[packages/php] up to 5.3.23; fixes for CVE-2013-1643 and CVE-2013-1635

Tue Mar 19 17:15:07 CET 2013

commit c98ae78e2dae5935ffec4657941ee1ed2a436001
Author: Elan Ruusamäe <glen at delfi.ee>
Date:   Tue Mar 19 17:54:32 2013 +0200

    up to 5.3.23; fixes for CVE-2013-1643 and CVE-2013-1635

 php.spec      |  6 +++---
 suhosin.patch | 31 -------------------------------
 2 files changed, 3 insertions(+), 34 deletions(-)
---

diff --git a/php.spec b/php.spec
index 121307c..079691a 100644
--- a/php.spec
+++ b/php.spec
@@ -118,7 +118,7 @@ ERROR: You need to select at least one Apache SAPI to build shared modules.
 %define		php_suffix %{nil}
 %endif
 
-%define		rel	2
+%define		rel	1
 Summary:	PHP: Hypertext Preprocessor
 Summary(fr.UTF-8):	Le langage de script embarque-HTML PHP
 Summary(pl.UTF-8):	Język skryptowy PHP
@@ -126,13 +126,13 @@ Summary(pt_BR.UTF-8):	A linguagem de script PHP
 Summary(ru.UTF-8):	PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере
 Summary(uk.UTF-8):	PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері
 Name:		%{orgname}%{php_suffix}
-Version:	5.3.22
+Version:	5.3.23
 Release:	%{rel}%{?with_type_hints:.th}%{?with_oci8:.oci}
 Epoch:		4
 License:	PHP
 Group:		Libraries
 Source0:	http://www.php.net/distributions/%{orgname}-%{version}.tar.bz2
-# Source0-md5:	bf351426fc7f97aa13914062958a6100
+# Source0-md5:	ab7bd1dd3bbc8364cb9fcaa2d79fb502
 Source2:	%{orgname}-mod_%{orgname}.conf
 Source3:	%{orgname}-cgi-fcgi.ini
 Source4:	%{orgname}-apache.ini
diff --git a/suhosin.patch b/suhosin.patch
index b561e63..2a22f75 100644
--- a/suhosin.patch
+++ b/suhosin.patch
@@ -4504,37 +4504,6 @@ diff -Nura php-5.3.9/Zend/zend_variables.c suhosin-patch-5.3.9-0.9.10/Zend/zend_
  			break;
  		case IS_ARRAY:
  		case IS_CONSTANT_ARRAY:
-diff -Nura php-5.3.9/configure suhosin-patch-5.3.9-0.9.10/configure
---- php-5.3.9/configure	2012-01-10 14:37:04.000000000 +0100
-+++ suhosin-patch-5.3.9-0.9.10/configure	2012-01-11 19:29:07.000000000 +0100
-@@ -19371,6 +19371,9 @@
- 
- fi
- 
-+cat >> confdefs.h <<\EOF
-+#define SUHOSIN_PATCH 1
-+EOF
- 
-   echo $ac_n "checking for declared timezone""... $ac_c" 1>&6
- echo "configure:19377: checking for declared timezone" >&5
-@@ -115830,7 +115833,7 @@
-        php_ini.c SAPI.c rfc1867.c php_content_types.c strlcpy.c \
-        strlcat.c mergesort.c reentrancy.c php_variables.c php_ticks.c \
-        network.c php_open_temporary_file.c php_logos.c \
--       output.c getopt.c; do
-+       output.c getopt.c suhosin_patch.c ; do
-   
-       IFS=.
-       set $ac_src
-@@ -116034,7 +116037,7 @@
-     zend_list.c zend_indent.c zend_builtin_functions.c zend_sprintf.c \
-     zend_ini.c zend_qsort.c zend_multibyte.c zend_ts_hash.c zend_stream.c \
-     zend_iterators.c zend_interfaces.c zend_exceptions.c zend_strtod.c zend_gc.c \
--    zend_closures.c zend_float.c; do
-+    zend_closures.c zend_float.c zend_canary.c zend_alloc_canary.c ; do
-   
-       IFS=.
-       set $ac_src
 diff -Nura php-5.3.9/configure.in suhosin-patch-5.3.9-0.9.10/configure.in
 --- php-5.3.9/configure.in	2012-01-10 12:21:57.000000000 +0100
 +++ suhosin-patch-5.3.9-0.9.10/configure.in	2012-01-11 19:29:07.000000000 +0100
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/c98ae78e2dae5935ffec4657941ee1ed2a436001

