Subject: Re: PHP 4.2.1 status?
To: None <tech-pkg@netbsd.org>
From: Makoto Fujiwara <makoto@ki.nu>
List: tech-pkg
Date: 09/01/2002 14:15:43
--Multipart_Sun_Sep__1_14:15:43_2002-1
Content-Type: text/plain; charset=US-ASCII

Just for FYI,

It seems to have some vulnerabilities on 4.2.1 or 4.2.0,
so I have updated to 4.2.2 with following patch,

(Although it includes some extra flags for multibytes and
session control)
---
Makoto Fujiwara, 

--Multipart_Sun_Sep__1_14:15:43_2002-1
Content-Type: text/plain; charset=US-ASCII

Index: Makefile
===================================================================
RCS file: /cvs/cvsroot/pkgsrc/www/php4/Makefile,v
retrieving revision 1.25
diff -u -r1.25 Makefile
--- Makefile	2002/08/26 00:16:57	1.25
+++ Makefile	2002/09/01 04:49:26
@@ -33,17 +33,20 @@
 
 CONF_FILES=	${EGDIR}/php.ini-recommended ${PKG_SYSCONFDIR}/php.ini
 OWN_DIRS=	${PREFIX}/${PHP_EXTENSION_DIR}
+CONFIGURE_ARGS+= --enable-i18n --enable-mbstring --enable-mbstr-enc-trans
+CONFIGURE_ARGS+= --enable-trans-sid --enable-session
 
+
 post-install:
-	${RMDIR} ${PREFIX}/include/php/ext/xml/expat/xmltok
-	${RMDIR} ${PREFIX}/include/php/ext/xml/expat/xmlparse
-	${RMDIR} ${PREFIX}/include/php/ext/xml/expat
+	if [  -d ${PREFIX}/include/php/ext/xml/expat ]; then   \
+		${RM} -rf ${PREFIX}/include/php/ext/xml/expat; \
+	fi
 	${INSTALL_DATA_DIR} ${CGIDIR}
 	${LN} -sf ../../bin/php ${CGIDIR}/php
 	${INSTALL_DATA_DIR} ${EGDIR}
 	cd ${WRKSRC}; ${INSTALL_DATA} php.ini-dist php.ini-recommended ${EGDIR}
 	${INSTALL_DATA_DIR} ${PREFIX}/share/php
-	${INSTALL_DATA} ${WRKSRC}/php4.gif ${PREFIX}/share/php
+	${INSTALL_DATA} ${WRKSRC}/php.gif ${PREFIX}/share/php
 
 .include "../../mk/bsd.pkg.install.mk"
 .include "../../mk/bsd.pkg.mk"
Index: Makefile.common
===================================================================
RCS file: /cvs/cvsroot/pkgsrc/www/php4/Makefile.common,v
retrieving revision 1.25
diff -u -r1.25 Makefile.common
--- Makefile.common	2002/04/12 17:59:57	1.25
+++ Makefile.common	2002/09/01 04:49:26
@@ -14,7 +14,7 @@
 # PHP_DIST_VERS		version number on the php distfile
 # PHP_BASE_VERS		pkgsrc-mangled version number (convert pl -> .)
 #
-PHP_DIST_VERS=		4.1.2
+PHP_DIST_VERS=		4.2.2
 PHP_BASE_VERS=		${PHP_DIST_VERS}
 
 DISTFILES?=		${PHP_DISTFILE}
Index: PLIST
===================================================================
RCS file: /cvs/cvsroot/pkgsrc/www/php4/PLIST,v
retrieving revision 1.4
diff -u -r1.4 PLIST
--- PLIST	2002/02/28 06:14:46	1.4
+++ PLIST	2002/09/01 04:49:27
@@ -240,7 +240,7 @@
 libexec/cgi-bin/php
 share/examples/php/php.ini-dist
 share/examples/php/php.ini-recommended
-share/php/php4.gif
+share/php/php.gif
 @dirrm share/php
 @dirrm share/examples/php
 @dirrm lib/php/build
Index: distinfo
===================================================================
RCS file: /cvs/cvsroot/pkgsrc/www/php4/distinfo,v
retrieving revision 1.11
diff -u -r1.11 distinfo
--- distinfo	2002/08/26 00:42:59	1.11
+++ distinfo	2002/09/01 04:49:27
@@ -1,10 +1,12 @@
 $NetBSD: distinfo,v 1.11 2002/08/26 00:42:59 grant Exp $
 
 SHA1 (php-4.1.2.tar.gz) = fc4f9685b2b26d6e12af2e746a34fadfe57f0466
+SHA1 (php-4.2.2.tar.gz) = fc90b8f82b30367600dfece2fdd1ee00d05b02b5
 Size (php-4.1.2.tar.gz) = 3359964 bytes
+Size (php-4.2.2.tar.gz) = 3398911 bytes
 SHA1 (patch-aa) = 08f98c6b41c24a2aa8fa417bba50cf0cb5f711af
-SHA1 (patch-ac) = 9478c18dbe18e8c4c05dffce31fa3f923562c832
-SHA1 (patch-ad) = 4ac02d0e0e5bd612254020d46292534a0e9445b0
+SHA1 (patch-ac) = 5b49f843beb045ee0597aa4d3de199b2c0c8f1b5
+SHA1 (patch-ad) = 92fdb2cacd04fdfd74edb63efe1b6b068766efb9
 SHA1 (patch-ae) = e7acc06a63f47053c81ab442b53c68d89d122f78
 SHA1 (patch-af) = 34ec060ed3cdbcfc44286323f85f9938a79b0444
 SHA1 (patch-ag) = 91e84f6d6862a328d3f66f87260e8f2b2953fc11
Index: patches/patch-ac
===================================================================
RCS file: /cvs/cvsroot/pkgsrc/www/php4/patches/patch-ac,v
retrieving revision 1.5
diff -u -r1.5 patch-ac
--- patches/patch-ac	2001/12/31 23:54:25	1.5
+++ patches/patch-ac	2002/09/01 04:49:27
@@ -1,11 +1,11 @@
 $NetBSD: patch-ac,v 1.5 2001/12/31 23:54:25 jlam Exp $
 
---- acinclude.m4.orig	Sat Nov 17 19:33:19 2001
-+++ acinclude.m4
-@@ -341,10 +341,19 @@
+--- acinclude.m4.orig	Sun Apr 28 10:40:05 2002
++++ acinclude.m4	Fri Aug 30 23:29:15 2002
+@@ -363,11 +363,20 @@
+   ext_shared=no
    ;;
  esac
- 
 +dnl Having php_always_shared=yes override the configure options breaks
 +dnl because it's assumed that the answer to every question is yes.  We
 +dnl really only want just the ext_shared=yes to denote that we'll be
@@ -17,14 +17,15 @@
 +dnl   test "[$]$1" = "no" && $1=yes
 +dnl fi
 +
+ 
  if test "$php_always_shared" = "yes"; then
 -  ext_output="yes, shared"
    ext_shared=yes
 -  test "[$]$1" = "no" && $1=yes
  fi
  
- AC_MSG_RESULT($ext_output)
-@@ -675,7 +684,7 @@
+ if test -n "$2"; then
+@@ -704,7 +713,7 @@
    if test "$1" != "/usr/lib"; then
      PHP_EXPAND_PATH($1, ai_p)
      if test "$ext_shared" = "yes" && test -n "$2"; then
Index: patches/patch-ad
===================================================================
RCS file: /cvs/cvsroot/pkgsrc/www/php4/patches/patch-ad,v
retrieving revision 1.10
diff -u -r1.10 patch-ad
--- patches/patch-ad	2002/08/26 00:42:34	1.10
+++ patches/patch-ad	2002/09/01 04:49:27
@@ -1,31 +1,19 @@
 $NetBSD: patch-ad,v 1.10 2002/08/26 00:42:34 grant Exp $
 
---- configure.orig	Wed Feb 27 04:18:32 2002
-+++ configure
-@@ -5138,11 +5138,6 @@
-   fi
+--- configure.orig	Sun Jul 21 21:56:19 2002
++++ configure	Fri Aug 30 23:39:19 2002
+@@ -5713,10 +5713,6 @@
  
+   fi
  
 -if test -d /usr/pkg/include -a -d /usr/pkg/lib ; then
 -       CPPFLAGS="$CPPFLAGS -I/usr/pkg/include"
 -       LDFLAGS="$LDFLAGS -L/usr/pkg/lib"
 -fi
--
  INCLUDES="$INCLUDES -I\$(top_builddir)/Zend"
- 
- 
-@@ -16148,10 +16143,6 @@
- 
- else
-   echo "$ac_t""no" 1>&6
--  cat >> confdefs.h <<\EOF
--#define HAVE_DBA 0
--EOF
--
- fi
- 
- 
-@@ -23572,19 +23563,10 @@
+ test -d /usr/ucblib && 
+   if test "/usr/ucblib" != "/usr/lib"; then
+@@ -27119,19 +27115,10 @@
  
  
    else
@@ -45,7 +33,7 @@
    echo "$ac_t""no" 1>&6
  
  fi
-@@ -58680,7 +58662,7 @@
+@@ -73169,7 +73156,7 @@
  
  TSRM_LIB='TSRM/libtsrm.la'
  TSRM_DIR=TSRM
@@ -54,7 +42,7 @@
  
  if test "$ZEND_EXPERIMENTAL_ZTS" = "yes"; then
    cat >> confdefs.h <<\EOF
-@@ -63418,7 +63400,7 @@
+@@ -73963,7 +73950,7 @@
  
  if test "$enable_debug" != "yes"; then
    
@@ -63,3 +51,4 @@
  
  fi
  
+

--Multipart_Sun_Sep__1_14:15:43_2002-1--