[packages/php/PHP_5_4] up to 5.4.16; fixes CVE-2013-2110
glen
glen at pld-linux.org
Mon Jun 10 14:18:48 CEST 2013
commit 5235f1a4987e0d9f86f5b7d794154c3f659dd2e3
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Mon Jun 10 15:18:06 2013 +0300
up to 5.4.16; fixes CVE-2013-2110
php-mysql-charsetphpini.patch | 10 +++++-----
php.spec | 4 ++--
2 files changed, 7 insertions(+), 7 deletions(-)
---
diff --git a/php.spec b/php.spec
index 25d2e37..53d6922 100644
--- a/php.spec
+++ b/php.spec
@@ -134,13 +134,13 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP
Summary(ru.UTF-8): PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере
Summary(uk.UTF-8): PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері
Name: %{orgname}%{php_suffix}
-Version: 5.4.15
+Version: 5.4.16
Release: %{rel}%{?with_type_hints:.th}%{?with_oci8:.oci}
Epoch: 4
License: PHP
Group: Libraries
Source0: http://www.php.net/distributions/%{orgname}-%{version}.tar.bz2
-# Source0-md5: 145ea5e845e910443ff1eddb3dbcf56a
+# Source0-md5: 3d2c694d28861d707b2622c3cc941cff
Source2: %{orgname}-mod_%{orgname}.conf
Source3: %{orgname}-cgi-fcgi.ini
Source4: %{orgname}-apache.ini
diff --git a/php-mysql-charsetphpini.patch b/php-mysql-charsetphpini.patch
index d3a2a64..1ddb7f9 100644
--- a/php-mysql-charsetphpini.patch
+++ b/php-mysql-charsetphpini.patch
@@ -1,5 +1,5 @@
---- php-5.2.5_p20080206.orig/ext/mysql/php_mysql.c 2008-02-06 14:22:57.652600900 +0100
-+++ php-5.2.5_p20080206/ext/mysql/php_mysql.c 2008-02-06 14:24:40.216655403 +0100
+--- php-5.4.16/ext/mysql/php_mysql.c~ 2013-06-10 14:41:59.000000000 +0300
++++ php-5.4.16/ext/mysql/php_mysql.c 2013-06-10 14:42:50.048809174 +0300
@@ -360,6 +360,7 @@
PHP_INI_ENTRY("mysql.default_port", NULL, PHP_INI_ALL, OnMySQLPort)
STD_PHP_INI_ENTRY("mysql.default_socket", NULL, PHP_INI_ALL, OnUpdateStringUnempty, default_socket, zend_mysql_globals, mysql_globals)
@@ -16,14 +16,14 @@
mysql_globals->trace_mode = 0;
mysql_globals->result_allocated = 0;
}
-@@ -515,6 +517,7 @@
+@@ -723,6 +723,7 @@
{
char *user=NULL, *passwd=NULL, *host_and_port=NULL, *socket=NULL, *tmp=NULL, *host=NULL;
- int user_len, passwd_len, host_len;
+ int user_len = 0, passwd_len = 0, host_len = 0;
+ char *connect_charset=NULL;
char *hashed_details=NULL;
int hashed_details_length, port = MYSQL_PORT;
- int client_flags = 0;
+ long client_flags = 0;
@@ -527,6 +530,7 @@
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/5235f1a4987e0d9f86f5b7d794154c3f659dd2e3
More information about the pld-cvs-commit
mailing list