[packages/php/PHP_8_1] - updated to 8.1.16 (fixes CVE-2023-0567 CVE-2023-0568 CVE-2023-0662)
qboosh
qboosh at pld-linux.org
Tue Feb 14 21:19:47 CET 2023
commit d9b585c66027b8e5a92a29a686d80e8b9a3540ef
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Tue Feb 14 21:21:19 2023 +0100
- updated to 8.1.16 (fixes CVE-2023-0567 CVE-2023-0568 CVE-2023-0662)
php-fpm-config.patch | 18 +++++++++---------
php.spec | 4 ++--
2 files changed, 11 insertions(+), 11 deletions(-)
---
diff --git a/php.spec b/php.spec
index 7499f97..e9140ff 100644
--- a/php.spec
+++ b/php.spec
@@ -148,7 +148,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP
Summary(ru.UTF-8): PHP - язык препроцессирования HTML-файлов, выполняемый на сервере
Summary(uk.UTF-8): PHP - мова препроцесування HTML-файлів, виконувана на сервері
Name: %{orgname}%{php_suffix}
-Version: 8.1.14
+Version: 8.1.16
Release: 1
Epoch: 4
# All files licensed under PHP version 3.01, except
@@ -157,7 +157,7 @@ Epoch: 4
License: PHP 3.01 and Zend and BSD
Group: Libraries
Source0: https://www.php.net/distributions/%{orgname}-%{version}.tar.xz
-# Source0-md5: 6ee10d3680f07fc4c4e2fa6c2c1045ce
+# Source0-md5: b075de355be8006cc22f35aa8b57aef1
Source1: opcache.ini
Source2: %{orgname}-mod_php.conf
Source3: %{orgname}-cgi-fcgi.ini
diff --git a/php-fpm-config.patch b/php-fpm-config.patch
index 11b9933..c3a62e0 100644
--- a/php-fpm-config.patch
+++ b/php-fpm-config.patch
@@ -17,9 +17,9 @@
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
---- php-5.6.5/sapi/fpm/www.conf.in~ 2015-02-04 19:26:16.000000000 +0200
-+++ php-5.6.5/sapi/fpm/www.conf.in 2015-02-04 19:27:25.275218535 +0200
-@@ -32,7 +32,7 @@
+--- php-8.1.16/sapi/fpm/www.conf.in.orig 2023-02-14 17:52:01.279606000 +0100
++++ php-8.1.16/sapi/fpm/www.conf.in 2023-02-14 20:54:03.101049306 +0100
+@@ -38,7 +38,7 @@ group = @php_fpm_group@
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
@@ -28,20 +28,20 @@
; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
-@@ -46,9 +46,9 @@
+@@ -50,9 +50,9 @@ listen = 127.0.0.1:9000
; and group can be specified either by name or by their numeric IDs.
- ; Default Values: user and group are set as the running user
- ; mode is set to 0660
+ ; Default Values: Owner is set to the master process running user. If the group
+ ; is not set, the owner's group is used. Mode is set to 0660.
-;listen.owner = @php_fpm_user@
-;listen.group = @php_fpm_group@
-;listen.mode = 0660
+listen.owner = root
+listen.group = @php_fpm_group@
+listen.mode = 0660
+
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
- ; When set, listen.owner and listen.group are ignored
-@@ -53,7 +53,7 @@
+@@ -66,7 +66,7 @@ listen = 127.0.0.1:9000
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
@@ -50,7 +50,7 @@
; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
-@@ -372,7 +372,7 @@
+@@ -438,7 +438,7 @@ pm.max_spare_servers = 3
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/d9b585c66027b8e5a92a29a686d80e8b9a3540ef
More information about the pld-cvs-commit
mailing list