[packages/php/PHP_5_4] up to 5.4.16; fixes CVE-2013-2110

Mon, 10 Jun 2013 05:19:32 -0700 

commit 5235f1a4987e0d9f86f5b7d794154c3f659dd2e3
Author: Elan Ruusamäe <[email protected]>
Date:   Mon Jun 10 15:18:06 2013 +0300

    up to 5.4.16; fixes CVE-2013-2110

 php-mysql-charsetphpini.patch | 10 +++++-----
 php.spec                      |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)
---
diff --git a/php.spec b/php.spec
index 25d2e37..53d6922 100644
--- a/php.spec
+++ b/php.spec
@@ -134,13 +134,13 @@ Summary(pt_BR.UTF-8):     A linguagem de script PHP
 Summary(ru.UTF-8):     PHP Версии 5 - язык препроцессирования HTML-файлов, 
выполняемый на сервере
 Summary(uk.UTF-8):     PHP Версії 5 - мова препроцесування HTML-файлів, 
виконувана на сервері
 Name:          %{orgname}%{php_suffix}
-Version:       5.4.15
+Version:       5.4.16
 Release:       %{rel}%{?with_type_hints:.th}%{?with_oci8:.oci}
 Epoch:         4
 License:       PHP
 Group:         Libraries
 Source0:       http://www.php.net/distributions/%{orgname}-%{version}.tar.bz2
-# Source0-md5: 145ea5e845e910443ff1eddb3dbcf56a
+# Source0-md5: 3d2c694d28861d707b2622c3cc941cff
 Source2:       %{orgname}-mod_%{orgname}.conf
 Source3:       %{orgname}-cgi-fcgi.ini
 Source4:       %{orgname}-apache.ini
diff --git a/php-mysql-charsetphpini.patch b/php-mysql-charsetphpini.patch
index d3a2a64..1ddb7f9 100644
--- a/php-mysql-charsetphpini.patch
+++ b/php-mysql-charsetphpini.patch
@@ -1,5 +1,5 @@
---- php-5.2.5_p20080206.orig/ext/mysql/php_mysql.c     2008-02-06 
14:22:57.652600900 +0100
-+++ php-5.2.5_p20080206/ext/mysql/php_mysql.c  2008-02-06 14:24:40.216655403 
+0100
+--- php-5.4.16/ext/mysql/php_mysql.c~  2013-06-10 14:41:59.000000000 +0300
++++ php-5.4.16/ext/mysql/php_mysql.c   2013-06-10 14:42:50.048809174 +0300
 @@ -360,6 +360,7 @@
        PHP_INI_ENTRY("mysql.default_port",                             NULL,   
PHP_INI_ALL,            OnMySQLPort)
        STD_PHP_INI_ENTRY("mysql.default_socket",               NULL,   
PHP_INI_ALL,            OnUpdateStringUnempty,  default_socket, 
zend_mysql_globals,             mysql_globals)
@@ -16,14 +16,14 @@
        mysql_globals->trace_mode = 0;
        mysql_globals->result_allocated = 0;
  }
-@@ -515,6 +517,7 @@
+@@ -723,6 +723,7 @@
  {
        char *user=NULL, *passwd=NULL, *host_and_port=NULL, *socket=NULL, 
*tmp=NULL, *host=NULL;
-       int  user_len, passwd_len, host_len;
+       int  user_len = 0, passwd_len = 0, host_len = 0;
 +      char *connect_charset=NULL;
        char *hashed_details=NULL;
        int hashed_details_length, port = MYSQL_PORT;
-       int client_flags = 0;
+       long client_flags = 0;
 @@ -527,6 +530,7 @@
  
  
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/5235f1a4987e0d9f86f5b7d794154c3f659dd2e3

_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

Reply via email to