[pkgsrc/trunk]: pkgsrc/www/php4 Add patches to fix CVE-2007-3806 referring CV...

[taca <taca%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/dd73c39963d1
branches:  trunk
changeset: 531506:dd73c39963d1
user:      taca <taca%pkgsrc.org@localhost>
date:      Wed Aug 01 01:40:54 2007 +0000

description:
Add patches to fix CVE-2007-3806 referring CVS repository.

Bump PKGREVISION.

diffstat:

 www/php4/Makefile         |   3 ++-
 www/php4/distinfo         |   3 ++-
 www/php4/patches/patch-aw |  14 ++++++++++++++
 3 files changed, 18 insertions(+), 2 deletions(-)

diffs (44 lines):

diff -r 5bab4b123266 -r dd73c39963d1 www/php4/Makefile
--- a/www/php4/Makefile Wed Aug 01 01:40:07 2007 +0000
+++ b/www/php4/Makefile Wed Aug 01 01:40:54 2007 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.78 2007/06/11 15:24:43 heinz Exp $
+# $NetBSD: Makefile,v 1.79 2007/08/01 01:40:54 taca Exp $
 
 PKGNAME=               php-${PHP_BASE_VERS}
+PKGREVISION=           1
 CATEGORIES+=           lang
 COMMENT=               HTML-embedded scripting language
 
diff -r 5bab4b123266 -r dd73c39963d1 www/php4/distinfo
--- a/www/php4/distinfo Wed Aug 01 01:40:07 2007 +0000
+++ b/www/php4/distinfo Wed Aug 01 01:40:54 2007 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.65 2007/05/06 19:50:18 adrianp Exp $
+$NetBSD: distinfo,v 1.66 2007/08/01 01:40:54 taca Exp $
 
 SHA1 (php-4.4.7.tar.bz2) = a6e2d6b5c5aa4e82a718563dc8dbb4b83fc91b78
 RMD160 (php-4.4.7.tar.bz2) = 5eb44c4b7711111dcbc9117e21ad644e9e6562f3
@@ -15,3 +15,4 @@
 SHA1 (patch-ap) = 2f852abd1e9d0f089add18b2eade2831253ad00e
 SHA1 (patch-at) = f8b3aebd61fe2d5b5a994e1d973424a1ed397f63
 SHA1 (patch-au) = f9798aa440e174f65dde574c4f3b28183b3d18bc
+SHA1 (patch-aw) = 2cdfd3c194c30f19a102bce66a68125ccfa59697
diff -r 5bab4b123266 -r dd73c39963d1 www/php4/patches/patch-aw
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/php4/patches/patch-aw Wed Aug 01 01:40:54 2007 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-aw,v 1.3 2007/08/01 01:40:55 taca Exp $
+
+Fix for CVE-2007-3806.
+
+--- ext/standard/dir.c.orig    2007-01-01 18:46:47.000000000 +0900
++++ ext/standard/dir.c
+@@ -382,6 +382,7 @@ PHP_FUNCTION(glob)
+       } 
+ #endif
+ 
++      memset(&globbuf, 0, sizeof(glob_t));
+       globbuf.gl_offs = 0;
+       if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) {
+ #ifdef GLOB_NOMATCH