Pullup ticket #3671 - requested by taca
lang/php53 security and build fixes.
Revisions pulled up:
- lang/php53/Makefile 1.22-1.23
- lang/php53/Makefile.common 1.10
- lang/php53/Makefile.php 1.13
- lang/php53/distinfo 1.32-1.35
- lang/php53/patches/patch-main_php__variables.c deleted
- lang/php53/patches/patch-main_streams_cast.c 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Feb 2 15:44:09 UTC 2012
Modified Files:
pkgsrc/lang/php53: distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-main_streams_cast.c
Log Message:
Trying to fix build problem on NetBSD current recently.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Feb 2 16:00:40 UTC 2012
Modified Files:
pkgsrc/lang/php53: Makefile distinfo
Added Files:
pkgsrc/lang/php53/patches: patch-main_php__variables.c
Log Message:
Add fix for "Critical PHP Remote Vulnerability Introduced in Fix for PHP
Hashtable Collision DOS" by revision 323007 from PHP's repository.
http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Feb 2 16:19:44 UTC 2012
Modified Files:
pkgsrc/lang/php53: distinfo
pkgsrc/lang/php53/patches: patch-main_php__variables.c
Log Message:
And more fix for memory leaks by revision 323013 from PHP's repository.
Hopefully, these 18 minutes is allowed to avoid to PKGREVISION bump.
---
Module Name: pkgsrc
Committed By: taca
Date: Fri Feb 3 03:10:34 UTC 2012
Modified Files:
pkgsrc/lang/php53: Makefile Makefile.common Makefile.php distinfo
Removed Files:
pkgsrc/lang/php53/patches: patch-main_php__variables.c
Log Message:
Update php53 package to 5.3.10. Below security fix is already included
in php-5.3.9nb2 package.
02 Feb 2012, PHP 5.3.10
- Core:
. Fixed arbitrary remote code execution vulnerability reported by Stefan
Esser, CVE-2012-0830. (Stas, Dmitry)
(sbd)
diff -r1.19.2.2 -r1.19.2.3 pkgsrc/lang/php53/Makefile| @@ -1,20 +1,19 @@ | @@ -1,20 +1,19 @@ | |||
| 1 | # $NetBSD: Makefile,v 1.19.2.2 2012/01/21 09:02:55 sbd Exp $ | 1 | # $NetBSD: Makefile,v 1.19.2.3 2012/02/04 08:32:54 sbd Exp $ | |
| 2 | 2 | |||
| 3 | # | 3 | # | |
| 4 | # We can't omit PKGNAME here to handle PKG_OPTIONS. | 4 | # We can't omit PKGNAME here to handle PKG_OPTIONS. | |
| 5 | # | 5 | # | |
| 6 | PKGNAME= php-${PHP_BASE_VERS} | 6 | PKGNAME= php-${PHP_BASE_VERS} | |
| 7 | PKGREVISION= 1 | |||
| 8 | CATEGORIES= lang | 7 | CATEGORIES= lang | |
| 9 | 8 | |||
| 10 | HOMEPAGE= http://www.php.net/ | 9 | HOMEPAGE= http://www.php.net/ | |
| 11 | COMMENT= PHP Hypertext Preprocessor version 5 | 10 | COMMENT= PHP Hypertext Preprocessor version 5 | |
| 12 | LICENSE= php | 11 | LICENSE= php | |
| 13 | 12 | |||
| 14 | TEST_TARGET= test | 13 | TEST_TARGET= test | |
| 15 | PKG_DESTDIR_SUPPORT= user-destdir | 14 | PKG_DESTDIR_SUPPORT= user-destdir | |
| 16 | 15 | |||
| 17 | USE_TOOLS+= gmake lex pkg-config | 16 | USE_TOOLS+= gmake lex pkg-config | |
| 18 | LIBTOOL_OVERRIDE= # empty | 17 | LIBTOOL_OVERRIDE= # empty | |
| 19 | 18 | |||
| 20 | .include "Makefile.php" | 19 | .include "Makefile.php" |
| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: Makefile.common,v 1.8.4.1 2012/01/12 11:29:04 tron Exp $ | 1 | # $NetBSD: Makefile.common,v 1.8.4.2 2012/02/04 08:32:54 sbd Exp $ | |
| 2 | # used by lang/php53/Makefile.php | 2 | # used by lang/php53/Makefile.php | |
| 3 | # used by lang/php/ext.mk | 3 | # used by lang/php/ext.mk | |
| 4 | # used by meta-pkgs/php53-extensions/Makefile | 4 | # used by meta-pkgs/php53-extensions/Makefile | |
| 5 | 5 | |||
| 6 | # | 6 | # | |
| 7 | # NOTE: | 7 | # NOTE: | |
| 8 | # The suhosin option includes a patch from http://www.hardened-php.net/ | 8 | # The suhosin option includes a patch from http://www.hardened-php.net/ | |
| 9 | # Which tracks with the exact version number of PHP. There may be a delay | 9 | # Which tracks with the exact version number of PHP. There may be a delay | |
| 10 | # in the patch which can leave the option broken until an updated patch | 10 | # in the patch which can leave the option broken until an updated patch | |
| 11 | # is released. When updating PHP please don't forget to update the | 11 | # is released. When updating PHP please don't forget to update the | |
| 12 | # distnfo with the details of the suhosin patch as well. | 12 | # distnfo with the details of the suhosin patch as well. | |
| 13 | # | 13 | # | |
| 14 | # Check these packages when update to new release of PHP and consider to | 14 | # Check these packages when update to new release of PHP and consider to | |
| @@ -29,24 +29,24 @@ DIST_SUBDIR= ${DISTNAME} | @@ -29,24 +29,24 @@ DIST_SUBDIR= ${DISTNAME} | |||
| 29 | CATEGORIES+= www | 29 | CATEGORIES+= www | |
| 30 | 30 | |||
| 31 | .if !defined(PECL_VERSION) | 31 | .if !defined(PECL_VERSION) | |
| 32 | MASTER_SITES?= http://www.php.net/distributions/ \ | 32 | MASTER_SITES?= http://www.php.net/distributions/ \ | |
| 33 | http://uk.php.net/distributions/ \ | 33 | http://uk.php.net/distributions/ \ | |
| 34 | http://de.php.net/distributions/ \ | 34 | http://de.php.net/distributions/ \ | |
| 35 | http://us.php.net/distributions/ | 35 | http://us.php.net/distributions/ | |
| 36 | EXTRACT_SUFX?= .tar.bz2 | 36 | EXTRACT_SUFX?= .tar.bz2 | |
| 37 | .endif | 37 | .endif | |
| 38 | 38 | |||
| 39 | MAINTAINER?= pkgsrc-users@NetBSD.org | 39 | MAINTAINER?= pkgsrc-users@NetBSD.org | |
| 40 | HOMEPAGE?= http://www.php.net/ | 40 | HOMEPAGE?= http://www.php.net/ | |
| 41 | 41 | |||
| 42 | PHP_BASE_VERS= 5.3.9 | 42 | PHP_BASE_VERS= 5.3.10 | |
| 43 | 43 | |||
| 44 | PHP_EXTENSION_DIR= lib/php/20090630 | 44 | PHP_EXTENSION_DIR= lib/php/20090630 | |
| 45 | PLIST_SUBST+= PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR} | 45 | PLIST_SUBST+= PHP_EXTENSION_DIR=${PHP_EXTENSION_DIR} | |
| 46 | 46 | |||
| 47 | PKG_SYSCONFVAR?= php | 47 | PKG_SYSCONFVAR?= php | |
| 48 | 48 | |||
| 49 | # needed due to (broken?) configure checks in php-xmlrpc and php5-dom | 49 | # needed due to (broken?) configure checks in php-xmlrpc and php5-dom | |
| 50 | CONFIGURE_ENV+= PHP_LIBXML_SHARED="1" | 50 | CONFIGURE_ENV+= PHP_LIBXML_SHARED="1" | |
| 51 | 51 | |||
| 52 | .include "../../mk/bsd.prefs.mk" | 52 | .include "../../mk/bsd.prefs.mk" |
| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: Makefile.php,v 1.10.2.2 2012/01/21 09:02:55 sbd Exp $ | 1 | # $NetBSD: Makefile.php,v 1.10.2.3 2012/02/04 08:32:54 sbd Exp $ | |
| 2 | # used by lang/php53/Makefile | 2 | # used by lang/php53/Makefile | |
| 3 | # used by www/ap-php/Makefile | 3 | # used by www/ap-php/Makefile | |
| 4 | 4 | |||
| 5 | .include "../../lang/php53/Makefile.common" | 5 | .include "../../lang/php53/Makefile.common" | |
| 6 | 6 | |||
| 7 | DISTINFO_FILE= ${.CURDIR}/../../lang/php53/distinfo | 7 | DISTINFO_FILE= ${.CURDIR}/../../lang/php53/distinfo | |
| 8 | PATCHDIR= ${.CURDIR}/../../lang/php53/patches | 8 | PATCHDIR= ${.CURDIR}/../../lang/php53/patches | |
| 9 | 9 | |||
| 10 | USE_LIBTOOL= YES | 10 | USE_LIBTOOL= YES | |
| 11 | USE_LANGUAGES= c c++ | 11 | USE_LANGUAGES= c c++ | |
| 12 | GNU_CONFIGURE= YES | 12 | GNU_CONFIGURE= YES | |
| 13 | BUILD_DEFS+= VARBASE | 13 | BUILD_DEFS+= VARBASE | |
| 14 | PLIST_VARS+= suhosin | 14 | PLIST_VARS+= suhosin | |
| @@ -51,27 +51,27 @@ PKG_SUPPORTED_OPTIONS+= inet6 ssl mainta | @@ -51,27 +51,27 @@ PKG_SUPPORTED_OPTIONS+= inet6 ssl mainta | |||
| 51 | PKG_SUGGESTED_OPTIONS+= inet6 ssl | 51 | PKG_SUGGESTED_OPTIONS+= inet6 ssl | |
| 52 | 52 | |||
| 53 | #SUBST_CLASSES+= ini | 53 | #SUBST_CLASSES+= ini | |
| 54 | #SUBST_STAGE.ini= post-patch | 54 | #SUBST_STAGE.ini= post-patch | |
| 55 | #SUBST_FILES.ini= php.ini-development | 55 | #SUBST_FILES.ini= php.ini-development | |
| 56 | #SUBST_FILES.ini+= php.ini-production | 56 | #SUBST_FILES.ini+= php.ini-production | |
| 57 | #SUBST_SED.ini= -e "s|\\;include_path = \".:/php/includes\"|include_path = \".:${PREFIX}/lib/php\"|g" | 57 | #SUBST_SED.ini= -e "s|\\;include_path = \".:/php/includes\"|include_path = \".:${PREFIX}/lib/php\"|g" | |
| 58 | #SUBST_MESSAGE.ini= Fixing default ini files. | 58 | #SUBST_MESSAGE.ini= Fixing default ini files. | |
| 59 | 59 | |||
| 60 | .include "../../mk/bsd.options.mk" | 60 | .include "../../mk/bsd.options.mk" | |
| 61 | 61 | |||
| 62 | .if !empty(PKG_OPTIONS:Msuhosin) | 62 | .if !empty(PKG_OPTIONS:Msuhosin) | |
| 63 | SUHOSIN_PHPVER= 5.3.9 | 63 | SUHOSIN_PHPVER= 5.3.9 | |
| 64 | . if ${SUHOSIN_PHPVER} != ${PHP_BASE_VERS} | 64 | . if ${SUHOSIN_PHPVER} != ${PHP_BASE_VERS} && ${PHP_BASE_VERS} != 5.3.10 | |
| 65 | PKG_FAIL_REASON+= "The suhosin patch is currently not available for" | 65 | PKG_FAIL_REASON+= "The suhosin patch is currently not available for" | |
| 66 | PKG_FAIL_REASON+= "this version of PHP. You may have to wait until" | 66 | PKG_FAIL_REASON+= "this version of PHP. You may have to wait until" | |
| 67 | PKG_FAIL_REASON+= "an updated patch is released or temporarily" | 67 | PKG_FAIL_REASON+= "an updated patch is released or temporarily" | |
| 68 | PKG_FAIL_REASON+= "build this package without the suhosin option." | 68 | PKG_FAIL_REASON+= "build this package without the suhosin option." | |
| 69 | . else | 69 | . else | |
| 70 | PATCH_SITES= http://download.suhosin.org/ | 70 | PATCH_SITES= http://download.suhosin.org/ | |
| 71 | PATCHFILES+= suhosin-patch-${SUHOSIN_PHPVER}-0.9.10.patch.gz | 71 | PATCHFILES+= suhosin-patch-${SUHOSIN_PHPVER}-0.9.10.patch.gz | |
| 72 | PATCH_DIST_STRIP= -p1 | 72 | PATCH_DIST_STRIP= -p1 | |
| 73 | PLIST.suhosin= yes | 73 | PLIST.suhosin= yes | |
| 74 | MESSAGE_SRC= ${.CURDIR}/../../lang/php53/MESSAGE | 74 | MESSAGE_SRC= ${.CURDIR}/../../lang/php53/MESSAGE | |
| 75 | MESSAGE_SRC+= ${.CURDIR}/../../lang/php53/MESSAGE.suhosin | 75 | MESSAGE_SRC+= ${.CURDIR}/../../lang/php53/MESSAGE.suhosin | |
| 76 | . endif | 76 | . endif | |
| 77 | .endif | 77 | .endif |
| @@ -1,20 +1,21 @@ | @@ -1,20 +1,21 @@ | |||
| 1 | $NetBSD: distinfo,v 1.28.2.3 2012/01/21 09:02:55 sbd Exp $ | 1 | $NetBSD: distinfo,v 1.28.2.4 2012/02/04 08:32:54 sbd Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (php-5.3.9/php-5.3.9.tar.bz2) = fe0626735c3d9dd370cef9bdcfe9506629449f51 | 3 | SHA1 (php-5.3.10/php-5.3.10.tar.bz2) = 689d8463b5d9e24b9bf297e35826f2ebdb69afda | |
| 4 | RMD160 (php-5.3.9/php-5.3.9.tar.bz2) = 428ed51982637f092c43369cf5cfb284d58da3f6 | 4 | RMD160 (php-5.3.10/php-5.3.10.tar.bz2) = acab30a19b340f21a64e06b524906f2b064dd1c9 | |
| 5 | Size (php-5.3.9/php-5.3.9.tar.bz2) = 11704944 bytes | 5 | Size (php-5.3.10/php-5.3.10.tar.bz2) = 11707402 bytes | |
| 6 | SHA1 (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed | 6 | SHA1 (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = 7b9ef5c3e0831154df0d6290aba0989ca90138ed | |
| 7 | RMD160 (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 | 7 | RMD160 (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = ce43921fd9b183b154713ecda98294f6c68d5f22 | |
| 8 | Size (php-5.3.9/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes | 8 | Size (php-5.3.10/suhosin-patch-5.3.9-0.9.10.patch.gz) = 40967 bytes | |
| 9 | SHA1 (patch-aa) = b0dc6cd0b2103d5858280202506b33322a98496e | 9 | SHA1 (patch-aa) = b0dc6cd0b2103d5858280202506b33322a98496e | |
| 10 | SHA1 (patch-ab) = d08bb50cf074a6065ef0d1d67a713b7573cb2f5b | 10 | SHA1 (patch-ab) = d08bb50cf074a6065ef0d1d67a713b7573cb2f5b | |
| 11 | SHA1 (patch-ac) = 1720f154232241c19d0c6e08a824e33252f1b690 | 11 | SHA1 (patch-ac) = 1720f154232241c19d0c6e08a824e33252f1b690 | |
| 12 | SHA1 (patch-ad) = 1608c58860a43b4e31df8646b5ded253ec9aa881 | 12 | SHA1 (patch-ad) = 1608c58860a43b4e31df8646b5ded253ec9aa881 | |
| 13 | SHA1 (patch-ae) = e590db60a60f4e5ef2da4e5edb786335a67a3d56 | 13 | SHA1 (patch-ae) = e590db60a60f4e5ef2da4e5edb786335a67a3d56 | |
| 14 | SHA1 (patch-af) = 1618b23fd6d090ce5aa929208416028724278bfc | 14 | SHA1 (patch-af) = 1618b23fd6d090ce5aa929208416028724278bfc | |
| 15 | SHA1 (patch-ag) = c49cdff097d1e54ebe93b5afb550e89b0cc2468e | 15 | SHA1 (patch-ag) = c49cdff097d1e54ebe93b5afb550e89b0cc2468e | |
| 16 | SHA1 (patch-ah) = b20c29c64b3099f77855a5ec28960dc1c4f65c83 | 16 | SHA1 (patch-ah) = b20c29c64b3099f77855a5ec28960dc1c4f65c83 | |
| 17 | SHA1 (patch-ai) = d4766893a2c47a4e4a744248dda265b0a9a66a1f | 17 | SHA1 (patch-ai) = d4766893a2c47a4e4a744248dda265b0a9a66a1f | |
| 18 | SHA1 (patch-aj) = d611d13fcc28c5d2b9e9586832ce4b8ae5707b48 | 18 | SHA1 (patch-aj) = d611d13fcc28c5d2b9e9586832ce4b8ae5707b48 | |
| 19 | SHA1 (patch-al) = fbbee5502e0cd1c47c6e7c15e0d54746414ec32e | 19 | SHA1 (patch-al) = fbbee5502e0cd1c47c6e7c15e0d54746414ec32e | |
| 20 | SHA1 (patch-main_streams_cast.c) = c169ccb73dc660e40eff9f9e168374f35eedadad | |||
| 20 | SHA1 (patch-php__mssql.c) = b46c688ff2d8da33ca2f9beb0eb9182b6edf7e23 | 21 | SHA1 (patch-php__mssql.c) = b46c688ff2d8da33ca2f9beb0eb9182b6edf7e23 |
$NetBSD: patch-main_streams_cast.c,v 1.1.2.2 2012/02/04 08:32:55 sbd Exp $
Fix build problem of newer NetBSD.
--- main/streams/cast.c.orig 2012-01-01 13:15:04.000000000 +0000
+++ main/streams/cast.c
@@ -34,7 +34,7 @@
typedef struct {
int (*reader)(void *, char *, int);
int (*writer)(void *, const char *, int);
- fpos_t (*seeker)(void *, fpos_t, int);
+ off_t (*seeker)(void *, off_t, int);
int (*closer)(void *);
} COOKIE_IO_FUNCTIONS_T;
@@ -68,11 +68,11 @@ static int stream_cookie_writer(void *co
return php_stream_write((php_stream *)cookie, (char *)buffer, size);
}
-static fpos_t stream_cookie_seeker(void *cookie, off_t position, int whence)
+static off_t stream_cookie_seeker(void *cookie, off_t position, int whence)
{
TSRMLS_FETCH();
- return (fpos_t)php_stream_seek((php_stream *)cookie, position, whence);
+ return (off_t)php_stream_seek((php_stream *)cookie, position, whence);
}
static int stream_cookie_closer(void *cookie)