[pkgsrc/trunk]: pkgsrc PHP4/5 security changes... They're not critical issue...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc PHP4/5 security changes... They're not critical issue...
From: cube <cube%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 03:21:21 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/c61938f7e695
branches:  trunk
changeset: 511430:c61938f7e695
user:      cube <cube%pkgsrc.org@localhost>
date:      Fri Apr 14 13:47:29 2006 +0000

description:
PHP4/5 security changes...  They're not critical issues;  secunia classes
them between "not critical" and "less critical".

Fix CVE-2006-0996, CVE-2006-1494, CVE-2006-1608, CVE-2006-1490.

See:
    http://secunia.com/advisories/19383/
    http://secunia.com/advisories/19599/

Patches were extracted from CVS.  I had to translate the one for
CVE-2006-1608 on php4 because it has not made its way to the php4.4 branch
(I don't know why;  I can confirm it fixes the issue).

While here, add PATCHDIR to the list of variables php5's Makefile.php
defines.  That way, ap-php gets patched too...

diffstat:

 lang/php5/Makefile     |  4 ++--
 lang/php5/Makefile.php |  3 ++-
 lang/php5/distinfo     |  5 ++++-
 www/ap-php/Makefile    |  4 ++--
 www/php4/Makefile      |  3 ++-
 www/php4/distinfo      |  5 ++++-
 6 files changed, 16 insertions(+), 8 deletions(-)

diffs (86 lines):

diff -r 9f2511952086 -r c61938f7e695 lang/php5/Makefile
--- a/lang/php5/Makefile        Fri Apr 14 13:43:23 2006 +0000
+++ b/lang/php5/Makefile        Fri Apr 14 13:47:29 2006 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.28 2006/02/17 09:48:01 adam Exp $
+# $NetBSD: Makefile,v 1.29 2006/04/14 13:47:29 cube Exp $
 
 PKGNAME=               php-${PHP_BASE_VERS}
-#PKGREVISION=          1
+PKGREVISION=           1
 CATEGORIES=            lang
 
 HOMEPAGE=              http://www.php.net/
diff -r 9f2511952086 -r c61938f7e695 lang/php5/Makefile.php
--- a/lang/php5/Makefile.php    Fri Apr 14 13:43:23 2006 +0000
+++ b/lang/php5/Makefile.php    Fri Apr 14 13:47:29 2006 +0000
@@ -1,9 +1,10 @@
-# $NetBSD: Makefile.php,v 1.17 2005/12/05 23:55:10 rillig Exp $
+# $NetBSD: Makefile.php,v 1.18 2006/04/14 13:47:29 cube Exp $
 #
 
 .include "../../lang/php5/Makefile.common"
 
 DISTINFO_FILE= ${.CURDIR}/../../lang/php5/distinfo
+PATCHDIR=      ${.CURDIR}/../../lang/php5/patches
 
 BUILD_DEFS+=           USE_INET6
 
diff -r 9f2511952086 -r c61938f7e695 lang/php5/distinfo
--- a/lang/php5/distinfo        Fri Apr 14 13:43:23 2006 +0000
+++ b/lang/php5/distinfo        Fri Apr 14 13:47:29 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.14 2006/02/06 06:39:59 martti Exp $
+$NetBSD: distinfo,v 1.15 2006/04/14 13:47:29 cube Exp $
 
 SHA1 (php-5.1.2.tar.bz2) = f6acc67c293345ad22065768f3049834cb8a912e
 RMD160 (php-5.1.2.tar.bz2) = 1e21b5ba280b7efc8197802c673bb5d4e9dc9f8e
@@ -8,3 +8,6 @@
 SHA1 (patch-aj) = 54812097499c81e5cb0196ab949cc86a4f24a9cc
 SHA1 (patch-ak) = 2d5264d33ebef631d4a2d0cdf8a2ed365bdbeb7e
 SHA1 (patch-ao) = 60fec83647ca5924a38bf4d5e8abb51feba1620e
+SHA1 (patch-ap) = 79bb4da2c98cc5dc43e66d1a7a940b34401b3811
+SHA1 (patch-aq) = 3dede277476e99d927a5333d82ae9096b96e58f7
+SHA1 (patch-ar) = 819b84c4dbb9973159d2c2fe11f77044f6b4d0b9
diff -r 9f2511952086 -r c61938f7e695 www/ap-php/Makefile
--- a/www/ap-php/Makefile       Fri Apr 14 13:43:23 2006 +0000
+++ b/www/ap-php/Makefile       Fri Apr 14 13:47:29 2006 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.8 2006/02/05 23:11:17 joerg Exp $
+# $NetBSD: Makefile,v 1.9 2006/04/14 13:47:30 cube Exp $
 #
 
 PKGNAME=               ap-php-${PHP_BASE_VERS}
-PKGREVISION=           5
+PKGREVISION=           6
 COMMENT=               Apache (${PKG_APACHE}) module for ${PKG_PHP}
 
 APACHE_MODULE=         YES
diff -r 9f2511952086 -r c61938f7e695 www/php4/Makefile
--- a/www/php4/Makefile Fri Apr 14 13:43:23 2006 +0000
+++ b/www/php4/Makefile Fri Apr 14 13:47:29 2006 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.62 2006/03/03 07:11:34 cube Exp $
+# $NetBSD: Makefile,v 1.63 2006/04/14 13:47:30 cube Exp $
 
 PKGNAME=               php-${PHP_BASE_VERS}
+PKGREVISION=           1
 CATEGORIES+=           lang
 COMMENT=               HTML-embedded scripting language
 
diff -r 9f2511952086 -r c61938f7e695 www/php4/distinfo
--- a/www/php4/distinfo Fri Apr 14 13:43:23 2006 +0000
+++ b/www/php4/distinfo Fri Apr 14 13:47:29 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.51 2006/03/06 15:57:58 cube Exp $
+$NetBSD: distinfo,v 1.52 2006/04/14 13:47:30 cube Exp $
 
 SHA1 (php-4.4.2.tar.bz2) = 88f2e9efff0add8d8e3034d4ce3a948429b88756
 RMD160 (php-4.4.2.tar.bz2) = cbef0fa4e233529422bc0944dcfb79d866013f5e
@@ -13,3 +13,6 @@
 SHA1 (patch-al) = 28ad9006b387e2b9984ad49beea21c9d46e63b46
 SHA1 (patch-ao) = cd30bbff10f1d045c829f72d94304c9dcf202fc6
 SHA1 (patch-ap) = 2f852abd1e9d0f089add18b2eade2831253ad00e
+SHA1 (patch-aq) = 00f410eb61624aee0c68d2fd6802a6be7adb373e
+SHA1 (patch-ar) = 5606c1ec5a7afaeda2e3cc7879cc0caa4f86ca68
+SHA1 (patch-as) = 7987c293d2290aa5e68fba87d0aa759797ace40d

Prev by Date: [pkgsrc/trunk]: pkgsrc/devel/glibmm Chanes 2.8.6:
Next by Date: [pkgsrc/pkgsrc-2006Q4]: pkgsrc/doc #2052
Previous by Thread: [pkgsrc/trunk]: pkgsrc/devel/glibmm Chanes 2.8.6:
Next by Thread: [pkgsrc/pkgsrc-2006Q4]: pkgsrc/doc #2052
Indexes:

Home | Main Index | Thread Index | Old Index