[CVS] OpenPKG: openpkg-src/php/ php.patch php.spec

Thu, 02 Nov 2006 23:51:03 -0800 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /v/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   03-Nov-2006 08:51:16
  Branch: HEAD                             Handle: 2006110307511600

  Modified files:
    openpkg-src/php         php.patch php.spec

  Log:
    upgrading package: php 5.1.6 -> 5.2.0

  Summary:
    Revision    Changes     Path
    1.15        +6  -73     openpkg-src/php/php.patch
    1.134       +2  -2      openpkg-src/php/php.spec
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/php/php.patch
  ============================================================================
  $ cvs diff -u -r1.14 -r1.15 php.patch
  --- openpkg-src/php/php.patch 17 Oct 2006 07:02:47 -0000      1.14
  +++ openpkg-src/php/php.patch 3 Nov 2006 07:51:16 -0000       1.15
  @@ -1,82 +1,15 @@
   Security Fix (CVE-2006-4625)
   
   Index: Zend/zend_ini.c
  ---- Zend/zend_ini.c.orig     2006-01-05 00:53:04 +0100
  -+++ Zend/zend_ini.c  2006-10-17 08:24:12 +0200
  -@@ -256,8 +256,8 @@
  -     zend_ini_entry *ini_entry;
  +--- Zend/zend_ini.c.orig     2006-09-06 10:54:44 +0200
  ++++ Zend/zend_ini.c  2006-11-03 08:46:12 +0100
  +@@ -235,7 +235,8 @@
  +     char *duplicate;
        TSRMLS_FETCH();
    
   -    if (zend_hash_find(EG(ini_directives), name, name_length, (void **) 
&ini_entry)==FAILURE) {
  --            return FAILURE;
   +    if (zend_hash_find(EG(ini_directives), name, name_length, (void **) 
&ini_entry)==FAILURE ||
  -+        (stage == ZEND_INI_STAGE_RUNTIME && (ini_entry->modifiable & 
ZEND_INI_USER) == 0)) {                return FAILURE;
  ++        (stage == ZEND_INI_STAGE_RUNTIME && (ini_entry->modifiable & 
ZEND_INI_USER)==0)) {
  +             return FAILURE;
        }
    
  -     zend_restore_ini_entry_cb(ini_entry, stage TSRMLS_CC);
  -
  ------------------------------------------------------------------------------
  -
  -Security Fix (CVE-2006-4812)
  -
  -Index: Zend/zend_alloc.c
  ---- Zend/zend_alloc.c.orig   2006-08-10 19:16:24 +0200
  -+++ Zend/zend_alloc.c        2006-10-17 08:25:42 +0200
  -@@ -328,15 +328,14 @@
  - ZEND_API void *_ecalloc(size_t nmemb, size_t size ZEND_FILE_LINE_DC 
ZEND_FILE_LINE_ORIG_DC)
  - {
  -     void *p;
  --    int final_size = size*nmemb;
  -     
  -     HANDLE_BLOCK_INTERRUPTIONS();
  --    p = _emalloc(final_size ZEND_FILE_LINE_RELAY_CC 
ZEND_FILE_LINE_ORIG_RELAY_CC);
  -+    p = _safe_emalloc(nmemb, size, 0 ZEND_FILE_LINE_RELAY_CC 
ZEND_FILE_LINE_ORIG_RELAY_CC);
  -     if (!p) {
  -             HANDLE_UNBLOCK_INTERRUPTIONS();
  -             return (void *) p;
  -     }
  --    memset(p, 0, final_size);
  -+    memset(p, 0, size * nmemb);
  -     HANDLE_UNBLOCK_INTERRUPTIONS();
  -     return p;
  - }
  -
  ------------------------------------------------------------------------------
  -
  -Security Fix (CVE-2006-5178)
  -
  -Index: main/php_open_temporary_file.c
  ---- main/php_open_temporary_file.c.orig      2006-05-24 01:22:26 +0200
  -+++ main/php_open_temporary_file.c   2006-10-17 08:26:02 +0200
  -@@ -206,6 +206,7 @@
  - PHPAPI int php_open_temporary_fd(const char *dir, const char *pfx, char 
**opened_path_p TSRMLS_DC)
  - {
  -     int fd;
  -+    const char *temp_dir;
  - 
  -     if (!pfx) {
  -             pfx = "tmp.";
  -@@ -214,11 +215,22 @@
  -             *opened_path_p = NULL;
  -     }
  - 
  -+    if (!dir || *dir == '\0') {
  -+def_tmp:
  -+            temp_dir = php_get_temporary_directory();
  -+
  -+            if (temp_dir && *temp_dir != '\0' && 
!php_check_open_basedir(temp_dir TSRMLS_CC)) {
  -+                    return php_do_open_temporary_file(temp_dir, pfx, 
opened_path_p TSRMLS_CC);
  -+            } else {
  -+                    return -1;
  -+            }
  -+    }
  -+
  -     /* Try the directory given as parameter. */
  -     fd = php_do_open_temporary_file(dir, pfx, opened_path_p TSRMLS_CC);
  -     if (fd == -1) {
  -             /* Use default temporary directory. */
  --            fd = php_do_open_temporary_file(php_get_temporary_directory(), 
pfx, opened_path_p TSRMLS_CC);
  -+            goto def_tmp;
  -     }
  -     return fd;
  - }
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/php/php.spec
  ============================================================================
  $ cvs diff -u -r1.133 -r1.134 php.spec
  --- openpkg-src/php/php.spec  17 Oct 2006 07:02:47 -0000      1.133
  +++ openpkg-src/php/php.spec  3 Nov 2006 07:51:16 -0000       1.134
  @@ -23,7 +23,7 @@
   ##
   
   #   package versions
  -%define       V_php                     5.1.6
  +%define       V_php                     5.2.0
   %define       V_php_hardened            5.1.6-0.4.15
   
   #   package information
  @@ -37,7 +37,7 @@
   Group:        Language
   License:      PHP
   Version:      %{V_php}
  -Release:      20061017
  +Release:      20061103
   
   #   package options
   %option       with_bc                   no
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [email protected]

Reply via email to