svn commit: r352831 - in head/lang: php53 php53-extensions php53/files
Florian Smeets
flo at FreeBSD.org
Fri May 2 17:48:15 UTC 2014
Author: flo
Date: Fri May 2 17:48:14 2014
New Revision: 352831
URL: http://svnweb.freebsd.org/changeset/ports/352831
QAT: https://qat.redports.org/buildarchive/r352831/
Log:
- Fix CVE-2014-0185 via patch until 5.3.29 is released
- Use DEFAULT_VERSIONS [1]
PR: ports/188061 [1]
Submitted by: Spil <spil.oss at gmail.com> [1]
MFH: 2014Q2
Added:
head/lang/php53/files/patch-cve-2014-0185 (contents, props changed)
Modified:
head/lang/php53-extensions/Makefile
head/lang/php53/Makefile
head/lang/php53/Makefile.ext
Modified: head/lang/php53-extensions/Makefile
==============================================================================
--- head/lang/php53-extensions/Makefile Fri May 2 17:23:53 2014 (r352830)
+++ head/lang/php53-extensions/Makefile Fri May 2 17:48:14 2014 (r352831)
@@ -11,8 +11,8 @@ EXTRACT_ONLY= # none
MAINTAINER= flo at FreeBSD.org
COMMENT= A "meta-port" to install PHP extensions
-DEFAULT_PHP_VER=53
-IGNORE_WITH_PHP=5 52
+PHP_DEFAULT= 53
+IGNORE_WITH_PHP=5 52 55
USE_PHP_BUILD= yes
NO_BUILD= yes
Modified: head/lang/php53/Makefile
==============================================================================
--- head/lang/php53/Makefile Fri May 2 17:23:53 2014 (r352830)
+++ head/lang/php53/Makefile Fri May 2 17:48:14 2014 (r352831)
@@ -3,7 +3,7 @@
PORTNAME= php53
PORTVERSION= 5.3.28
-PORTREVISION?= 1
+PORTREVISION?= 2
CATEGORIES?= lang devel www
MASTER_SITES= ${MASTER_SITE_PHP}
MASTER_SITE_SUBDIR= distributions
@@ -14,7 +14,7 @@ COMMENT= PHP Scripting Language
LATEST_LINK= ${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}
-USE_BZIP2= yes
+USES=tar:bzip2
.if !defined(PKGNAMESUFFIX)
USE_AUTOTOOLS= autoconf
Modified: head/lang/php53/Makefile.ext
==============================================================================
--- head/lang/php53/Makefile.ext Fri May 2 17:23:53 2014 (r352830)
+++ head/lang/php53/Makefile.ext Fri May 2 17:48:14 2014 (r352831)
@@ -3,8 +3,8 @@ COMMENT= The ${PHP_MODNAME} shared exten
USE_PHP= yes
USE_PHPEXT= yes
PHP_MODNAME= ${PKGNAMESUFFIX:S/-//}
-DEFAULT_PHP_VER=53
-IGNORE_WITH_PHP=52 5
+PHP_DEFAULT= 53
+IGNORE_WITH_PHP=52 5 55
EXTSUBDIR= ${DISTNAME}/ext/${PHP_MODNAME}
WRKSRC= ${WRKDIR}/${EXTSUBDIR}
Added: head/lang/php53/files/patch-cve-2014-0185
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/lang/php53/files/patch-cve-2014-0185 Fri May 2 17:48:14 2014 (r352831)
@@ -0,0 +1,26 @@
+--- sapi/fpm/fpm/fpm_unix.c.orig 2014-05-02 19:01:53.759889551 +0200
++++ sapi/fpm/fpm/fpm_unix.c 2014-05-02 19:02:05.029888255 +0200
+@@ -35,7 +35,7 @@
+ /* uninitialized */
+ wp->socket_uid = -1;
+ wp->socket_gid = -1;
+- wp->socket_mode = 0666;
++ wp->socket_mode = 0660;
+
+ if (!c) {
+ return 0;
+--- sapi/fpm/php-fpm.conf.in.orig 2014-05-02 19:03:03.746956989 +0200
++++ sapi/fpm/php-fpm.conf.in 2014-05-02 19:02:37.651887275 +0200
+@@ -158,10 +158,10 @@
+ ; permissions must be set in order to allow connections from a web server. Many
+ ; BSD-derived systems allow connections regardless of permissions.
+ ; Default Values: user and group are set as the running user
+-; mode is set to 0666
++; mode is set to 0660
+ ;listen.owner = @php_fpm_user@
+ ;listen.group = @php_fpm_group@
+-;listen.mode = 0666
++;listen.mode = 0660
+
+ ; List of ipv4 addresses of FastCGI clients which are allowed to connect.
+ ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
More information about the svn-ports-all
mailing list