commit 55766199e8fc4d32f1523a586d34714da317e050 Author: Elan Ruusamäe <g...@delfi.ee> Date: Fri Feb 27 18:12:25 2015 +0200
up to 5.6.6, fixes for CVE-2015-0235 and CVE-2015-0273 php-fcgi-error_log-no-newlines.patch | 22 +++++++++++----------- php.spec | 6 +++--- 2 files changed, 14 insertions(+), 14 deletions(-) --- diff --git a/php.spec b/php.spec index cdd2d8a..41b553c 100644 --- a/php.spec +++ b/php.spec @@ -134,7 +134,7 @@ ERROR: You need to select at least one Apache SAPI to build shared modules. %undefine with_filter %endif -%define rel 4 +%define rel 1 %define orgname php %define ver_suffix 56 %define php_suffix %{!?with_default_php:%{ver_suffix}} @@ -145,13 +145,13 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 5.6.5 +Version: 5.6.6 Release: %{rel}%{?with_type_hints:.th} Epoch: 4 License: PHP Group: Libraries Source0: http://www.php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: 541a480e1f8747219074c99f3e9edbcc +# Source0-md5: ed0c9ad2419fffde1d8c03a2d8164179 Source2: %{orgname}-mod_%{orgname}.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini diff --git a/php-fcgi-error_log-no-newlines.patch b/php-fcgi-error_log-no-newlines.patch index e35648e..cedf82c 100644 --- a/php-fcgi-error_log-no-newlines.patch +++ b/php-fcgi-error_log-no-newlines.patch @@ -1,16 +1,16 @@ ---- ./sapi/cgi/cgi_main.c~ 2007-08-09 02:51:57.000000000 +0300 -+++ ./sapi/cgi/cgi_main.c 2007-09-05 20:54:19.390089070 +0300 -@@ -558,12 +558,7 @@ +--- php-5.6.6/sapi/cgi/cgi_main.c~ 2015-02-27 18:09:34.000000000 +0200 ++++ php-5.6.6/sapi/cgi/cgi_main.c 2015-02-27 18:11:26.296171361 +0200 +@@ -737,12 +737,8 @@ request = (fcgi_request*) SG(server_context); - if (request) { - int len = strlen(message); + if (request) { + int ret, len = strlen(message); - char *buf = malloc(len+2); -- + - memcpy(buf, message, len); - memcpy(buf + len, "\n", sizeof("\n")); -- fcgi_write(request, FCGI_STDERR, buf, len+1); +- ret = fcgi_write(request, FCGI_STDERR, buf, len + 1); - free(buf); -+ fcgi_write(request, FCGI_STDERR, message, len); - } else { - fprintf(stderr, "%s\n", message); - } ++ ret = fcgi_write(request, FCGI_STDERR, message, len); + if (ret < 0) { + php_handle_aborted_connection(); + } ================================================================ ---- gitweb: http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/55766199e8fc4d32f1523a586d34714da317e050 _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit