svn commit: r352831 - in head/lang: php53 php53-extensions php53/files

Florian Smeets flo at FreeBSD.org
Fri May 2 17:48:15 UTC 2014 

Author: flo
Date: Fri May  2 17:48:14 2014
New Revision: 352831
URL: http://svnweb.freebsd.org/changeset/ports/352831
QAT: https://qat.redports.org/buildarchive/r352831/

Log:
  - Fix CVE-2014-0185 via patch until 5.3.29 is released
  - Use DEFAULT_VERSIONS [1]
  
  PR:		ports/188061 [1]
  Submitted by:	Spil <spil.oss at gmail.com> [1]
  MFH:		2014Q2

Added:
  head/lang/php53/files/patch-cve-2014-0185   (contents, props changed)
Modified:
  head/lang/php53-extensions/Makefile
  head/lang/php53/Makefile
  head/lang/php53/Makefile.ext

Modified: head/lang/php53-extensions/Makefile
==============================================================================
--- head/lang/php53-extensions/Makefile	Fri May  2 17:23:53 2014	(r352830)
+++ head/lang/php53-extensions/Makefile	Fri May  2 17:48:14 2014	(r352831)
@@ -11,8 +11,8 @@ EXTRACT_ONLY=	# none
 MAINTAINER=	flo at FreeBSD.org
 COMMENT=	A "meta-port" to install PHP extensions
 
-DEFAULT_PHP_VER=53
-IGNORE_WITH_PHP=5 52
+PHP_DEFAULT=	53
+IGNORE_WITH_PHP=5 52 55
 USE_PHP_BUILD=	yes
 
 NO_BUILD=	yes

Modified: head/lang/php53/Makefile
==============================================================================
--- head/lang/php53/Makefile	Fri May  2 17:23:53 2014	(r352830)
+++ head/lang/php53/Makefile	Fri May  2 17:48:14 2014	(r352831)
@@ -3,7 +3,7 @@
 
 PORTNAME=	php53
 PORTVERSION=	5.3.28
-PORTREVISION?=	1
+PORTREVISION?=	2
 CATEGORIES?=	lang devel www
 MASTER_SITES=	${MASTER_SITE_PHP}
 MASTER_SITE_SUBDIR=	distributions
@@ -14,7 +14,7 @@ COMMENT=	PHP Scripting Language
 
 LATEST_LINK=	${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}
 
-USE_BZIP2=	yes
+USES=tar:bzip2
 .if !defined(PKGNAMESUFFIX)
 USE_AUTOTOOLS=	autoconf
 

Modified: head/lang/php53/Makefile.ext
==============================================================================
--- head/lang/php53/Makefile.ext	Fri May  2 17:23:53 2014	(r352830)
+++ head/lang/php53/Makefile.ext	Fri May  2 17:48:14 2014	(r352831)
@@ -3,8 +3,8 @@ COMMENT=	The ${PHP_MODNAME} shared exten
 USE_PHP=	yes
 USE_PHPEXT=	yes
 PHP_MODNAME=	${PKGNAMESUFFIX:S/-//}
-DEFAULT_PHP_VER=53
-IGNORE_WITH_PHP=52 5
+PHP_DEFAULT=	53
+IGNORE_WITH_PHP=52 5 55
 
 EXTSUBDIR=	${DISTNAME}/ext/${PHP_MODNAME}
 WRKSRC=		${WRKDIR}/${EXTSUBDIR}

Added: head/lang/php53/files/patch-cve-2014-0185
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/lang/php53/files/patch-cve-2014-0185	Fri May  2 17:48:14 2014	(r352831)
@@ -0,0 +1,26 @@
+--- sapi/fpm/fpm/fpm_unix.c.orig	2014-05-02 19:01:53.759889551 +0200
++++ sapi/fpm/fpm/fpm_unix.c	2014-05-02 19:02:05.029888255 +0200
+@@ -35,7 +35,7 @@
+ 	/* uninitialized */
+ 	wp->socket_uid = -1;
+ 	wp->socket_gid = -1;
+-	wp->socket_mode = 0666;
++	wp->socket_mode = 0660;
+ 
+ 	if (!c) {
+ 		return 0;
+--- sapi/fpm/php-fpm.conf.in.orig	2014-05-02 19:03:03.746956989 +0200
++++ sapi/fpm/php-fpm.conf.in	2014-05-02 19:02:37.651887275 +0200
+@@ -158,10 +158,10 @@
+ ; permissions must be set in order to allow connections from a web server. Many
+ ; BSD-derived systems allow connections regardless of permissions. 
+ ; Default Values: user and group are set as the running user
+-;                 mode is set to 0666
++;                 mode is set to 0660
+ ;listen.owner = @php_fpm_user@
+ ;listen.group = @php_fpm_group@
+-;listen.mode = 0666
++;listen.mode = 0660
+  
+ ; List of ipv4 addresses of FastCGI clients which are allowed to connect.
+ ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original

More information about the svn-ports-all mailing list