[packages/php/PHP_5_5] up to 5.5.2; fixes CVE-2013-4248

glen glen at pld-linux.org
Sun Aug 18 14:30:26 CEST 2013 

commit e9db96771e6cba522921dc62e3c2100bbd40e7da
Author: Elan Ruusamäe <glen at delfi.ee>
Date:   Sun Aug 18 15:17:13 2013 +0300

    up to 5.5.2; fixes CVE-2013-4248

 php-ini.patch     | 14 ++++++--------
 php-nohttpd.patch |  9 ++++-----
 php.spec          |  6 +++---
 3 files changed, 13 insertions(+), 16 deletions(-)
---
diff --git a/php.spec b/php.spec
index 4ec1668..0760e34 100644
--- a/php.spec
+++ b/php.spec
@@ -139,13 +139,13 @@ Summary(pt_BR.UTF-8):	A linguagem de script PHP
 Summary(ru.UTF-8):	PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере
 Summary(uk.UTF-8):	PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері
 Name:		%{orgname}%{php_suffix}
-Version:	5.5.1
+Version:	5.5.2
 Release:	%{rel}%{?with_type_hints:.th}%{?with_oci8:.oci}
 Epoch:		4
 License:	PHP
 Group:		Libraries
 Source0:	http://www.php.net/distributions/%{orgname}-%{version}.tar.bz2
-# Source0-md5:	e6520ba8f86e03451f1e9226ca2be681
+# Source0-md5:	caf7f4d86514a568fb3c8021b096a9f0
 Source2:	%{orgname}-mod_%{orgname}.conf
 Source3:	%{orgname}-cgi-fcgi.ini
 Source4:	%{orgname}-apache.ini
@@ -319,7 +319,7 @@ BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 %define		hashver		1.0
 %define		intlver		1.1.0
 %define		jsonver		1.2.1
-%define		opcachever	7.0.2-dev
+%define		opcachever	7.0.3-dev
 %define		pharver		2.0.1
 %define		sqlite3ver	0.7-dev
 %define		zipver		1.11.0
diff --git a/php-ini.patch b/php-ini.patch
index c651cf6..086c479 100644
--- a/php-ini.patch
+++ b/php-ini.patch
@@ -1,5 +1,5 @@
---- php-5.4.5/php.ini~	2012-07-20 12:22:18.000000000 +0300
-+++ php-5.4.5/php.ini	2012-07-20 12:32:16.646206310 +0300
+--- php-5.5.2/php.ini~	2013-08-18 15:03:23.000000000 +0300
++++ php-5.5.2/php.ini	2013-08-18 15:04:12.055644364 +0300
 @@ -82,6 +82,20 @@
  ; much more verbose when it comes to errors. We recommending using the
  ; development version only in development environments as errors shown to
@@ -102,7 +102,7 @@
  ;;;;;;;;;;;;;;;;
  ; File Uploads ;
  ;;;;;;;;;;;;;;;;
-@@ -859,52 +812,9 @@
+@@ -830,51 +830,9 @@
  ; If you only provide the name of the extension, PHP will look for it in its
  ; default extension directory.
  ;
@@ -111,7 +111,9 @@
 -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5)
 -; extension folders as well as the separate PECL DLL download (PHP 5).
 -; Be sure to appropriately set the extension_dir directive.
--;
++; Ideally in PLD Linux you should install appropriate php-<extension> or
++; php-pecl-<extension> package.
+ ;
 -;extension=php_bz2.dll
 -;extension=php_curl.dll
 -;extension=php_fileinfo.dll
@@ -150,11 +152,7 @@
 -;extension=php_tidy.dll
 -;extension=php_xmlrpc.dll
 -;extension=php_xsl.dll
--;extension=php_zip.dll
 -
-+; Ideally in PLD Linux you should install appropriate php-<extension> or
-+; php-pecl-<extension> package.
-+;
  ;;;;;;;;;;;;;;;;;;;
  ; Module Settings ;
  ;;;;;;;;;;;;;;;;;;;
diff --git a/php-nohttpd.patch b/php-nohttpd.patch
index dcaafc4..8a68bc7 100644
--- a/php-nohttpd.patch
+++ b/php-nohttpd.patch
@@ -1,13 +1,12 @@
-diff -urBb php-5.1.0RC1.org/sapi/apache2handler/config.m4 php-5.1.0RC1/sapi/apache2handler/config.m4
---- php-5.1.0RC1.org/sapi/apache2handler/config.m4	2005-08-05 10:14:54.000000000 +0200
-+++ php-5.1.0RC1/sapi/apache2handler/config.m4	2005-08-25 15:09:38.486655320 +0200
-@@ -58,9 +58,9 @@
+--- php-5.5.2/sapi/apache2handler/config.m4~	2013-08-15 23:42:04.000000000 +0300
++++ php-5.5.2/sapi/apache2handler/config.m4	2013-08-18 15:13:02.728903161 +0300
+@@ -60,9 +60,9 @@
  
    # Test that we're trying to configure with apache 2.x
    PHP_AP_EXTRACT_VERSION($APXS_HTTPD)
 -  if test "$APACHE_VERSION" -le 2000000; then
 +  if test "$APACHE_VERSION" -gt 0 -a "$APACHE_VERSION" -le 2000000; then
-     AC_MSG_ERROR([You have enabled Apache 2 support while your server is Apache 1.3.  Please use the appropiate switch --with-apxs (without the 2)])
+     AC_MSG_ERROR([You have enabled Apache 2 support while your server is Apache 1.3.  Please use the appropriate switch --with-apxs (without the 2)])
 -  elif test "$APACHE_VERSION" -lt 2000044; then
 +  elif test "$APACHE_VERSION" -gt 0 -a "$APACHE_VERSION" -lt 2000044; then
      AC_MSG_ERROR([Please note that Apache version >= 2.0.44 is required])
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/e9db96771e6cba522921dc62e3c2100bbd40e7da

More information about the pld-cvs-commit mailing list