Author: glen Date: Wed Jan 11 20:05:10 2012 GMT Module: packages Tag: HEAD ---- Log message: - up to 5.3.9; cve refs for 5.3.7 release
---- Files affected: packages/php: php-fpm-config.patch (1.12 -> 1.13) , php-ini.patch (1.42 -> 1.43) , php-pdo_mysql-charsetphpini.patch (1.6 -> 1.7) , php.spec (1.969 -> 1.970) , suhosin.patch (1.10 -> 1.11) , bug-52448.patch (1.1 -> NONE) (REMOVED), mysqlnd-shared.patch (1.2 -> NONE) (REMOVED), php-krb5-ac.patch (1.1 -> NONE) (REMOVED) ---- Diffs: ================================================================ Index: packages/php/php-fpm-config.patch diff -u packages/php/php-fpm-config.patch:1.12 packages/php/php-fpm-config.patch:1.13 --- packages/php/php-fpm-config.patch:1.12 Wed Dec 21 18:09:12 2011 +++ packages/php/php-fpm-config.patch Wed Jan 11 21:05:04 2012 @@ -1,5 +1,5 @@ ---- php-5.3.6/sapi/fpm/php-fpm.conf.in 2011-04-22 15:19:46.991588712 +0300 -+++ php-5.3.8/sapi/fpm/php-fpm.conf.in 2011-12-21 19:07:47.320624976 +0200 +--- php-5.3.9/sapi/fpm/php-fpm.conf.in~ 2012-01-11 21:38:12.000000000 +0200 ++++ php-5.3.9/sapi/fpm/php-fpm.conf.in 2012-01-11 21:39:02.535951773 +0200 @@ -22,7 +22,7 @@ ; Pid file ; Note: the default prefix is @EXPANDED_LOCALSTATEDIR@ @@ -27,21 +27,21 @@ ; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many -@@ -159,12 +159,12 @@ +@@ -208,12 +208,12 @@ ; The desired minimum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' --;pm.min_spare_servers = 5 -+pm.min_spare_servers = 5 +-pm.min_spare_servers = 1 ++pm.min_spare_servers = 2 ; The desired maximum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' --;pm.max_spare_servers = 35 -+pm.max_spare_servers = 35 - - ; The number of requests each child process should execute before respawning. - ; This can be useful to work around memory leaks in 3rd party libraries. For +-pm.max_spare_servers = 3 ++pm.max_spare_servers = 5 + + ; The number of seconds after which an idle process will be killed. + ; Note: Used only when pm is set to 'ondemand' @@ -214,7 +214,7 @@ ; anything, but it may not be a good idea to use the .php extension or it ; may conflict with a real PHP file. ================================================================ Index: packages/php/php-ini.patch diff -u packages/php/php-ini.patch:1.42 packages/php/php-ini.patch:1.43 --- packages/php/php-ini.patch:1.42 Thu Apr 21 12:03:38 2011 +++ packages/php/php-ini.patch Wed Jan 11 21:05:04 2012 @@ -1,5 +1,5 @@ ---- php-5.3.4/php.ini~ 2010-12-12 23:03:42.000000000 +0200 -+++ php-5.3.4/php.ini 2010-12-12 23:05:56.583592856 +0200 +--- php-5.3.9/php.ini~ 2012-01-11 21:35:14.000000000 +0200 ++++ php-5.3.9/php.ini 2012-01-11 21:35:49.227068991 +0200 @@ -223,7 +223,7 @@ ; Development Value: Off ; Production Value: Off @@ -96,7 +96,7 @@ ; ; extension=msql.so ; -@@ -887,39 +887,8 @@ +@@ -899,53 +899,8 @@ ; If you only provide the name of the extension, PHP will look for it in its ; default extension directory. ; @@ -121,7 +121,7 @@ -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client --;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client +-;extension=php_oci8_11g.dll ; Use with Oracle 11gR2 Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll @@ -133,11 +133,25 @@ -;extension=php_pgsql.dll -;extension=php_pspell.dll -;extension=php_shmop.dll +- +-; The MIBS data available in the PHP distribution must be installed. +-; See http://www.php.net/manual/en/snmp.installation.php +-;extension=php_snmp.dll +- +-;extension=php_soap.dll +-;extension=php_sockets.dll +-;extension=php_sqlite.dll +-;extension=php_sqlite3.dll +-;extension=php_sybase_ct.dll +-;extension=php_tidy.dll +-;extension=php_xmlrpc.dll +-;extension=php_xsl.dll +-;extension=php_zip.dll +; Ideally in PLD Linux you should install appropriate php-<extension> or +; php-pecl-<extension> package. - ; The MIBS data available in the PHP distribution must be installed. - ; See http://www.php.net/manual/en/snmp.installation.php + ;;;;;;;;;;;;;;;;;;; + ; Module Settings ; @@ -1235,6 +1140,9 @@ ; http://php.net/mysql.connect-timeout mysql.connect_timeout = 60 ================================================================ Index: packages/php/php-pdo_mysql-charsetphpini.patch diff -u packages/php/php-pdo_mysql-charsetphpini.patch:1.6 packages/php/php-pdo_mysql-charsetphpini.patch:1.7 --- packages/php/php-pdo_mysql-charsetphpini.patch:1.6 Sun Jul 25 12:15:50 2010 +++ packages/php/php-pdo_mysql-charsetphpini.patch Wed Jan 11 21:05:04 2012 @@ -46,16 +46,6 @@ return SUCCESS; } -@@ -108,9 +107,7 @@ - - php_info_print_table_end(); - --#ifdef PDO_USE_MYSQLND - DISPLAY_INI_ENTRIES(); --#endif - } - /* }}} */ - @@ -161,6 +161,7 @@ pdo_mysql_globals->debug = NULL; /* The actual string */ pdo_mysql_globals->dbg = NULL; /* The DBG object*/ ================================================================ Index: packages/php/php.spec diff -u packages/php/php.spec:1.969 packages/php/php.spec:1.970 --- packages/php/php.spec:1.969 Tue Dec 20 20:43:21 2011 +++ packages/php/php.spec Wed Jan 11 21:05:04 2012 @@ -111,7 +111,7 @@ %undefine with_filter %endif -%define rel 13 +%define rel 0.1 Summary: PHP: Hypertext Preprocessor Summary(fr.UTF-8): Le langage de script embarque-HTML PHP Summary(pl.UTF-8): Język skryptowy PHP @@ -119,13 +119,13 @@ Summary(ru.UTF-8): PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері Name: php -Version: 5.3.8 +Version: 5.3.9 Release: %{rel}%{?with_type_hints:.th}%{?with_oci8:.oci} Epoch: 4 License: PHP Group: Libraries Source0: http://www.php.net/distributions/%{name}-%{version}.tar.bz2 -# Source0-md5: 704cd414a0565d905e1074ffdc1fadfb +# Source0-md5: dd3288ed5c08cd61ac5bf619cb357521 Source2: %{name}-mod_%{name}.conf Source3: %{name}-cgi-fcgi.ini Source4: %{name}-apache.ini @@ -187,12 +187,9 @@ Patch51: spl-shared.patch Patch52: pcre-shared.patch Patch53: fix-test-run.patch -Patch54: mysqlnd-shared.patch Patch55: bug-52078-fileinode.patch -Patch57: bug-52448.patch Patch59: %{name}-systzdata.patch Patch60: %{name}-oracle-instantclient.patch -Patch61: %{name}-krb5-ac.patch Patch62: mcrypt-libs.patch Patch63: %{name}-mysql-nowarning.patch Patch64: %{name}-m4.patch @@ -1931,13 +1928,10 @@ %patch51 -p1 %patch52 -p1 %patch53 -p1 -%patch54 -p1 %undos ext/spl/tests/SplFileInfo_getInode_basic.phpt %patch55 -p1 -%patch57 -p1 %patch59 -p1 %patch60 -p1 -%patch61 -p1 %patch62 -p1 %patch63 -p1 %patch64 -p1 @@ -3331,6 +3325,9 @@ All persons listed below can be reached at <cvs_login>@pld-linux.org $Log$ +Revision 1.970 2012/01/11 20:05:04 glen +- up to 5.3.9; cve refs for 5.3.7 release + Revision 1.969 2011/12/20 19:43:21 arekm - release 13 @@ -3407,6 +3404,7 @@ Revision 1.946 2011/08/20 16:39:10 arekm - up to 5.3.7 (curl limit looks merged; buff_ovf also) + [CVE-2011-2483, CVE-2011-2202, CVE-2011-1148, CVE-2011-1938] Revision 1.945 2011/08/07 17:42:45 glen - --enable-spl/--disable-spl option does not exist in 5.3+ ================================================================ Index: packages/php/suhosin.patch diff -u packages/php/suhosin.patch:1.10 packages/php/suhosin.patch:1.11 --- packages/php/suhosin.patch:1.10 Sat Aug 20 18:39:12 2011 +++ packages/php/suhosin.patch Wed Jan 11 21:05:05 2012 @@ -1192,43 +1192,40 @@ } } #endif -diff -Naurp php-5.3.6RC1/sapi/cgi/cgi_main.c php-5.3.6RC1.oden/sapi/cgi/cgi_main.c ---- php-5.3.6RC1/sapi/cgi/cgi_main.c 2011-01-01 03:19:59.000000000 +0100 -+++ php-5.3.6RC1.oden/sapi/cgi/cgi_main.c 2011-02-20 11:57:02.864596378 +0100 -@@ -1929,10 +1929,18 @@ consult the installation file that came +--- php-5.3.9/sapi/cgi/cgi_main.c~ 2012-01-11 21:40:09.000000000 +0200 ++++ php-5.3.9/sapi/cgi/cgi_main.c 2012-01-11 21:43:37.468650443 +0200 +@@ -1948,11 +1948,19 @@ SG(headers_sent) = 1; SG(request_info).no_headers = 1; } +#if SUHOSIN_PATCH - #if ZEND_DEBUG -- php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); -+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); - #else -- php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); -+ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); ++#if ZEND_DEBUG ++ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2012 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); ++#else ++ php_printf("PHP %s with Suhosin-Patch (%s) (built: %s %s)\nCopyright (c) 1997-2012 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); +#endif +#else -+ #if ZEND_DEBUG -+ php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); -+ #else -+ php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2011 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); -+ #endif + #if ZEND_DEBUG + php_printf("PHP %s (%s) (built: %s %s) (DEBUG)\nCopyright (c) 1997-2012 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); + #else + php_printf("PHP %s (%s) (built: %s %s)\nCopyright (c) 1997-2012 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, get_zend_version()); #endif ++#endif php_request_shutdown((void *) 0); fcgi_shutdown(); -diff -Naurp php-5.3.6RC1/sapi/cli/php_cli.c php-5.3.6RC1.oden/sapi/cli/php_cli.c ---- php-5.3.6RC1/sapi/cli/php_cli.c 2011-01-01 03:19:59.000000000 +0100 -+++ php-5.3.6RC1.oden/sapi/cli/php_cli.c 2011-02-20 11:58:39.473179737 +0100 -@@ -832,7 +832,11 @@ int main(int argc, char *argv[]) + exit_status = 0; +--- php-5.3.9/sapi/cli/php_cli.c~ 2012-01-01 15:15:04.000000000 +0200 ++++ php-5.3.9/sapi/cli/php_cli.c 2012-01-11 21:44:56.122264808 +0200 +@@ -826,7 +826,11 @@ } request_started = 1; -- php_printf("PHP %s (%s) (built: %s %s) %s\nCopyright (c) 1997-2011 The PHP Group\n%s", +- php_printf("PHP %s (%s) (built: %s %s) %s\nCopyright (c) 1997-2012 The PHP Group\n%s", + php_printf("PHP %s " +#if SUHOSIN_PATCH -+ "with Suhosin-Patch " ++ "with Suhosin-Patch " +#endif -+ "(%s) (built: %s %s) %s\nCopyright (c) 1997-2011 The PHP Group\n%s", ++ "(%s) (built: %s %s) %s\nCopyright (c) 1997-2012 The PHP Group\n%s", PHP_VERSION, sapi_module.name, __DATE__, __TIME__, #if ZEND_DEBUG && defined(HAVE_GCOV) "(DEBUG GCOV)", ================================================================ ---- CVS-web: http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/php/php-fpm-config.patch?r1=1.12&r2=1.13&f=u http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/php/php-ini.patch?r1=1.42&r2=1.43&f=u http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/php/php-pdo_mysql-charsetphpini.patch?r1=1.6&r2=1.7&f=u http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/php/php.spec?r1=1.969&r2=1.970&f=u http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/php/suhosin.patch?r1=1.10&r2=1.11&f=u _______________________________________________ pld-cvs-commit mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
