[packages/php/PHP_5_4] up to 5.4.16; fixes CVE-2013-2110

glen glen at pld-linux.org
Mon Jun 10 14:18:48 CEST 2013 

commit 5235f1a4987e0d9f86f5b7d794154c3f659dd2e3
Author: Elan Ruusamäe <glen at delfi.ee>
Date:   Mon Jun 10 15:18:06 2013 +0300

    up to 5.4.16; fixes CVE-2013-2110

 php-mysql-charsetphpini.patch | 10 +++++-----
 php.spec                      |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)
---
diff --git a/php.spec b/php.spec
index 25d2e37..53d6922 100644
--- a/php.spec
+++ b/php.spec
@@ -134,13 +134,13 @@ Summary(pt_BR.UTF-8):	A linguagem de script PHP
 Summary(ru.UTF-8):	PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере
 Summary(uk.UTF-8):	PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері
 Name:		%{orgname}%{php_suffix}
-Version:	5.4.15
+Version:	5.4.16
 Release:	%{rel}%{?with_type_hints:.th}%{?with_oci8:.oci}
 Epoch:		4
 License:	PHP
 Group:		Libraries
 Source0:	http://www.php.net/distributions/%{orgname}-%{version}.tar.bz2
-# Source0-md5:	145ea5e845e910443ff1eddb3dbcf56a
+# Source0-md5:	3d2c694d28861d707b2622c3cc941cff
 Source2:	%{orgname}-mod_%{orgname}.conf
 Source3:	%{orgname}-cgi-fcgi.ini
 Source4:	%{orgname}-apache.ini
diff --git a/php-mysql-charsetphpini.patch b/php-mysql-charsetphpini.patch
index d3a2a64..1ddb7f9 100644
--- a/php-mysql-charsetphpini.patch
+++ b/php-mysql-charsetphpini.patch
@@ -1,5 +1,5 @@
---- php-5.2.5_p20080206.orig/ext/mysql/php_mysql.c	2008-02-06 14:22:57.652600900 +0100
-+++ php-5.2.5_p20080206/ext/mysql/php_mysql.c	2008-02-06 14:24:40.216655403 +0100
+--- php-5.4.16/ext/mysql/php_mysql.c~	2013-06-10 14:41:59.000000000 +0300
++++ php-5.4.16/ext/mysql/php_mysql.c	2013-06-10 14:42:50.048809174 +0300
 @@ -360,6 +360,7 @@
  	PHP_INI_ENTRY("mysql.default_port",				NULL,	PHP_INI_ALL,		OnMySQLPort)
  	STD_PHP_INI_ENTRY("mysql.default_socket",		NULL,	PHP_INI_ALL,		OnUpdateStringUnempty,	default_socket,	zend_mysql_globals,		mysql_globals)
@@ -16,14 +16,14 @@
  	mysql_globals->trace_mode = 0;
  	mysql_globals->result_allocated = 0;
  }
-@@ -515,6 +517,7 @@
+@@ -723,6 +723,7 @@
  {
  	char *user=NULL, *passwd=NULL, *host_and_port=NULL, *socket=NULL, *tmp=NULL, *host=NULL;
- 	int  user_len, passwd_len, host_len;
+ 	int  user_len = 0, passwd_len = 0, host_len = 0;
 +	char *connect_charset=NULL;
  	char *hashed_details=NULL;
  	int hashed_details_length, port = MYSQL_PORT;
- 	int client_flags = 0;
+ 	long client_flags = 0;
 @@ -527,6 +530,7 @@
  
  
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/5235f1a4987e0d9f86f5b7d794154c3f659dd2e3

More information about the pld-cvs-commit mailing list