[packages/php/PHP_5_6] - up to 5.6.18; SECURITY fixes (bug 71475 fixed differently)

Thu Feb 4 22:35:30 CET 2016

commit 58692d969ca9d2c35f53dad1a9bae64095ae9c39
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Thu Feb 4 22:35:19 2016 +0100

    - up to 5.6.18; SECURITY fixes (bug 71475 fixed differently)

 php-bug-71475.patch | 42 ------------------------------------------
 php.spec            | 10 +++++-----
 2 files changed, 5 insertions(+), 47 deletions(-)
---

diff --git a/php.spec b/php.spec
index 2f35ac5..94644c8 100644
--- a/php.spec
+++ b/php.spec
@@ -153,7 +153,7 @@ ERROR: You need to select at least one Apache SAPI to build shared modules.
 %undefine	with_filter
 %endif
 
-%define		rel	2
+%define		rel	1
 %define		orgname	php
 %define		ver_suffix 56
 %define		php_suffix %{!?with_default_php:%{ver_suffix}}
@@ -164,7 +164,7 @@ Summary(pt_BR.UTF-8):	A linguagem de script PHP
 Summary(ru.UTF-8):	PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере
 Summary(uk.UTF-8):	PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері
 Name:		%{orgname}%{php_suffix}
-Version:	5.6.17
+Version:	5.6.18
 Release:	%{rel}
 Epoch:		4
 # All files licensed under PHP version 3.01, except
@@ -173,7 +173,7 @@ Epoch:		4
 License:	PHP 3.01 and Zend and BSD
 Group:		Libraries
 Source0:	http://www.php.net/distributions/%{orgname}-%{version}.tar.xz
-# Source0-md5:	5e080e4b7df5db24f1b64313f8114bd8
+# Source0-md5:	177ba962557795866ae331ad4ad99bba
 Source2:	%{orgname}-mod_%{orgname}.conf
 Source3:	%{orgname}-cgi-fcgi.ini
 Source4:	%{orgname}-apache.ini
@@ -187,7 +187,7 @@ Patch0:		%{orgname}-shared.patch
 Patch1:		%{orgname}-pldlogo.patch
 Patch2:		%{orgname}-mail.patch
 Patch3:		%{orgname}-link-libs.patch
-Patch4:		php-bug-71475.patch
+
 Patch5:		%{orgname}-filter-shared.patch
 Patch6:		%{orgname}-build_modules.patch
 Patch7:		%{orgname}-sapi-ini-file.patch
@@ -2023,7 +2023,7 @@ cp -p php.ini-production php.ini
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
-%patch4 -p1
+
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
diff --git a/php-bug-71475.patch b/php-bug-71475.patch
deleted file mode 100644
index 0a9ed6f..0000000
--- a/php-bug-71475.patch
+++ /dev/null
@@ -1,42 +0,0 @@
---- php-5.6.17/ext/openssl/openssl.c~	2016-01-06 16:14:47.000000000 +0100
-+++ php-5.6.17/ext/openssl/openssl.c	2016-02-02 18:15:39.118449615 +0100
-@@ -4886,6 +4886,7 @@ PHP_FUNCTION(openssl_seal)
- 	memset(eks, 0, sizeof(*eks) * nkeys);
- 	key_resources = safe_emalloc(nkeys, sizeof(long), 0);
- 	memset(key_resources, 0, sizeof(*key_resources) * nkeys);
-+	memset(pkeys, 0, sizeof(*pkeys) * nkeys);
- 
- 	/* get the public keys we are using to seal this data */
- 	zend_hash_internal_pointer_reset_ex(pubkeysht, &pos);
-@@ -4958,7 +4959,7 @@ PHP_FUNCTION(openssl_seal)
- 
- clean_exit:
- 	for (i=0; i<nkeys; i++) {
--		if (key_resources[i] == -1) {
-+		if (key_resources[i] == -1 && pkeys[i] != NULL) {
- 			EVP_PKEY_free(pkeys[i]);
- 		}
- 		if (eks[i]) { 
-diff --git a/ext/openssl/tests/bug71475.phpt b/ext/openssl/tests/bug71475.phpt
-new file mode 100644
-index 0000000..680753d
---- /dev/null
-+++ b/ext/openssl/tests/bug71475.phpt
-@@ -0,0 +1,16 @@
-+--TEST--
-+Bug #71475: openssl_seal() uninitialized memory usage
-+--SKIPIF--
-+<?php 
-+if (!extension_loaded("openssl")) die("skip openssl not loaded");
-+?>
-+--FILE--
-+<?php
-+$_ = str_repeat("A", 512);
-+openssl_seal($_, $_, $_, array_fill(0,64,0));
-+?>
-+DONE
-+--EXPECTF--
-+
-+Warning: openssl_seal(): not a public key (1th member of pubkeys) in %s/bug71475.php on line %d
-+DONE
-\ No newline at end of file
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/58692d969ca9d2c35f53dad1a9bae64095ae9c39

