summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorghen <ghen>2008-01-15 08:33:28 +0000
committerghen <ghen>2008-01-15 08:33:28 +0000
commit26330d362fc114d7c8e22f2372ceef8306b33115 (patch)
tree2e35778dc392f47cb4431b1b03d5b320e67276f6
parente50480464df8dbb57b0070cad53ed0eab6f0e91e (diff)
downloadpkgsrc-26330d362fc114d7c8e22f2372ceef8306b33115.tar.gz
Pullup ticket 2267 - requested by adrianp
security update for php4 - pkgsrc/lang/php4/Makefile 1.80 - pkgsrc/lang/php4/Makefile.common 1.57 - pkgsrc/lang/php4/distinfo 1.67 - pkgsrc/lang/php4/patches/patch-aw removed Module Name: pkgsrc Committed By: adrianp Date: Fri Jan 4 10:07:54 UTC 2008 Modified Files: pkgsrc/www/php4: Makefile Makefile.common distinfo Removed Files: pkgsrc/www/php4/patches: patch-aw Log Message: Update to 4.4.8 Improved fix for MOPB-02-2007. Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner. Fixed integer overlow in str[c]spn(). Fixed regression in glob when open_basedir is on introduced by 41655 fix. Fixed money_format() not to accept multiple %i or %n tokens. Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007. Fixed INFILE LOCAL option handling with MySQL - now not allowed when open_basedir or safe_mode is active. Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378). Fixed bug 43010 (Fixed regression in imagearc with two equivelent angles). Fixed bug 41765 (Recode crashes/does not work on amd64). Fixed bug 41630 (segfault when an invalid color index is present in the image data). Fixed bug 41628 (PHP settings leak between Virtual Hosts in Apache 1.3). Fixed bug 38798 (OpenSSL init corrected in php5 but not in php4).
-rw-r--r--www/php4/Makefile3
-rw-r--r--www/php4/Makefile.common4
-rw-r--r--www/php4/distinfo9
-rw-r--r--www/php4/patches/patch-aw14
4 files changed, 7 insertions, 23 deletions
diff --git a/www/php4/Makefile b/www/php4/Makefile
index 24fa415f5c6..246ebadf4c8 100644
--- a/www/php4/Makefile
+++ b/www/php4/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.79 2007/08/01 01:40:54 taca Exp $
+# $NetBSD: Makefile,v 1.79.4.1 2008/01/15 08:33:28 ghen Exp $
PKGNAME= php-${PHP_BASE_VERS}
-PKGREVISION= 1
CATEGORIES+= lang
COMMENT= HTML-embedded scripting language
diff --git a/www/php4/Makefile.common b/www/php4/Makefile.common
index a60fbf83dfb..79d289cd73f 100644
--- a/www/php4/Makefile.common
+++ b/www/php4/Makefile.common
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.56 2007/05/06 19:50:18 adrianp Exp $
+# $NetBSD: Makefile.common,v 1.56.6.1 2008/01/15 08:33:28 ghen Exp $
DISTNAME?= php-${PHP_DIST_VERS}
CATEGORIES+= www php4
@@ -18,7 +18,7 @@ HOMEPAGE?= http://www.php.net/
# PHP_DIST_VERS version number on the php distfile
# PHP_BASE_VERS pkgsrc-mangled version number (convert pl -> .)
#
-PHP_DIST_VERS= 4.4.7
+PHP_DIST_VERS= 4.4.8
PHP_BASE_VERS= ${PHP_DIST_VERS}
DISTFILES?= ${PHP_DISTFILE}
diff --git a/www/php4/distinfo b/www/php4/distinfo
index d81611d9455..91579054b74 100644
--- a/www/php4/distinfo
+++ b/www/php4/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.66 2007/08/01 01:40:54 taca Exp $
+$NetBSD: distinfo,v 1.66.4.1 2008/01/15 08:33:28 ghen Exp $
-SHA1 (php-4.4.7.tar.bz2) = a6e2d6b5c5aa4e82a718563dc8dbb4b83fc91b78
-RMD160 (php-4.4.7.tar.bz2) = 5eb44c4b7711111dcbc9117e21ad644e9e6562f3
-Size (php-4.4.7.tar.bz2) = 4543531 bytes
+SHA1 (php-4.4.8.tar.bz2) = fca6259fd3e8e3a7a37343e9a81651f5b6d4835c
+RMD160 (php-4.4.8.tar.bz2) = dedf4a1a853b19bd3fb91a6028a256facb2d3224
+Size (php-4.4.8.tar.bz2) = 4546525 bytes
SHA1 (patch-aa) = feb064407950d0fc732b7240e65cac84420d2407
SHA1 (patch-ab) = 38a4bcd0d65b26c5d8e54e22b552f60831188469
SHA1 (patch-ac) = 28288b1e79c14fb2b40eaefed0d6d2bff4775607
@@ -15,4 +15,3 @@ SHA1 (patch-ak) = 1f9fbe26c7329e1d18eec053499ee2d574b5b970
SHA1 (patch-ap) = 2f852abd1e9d0f089add18b2eade2831253ad00e
SHA1 (patch-at) = f8b3aebd61fe2d5b5a994e1d973424a1ed397f63
SHA1 (patch-au) = f9798aa440e174f65dde574c4f3b28183b3d18bc
-SHA1 (patch-aw) = 2cdfd3c194c30f19a102bce66a68125ccfa59697
diff --git a/www/php4/patches/patch-aw b/www/php4/patches/patch-aw
deleted file mode 100644
index 55d8d55a4fd..00000000000
--- a/www/php4/patches/patch-aw
+++ /dev/null
@@ -1,14 +0,0 @@
-$NetBSD: patch-aw,v 1.3 2007/08/01 01:40:55 taca Exp $
-
-Fix for CVE-2007-3806.
-
---- ext/standard/dir.c.orig 2007-01-01 18:46:47.000000000 +0900
-+++ ext/standard/dir.c
-@@ -382,6 +382,7 @@ PHP_FUNCTION(glob)
- }
- #endif
-
-+ memset(&globbuf, 0, sizeof(glob_t));
- globbuf.gl_offs = 0;
- if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) {
- #ifdef GLOB_NOMATCH