head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.10 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.8 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.6 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.4 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.2 pkgsrc-2009Q4-base:1.2 pkgsrc-2009Q3:1.1.0.2; locks; strict; comment @# @; 1.2 date 2009.12.23.07.07.34; author taca; state dead; branches; next 1.1; 1.1 date 2009.11.30.06.14.08; author taca; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2009.11.30.06.14.08; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2009.11.30.23.10.20; author tron; state Exp; branches; next 1.1.2.3; 1.1.2.3 date 2009.12.23.19.09.51; author spz; state dead; branches; next ; desc @@ 1.2 log @Update lang/php5 to 5.2.12, security update. Security Enhancements and Fixes in PHP 5.2.12: * Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus) * Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus) * Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion, identified by Bogdan Calin. (CVE-2009-4017, Ilia) * Added protection for $_SESSION from interrupt corruption and improved "session.save_path" check, identified by Stefan Esser. (CVE-2009-4143, Stas) * Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com) Key enhancements in PHP 5.2.12 include: * Fixed unnecessary invocation of setitimer when timeouts have been disabled. (Arvind Srinivasan) * Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre) * Fixed crash in SQLiteDatabase::ArrayQuery() and SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe) * Fixed crash when instantiating PDORow and PDOStatement through Reflection. (Felipe) * Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe) * Fixed bug #50207 (segmentation fault when concatenating very large strings on 64bit linux). (Ilia) * Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle database). (Felipe) * Fixed bug #50006 (Segfault caused by uksort()). (Felipe) * Fixed bug #50005 (Throwing through Reflection modified Exception object makes segmentation fault). (Felipe) * Fixed bug #49174 (crash when extending PDOStatement and trying to set queryString property). (Felipe) * Fixed bug #49098 (mysqli segfault on error). (Rasmus) * Over 50 other bug fixes. @ text @$NetBSD: patch-bb,v 1.1 2009/11/30 06:14:08 taca Exp $ Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557: http://svn.php.net/viewvc?view=revision&revision=288945 http://svn.php.net/viewvc?view=revision&revision=288971 --- ext/standard/file.c.orig 2009-11-30 10:04:51.000000000 +0900 +++ ext/standard/file.c @@@@ -838,6 +838,10 @@@@ PHP_FUNCTION(tempnam) convert_to_string_ex(arg1); convert_to_string_ex(arg2); + if (PG(safe_mode) &&(!php_checkuid(Z_STRVAL_PP(arg1), NULL, CHECKUID_ALLOW_ONLY_DIR))) { + RETURN_FALSE; + } + if (php_check_open_basedir(Z_STRVAL_PP(arg1) TSRMLS_CC)) { RETURN_FALSE; } @ 1.1 log @Add fixes for http://secunia.com/advisories/37412/ from PHP's repositry. 1. CVE-2009-3292 is already fixed in 5.2.11. 2. CVE-2009-3558 http://svn.php.net/viewvc?view=revision&revision=288934 3. CVE-2009-3557 http://svn.php.net/viewvc?view=revision&revision=288945 http://svn.php.net/viewvc?view=revision&revision=288971 4. CVE-2009-4017 http://svn.php.net/viewvc?view=revision&revision=289990 http://svn.php.net/viewvc?view=revision&revision=290820 http://svn.php.net/viewvc?view=revision&revision=290885 Other pkgsrc changes: * Don't hardcord /usr/pkg in php.ini-dist and php.ini-recommended. * Add comments to some of patch files. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-bb was added on branch pkgsrc-2009Q3 on 2009-11-30 23:10:20 +0000 @ text @d1 19 @ 1.1.2.2 log @Pullup ticket #2939 - requested by taca php5: security patch Revisions pulled up: - lang/php5/Makefile 1.73-1.74 - lang/php5/distinfo 1.69-1.70 - lang/php5/patches/patch-ag 1.3 - lang/php5/patches/patch-ah 1.2 - lang/php5/patches/patch-ay 1.2 - lang/php5/patches/patch-az 1.1-1.2 - lang/php5/patches/patch-ba 1.1 - lang/php5/patches/patch-bb 1.1 - lang/php5/patches/patch-bc 1.1 - lang/php5/patches/patch-bd 1.1 --- Module Name: pkgsrc Committed By: taca Date: Thu Oct 22 14:49:06 UTC 2009 Modified Files: pkgsrc/lang/php5: Makefile distinfo Added Files: pkgsrc/lang/php5/patches: patch-az Log Message: Add patch to check byte sequence more strictly in htmlspecialchars(). http://bugs.php.net/bug.php?id=49785 These are patch refrects r289411, r289554, r289565, r289567 and r289605 in PHP svn repositry. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Mon Nov 30 06:14:08 UTC 2009 Modified Files: pkgsrc/lang/php5: Makefile distinfo pkgsrc/lang/php5/patches: patch-ag patch-ah patch-ay patch-az Added Files: pkgsrc/lang/php5/patches: patch-ba patch-bb patch-bc patch-bd Log Message: Add fixes for http://secunia.com/advisories/37412/ from PHP's repositry. 1. CVE-2009-3292 is already fixed in 5.2.11. 2. CVE-2009-3558 http://svn.php.net/viewvc?view=revision&revision=288934 3. CVE-2009-3557 http://svn.php.net/viewvc?view=revision&revision=288945 http://svn.php.net/viewvc?view=revision&revision=288971 4. CVE-2009-4017 http://svn.php.net/viewvc?view=revision&revision=289990 http://svn.php.net/viewvc?view=revision&revision=290820 http://svn.php.net/viewvc?view=revision&revision=290885 Other pkgsrc changes: * Don't hardcord /usr/pkg in php.ini-dist and php.ini-recommended. * Add comments to some of patch files. Bump PKGREVISION. @ text @a0 19 $NetBSD: patch-bb,v 1.1 2009/11/30 06:14:08 taca Exp $ Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557: http://svn.php.net/viewvc?view=revision&revision=288945 http://svn.php.net/viewvc?view=revision&revision=288971 --- ext/standard/file.c.orig 2009-11-30 10:04:51.000000000 +0900 +++ ext/standard/file.c @@@@ -838,6 +838,10 @@@@ PHP_FUNCTION(tempnam) convert_to_string_ex(arg1); convert_to_string_ex(arg2); + if (PG(safe_mode) &&(!php_checkuid(Z_STRVAL_PP(arg1), NULL, CHECKUID_ALLOW_ONLY_DIR))) { + RETURN_FALSE; + } + if (php_check_open_basedir(Z_STRVAL_PP(arg1) TSRMLS_CC)) { RETURN_FALSE; } @ 1.1.2.3 log @Pullup ticket 2955 - requested by taca security update Revisions pulled up: - pkgsrc/lang/php5/Makefile 1.75 - pkgsrc/lang/php5/Makefile.common 1.39 - pkgsrc/lang/php5/PLIST 1.25 - pkgsrc/lang/php5/distinfo 1.71 - pkgsrc/lang/php5/patches/patch-ag 1.4 - pkgsrc/lang/php5/patches/patch-ah 1.3 - pkgsrc/textproc/php5-xsl/Makefile 1.13 Files removed: pkgsrc/lang/php5/patches/patch-ay pkgsrc/lang/php5/patches/patch-az pkgsrc/lang/php5/patches/patch-ba pkgsrc/lang/php5/patches/patch-bb pkgsrc/lang/php5/patches/patch-bc pkgsrc/lang/php5/patches/patch-bd ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Wed Dec 23 07:07:35 UTC 2009 Modified Files: pkgsrc/lang/php5: Makefile Makefile.common PLIST distinfo pkgsrc/lang/php5/patches: patch-ag patch-ah Removed Files: pkgsrc/lang/php5/patches: patch-ay patch-az patch-ba patch-bb patch-bc patch-bd Log Message: Update lang/php5 to 5.2.12, security update. Security Enhancements and Fixes in PHP 5.2.12: * Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus) * Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus) * Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion, identified by Bogdan Calin. (CVE-2009-4017, Ilia) * Added protection for $_SESSION from interrupt corruption and improved "session.save_path" check, identified by Stefan Esser. (CVE-2009-4143, Stas) * Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com) Key enhancements in PHP 5.2.12 include: * Fixed unnecessary invocation of setitimer when timeouts have been disabled. (Arvind Srinivasan) * Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre) * Fixed crash in SQLiteDatabase::ArrayQuery() and SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe) * Fixed crash when instantiating PDORow and PDOStatement through Reflection. (Felipe) * Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe) * Fixed bug #50207 (segmentation fault when concatenating very large strings on 64bit linux). (Ilia) * Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle database). (Felipe) * Fixed bug #50006 (Segfault caused by uksort()). (Felipe) * Fixed bug #50005 (Throwing through Reflection modified Exception object makes segmentation fault). (Felipe) * Fixed bug #49174 (crash when extending PDOStatement and trying to set queryString property). (Felipe) * Fixed bug #49098 (mysqli segfault on error). (Rasmus) * Over 50 other bug fixes. To generate a diff of this commit: cvs rdiff -u -r1.74 -r1.75 pkgsrc/lang/php5/Makefile cvs rdiff -u -r1.38 -r1.39 pkgsrc/lang/php5/Makefile.common cvs rdiff -u -r1.24 -r1.25 pkgsrc/lang/php5/PLIST cvs rdiff -u -r1.70 -r1.71 pkgsrc/lang/php5/distinfo cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/php5/patches/patch-ag cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/php5/patches/patch-ah cvs rdiff -u -r1.2 -r0 pkgsrc/lang/php5/patches/patch-ay \ pkgsrc/lang/php5/patches/patch-az cvs rdiff -u -r1.1 -r0 pkgsrc/lang/php5/patches/patch-ba \ pkgsrc/lang/php5/patches/patch-bb pkgsrc/lang/php5/patches/patch-bc \ pkgsrc/lang/php5/patches/patch-bd -------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Wed Dec 23 07:08:31 UTC 2009 Modified Files: pkgsrc/textproc/php5-xsl: Makefile Log Message: Reset PKGREVISION by implicit update to 5.2.12. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 pkgsrc/textproc/php5-xsl/Makefile @ text @d1 1 a1 1 $NetBSD: patch-bb,v 1.1.2.2 2009/11/30 23:10:20 tron Exp $ @