_adrlist(&addr, tempMailTo, NULL); -@@ -3400,7 +3399,7 @@ int _php_imap_mail(char *to, char *subje - - if (bcc && *bcc) { - tempMailTo = estrdup(bcc); -- bufferBcc = (char *)emalloc(strlen(bcc)); -+ bufferBcc = (char *)emalloc(strlen(bcc) + 1); - offset = 0; - addr = NULL; - rfc822_parse_adrlist(&addr, tempMailTo, NULL); -@@ -3419,7 +3418,7 @@ int _php_imap_mail(char *to, char *subje - } - - if (headers && *headers) { -- strcat(bufferHeader, headers); -+ strlcat(bufferHeader, headers, bufferLen + 1); - } - - if (TSendMail(INI_STR("SMTP"), &tsm_err, &tsm_errmsg, bufferHeader, subject, bufferTo, message, bufferCc, bufferBcc, rpath TSRMLS_CC) != SUCCESS) { diff --git a/debian/patches/116-CVE-2007-0906_session.patch b/debian/patches/116-CVE-2007-0906_session.patch deleted file mode 100644 index f8430d079..000000000 --- a/debian/patches/116-CVE-2007-0906_session.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff -Nurp orig/ext/session/session.c new/ext/session/session.c ---- orig/ext/session/session.c 2007-02-21 08:40:31.000000000 +0100 -+++ new/ext/session/session.c 2007-02-21 08:41:11.000000000 +0100 -@@ -433,6 +433,11 @@ PS_SERIALIZER_DECODE_FUNC(php_binary) - - for (p = val; p < endptr; ) { - namelen = *p & (~PS_BIN_UNDEF); -+ -+ if (namelen > PS_BIN_MAX || (p + namelen) >= endptr) { -+ return FAILURE; -+ } -+ - has_value = *p & PS_BIN_UNDEF ? 0 : 1; - - name = estrndup(p + 1, namelen); diff --git a/debian/patches/116-CVE-2007-0906_streams.patch b/debian/patches/116-CVE-2007-0906_streams.patch deleted file mode 100644 index e1605bed8..000000000 --- a/debian/patches/116-CVE-2007-0906_streams.patch +++ /dev/null @@ -1,30 +0,0 @@ -diff -Nurp orig/ext/standard/streamsfuncs.c new/ext/standard/streamsfuncs.c ---- orig/ext/standard/streamsfuncs.c 2007-02-21 08:42:36.000000000 +0100 -+++ new/ext/standard/streamsfuncs.c 2007-02-21 08:43:20.000000000 +0100 -@@ -359,7 +359,7 @@ PHP_FUNCTION(stream_socket_recvfrom) - RETURN_FALSE; - } - -- read_buf = emalloc(to_read + 1); -+ read_buf = safe_emalloc(1, to_read, 1); - - recvd = php_stream_xport_recvfrom(stream, read_buf, to_read, flags, NULL, NULL, - zremote ? &Z_STRVAL_P(zremote) : NULL, -@@ -528,7 +528,7 @@ PHP_FUNCTION(stream_get_transports) - while (zend_hash_get_current_key_ex(stream_xport_hash, - &stream_xport, &stream_xport_len, - &num_key, 0, NULL) == HASH_KEY_IS_STRING) { -- add_next_index_stringl(return_value, stream_xport, stream_xport_len, 1); -+ add_next_index_stringl(return_value, stream_xport, stream_xport_len - 1, 1); - zend_hash_move_forward(stream_xport_hash); - } - } else { -@@ -556,7 +556,7 @@ PHP_FUNCTION(stream_get_wrappers) - (key_flags = zend_hash_get_current_key_ex(url_stream_wrappers_hash, &stream_protocol, &stream_protocol_len, &num_key, 0, NULL)) != HASH_KEY_NON_EXISTANT; - zend_hash_move_forward(url_stream_wrappers_hash)) { - if (key_flags == HASH_KEY_IS_STRING) { -- add_next_index_stringl(return_value, stream_protocol, stream_protocol_len, 1); -+ add_next_index_stringl(return_value, stream_protocol, stream_protocol_len - 1, 1); - } - } - } else { diff --git a/debian/patches/116-CVE-2007-0906_string.patch b/debian/patches/116-CVE-2007-0906_string.patch deleted file mode 100644 index dbfab8706..000000000 --- a/debian/patches/116-CVE-2007-0906_string.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nurp orig/ext/standard/string.c new/ext/standard/string.c ---- orig/ext/standard/string.c 2007-02-21 08:44:35.000000000 +0100 -+++ new/ext/standard/string.c 2007-02-21 08:45:14.000000000 +0100 -@@ -3044,7 +3044,7 @@ PHPAPI int php_char_to_str_ex(char *str, - } - - Z_STRLEN_P(result) = len + (char_count * (to_len - 1)); -- Z_STRVAL_P(result) = target = emalloc(Z_STRLEN_P(result) + 1); -+ Z_STRVAL_P(result) = target = safe_emalloc(char_count, to_len, len + 1); - Z_TYPE_P(result) = IS_STRING; - - if (case_sensitivity) { diff --git a/debian/patches/116-CVE-2007-0907.patch b/debian/patches/116-CVE-2007-0907.patch deleted file mode 100644 index 1645b85b9..000000000 --- a/debian/patches/116-CVE-2007-0907.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nurp orig/main/SAPI.c new/main/SAPI.c ---- orig/main/SAPI.c 2007-02-21 08:48:51.000000000 +0100 -+++ new/main/SAPI.c 2007-02-21 08:49:14.000000000 +0100 -@@ -563,7 +563,7 @@ SAPI_API int sapi_header_op(sapi_header_ - header_line = estrndup(header_line, header_line_len); - - /* cut of trailing spaces, linefeeds and carriage-returns */ -- while(isspace(header_line[header_line_len-1])) -+ while(header_line_len && isspace(header_line[header_line_len-1])) - header_line[--header_line_len]='\0'; - - /* new line safety check */ diff --git a/debian/patches/116-CVE-2007-0908.patch b/debian/patches/116-CVE-2007-0908.patch deleted file mode 100644 index d1e7eaf2c..000000000 --- a/debian/patches/116-CVE-2007-0908.patch +++ /dev/null @@ -1,30 +0,0 @@ -diff -Nurp orig/ext/wddx/wddx.c new/ext/wddx/wddx.c ---- orig/ext/wddx/wddx.c 2007-02-21 08:52:27.000000000 +0100 -+++ new/ext/wddx/wddx.c 2007-02-21 08:52:53.000000000 +0100 -@@ -284,7 +284,7 @@ PS_SERIALIZER_DECODE_FUNC(wddx) - - switch (hash_type) { - case HASH_KEY_IS_LONG: -- sprintf(tmp, "%ld", idx); -+ key_length = sprintf(tmp, "%ld", idx) + 1; - key = tmp; - /* fallthru */ - case HASH_KEY_IS_STRING: -@@ -448,7 +448,7 @@ static void php_wddx_serialize_object(wd - PHP_SET_CLASS_ATTRIBUTES(obj); - - php_wddx_add_chunk_static(packet, WDDX_STRUCT_S); -- sprintf(tmp_buf, WDDX_VAR_S, PHP_CLASS_NAME_VAR); -+ snprintf(tmp_buf, WDDX_BUF_LEN, WDDX_VAR_S, PHP_CLASS_NAME_VAR); - php_wddx_add_chunk(packet, tmp_buf); - php_wddx_add_chunk_static(packet, WDDX_STRING_S); - php_wddx_add_chunk_ex(packet, class_name, name_len); -@@ -480,7 +480,7 @@ static void php_wddx_serialize_object(wd - PHP_SET_CLASS_ATTRIBUTES(obj); - - php_wddx_add_chunk_static(packet, WDDX_STRUCT_S); -- sprintf(tmp_buf, WDDX_VAR_S, PHP_CLASS_NAME_VAR); -+ snprintf(tmp_buf, WDDX_BUF_LEN, WDDX_VAR_S, PHP_CLASS_NAME_VAR); - php_wddx_add_chunk(packet, tmp_buf); - php_wddx_add_chunk_static(packet, WDDX_STRING_S); - php_wddx_add_chunk_ex(packet, class_name, name_len); diff --git a/debian/patches/116-CVE-2007-0909_odbc.patch b/debian/patches/116-CVE-2007-0909_odbc.patch deleted file mode 100644 index 794a29997..000000000 --- a/debian/patches/116-CVE-2007-0909_odbc.patch +++ /dev/null @@ -1,50 +0,0 @@ -diff -Nurp orig/ext/odbc/php_odbc.c new/ext/odbc/php_odbc.c ---- orig/ext/odbc/php_odbc.c 2007-02-21 08:58:37.000000000 +0100 -+++ new/ext/odbc/php_odbc.c 2007-02-21 08:59:13.000000000 +0100 -@@ -1991,12 +1991,12 @@ PHP_FUNCTION(odbc_result_all) - RETURN_FALSE; - } - if (rc == SQL_SUCCESS_WITH_INFO) -- php_printf(buf,result->longreadlen); -+ PHPWRITE(buf, result->longreadlen); - else if (result->values[i].vallen == SQL_NULL_DATA) { - php_printf("<td>NULL</td>"); - break; - } else { -- php_printf(buf, result->values[i].vallen); -+ PHPWRITE(buf, result->values[i].vallen); - } - php_printf("</td>"); - break; -@@ -2097,23 +2097,23 @@ int odbc_sqlconnect(odbc_connection **co - if (strstr(db, "pwd") || strstr(db, "PWD")) { - pwd = NULL; - } -- strncpy( lpszConnStr, db, CONNSTRSIZE); -+ strlcpy( lpszConnStr, db, CONNSTRSIZE); - } - else { - strcpy(lpszConnStr, "DSN="); -- strcat(lpszConnStr, db); -+ strlcat(lpszConnStr, db, CONNSTRSIZE); - } - if (uid) { - if (uid[0]) { -- strcat(lpszConnStr, ";UID="); -- strcat(lpszConnStr, uid); -- strcat(lpszConnStr, ";"); -+ strlcat(lpszConnStr, ";UID=", CONNSTRSIZE); -+ strlcat(lpszConnStr, uid, CONNSTRSIZE); -+ strlcat(lpszConnStr, ";", CONNSTRSIZE); - } - if (pwd) { - if (pwd[0]) { -- strcat(lpszConnStr, "PWD="); -- strcat(lpszConnStr, pwd); -- strcat(lpszConnStr, ";"); -+ strlcat(lpszConnStr, "PWD=", CONNSTRSIZE); -+ strlcat(lpszConnStr, pwd, CONNSTRSIZE); -+ strlcat(lpszConnStr, ";", CONNSTRSIZE); - } - } - } diff --git a/debian/patches/116-CVE-2007-0909_print.patch b/debian/patches/116-CVE-2007-0909_print.patch deleted file mode 100644 index 309ba3616..000000000 --- a/debian/patches/116-CVE-2007-0909_print.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff -Nurp orig/ext/standard/formatted_print.c new/ext/standard/formatted_print.c ---- orig/ext/standard/formatted_print.c 2007-02-21 08:56:46.000000000 +0100 -+++ new/ext/standard/formatted_print.c 2007-02-21 08:57:26.000000000 +0100 -@@ -485,9 +485,10 @@ php_formatted_print(int ht, int *len, in - { - zval ***args, **z_format; - int argc, size = 240, inpos = 0, outpos = 0, temppos; -- int alignment, width, precision, currarg, adjusting, argnum; -+ int alignment, currarg, adjusting; - char *format, *result, padding; - int always_sign; -+ long argnum, width, precision; - - argc = ZEND_NUM_ARGS(); - diff --git a/debian/patches/116-CVE-2007-0910.patch b/debian/patches/116-CVE-2007-0910.patch deleted file mode 100644 index 33812398e..000000000 --- a/debian/patches/116-CVE-2007-0910.patch +++ /dev/null @@ -1,135 +0,0 @@ -diff -Nurp orig/ext/session/session.c new/ext/session/session.c ---- orig/ext/session/session.c 2007-02-21 09:31:23.000000000 +0100 -+++ new/ext/session/session.c 2007-02-21 09:32:02.000000000 +0100 -@@ -291,9 +291,12 @@ void php_add_session_var(char *name, siz - if (PG(register_globals)) { - zval **sym_global = NULL; - -- zend_hash_find(&EG(symbol_table), name, namelen + 1, -- (void *) &sym_global); -- -+ if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void *) &sym_global) == SUCCESS) { -+ if ((Z_TYPE_PP(sym_global) == IS_ARRAY && Z_ARRVAL_PP(sym_global) == &EG(symbol_table)) || *sym_global == PS(http_session_vars)) { -+ return; -+ } -+ } -+ - if (sym_global == NULL && sym_track == NULL) { - zval *empty_var; - -@@ -323,7 +326,10 @@ void php_set_session_var(char *name, siz - if (PG(register_globals)) { - zval **old_symbol; - if (zend_hash_find(&EG(symbol_table),name,namelen+1,(void *)&old_symbol) == SUCCESS) { -- -+ if ((Z_TYPE_PP(old_symbol) == IS_ARRAY && Z_ARRVAL_PP(old_symbol) == &EG(symbol_table)) || *old_symbol == PS(http_session_vars)) { -+ return; -+ } -+ - /* - * A global symbol with the same name exists already. That - * symbol might have been created by other means (e.g. $_GET). -@@ -432,12 +438,20 @@ PS_SERIALIZER_DECODE_FUNC(php_binary) - PHP_VAR_UNSERIALIZE_INIT(var_hash); - - for (p = val; p < endptr; ) { -+ zval **tmp; - namelen = *p & (~PS_BIN_UNDEF); - - if (namelen > PS_BIN_MAX || (p + namelen) >= endptr) { - return FAILURE; - } - -+ if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void **) &tmp) == SUCCESS) { -+ if ((Z_TYPE_PP(tmp) == IS_ARRAY && Z_ARRVAL_PP(tmp) == &EG(symbol_table)) || *tmp == PS(http_session_vars)) { -+ efree(name); -+ continue; -+ } -+ } -+ - has_value = *p & PS_BIN_UNDEF ? 0 : 1; - - name = estrndup(p + 1, namelen); -@@ -509,6 +523,7 @@ PS_SERIALIZER_DECODE_FUNC(php) - p = val; - - while (p < endptr) { -+ zval **tmp; - q = p; - while (*q != PS_DELIMITER) - if (++q >= endptr) goto break_outer_loop; -@@ -523,7 +538,13 @@ PS_SERIALIZER_DECODE_FUNC(php) - namelen = q - p; - name = estrndup(p, namelen); - q++; -- -+ -+ if (zend_hash_find(&EG(symbol_table), name, namelen + 1, (void **) &tmp) == SUCCESS) { -+ if ((Z_TYPE_PP(tmp) == IS_ARRAY && Z_ARRVAL_PP(tmp) == &EG(symbol_table)) || *tmp == PS(http_session_vars)) { -+ goto skip; -+ } -+ } -+ - if (has_value) { - ALLOC_INIT_ZVAL(current); - if (php_var_unserialize(¤t, (const unsigned char **) &q, (const unsigned char *) endptr, &var_hash TSRMLS_CC)) { -@@ -532,6 +553,7 @@ PS_SERIALIZER_DECODE_FUNC(php) - zval_ptr_dtor(¤t); - } - PS_ADD_VARL(name, namelen); -+skip: - efree(name); - - p = q; -@@ -672,7 +694,7 @@ PHPAPI char *php_session_create_id(PS_CR - buf = emalloc(100); - - /* maximum 15+19+19+10 bytes */ -- sprintf(buf, "%.15s%ld%ld%0.8f", remote_addr ? remote_addr : "", -+ sprintf(buf, "%.15s%ld%ld%0.8F", remote_addr ? remote_addr : "", - tv.tv_sec, (long int)tv.tv_usec, php_combined_lcg(TSRMLS_C) * 10); - - switch (PS(hash_func)) { -@@ -1435,6 +1457,11 @@ PHP_FUNCTION(session_save_path) - - if (ac == 1) { - convert_to_string_ex(p_name); -+ if (memchr(Z_STRVAL_PP(p_name), '\0', Z_STRLEN_PP(p_name)) != NULL) { -+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "The save_path cannot contain NULL characters."); -+ efree(old); -+ RETURN_FALSE; -+ } - zend_alter_ini_entry("session.save_path", sizeof("session.save_path"), Z_STRVAL_PP(p_name), Z_STRLEN_PP(p_name), PHP_INI_USER, PHP_INI_STAGE_RUNTIME); - } - -diff -Nurp orig/main/php_variables.c new/main/php_variables.c ---- orig/main/php_variables.c 2007-02-21 09:31:20.000000000 +0100 -+++ new/main/php_variables.c 2007-02-21 09:32:31.000000000 +0100 -@@ -611,8 +611,6 @@ int php_hash_environment(TSRMLS_D) - { - char *p; - unsigned char _gpc_flags[5] = {0, 0, 0, 0, 0}; -- zval *dummy_track_vars_array = NULL; -- zend_bool initialized_dummy_track_vars_array=0; - zend_bool jit_initialization = (PG(auto_globals_jit) && !PG(register_globals) && !PG(register_long_arrays)); - struct auto_global_record { - char *name; -@@ -703,15 +701,9 @@ int php_hash_environment(TSRMLS_D) - continue; - } - if (!PG(http_globals)[i]) { -- if (!initialized_dummy_track_vars_array) { -- ALLOC_ZVAL(dummy_track_vars_array); -- array_init(dummy_track_vars_array); -- INIT_PZVAL(dummy_track_vars_array); -- initialized_dummy_track_vars_array = 1; -- } else { -- dummy_track_vars_array->refcount++; -- } -- PG(http_globals)[i] = dummy_track_vars_array; -+ ALLOC_ZVAL(PG(http_globals)[i]); -+ array_init(PG(http_globals)[i]); -+ INIT_PZVAL(PG(http_globals)[i]); - } - - PG(http_globals)[i]->refcount++; diff --git a/debian/patches/116-CVE-2007-0988.patch b/debian/patches/116-CVE-2007-0988.patch deleted file mode 100644 index be5e6a8e3..000000000 --- a/debian/patches/116-CVE-2007-0988.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff -Nurp orig/Zend/zend_hash.c new/Zend/zend_hash.c ---- orig/Zend/zend_hash.c 2007-02-21 09:22:11.000000000 +0100 -+++ new/Zend/zend_hash.c 2007-02-21 09:22:48.000000000 +0100 -@@ -141,11 +141,16 @@ ZEND_API int _zend_hash_init(HashTable * - - SET_INCONSISTENT(HT_OK); - -- while ((1U << i) < nSize) { -- i++; -+ if (nSize >= 0x80000000) { -+ /* prevent overflow */ -+ ht->nTableSize = 0x80000000; -+ } else { -+ while ((1U << i) < nSize) { -+ i++; -+ } -+ ht->nTableSize = 1 << i; - } - -- ht->nTableSize = 1 << i; - ht->nTableMask = ht->nTableSize - 1; - ht->pDestructor = pDestructor; - ht->arBuckets = NULL; diff --git a/debian/patches/117-imap-auth-plain.patch b/debian/patches/117-imap-auth-plain.patch deleted file mode 100644 index ed67e84c0..000000000 --- a/debian/patches/117-imap-auth-plain.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- old/ext/imap/php_imap.c 2006/11/24 10:28:51 1.208.2.7.2.10 -+++ new/ext/imap/php_imap.c 2006/12/17 18:22:53 1.208.2.7.2.11 -@@ -471,6 +471,7 @@ - #if HAVE_IMAP_KRB && defined(HAVE_IMAP_AUTH_GSS) - auth_link(&auth_gss); /* link in the gss authenticator */ - #endif -+ auth_link(&auth_pla); /* link in the plain authenticator */ - - #ifdef HAVE_IMAP_SSL - ssl_onceonlyinit (); diff --git a/debian/patches/118-simplexml-segv.patch b/debian/patches/118-simplexml-segv.patch new file mode 100644 index 000000000..939d87074 --- /dev/null +++ b/debian/patches/118-simplexml-segv.patch @@ -0,0 +1,51 @@ +Index: ext/simplexml/simplexml.c +=================================================================== +RCS file: /repository/php-src/ext/simplexml/simplexml.c,v +retrieving revision 1.151.2.22.2.21 +diff -u -p -d -r1.151.2.22.2.21 simplexml.c +--- old/ext/simplexml/simplexml.c 12 Feb 2007 21:06:29 -0000 1.151.2.22.2.21 ++++ new/ext/simplexml/simplexml.c 20 Feb 2007 12:47:46 -0000 +@@ -56,6 +56,7 @@ static php_sxe_object* php_sxe_object_ne + static zend_object_value php_sxe_register_object(php_sxe_object * TSRMLS_DC); + static xmlNodePtr php_sxe_reset_iterator(php_sxe_object *sxe, int use_data TSRMLS_DC); + static xmlNodePtr php_sxe_iterator_fetch(php_sxe_object *sxe, xmlNodePtr node, int use_data TSRMLS_DC); ++static zval *sxe_get_value(zval *z TSRMLS_DC); + + /* {{{ _node_as_zval() + */ +@@ -427,6 +428,7 @@ static void sxe_prop_dim_write(zval *obj + int is_attr = 0; + int nodendx = 0; + int test = 0; ++ int new_value = 0; + long cnt; + zval tmp_zv, trim_zv, value_copy; + +@@ -504,8 +506,17 @@ static void sxe_prop_dim_write(zval *obj + break; + case IS_STRING: + break; ++ case IS_OBJECT: ++ if (Z_OBJCE_P(value) == sxe_class_entry) { ++ value = sxe_get_value(value TSRMLS_CC); ++ INIT_PZVAL(value); ++ new_value = 1; ++ break; ++ } ++ /* break is missing intentionally */ + default: + php_error_docref(NULL TSRMLS_CC, E_WARNING, "It is not yet possible to assign complex types to %s", attribs ? "attributes" : "properties"); ++ return; + } + } + +@@ -594,6 +605,9 @@ next_iter: + if (value && value == &value_copy) { + zval_dtor(value); + } ++ if (new_value) { ++ zval_ptr_dtor(&value); ++ } + } + /* }}} */ + diff --git a/debian/patches/119-CVE-2007-1887-1888-MOPB-41.patch b/debian/patches/119-CVE-2007-1887-1888-MOPB-41.patch new file mode 100644 index 000000000..3d8be749f --- /dev/null +++ b/debian/patches/119-CVE-2007-1887-1888-MOPB-41.patch @@ -0,0 +1,39 @@ +diff -uNrp php5-5.2.1/ext/sqlite/sess_sqlite.c php5-5.2.1-kees/ext/sqlite/sess_sqlite.c +--- php5-5.2.1/ext/sqlite/sess_sqlite.c 2007-01-01 01:36:07.000000000 -0800 ++++ php5-5.2.1-kees/ext/sqlite/sess_sqlite.c 2007-04-18 17:05:57.000000000 -0700 +@@ -31,6 +31,11 @@ + extern int sqlite_encode_binary(const unsigned char *in, int n, unsigned char *out); + extern int sqlite_decode_binary(const unsigned char *in, unsigned char *out); + ++#define php_sqlite_decode_binary(in, out) ( \ ++ (!in || !*in) ? 0 : \ ++ sqlite_decode_binary((const unsigned char *)in, (unsigned char *)out) \ ++) ++ + PS_FUNCS(sqlite); + + ps_module ps_mod_sqlite = { +@@ -111,7 +116,7 @@ PS_READ_FUNC(sqlite) + if (rowdata[0] != NULL) { + *vallen = strlen(rowdata[0]); + *val = emalloc(*vallen); +- *vallen = sqlite_decode_binary(rowdata[0], *val); ++ *vallen = php_sqlite_decode_binary(rowdata[0], *val); + (*val)[*vallen] = '\0'; + } + break; +diff -uNrp php5-5.2.1/ext/sqlite/sqlite.c php5-5.2.1-kees/ext/sqlite/sqlite.c +--- php5-5.2.1/ext/sqlite/sqlite.c 2007-01-01 01:36:07.000000000 -0800 ++++ php5-5.2.1-kees/ext/sqlite/sqlite.c 2007-04-18 17:04:43.000000000 -0700 +@@ -73,7 +73,10 @@ extern int sqlite_encode_binary(const un + extern int sqlite_decode_binary(const unsigned char *in, unsigned char *out); + + #define php_sqlite_encode_binary(in, n, out) sqlite_encode_binary((const unsigned char *)in, n, (unsigned char *)out) +-#define php_sqlite_decode_binary(in, out) sqlite_decode_binary((const unsigned char *)in, (unsigned char *)out) ++#define php_sqlite_decode_binary(in, out) ( \ ++ (!in || !*in) ? 0 : \ ++ sqlite_decode_binary((const unsigned char *)in, (unsigned char *)out) \ ++) + + static int sqlite_count_elements(zval *object, long *count TSRMLS_DC); + diff --git a/debian/patches/119-CVE-2007-1900-MOPB-45.patch b/debian/patches/119-CVE-2007-1900-MOPB-45.patch new file mode 100644 index 000000000..113edb381 --- /dev/null +++ b/debian/patches/119-CVE-2007-1900-MOPB-45.patch @@ -0,0 +1,13 @@ +Index: php5-5.2.2/ext/filter/logical_filters.c +=================================================================== +--- php5-5.2.2.orig/ext/filter/logical_filters.c 2007-01-01 10:36:00.000000000 +0100 ++++ php5-5.2.2/ext/filter/logical_filters.c 2007-05-04 19:07:01.000000000 +0200 +@@ -469,7 +469,7 @@ + void php_filter_validate_email(PHP_INPUT_FILTER_PARAM_DECL) /* {{{ */ + { + /* From http://cvs.php.net/co.php/pear/HTML_QuickForm/QuickForm/Rule/Email.php?r=1.4 */ +- const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/"; ++ const char regexp[] = "/^((\\\"[^\\\"\\f\\n\\r\\t\\b]+\\\")|([\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+(\\.[\\w\\!\\#\\$\\%\\&\\'\\*\\+\\-\\~\\/\\^\\`\\|\\{\\}]+)*))@((\\[(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))\\])|(((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9]))\\.((25[0-5])|(2[0-4][0-9])|([0-1]?[0-9]?[0-9])))|((([A-Za-z0-9\\-])+\\.)+[A-Za-z\\-]+))$/D"; + + pcre *re = NULL; + pcre_extra *pcre_extra = NULL; diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 000000000..791b781c4 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,28 @@ +001-libtool_fixes.patch +002-static_openssl.patch +004-ldap_fix.patch +006-debian_quirks.patch +013-force_getaddrinfo.patch +017-pread_pwrite_disable.patch +019-z_off_t_as_long.patch +027-readline_is_editline.patch +029-php.ini_paranoid.patch +033-we_WANT_libtool.patch +034-apache2_umask_fix.patch +036-fd_setsize_fix.patch +043-recode_size_t.patch +044-strtod_arm_fix.patch +045-exif_nesting_level.patch +047-zts_with_dl.patch +052-phpinfo_no_configure.patch +053-extension_api.patch +056-mime_magic_liberal.patch +057-no_apache_installed.patch +100-recode_is_shared.patch +101-sqlite_is_shared.patch +107-reflection_is_ext.patch +108-64_bit_datetime.patch +112-proc_open.patch +113-php.ini_securitynotes.patch +119-CVE-2007-1887-1888-MOPB-41.patch +119-CVE-2007-1900-MOPB-45.patch diff --git a/debian/rules b/debian/rules index 5647aeaed..6fa7fb2d2 100755 --- a/debian/rules +++ b/debian/rules @@ -110,33 +110,25 @@ BUILTIN_EXTENSION_CHECK=$$e=get_loaded_extensions(); natcasesort($$e); \ foreach($$e as $$i) { $$s .= " $$i"; } \ echo("php:Extensions=" . wordwrap($$s . ".\n", 75, "\$${Newline} ")); -patch: patch-stamp -patch-stamp: +# include the patch/unpatch rules from quilt +include /usr/share/quilt/quilt.make + +prepared: prepared-stamp +prepared-stamp: $(QUILT_STAMPFN) dh_testdir - for patch in debian/patches/*.patch; do \ - echo '->'`basename $$patch`:; \ - if ! patch -p1 --ignore-whitespace --dry-run < $$patch; \ - then \ - exit 1; \ - fi; \ - patch -p1 --ignore-whitespace < $$patch; \ - done sed -i -e 's/EXTRA_VERSION=""/EXTRA_VERSION="-$(PHP5_DEBIAN_REVISION)"/' configure.in rm -f aclocal.m4 config.sub config.guess ltmain.sh ./buildconf --force - touch patch-stamp + touch prepared-stamp -unpatch: +unprepared: dh_testdir sed -i -e 's/EXTRA_VERSION="-$(PHP5_DEBIAN_REVISION)"/EXTRA_VERSION=""/' configure.in - if [ -f patch-stamp ]; then \ - for patch in `ls debian/patches/*.patch | sort -r`; do \ - patch -p1 -R --ignore-whitespace < $$patch; \ - done; \ + if [ -f prepared-stamp ]; then \ rm -f aclocal.m4 config.sub config.guess ltmain.sh; \ ./buildconf --force; \ fi - rm -f patch-stamp + rm -f prepared-stamp build: build-apache-stamp build-apache2-stamp build-cgi-stamp build-cli-stamp build-pear-stamp build-apache-stamp: configure-apache-stamp @@ -189,7 +181,7 @@ build-pear-stamp: build-cgi-stamp touch build-pear-stamp configure: configure-apache-stamp configure-apache2-stamp configure-cli-stamp configure-cgi-stamp -configure-apache-stamp: patch-stamp +configure-apache-stamp: prepared-stamp dh_testdir if [ -d apache-build ]; then rm -rf apache-build; fi -mkdir apache-build @@ -210,7 +202,7 @@ configure-apache-stamp: patch-stamp touch configure-apache-stamp -configure-apache2-stamp: patch-stamp +configure-apache2-stamp: prepared-stamp dh_testdir if [ -d apache2-build ]; then rm -rf apache2-build; fi -mkdir apache2-build @@ -261,7 +253,7 @@ configure-apache2-stamp: patch-stamp Zend/ touch configure-apache2-stamp -configure-cgi-stamp: patch-stamp +configure-cgi-stamp: prepared-stamp dh_testdir if [ -d cgi-build ]; then rm -rf cgi-build; fi -mkdir cgi-build @@ -281,7 +273,7 @@ configure-cgi-stamp: patch-stamp Zend/ touch configure-cgi-stamp -configure-cli-stamp: patch-stamp +configure-cli-stamp: prepared-stamp dh_testdir if [ -d cli-build ]; then rm -rf cli-build; fi -mkdir cli-build @@ -303,7 +295,7 @@ configure-cli-stamp: patch-stamp Zend/ touch configure-cli-stamp -clean: unpatch +clean: unprepared dh_testdir dh_testroot rm -f configure-apache-stamp build-apache-stamp |