[packages/php] - up to 5.5.16 - resolves CVE-2014-3538, CVE-2014-3587, CVE-2014-2497, CVE-2014-5120 and CVE-2014-35
glen
glen at pld-linux.org
Mon Aug 25 21:42:02 CEST 2014
commit 59665b6aa12aba9e7daca723a90e3c9dbf2af31e
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Mon Aug 25 11:50:46 2014 +0300
- up to 5.5.16
- resolves CVE-2014-3538, CVE-2014-3587, CVE-2014-2497, CVE-2014-5120 and CVE-2014-3597
- LiteSpeed updated to V6.6
php.spec | 4 ++--
suhosin.patch | 16 ++++++++--------
2 files changed, 10 insertions(+), 10 deletions(-)
---
diff --git a/php.spec b/php.spec
index b8fe818..73d2fb8 100644
--- a/php.spec
+++ b/php.spec
@@ -137,13 +137,13 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP
Summary(ru.UTF-8): PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере
Summary(uk.UTF-8): PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері
Name: %{orgname}%{php_suffix}
-Version: 5.5.15
+Version: 5.5.16
Release: %{rel}%{?with_type_hints:.th}
Epoch: 4
License: PHP
Group: Libraries
Source0: http://www.php.net/distributions/%{orgname}-%{version}.tar.xz
-# Source0-md5: d64c85f95fb767f16ee3ca281a20b5f7
+# Source0-md5: 243f641c58b7d58b94b5431e0b730a5e
Source2: %{orgname}-mod_%{orgname}.conf
Source3: %{orgname}-cgi-fcgi.ini
Source4: %{orgname}-apache.ini
diff --git a/suhosin.patch b/suhosin.patch
index e5e3ed4..378a4e4 100644
--- a/suhosin.patch
+++ b/suhosin.patch
@@ -5616,12 +5616,11 @@ the following modifications have been made:
PHP_VERSION, cli_sapi_module.name, __DATE__, __TIME__,
#if ZEND_DEBUG && defined(HAVE_GCOV)
"(DEBUG GCOV)",
---- php-5.5.0alpha1/sapi/litespeed/lsapi_main.c~ 2012-11-13 22:00:16.000000000 +0200
-+++ php-5.5.0alpha1/sapi/litespeed/lsapi_main.c 2012-11-17 13:47:51.979828334 +0200
-@@ -546,11 +546,19 @@
- break;
- case 'v':
- if (php_request_startup(TSRMLS_C) != FAILURE) {
+--- php-5.5.15/sapi/litespeed/lsapi_main.c 2014-08-21 11:45:02.000000000 +0300
++++ php-5.5.15/sapi/litespeed/lsapi_main.c 2014-08-25 11:50:36.603155796 +0300
+@@ -734,11 +546,19 @@
+ case 'v':
+ if (php_request_startup(TSRMLS_C) != FAILURE) {
+#if SUHOSIN_PATCH
+#if ZEND_DEBUG
+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
@@ -5630,14 +5629,15 @@ the following modifications have been made:
+#endif
+#else
#if ZEND_DEBUG
- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+ php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
#else
- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
+ php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2014 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version());
#endif
+#endif
#ifdef PHP_OUTPUT_NEWAPI
php_output_end_all(TSRMLS_C);
#else
+ php_end_ob_buffers(1 TSRMLS_CC);
--- a/sapi/milter/php_milter.c
+++ b/sapi/milter/php_milter.c
@@ -1109,7 +1109,11 @@ int main(int argc, char *argv[])
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/59665b6aa12aba9e7daca723a90e3c9dbf2af31e
More information about the pld-cvs-commit
mailing list