[pkgsrc/trunk]: pkgsrc/lang/php53 Add a patch to fix for CVE_2012-2143 from P...

[taca <taca%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/4cec89e08439
branches:  trunk
changeset: 604479:4cec89e08439
user:      taca <taca%pkgsrc.org@localhost>
date:      Thu May 31 15:58:10 2012 +0000

description:
Add a patch to fix for CVE_2012-2143 from PHP's repository.

Bump PKGREVISION.

diffstat:

 lang/php53/Makefile                                    |   3 ++-
 lang/php53/distinfo                                    |   3 ++-
 lang/php53/patches/patch-ext_standard_crypt__freesec.c |  16 ++++++++++++++++
 3 files changed, 20 insertions(+), 2 deletions(-)

diffs (51 lines):

diff -r 22875f5fdc08 -r 4cec89e08439 lang/php53/Makefile
--- a/lang/php53/Makefile       Thu May 31 13:05:40 2012 +0000
+++ b/lang/php53/Makefile       Thu May 31 15:58:10 2012 +0000
@@ -1,9 +1,10 @@
-# $NetBSD: Makefile,v 1.28 2012/05/19 09:51:34 marino Exp $
+# $NetBSD: Makefile,v 1.29 2012/05/31 15:58:10 taca Exp $
 
 #
 # We can't omit PKGNAME here to handle PKG_OPTIONS.
 #
 PKGNAME=               php-${PHP_BASE_VERS}
+PKGREVISION=           1
 CATEGORIES=            lang
 
 HOMEPAGE=              http://www.php.net/
diff -r 22875f5fdc08 -r 4cec89e08439 lang/php53/distinfo
--- a/lang/php53/distinfo       Thu May 31 13:05:40 2012 +0000
+++ b/lang/php53/distinfo       Thu May 31 15:58:10 2012 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.41 2012/05/09 06:52:51 taca Exp $
+$NetBSD: distinfo,v 1.42 2012/05/31 15:58:10 taca Exp $
 
 SHA1 (php-5.3.13.tar.bz2) = 8a52dae3fc9e27814c15fc0ebd744bee38305248
 RMD160 (php-5.3.13.tar.bz2) = 1ad55e7bd1262471c66d2236fbba76c137960029
@@ -17,5 +17,6 @@
 SHA1 (patch-ai) = d4766893a2c47a4e4a744248dda265b0a9a66a1f
 SHA1 (patch-aj) = d611d13fcc28c5d2b9e9586832ce4b8ae5707b48
 SHA1 (patch-al) = fbbee5502e0cd1c47c6e7c15e0d54746414ec32e
+SHA1 (patch-ext_standard_crypt__freesec.c) = 5851993e4197bec2b61d6e58601173d564fed112
 SHA1 (patch-main_streams_cast.c) = c169ccb73dc660e40eff9f9e168374f35eedadad
 SHA1 (patch-php__mssql.c) = b46c688ff2d8da33ca2f9beb0eb9182b6edf7e23
diff -r 22875f5fdc08 -r 4cec89e08439 lang/php53/patches/patch-ext_standard_crypt__freesec.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/php53/patches/patch-ext_standard_crypt__freesec.c    Thu May 31 15:58:10 2012 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-ext_standard_crypt__freesec.c,v 1.1 2012/05/31 15:58:10 taca Exp $
+
+Fix for CVE_2012-2143.
+
+--- ext/standard/crypt_freesec.c.orig  2012-05-08 09:22:27.000000000 +0000
++++ ext/standard/crypt_freesec.c
+@@ -629,7 +629,8 @@ _crypt_extended_r(const char *key, const
+        */
+       q = (u_char *) keybuf;
+       while (q - (u_char *) keybuf < sizeof(keybuf)) {
+-              if ((*q++ = *key << 1))
++              *q++ = *key << 1;
++              if (*key)
+                       key++;
+       }
+       if (des_setkey((u_char *) keybuf, data))