[CVS] OpenPKG: openpkg-src/php5/ php5.patch php5.spec

Tue, 04 Oct 2005 13:03:58 -0700 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /v/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   04-Oct-2005 22:03:52
  Branch: HEAD                             Handle: 2005100421035100

  Added files:
    openpkg-src/php5        php5.patch
  Modified files:
    openpkg-src/php5        php5.spec

  Log:
    Security Fix (CAN-2005-3054)

  Summary:
    Revision    Changes     Path
    1.3         +16 -0      openpkg-src/php5/php5.patch
    1.36        +3  -1      openpkg-src/php5/php5.spec
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/php5/php5.patch
  ============================================================================
  $ cvs diff -u -r0 -r1.3 php5.patch
  --- /dev/null 2005-10-04 22:03:05 +0200
  +++ php5.patch        2005-10-04 22:03:52 +0200
  @@ -0,0 +1,16 @@
  +Security Fix (CAN-2005-3054)
  +
  +Index: main/fopen_wrappers.c
  +--- main/fopen_wrappers.c.orig       2005-07-16 14:14:44 +0200
  ++++ main/fopen_wrappers.c    2005-10-04 22:01:56 +0200
  +@@ -109,8 +109,8 @@
  +             /* Handler for basedirs that end with a / */
  +             resolved_basedir_len = strlen(resolved_basedir);
  +             if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR) {
  +-                    if (resolved_basedir[resolved_basedir_len - 1] == '/') {
  +-                            resolved_basedir[resolved_basedir_len - 1] = 
PHP_DIR_SEPARATOR;
  ++                    if (resolved_basedir[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
  ++                            resolved_basedir[resolved_basedir_len] = 
PHP_DIR_SEPARATOR;
  +                             resolved_basedir[++resolved_basedir_len] = '\0';
  +                     }
  +             }
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/php5/php5.spec
  ============================================================================
  $ cvs diff -u -r1.35 -r1.36 php5.spec
  --- openpkg-src/php5/php5.spec        6 Sep 2005 19:45:07 -0000       1.35
  +++ openpkg-src/php5/php5.spec        4 Oct 2005 20:03:51 -0000       1.36
  @@ -33,7 +33,7 @@
   Group:        Language
   License:      PHP
   Version:      5.0.5
  -Release:      20050906
  +Release:      20051004
   
   #   package options
   %option       with_calendar      no
  @@ -96,6 +96,7 @@
   #   list of sources
   Source0:      
http://static.php.net/www.php.net/distributions/php-%{version}.tar.gz
   Source1:      php.ini
  +Patch0:       php5.patch
   
   #   build information
   Prefix:       %{l_prefix}
  @@ -233,6 +234,7 @@
   
   %prep
       %setup -q -n php-%{version}
  +    %patch -p0
       %{l_shtool} subst \
           -e 's;\(/include\)/freetype2;\1;' \
           configure \
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [email protected]

Reply via email to