Pullup ticket #3671 - requested by taca lang/php53 security and build fixes. Revisions pulled up: - lang/php53/Makefile 1.22-1.23 - lang/php53/Makefile.common 1.10 - lang/php53/Makefile.php 1.13 - lang/php53/distinfo 1.32-1.35 - lang/php53/patches/patch-main_php__variables.c deleted - lang/php53/patches/patch-main_streams_cast.c 1.1 --- Module Name: pkgsrc Committed By: taca Date: Thu Feb 2 15:44:09 UTC 2012 Modified Files: pkgsrc/lang/php53: distinfo Added Files: pkgsrc/lang/php53/patches: patch-main_streams_cast.c Log Message: Trying to fix build problem on NetBSD current recently. --- Module Name: pkgsrc Committed By: taca Date: Thu Feb 2 16:00:40 UTC 2012 Modified Files: pkgsrc/lang/php53: Makefile distinfo Added Files: pkgsrc/lang/php53/patches: patch-main_php__variables.c Log Message: Add fix for "Critical PHP Remote Vulnerability Introduced in Fix for PHP Hashtable Collision DOS" by revision 323007 from PHP's repository. http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/ Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Thu Feb 2 16:19:44 UTC 2012 Modified Files: pkgsrc/lang/php53: distinfo pkgsrc/lang/php53/patches: patch-main_php__variables.c Log Message: And more fix for memory leaks by revision 323013 from PHP's repository. Hopefully, these 18 minutes is allowed to avoid to PKGREVISION bump. --- Module Name: pkgsrc Committed By: taca Date: Fri Feb 3 03:10:34 UTC 2012 Modified Files: pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo Removed Files: pkgsrc/lang/php53/patches: patch-main_php__variables.c Log Message: Update php53 package to 5.3.10. Below security fix is already included in php-5.3.9nb2 package. 02 Feb 2012, PHP 5.3.10 - Core: . Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830. (Stas, Dmitry)diff -r1.19.2.2 -r1.19.2.3 pkgsrc/lang/php53/Makefile
(sbd)
@@ -1,20 +1,19 @@ | @@ -1,20 +1,19 @@ | |||
1 | # $NetBSD: Makefile,v 1.19.2.2 2012/01/21 09:02:55 sbd Exp $ | 1 | # $NetBSD: Makefile,v 1.19.2.3 2012/02/04 08:32:54 sbd Exp $ | |
2 | 2 | |||
3 | # | 3 | # | |
4 | # We can't omit PKGNAME here to handle PKG_OPTIONS. | 4 | # We can't omit PKGNAME here to handle PKG_OPTIONS. | |
5 | # | 5 | # | |
6 | PKGNAME= php-${PHP_BASE_VERS} | 6 | PKGNAME= php-${PHP_BASE_VERS} | |
7 | PKGREVISION= 1 | |||
8 | CATEGORIES= lang | 7 | CATEGORIES= lang | |
9 | 8 | |||
10 | HOMEPAGE= http://www.php.net/ | 9 | HOMEPAGE= http://www.php.net/ | |
11 | COMMENT= PHP Hypertext Preprocessor version 5 | 10 | COMMENT= PHP Hypertext Preprocessor version 5 | |
12 | LICENSE= php | 11 | LICENSE= php | |
13 | 12 | |||
14 | TEST_TARGET= test | 13 | TEST_TARGET= test | |
15 | PKG_DESTDIR_SUPPORT= user-destdir | 14 | PKG_DESTDIR_SUPPORT= user-destdir | |
16 | 15 | |||
17 | USE_TOOLS+= gmake lex pkg-config | 16 | USE_TOOLS+= gmake lex pkg-config | |
18 | LIBTOOL_OVERRIDE= # empty | 17 | LIBTOOL_OVERRIDE= # empty | |
19 | 18 | |||
20 | .include "Makefile.php" | 19 | .include "Makefile.php" |
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: Makefile.common,v 1.8.4.1 2012/01/12 11:29:04 tron Exp $ | 1 | # $NetBSD: Makefile.common,v 1.8.4.2 2012/02/04 08:32:54 sbd Exp $ | |
2 | # used by lang/php53/Makefile.php | 2 | # used by lang/php53/Makefile.php | |
3 | # used by lang/php/ext.mk | 3 | # used by lang/php/ext.mk | |
4 | # used by meta-pkgs/php53-extensions/Makefile | 4 | # used by meta-pkgs/php53-extensions/Makefile | |
5 | 5 | |||
6 | # | 6 | # | |
7 | # NOTE: | 7 | # NOTE: | |
8 | # The suhosin option includes a patch from http://www.hardened-php.net/ | 8 | # The suhosin option includes a patch from http://www.hardened-php.net/ | |
9 | # Which tracks with the exact version number of PHP. There may be a delay | 9 | # Which tracks with the exact version number of PHP. There may be a delay | |
10 | # in the patch which can leave the option broken until an updated patch | 10 | # in the patch which can leave the option broken until an updated patch | |
11 | # is released. When updating PHP please don't forget to update the | 11 | # is released. When updating PHP please don't forget to update the | |
12 | # distnfo with the details of the suhosin patch as well. | 12 | # distnfo with the details of the suhosin patch as well. | |
13 | # | 13 | # | |
14 | # Check these packages when update to new release of PHP and consider to | 14 | # Check these packages when update to new release of PHP and consider to | |
@@ -29,24 +29,24 @@ DIST_SUBDIR= ${DISTNAME} | @@ -29,24 +29,24 @@ DIST_SUBDIR= ${DISTNAME} | |||
29 | CATEGORIES+= www | 29 | CATEGORIES+= www | |
30 | 30 | |||
31 | .if !defined(PECL_VERSION) | 31 | .if !defined(PECL_VERSION) | |
32 | MASTER_SITES?= http://www.php.net/distributions/ \ | 32 | MASTER_SITES?= http://www.php.net/distributions/ \ | |
33 | http://uk.php.net/distributions/ \ | 33 | http://uk.php.net/distributions/ \ | |
34 | http://de.php.net/distributions/ \ | 34 | http://de.php.net/distributions/ \ | |
35 | http://us.php.net/distributions/ | 35 | http://us.php.net/distributions/ | |
36 | EXTRACT_SUFX?= .tar.bz2 | 36 | EXTRACT_SUFX?= .tar.bz2 | |
37 | .endif | 37 | .endif | |
38 | 38 | |||
39 | MAINTAINER?= pkgsrc-users@NetBSD.org | 39 | MAINTAINER?= pkgsrc-users@NetBSD.org | |
40 | HOMEPAGE?= http://www.php.net/ | 40 | HOMEPAGE?= http://www.php.net/ | |
41 | 41 | |||
42 | PHP_BASE_VERS= 5.3.9 | 42 | PHP_BASE_VERS= 5.3.10 | |
43 | 43 | |||
44 | PHP_EXTENSION_DIR= lib/php/20090630 | 44 | PHP_EXTENSION_DIR= lib/php/20090630 | |
45 | PLIST_SUBST+= PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR} | 45 | PLIST_SUBST+= PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR} | |
46 | 46 | |||
47 | PKG_SYSCONFVAR?= php | 47 | PKG_SYSCONFVAR?= php | |
48 | 48 | |||
49 | # needed due to (broken?) configure checks in php-xmlrpc and php5-dom | 49 | # needed due to (broken?) configure checks in php-xmlrpc and php5-dom | |
50 | CONFIGURE_ENV+= PHP_LIBXML_SHARED="1" | 50 | CONFIGURE_ENV+= PHP_LIBXML_SHARED="1" | |
51 | 51 | |||
52 | .include "../../mk/bsd.prefs.mk" | 52 | .include "../../mk/bsd.prefs.mk" |
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: Makefile.php,v 1.10.2.2 2012/01/21 09:02:55 sbd Exp $ | 1 | # $NetBSD: Makefile.php,v 1.10.2.3 2012/02/04 08:32:54 sbd Exp $ | |
2 | # used by lang/php53/Makefile | 2 | # used by lang/php53/Makefile | |
3 | # used by www/ap-php/Makefile | 3 | # used by www/ap-php/Makefile | |
4 | 4 | |||
5 | .include "../../lang/php53/Makefile.common" | 5 | .include "../../lang/php53/Makefile.common" | |
6 | 6 | |||
7 | DISTINFO_FILE= ${.CURDIR}/../../lang/php53/distinfo | 7 | DISTINFO_FILE= ${.CURDIR}/../../lang/php53/distinfo | |
8 | PATCHDIR= ${.CURDIR}/../../lang/php53/patches | 8 | PATCHDIR= ${.CURDIR}/../../lang/php53/patches | |
9 | 9 | |||
10 | USE_LIBTOOL= YES | 10 | USE_LIBTOOL= YES | |
11 | USE_LANGUAGES= c c++ | 11 | USE_LANGUAGES= c c++ | |
12 | GNU_CONFIGURE= YES | 12 | GNU_CONFIGURE= YES | |
13 | BUILD_DEFS+= VARBASE | 13 | BUILD_DEFS+= VARBASE | |
14 | PLIST_VARS+= suhosin | 14 | PLIST_VARS+= suhosin | |
@@ -51,27 +51,27 @@ PKG_SUPPORTED_OPTIONS+= inet6 ssl mainta | @@ -51,27 +51,27 @@ PKG_SUPPORTED_OPTIONS+= inet6 ssl mainta | |||
51 | PKG_SUGGESTED_OPTIONS+= inet6 ssl | 51 | PKG_SUGGESTED_OPTIONS+= inet6 ssl | |
52 | 52 | |||
53 | #SUBST_CLASSES+= ini | 53 | #SUBST_CLASSES+= ini | |
54 | #SUBST_STAGE.ini= post-patch | 54 | #SUBST_STAGE.ini= post-patch | |
55 | #SUBST_FILES.ini= php.ini-development | 55 | #SUBST_FILES.ini= php.ini-development | |
56 | #SUBST_FILES.ini+= php.ini-production | 56 | #SUBST_FILES.ini+= php.ini-production | |
57 | #SUBST_SED.ini= -e "s|\\;include_path = \".:/php/includes\"|include_path = \".:${PREFIX}/lib/php\"|g" | 57 | #SUBST_SED.ini= -e "s|\\;include_path = \".:/php/includes\"|include_path = \".:${PREFIX}/lib/php\"|g" | |
58 | #SUBST_MESSAGE.ini= Fixing default ini files. | 58 | #SUBST_MESSAGE.ini= Fixing default ini files. | |
59 | 59 | |||
60 | .include "../../mk/bsd.options.mk" | 60 | .include "../../mk/bsd.options.mk" | |
61 | 61 | |||
62 | .if !empty(PKG_OPTIONS:Msuhosin) | 62 | .if !empty(PKG_OPTIONS:Msuhosin) | |
63 | SUHOSIN_PHPVER= 5.3.9 | 63 | SUHOSIN_PHPVER= 5.3.9 | |
64 | . if ${SUHOSIN_PHPVER} != ${PHP_BASE_VERS} | 64 | . if ${SUHOSIN_PHPVER} != ${PHP_BASE_VERS} && ${PHP_BASE_VERS} != 5.3.10 | |
65 | PKG_FAIL_REASON+= "The suhosin patch is currently not available for" | 65 | PKG_FAIL_REASON+= "The suhosin patch is currently not available for" | |
66 | PKG_FAIL_REASON+= "this version of PHP. You may have to wait until" | 66 | PKG_FAIL_REASON+= "this version of PHP. You may have to wait until" | |
67 | PKG_FAIL_REASON+= "an updated patch is released or temporarily" | 67 | PKG_FAIL_REASON+= "an updated patch is released or temporarily" | |
68 | PKG_FAIL_REASON+= "build this package without the suhosin option." | 68 | PKG_FAIL_REASON+= "build this package without the suhosin option." | |
69 | . else | 69 | . else | |
70 | PATCH_SITES= http://download.suhosin.org/ | 70 | PATCH_SITES= http://download.suhosin.org/ | |
71 | PATCHFILES+= suhosin-patch-${SUHOSIN_PHPVER}-0.9.10.patch.gz | 71 | PATCHFILES+= suhosin-patch-${SUHOSIN_PHPVER}-0.9.10.patch.gz | |
72 | PATCH_DIST_STRIP= -p1 | 72 | PATCH_DIST_STRIP= -p1 | |
73 | PLIST.suhosin= yes | 73 | PLIST.suhosin= yes | |
74 | MESSAGE_SRC= ${.CURDIR}/../../lang/php53/MESSAGE | 74 | MESSAGE_SRC= ${.CURDIR}/../../lang/php53/MESSAGE | |
75 | MESSAGE_SRC+= ${.CURDIR}/../../lang/php53/MESSAGE.suhosin | 75 | MESSAGE_SRC+= ${.CURDIR}/../../lang/php53/MESSAGE.suhosin | |
76 | . endif | 76 | . endif | |
77 | .endif | 77 | .endif |
@@ -1,20 +1,21 @@ | @@ -1,20 +1,21 @@ | |||
1 | $NetBSD: distinfo,v 1.28.2.3 2012/01/21 09:02:55 sbd Exp $ | 1 | $NetBSD: distinfo,v 1.28.2.4 2012/02/04 08:32:54 sbd Exp $ | |
2 | 2 | |||
3 | SHA1 (php-5.3.9/php-5.3.9.tar.bz2) = fe0626735c3d9dd370cef9bdcfe9506629449f51 | 3 | SHA1 (php-5.3.10/php-5.3.10.tar.bz2) = 689d8463b5d9e24b9bf297e35826f2ebdb69afda | |
4 | RMD160 (php-5.3.9/php-5.3.9.tar.bz2) = 428ed51982637f092c43369cf5cfb284d58da3f6 | 4 | RMD160 (php-5.3.10/php-5.3.10.tar.bz2) = acab30a19b340f21a64e06b524906f2b064dd1c9 | |
5 | Size (php-5.3.9/php-5.3.9.tar.bz2) = 11704944 bytes | 5 | Size (php-5.3.10/php-5.3.10.tar.bz2) = 11707402 bytes | |
6 | SHA1 (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed | 6 | SHA1 (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed | |
7 | RMD160 (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 | 7 | RMD160 (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 | |
8 | Size (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes | 8 | Size (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes | |
9 | SHA1 (patch-aa) = b0dc6cd0b2103d5858280202506b33322a98496e | 9 | SHA1 (patch-aa) = b0dc6cd0b2103d5858280202506b33322a98496e | |
10 | SHA1 (patch-ab) = d08bb50cf074a6065ef0d1d67a713b7573cb2f5b | 10 | SHA1 (patch-ab) = d08bb50cf074a6065ef0d1d67a713b7573cb2f5b | |
11 | SHA1 (patch-ac) = 1720f154232241c19d0c6e08a824e33252f1b690 | 11 | SHA1 (patch-ac) = 1720f154232241c19d0c6e08a824e33252f1b690 | |
12 | SHA1 (patch-ad) = 1608c58860a43b4e31df8646b5ded253ec9aa881 | 12 | SHA1 (patch-ad) = 1608c58860a43b4e31df8646b5ded253ec9aa881 | |
13 | SHA1 (patch-ae) = e590db60a60f4e5ef2da4e5edb786335a67a3d56 | 13 | SHA1 (patch-ae) = e590db60a60f4e5ef2da4e5edb786335a67a3d56 | |
14 | SHA1 (patch-af) = 1618b23fd6d090ce5aa929208416028724278bfc | 14 | SHA1 (patch-af) = 1618b23fd6d090ce5aa929208416028724278bfc | |
15 | SHA1 (patch-ag) = c49cdff097d1e54ebe93b5afb550e89b0cc2468e | 15 | SHA1 (patch-ag) = c49cdff097d1e54ebe93b5afb550e89b0cc2468e | |
16 | SHA1 (patch-ah) = b20c29c64b3099f77855a5ec28960dc1c4f65c83 | 16 | SHA1 (patch-ah) = b20c29c64b3099f77855a5ec28960dc1c4f65c83 | |
17 | SHA1 (patch-ai) = d4766893a2c47a4e4a744248dda265b0a9a66a1f | 17 | SHA1 (patch-ai) = d4766893a2c47a4e4a744248dda265b0a9a66a1f | |
18 | SHA1 (patch-aj) = d611d13fcc28c5d2b9e9586832ce4b8ae5707b48 | 18 | SHA1 (patch-aj) = d611d13fcc28c5d2b9e9586832ce4b8ae5707b48 | |
19 | SHA1 (patch-al) = fbbee5502e0cd1c47c6e7c15e0d54746414ec32e | 19 | SHA1 (patch-al) = fbbee5502e0cd1c47c6e7c15e0d54746414ec32e | |
20 | SHA1 (patch-main_streams_cast.c) = c169ccb73dc660e40eff9f9e168374f35eedadad | |||
20 | SHA1 (patch-php__mssql.c) = b46c688ff2d8da33ca2f9beb0eb9182b6edf7e23 | 21 | SHA1 (patch-php__mssql.c) = b46c688ff2d8da33ca2f9beb0eb9182b6edf7e23 |
$NetBSD: patch-main_streams_cast.c,v 1.1.2.2 2012/02/04 08:32:55 sbd Exp $
Fix build problem of newer NetBSD.
--- main/streams/cast.c.orig 2012-01-01 13:15:04.000000000 +0000
+++ main/streams/cast.c
@@ -34,7 +34,7 @@
typedef struct {
int (*reader)(void *, char *, int);
int (*writer)(void *, const char *, int);
- fpos_t (*seeker)(void *, fpos_t, int);
+ off_t (*seeker)(void *, off_t, int);
int (*closer)(void *);
} COOKIE_IO_FUNCTIONS_T;
@@ -68,11 +68,11 @@ static int stream_cookie_writer(void *co
return php_stream_write((php_stream *)cookie, (char *)buffer, size);
}
-static fpos_t stream_cookie_seeker(void *cookie, off_t position, int whence)
+static off_t stream_cookie_seeker(void *cookie, off_t position, int whence)
{
TSRMLS_FETCH();
- return (fpos_t)php_stream_seek((php_stream *)cookie, position, whence);
+ return (off_t)php_stream_seek((php_stream *)cookie, position, whence);
}
static int stream_cookie_closer(void *cookie)