[packages/php] - rel 2; SECURITY; fixes http://akat1.pl/?id=1

arekm arekm at pld-linux.org
Tue Feb 2 18:11:12 CET 2016 

commit 5082ab8862ec3a4f22c0246bdfdbb04e088672a3
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Tue Feb 2 18:11:03 2016 +0100

    - rel 2; SECURITY; fixes http://akat1.pl/?id=1

 php-bug-71475.patch | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 php.spec            |  4 +++-
 2 files changed, 53 insertions(+), 1 deletion(-)
---
diff --git a/php.spec b/php.spec
index 7975884..b3557ce 100644
--- a/php.spec
+++ b/php.spec
@@ -145,7 +145,7 @@ Summary(ru.UTF-8):	PHP Версии 7 - язык препроцессирова
 Summary(uk.UTF-8):	PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері
 Name:		%{orgname}%{php_suffix}
 Version:	7.0.2
-Release:	1
+Release:	2
 Epoch:		4
 # All files licensed under PHP version 3.01, except
 # Zend is licensed under Zend
@@ -167,6 +167,7 @@ Patch0:		%{orgname}-shared.patch
 Patch1:		%{orgname}-pldlogo.patch
 Patch2:		%{orgname}-mail.patch
 Patch3:		%{orgname}-link-libs.patch
+Patch4:		php-bug-71475.patch
 Patch5:		%{orgname}-filter-shared.patch
 Patch6:		%{orgname}-build_modules.patch
 Patch7:		%{orgname}-sapi-ini-file.patch
@@ -1928,6 +1929,7 @@ cp -p php.ini-production php.ini
 %patch1 -p1
 #%patch2 -p1 NEEDS PORTING
 %patch3 -p1
+%patch4 -p1
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
diff --git a/php-bug-71475.patch b/php-bug-71475.patch
new file mode 100644
index 0000000..30f8bb2
--- /dev/null
+++ b/php-bug-71475.patch
@@ -0,0 +1,50 @@
+commit 33b1fbbb5c0459a623ab91b492f1a37c5262329c
+Author: Stanislav Malyshev <stas at php.net>
+Date:   Sun Jan 31 20:18:46 2016 -0800
+
+    Fixed bug #71475: openssl_seal() uninitialized memory usage
+
+diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
+index a8ecbb2..75c44a3 100644
+--- a/ext/openssl/openssl.c
++++ b/ext/openssl/openssl.c
+@@ -4938,6 +4938,7 @@ PHP_FUNCTION(openssl_seal)
+ 	memset(eks, 0, sizeof(*eks) * nkeys);
+ 	key_resources = safe_emalloc(nkeys, sizeof(zend_resource*), 0);
+ 	memset(key_resources, 0, sizeof(zend_resource*) * nkeys);
++	memset(pkeys, 0, sizeof(*pkeys) * nkeys);
+ 
+ 	/* get the public keys we are using to seal this data */
+ 	i = 0;
+@@ -4999,7 +5000,7 @@ PHP_FUNCTION(openssl_seal)
+ 
+ clean_exit:
+ 	for (i=0; i<nkeys; i++) {
+-		if (key_resources[i] == NULL) {
++		if (key_resources[i] == NULL && pkeys[i] != NULL) {
+ 			EVP_PKEY_free(pkeys[i]);
+ 		}
+ 		if (eks[i]) {
+diff --git a/ext/openssl/tests/bug71475.phpt b/ext/openssl/tests/bug71475.phpt
+new file mode 100644
+index 0000000..680753d
+--- /dev/null
++++ b/ext/openssl/tests/bug71475.phpt
+@@ -0,0 +1,16 @@
++--TEST--
++Bug #71475: openssl_seal() uninitialized memory usage
++--SKIPIF--
++<?php 
++if (!extension_loaded("openssl")) die("skip openssl not loaded");
++?>
++--FILE--
++<?php
++$_ = str_repeat("A", 512);
++openssl_seal($_, $_, $_, array_fill(0,64,0));
++?>
++DONE
++--EXPECTF--
++
++Warning: openssl_seal(): not a public key (1th member of pubkeys) in %s/bug71475.php on line %d
++DONE
+\ No newline at end of file
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/5082ab8862ec3a4f22c0246bdfdbb04e088672a3

More information about the pld-cvs-commit mailing list