[packages/php] up to 5.5.20, fixes CVE-2014-8142
glen
glen at pld-linux.org
Thu Jan 1 20:34:24 CET 2015
commit 750e94063b2bf20b97afdaea2dbebd3a959ab5e3
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Thu Jan 1 17:54:00 2015 +0200
up to 5.5.20, fixes CVE-2014-8142
fpm-conf-split.patch | 34 +++++++++++++++++++---------------
php.spec | 4 ++--
2 files changed, 21 insertions(+), 17 deletions(-)
---
diff --git a/php.spec b/php.spec
index 9a56874..ed6d11b 100644
--- a/php.spec
+++ b/php.spec
@@ -137,13 +137,13 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP
Summary(ru.UTF-8): PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере
Summary(uk.UTF-8): PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері
Name: %{orgname}%{php_suffix}
-Version: 5.5.19
+Version: 5.5.20
Release: %{rel}%{?with_type_hints:.th}
Epoch: 4
License: PHP
Group: Libraries
Source0: http://www.php.net/distributions/%{orgname}-%{version}.tar.xz
-# Source0-md5: c63dcfd8b318d12127ba6d39ecc8a444
+# Source0-md5: 51377838dfee2d7bb4715674ac715394
Source2: %{orgname}-mod_%{orgname}.conf
Source3: %{orgname}-cgi-fcgi.ini
Source4: %{orgname}-apache.ini
diff --git a/fpm-conf-split.patch b/fpm-conf-split.patch
index caf7f21..7865596 100644
--- a/fpm-conf-split.patch
+++ b/fpm-conf-split.patch
@@ -1,5 +1,5 @@
---- php-5.5.19/sapi/fpm/php-fpm.conf.in~ 2014-11-18 21:43:01.000000000 +0200
-+++ php-5.5.19/sapi/fpm/php-fpm.conf.in 2014-11-18 21:44:54.727742022 +0200
+--- php-5.5.20/sapi/fpm/php-fpm.conf.in 2015-01-01 17:48:20.993520423 +0200
++++ php-5.5.20/sapi/fpm/php-fpm.conf.in 2015-01-01 17:52:53.447616090 +0200
@@ -6,14 +6,6 @@
; prefix (@prefix@). This prefix can be dynamically changed by using the
; '-p' argument from the command line.
@@ -15,10 +15,8 @@
;;;;;;;;;;;;;;;;;;
; Global Options ;
;;;;;;;;;;;;;;;;;;
-@@ -116,406 +116,10 @@
- ; used in logs and stats. There is no limitation on the number of pools which
- ; FPM can handle. Your system will tell you anyway :)
-
+@@ -118,407 +110,8 @@
+-
-; Start a new pool named 'www'.
-; the variable $pool can we used in any directive and will be replaced by the
-; pool name ('www' here)
@@ -26,6 +24,7 @@
-
-; Per pool prefix
-; It only applies on the following directives:
+-; - 'access.log'
-; - 'slowlog'
-; - 'listen' (unixsocket)
-; - 'chroot'
@@ -45,12 +44,14 @@
-
-; The address on which to accept FastCGI requests.
-; Valid syntaxes are:
--; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
+-; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
-; a specific port;
-; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
-; a specific port;
--; 'port' - to listen on a TCP socket to all addresses on a
+-; 'port' - to listen on a TCP socket to all IPv4 addresses on a
-; specific port;
+-; '[::]:port' - to listen on a TCP socket to all addresses
+-; (IPv6 and IPv4-mapped) on a specific port;
-; '/path/to/unix/socket' - to listen on a unix socket.
-; Note: This value is mandatory.
-listen = /var/run/php/@processname at .sock
@@ -68,7 +69,7 @@
-;listen.group = @php_fpm_group@
-;listen.mode = 0660
-
--; List of ipv4 addresses of FastCGI clients which are allowed to connect.
+-; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
-; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
-; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
-; must be separated by a comma. If this value is left blank, connections will be
@@ -318,7 +319,7 @@
-; it can accept a strftime(3) format:
-; %d/%b/%Y:%H:%M:%S %z (default)
-; %u: remote user
--;
+ ;
-; Default: "%R - %u %t \"%m %r\" %s"
-;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
-
@@ -430,8 +431,8 @@
+; - @prefix@ otherwise
+include=/etc/php/fpm.d/*.conf
--- /dev/null 2007-02-13 18:29:53.000000000 +0200
-+++ php-5.5.19/sapi/fpm/php-fpm.conf-d.in 2014-11-18 21:44:32.469960258 +0200
-@@ -0,0 +1,403 @@
++++ php-5.5.20/sapi/fpm/php-fpm.conf-d.in 2015-01-01 17:47:46.328393657 +0200
+@@ -0,0 +1,406 @@
+; Start a new pool named 'www'.
+; the variable $pool can we used in any directive and will be replaced by the
+; pool name ('www' here)
@@ -439,6 +440,7 @@
+
+; Per pool prefix
+; It only applies on the following directives:
++; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
@@ -458,12 +460,14 @@
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
-+; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
++; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
+; a specific port;
+; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+; a specific port;
-+; 'port' - to listen on a TCP socket to all addresses on a
++; 'port' - to listen on a TCP socket to all IPv4 addresses on a
+; specific port;
++; '[::]:port' - to listen on a TCP socket to all addresses
++; (IPv6 and IPv4-mapped) on a specific port;
+; '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /var/run/php/@processname at .sock
@@ -481,7 +485,7 @@
+;listen.group = @php_fpm_group@
+;listen.mode = 0660
+
-+; List of ipv4 addresses of FastCGI clients which are allowed to connect.
++; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/750e94063b2bf20b97afdaea2dbebd3a959ab5e3
More information about the pld-cvs-commit
mailing list