Here is an update to pecl-APC 3.1.7.
I don't use this opcode cache so please test.
Index: Makefile
===================================================================
RCS file: /home/cvs/ports/www/pecl-APC/Makefile,v
retrieving revision 1.15
diff -u -p -r1.15 Makefile
--- Makefile 22 Nov 2010 08:36:52 -0000 1.15
+++ Makefile 16 Jan 2011 06:21:55 -0000
@@ -4,7 +4,7 @@ SHARED_ONLY= Yes
COMMENT= Alternative PHP Cache
-DISTNAME= APC-3.1.2
+DISTNAME= APC-3.1.7
PKGNAME= pecl-${DISTNAME}
CATEGORIES= www
@@ -12,7 +12,7 @@ HOMEPAGE= http://pecl.php.net/package/AP
MAINTAINER= William Yodlowsky <b...@openbsd.rutgers.edu>
-# PHP License
+# PHP
PERMIT_PACKAGE_CDROM= Yes
PERMIT_PACKAGE_FTP= Yes
PERMIT_DISTFILES_CDROM= Yes
Index: distinfo
===================================================================
RCS file: /home/cvs/ports/www/pecl-APC/distinfo,v
retrieving revision 1.6
diff -u -p -r1.6 distinfo
--- distinfo 22 Apr 2009 21:24:09 -0000 1.6
+++ distinfo 16 Jan 2011 06:22:01 -0000
@@ -1,5 +1,5 @@
-MD5 (APC-3.1.2.tgz) = ChjPFks+BE4n7dTB2MMUXA==
-RMD160 (APC-3.1.2.tgz) = DisETjfhYfpEnV0npyGBIFrffhg=
-SHA1 (APC-3.1.2.tgz) = rr2GawZ3mBTpr1rhaUhoc0fFAFQ=
-SHA256 (APC-3.1.2.tgz) = B4WUrCCOcfRpUpjDLIrBDP70mwnvCESywkJnag6qVF4=
-SIZE (APC-3.1.2.tgz) = 123459
+MD5 (APC-3.1.7.tgz) = lCOYZuXRuQ4CZ16Yily61A==
+RMD160 (APC-3.1.7.tgz) = Ujw7auxrcSqJ42JDy3vyoyl656w=
+SHA1 (APC-3.1.7.tgz) = /TCqecdjLz2pAZM3apEVLRV/qR8=
+SHA256 (APC-3.1.7.tgz) = mlJr2qUeyOhMJBPg+cFQmblRw5yZVDn/L1SjNAqHm3Y=
+SIZE (APC-3.1.7.tgz) = 152735
Index: patches/patch-apc_php
===================================================================
RCS file: patches/patch-apc_php
diff -N patches/patch-apc_php
--- patches/patch-apc_php 22 Apr 2009 21:24:09 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,37 +0,0 @@
-$OpenBSD: patch-apc_php,v 1.2 2009/04/22 21:24:09 jasper Exp $
-
-"Get rid of very contrived local-user XSS - can't be triggered from external"
-from upstream CVS
-
---- apc.php.orig Fri Dec 12 12:37:26 2008
-+++ apc.php Wed Apr 22 10:32:53 2009
-@@ -61,7 +61,7 @@ function defaults($d,$v) {
-
- // rewrite $PHP_SELF to block XSS attacks
- //
--$PHP_SELF= isset($_SERVER['PHP_SELF']) ?
htmlentities(strip_tags($_SERVER['PHP_SELF'],''), ENT_QUOTES) : '';
-+$PHP_SELF= isset($_SERVER['PHP_SELF']) ?
htmlentities(strip_tags($_SERVER['PHP_SELF'],''), ENT_QUOTES, 'UTF-8') : '';
- $time = time();
- $host = getenv('HOSTNAME');
- if($host) { $host = '('.$host.')'; }
-@@ -1091,7 +1091,7 @@ EOB;
- }
- if (!$AUTHENTICATED) {
- // hide all path entries if not logged in
--
$list[$k.$entry[$fieldname]]=preg_replace('/^.*(\\/|\\\\)/','<i><hidden></i>/',$entry);
-+
$list[$k.$entry[$fieldname]]=preg_replace('/^.*(\\/|\\\\)/','*hidden*/',$entry);
- } else {
- $list[$k.$entry[$fieldname]]=$entry;
- }
-@@ -1110,9 +1110,10 @@ EOB;
- $i=0;
- foreach($list as $k => $entry) {
- if(!$MYREQUEST['SEARCH'] || preg_match($MYREQUEST['SEARCH'],
$entry[$fieldname]) != 0) {
-+ $field_value = htmlentities(strip_tags($entry[$fieldname],''),
ENT_QUOTES, 'UTF-8');
- echo
- '<tr class=tr-',$i%2,'>',
-- "<td class=td-0><a
href=\"$MY_SELF&OB=",$MYREQUEST['OB'],"&SH=",md5($entry[$fieldkey]),"\">",$entry[$fieldname],'</a></td>',
-+ "<td class=td-0><a
href=\"$MY_SELF&OB=",$MYREQUEST['OB'],"&SH=",md5($entry[$fieldkey]),"\">",$field_value,'</a></td>',
- '<td class="td-n center">',$entry['num_hits'],'</td>',
- '<td class="td-n right">',$entry['mem_size'],'</td>',
- '<td class="td-n
center">',date(DATE_FORMAT,$entry['access_time']),'</td>',
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
