[CVS] OpenPKG: OPENPKG_2_4_SOLID: openpkg-src/php/ php.patch php.spec

Tue, 04 Oct 2005 12:57:37 -0700 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /v/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   04-Oct-2005 21:57:36
  Branch: OPENPKG_2_4_SOLID                Handle: 2005100420573500

  Modified files:           (Branch: OPENPKG_2_4_SOLID)
    openpkg-src/php         php.patch php.spec

  Log:
    Security Fix (CAN-2005-3054)

  Summary:
    Revision    Changes     Path
    1.10.2.1    +19 -0      openpkg-src/php/php.patch
    1.109.2.2   +1  -1      openpkg-src/php/php.spec
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/php/php.patch
  ============================================================================
  $ cvs diff -u -r1.10 -r1.10.2.1 php.patch
  --- openpkg-src/php/php.patch 1 Apr 2005 06:19:31 -0000       1.10
  +++ openpkg-src/php/php.patch 4 Oct 2005 19:57:35 -0000       1.10.2.1
  @@ -89,3 +89,22 @@
    # Variable declaration
    prefix='@prefix@'
    phpdir="$prefix/lib/php/build"
  +
  +-----------------------------------------------------------------------------
  +
  +Security Fix (CAN-2005-3054)
  +
  +Index: main/fopen_wrappers.c
  +--- main/fopen_wrappers.c.orig       2005-02-03 00:44:07 +0100
  ++++ main/fopen_wrappers.c    2005-10-04 21:52:15 +0200
  +@@ -120,8 +120,8 @@
  +             /* Handler for basedirs that end with a / */
  +             resolved_basedir_len = strlen(resolved_basedir);
  +             if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR) {
  +-                    if (resolved_basedir[resolved_basedir_len - 1] == '/') {
  +-                            resolved_basedir[resolved_basedir_len - 1] = 
PHP_DIR_SEPARATOR;
  ++                    if (resolved_basedir[resolved_basedir_len - 1] != 
PHP_DIR_SEPARATOR) {
  ++                            resolved_basedir[resolved_basedir_len] = 
PHP_DIR_SEPARATOR;
  +                             resolved_basedir[++resolved_basedir_len] = '\0';
  +                     }
  +             }
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/php/php.spec
  ============================================================================
  $ cvs diff -u -r1.109.2.1 -r1.109.2.2 php.spec
  --- openpkg-src/php/php.spec  15 Jun 2005 19:03:35 -0000      1.109.2.1
  +++ openpkg-src/php/php.spec  4 Oct 2005 19:57:35 -0000       1.109.2.2
  @@ -37,7 +37,7 @@
   Group:        Language
   License:      PHP
   Version:      %{V_php}
  -Release:      2.4.0
  +Release:      2.4.1
   
   #   package options
   %option       with_bc                   no
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     openpkg-cvs@openpkg.org

Reply via email to