commit php5 for openSUSE:12.1:Update:Test
Hello community,
here is the log from the commit of package php5 for openSUSE:12.1:Update:Test
checked in at 2012-03-09 17:26:54
Comparing /work/SRC/openSUSE:12.1:Update:Test/php5 (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.php5.new (New)
Package is php5, Maintainer is pgaj...@suse.com
Changes:
--- /work/SRC/openSUSE:12.1:Update:Test/php5/php5.changes 2012-02-17
10:41:55.0 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.php5.new/php5.changes 2012-03-09
17:26:55.0 +0100
@@ -1,0 +2,5 @@
+Thu Mar 8 16:54:09 UTC 2012 - pgaj...@suse.com
+
+- fixed regressions after fix for CVE-2012-0830 [bnc#749111]
+
+---
Other differences:
--
++ php-5.3.8-CVE-2011-4885.patch ++
--- /var/tmp/diff_new_pack.DRZ7OW/_old 2012-03-09 17:26:56.0 +0100
+++ /var/tmp/diff_new_pack.DRZ7OW/_new 2012-03-09 17:26:56.0 +0100
@@ -1,5 +1,6 @@
http://svn.php.net/viewvc?view=revisionrevision=321038
http://svn.php.net/viewvc?view=revisionrevision=321040
+http://svn.php.net/viewvc?view=revisionrevision=321335
Index: php.ini-development
===
--- php.ini-development.orig
@@ -57,23 +58,37 @@
===
--- main/php_variables.c.orig
+++ main/php_variables.c
-@@ -191,6 +191,9 @@ PHPAPI void php_register_variable_ex(cha
+@@ -191,9 +191,14 @@ PHPAPI void php_register_variable_ex(cha
}
if (zend_symtable_find(symtable1,
escaped_index, index_len + 1, (void **) gpc_element_p) == FAILURE
|| Z_TYPE_PP(gpc_element_p) !=
IS_ARRAY) {
-+ if (zend_hash_num_elements(symtable1)
= PG(max_input_vars)) {
-+ php_error_docref(NULL
TSRMLS_CC, E_ERROR, Input variables exceeded %ld. To increase the limit change
max_input_vars in php.ini., PG(max_input_vars));
+- MAKE_STD_ZVAL(gpc_element);
+- array_init(gpc_element);
+- zend_symtable_update(symtable1,
escaped_index, index_len + 1, gpc_element, sizeof(zval *), (void **)
gpc_element_p);
++ if (zend_hash_num_elements(symtable1)
= PG(max_input_vars)) {
++ if
(zend_hash_num_elements(symtable1) == PG(max_input_vars)) {
++ php_error_docref(NULL
TSRMLS_CC, E_WARNING, Input variables exceeded %ld. To increase the limit
change max_input_vars in php.ini., PG(max_input_vars));
++ }
++ MAKE_STD_ZVAL(gpc_element);
++ array_init(gpc_element);
++ zend_symtable_update(symtable1,
escaped_index, index_len + 1, gpc_element, sizeof(zval *), (void **)
gpc_element_p);
+ }
- MAKE_STD_ZVAL(gpc_element);
- array_init(gpc_element);
- zend_symtable_update(symtable1,
escaped_index, index_len + 1, gpc_element, sizeof(zval *), (void **)
gpc_element_p);
-@@ -236,6 +239,9 @@ plain_var:
+ }
+ if (index != escaped_index) {
+ efree(escaped_index);
+@@ -236,7 +241,14 @@ plain_var:
zend_symtable_exists(symtable1, escaped_index,
index_len + 1)) {
zval_ptr_dtor(gpc_element);
} else {
-+ if (zend_hash_num_elements(symtable1) =
PG(max_input_vars)) {
-+ php_error_docref(NULL TSRMLS_CC,
E_ERROR, Input variables exceeded %ld. To increase the limit change
max_input_vars in php.ini., PG(max_input_vars));
+- zend_symtable_update(symtable1, escaped_index,
index_len + 1, gpc_element, sizeof(zval *), (void **) gpc_element_p);
++ if (zend_hash_num_elements(symtable1) =
PG(max_input_vars)) {
++ if (zend_hash_num_elements(symtable1)
== PG(max_input_vars)) {
++ php_error_docref(NULL
TSRMLS_CC, E_WARNING, Input variables exceeded %ld. To increase the limit
change max_input_vars in php.ini., PG(max_input_vars));
++
commit php5 for openSUSE:12.1:Update:Test
Hello community,
here is the log from the commit of package php5 for openSUSE:12.1:Update:Test
checked in at 2012-02-17 10:41:54
Comparing /work/SRC/openSUSE:12.1:Update:Test/php5 (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.php5.new (New)
Package is php5, Maintainer is pgaj...@suse.com
Changes:
--- /work/SRC/openSUSE:12.1:Update:Test/php5/php5.changes 2012-02-03
17:05:23.0 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.php5.new/php5.changes 2012-02-17
10:41:55.0 +0100
@@ -1,0 +2,9 @@
+Tue Feb 7 12:44:07 UTC 2012 - pgaj...@suse.com
+
+- security update:
+ * CVE-2012-0807 [bnc#743308]
+ * CVE-2012-0057 [bnc#741520]
+ * CVE-2011-4153 [bnc#741859]
+ * CVE-2012-0831 [bnc#746661]
+
+---
New:
php-5.3.8-CVE-2011-4153.patch
php-5.3.8-CVE-2012-0057.patch
php-5.3.8-CVE-2012-0807.patch
php-5.3.8-CVE-2012-0831.patch
Other differences:
--
++ php5.spec ++
--- /var/tmp/diff_new_pack.dflNDP/_old 2012-02-17 10:41:56.0 +0100
+++ /var/tmp/diff_new_pack.dflNDP/_new 2012-02-17 10:41:56.0 +0100
@@ -169,6 +169,10 @@
Patch41:php-5.3.8-memory-corruption-parse_ini_string.patch
Patch42:php-5.3.8-CVE-2012-0789.patch
Patch43:php-5.3.8-CVE-2012-0830.patch
+Patch44:php-5.3.8-CVE-2012-0807.patch
+Patch45:php-5.3.8-CVE-2012-0057.patch
+Patch46:php-5.3.8-CVE-2011-4153.patch
+Patch47:php-5.3.8-CVE-2012-0831.patch
Url:http://www.php.net
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Summary:PHP5 Core Files
@@ -1288,6 +1292,10 @@
%patch41
%patch42
%patch43 -p1
+%patch44
+%patch45
+%patch46
+%patch47
# Safety check for API version change.
vapi=`sed -n '/#define PHP_API_VERSION/{s/.* //;p}' main/php.h`
if test x${vapi} != x%{apiver}; then
++ php-5.3.8-CVE-2011-4153.patch ++
http://svn.php.net/viewvc?view=revisionrevision=319442
http://svn.php.net/viewvc?view=revisionrevision=319453
#-0-
Zend/zend_builtin_functions.c
#-1-
ext/soap/php_sdl.c
#-2-
ext/standard/syslog.c
#-3-
N/A for 5.3.8
#-4-
N/A
#-5-
N/A
#-6-
ext/session/mod_files.c
ext/standard/file.c
Index: Zend/zend_builtin_functions.c
===
--- Zend/zend_builtin_functions.c.orig
+++ Zend/zend_builtin_functions.c
@@ -683,6 +683,9 @@ repeat:
}
c.flags = case_sensitive; /* non persistent */
c.name = zend_strndup(name, name_len);
+if(c.name == NULL) {
+RETURN_FALSE;
+}
c.name_len = name_len+1;
c.module_number = PHP_USER_CONSTANT;
if (zend_register_constant(c TSRMLS_CC) == SUCCESS) {
Index: ext/standard/syslog.c
===
--- ext/standard/syslog.c.orig
+++ ext/standard/syslog.c
@@ -234,6 +234,9 @@ PHP_FUNCTION(openlog)
free(BG(syslog_device));
}
BG(syslog_device) = zend_strndup(ident, ident_len);
+ if(BG(syslog_device) == NULL) {
+ RETURN_FALSE;
+ }
openlog(BG(syslog_device), option, facility);
RETURN_TRUE;
}
Index: ext/soap/php_sdl.c
===
--- ext/soap/php_sdl.c.orig
+++ ext/soap/php_sdl.c
@@ -147,6 +147,10 @@ encodePtr get_encoder(sdlPtr sdl, const
memcpy(new_enc, enc, sizeof(encode));
if (sdl-is_persistent) {
new_enc-details.ns = zend_strndup(ns, ns_len);
+ if (new_enc-details.ns == NULL) {
+ efree(nscat);
+ return NULL;
+ }
new_enc-details.type_str =
strdup(new_enc-details.type_str);
} else {
new_enc-details.ns = estrndup(ns, ns_len);
Index: ext/standard/file.c
===
--- ext/standard/file.c.orig
+++ ext/standard/file.c
@@ -2612,10 +2612,15 @@ PHP_FUNCTION(fnmatch)
Returns directory path used for temporary files */
PHP_FUNCTION(sys_get_temp_dir)
{
+ char *tmp_dir;
if (zend_parse_parameters_none() == FAILURE) {
return;
}
- RETURN_STRING((char *)php_get_temporary_directory(), 1);
+tmp_dir = (char *)php_get_temporary_directory();
+ if (tmp_dir == NULL) {
+ return;
+}
+ RETURN_STRING(tmp_dir, 1);
}
/* }}} */
Index: ext/session/mod_files.c
===
---
commit php5 for openSUSE:12.1:Update:Test
Hello community,
here is the log from the commit of package php5 for openSUSE:12.1:Update:Test
checked in at 2012-02-03 17:05:21
Comparing /work/SRC/openSUSE:12.1:Update:Test/php5 (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.php5.new (New)
Package is php5, Maintainer is pgaj...@suse.com
Changes:
--- /work/SRC/openSUSE:12.1:Update:Test/php5/php5.changes 2012-01-30
20:40:47.0 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.php5.new/php5.changes 2012-02-03
17:05:23.0 +0100
@@ -1,0 +2,6 @@
+Fri Feb 3 08:13:16 UTC 2012 - pgaj...@suse.com
+
+- security update CVE-2012-0830 and other memory leaks
+ (fixes the fix of CVE-2011-4885) [bnc#744966]
+
+---
New:
php-5.3.8-CVE-2012-0830.patch
Other differences:
--
++ php5.spec ++
--- /var/tmp/diff_new_pack.RcXGOB/_old 2012-02-03 17:05:23.0 +0100
+++ /var/tmp/diff_new_pack.RcXGOB/_new 2012-02-03 17:05:23.0 +0100
@@ -15,6 +15,8 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
+
Name: php5
%global apiver 20090626
%global zendver 20090626
@@ -166,6 +168,7 @@
Patch40:php-5.3.8-CVE-2012-0788.patch
Patch41:php-5.3.8-memory-corruption-parse_ini_string.patch
Patch42:php-5.3.8-CVE-2012-0789.patch
+Patch43:php-5.3.8-CVE-2012-0830.patch
Url:http://www.php.net
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Summary:PHP5 Core Files
@@ -1284,6 +1287,7 @@
%patch40
%patch41
%patch42
+%patch43 -p1
# Safety check for API version change.
vapi=`sed -n '/#define PHP_API_VERSION/{s/.* //;p}' main/php.h`
if test x${vapi} != x%{apiver}; then
++ php-5.3.8-CVE-2012-0830.patch ++
Index: php-5.3.8/main/php_variables.c
===
--- php-5.3.8.orig/main/php_variables.c
+++ php-5.3.8/main/php_variables.c
@@ -182,7 +182,13 @@ PHPAPI void php_register_variable_ex(cha
if (!index) {
MAKE_STD_ZVAL(gpc_element);
array_init(gpc_element);
- zend_hash_next_index_insert(symtable1,
gpc_element, sizeof(zval *), (void **) gpc_element_p);
+if (zend_hash_next_index_insert(symtable1,
gpc_element, sizeof(zval *), (void **) gpc_element_p) == FAILURE) {
+zval_ptr_dtor(gpc_element);
+zval_dtor(val);
+efree(var_orig);
+return;
+}
+
} else {
if (PG(magic_quotes_gpc)) {
escaped_index = php_addslashes(index,
index_len, index_len, 0 TSRMLS_CC);
@@ -197,6 +203,13 @@ PHPAPI void php_register_variable_ex(cha
MAKE_STD_ZVAL(gpc_element);
array_init(gpc_element);
zend_symtable_update(symtable1,
escaped_index, index_len + 1, gpc_element, sizeof(zval *), (void **)
gpc_element_p);
+ } else {
+ if (index != escaped_index) {
+ efree(escaped_index);
+ }
+ zval_dtor(val);
+ efree(var_orig);
+ return;
}
if (index != escaped_index) {
efree(escaped_index);
@@ -221,7 +234,9 @@ plain_var:
gpc_element-value = val-value;
Z_TYPE_P(gpc_element) = Z_TYPE_P(val);
if (!index) {
- zend_hash_next_index_insert(symtable1, gpc_element,
sizeof(zval *), (void **) gpc_element_p);
+if (zend_hash_next_index_insert(symtable1,
gpc_element, sizeof(zval *), (void **) gpc_element_p) == FAILURE) {
+zval_ptr_dtor(gpc_element);
+}
} else {
if (PG(magic_quotes_gpc)) {
escaped_index = php_addslashes(index,
index_len, index_len, 0 TSRMLS_CC);
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit php5 for openSUSE:12.1:Update:Test
Hello community,
here is the log from the commit of package php5 for openSUSE:12.1:Update:Test
checked in at 2012-01-30 20:40:45
Comparing /work/SRC/openSUSE:12.1:Update:Test/php5 (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.php5.new (New)
Package is php5, Maintainer is pgaj...@suse.com
Changes:
--- /work/SRC/openSUSE:12.1:Update:Test/php5/php5.changes 2012-01-20
19:08:10.0 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.php5.new/php5.changes 2012-01-30
20:40:47.0 +0100
@@ -1,0 +2,9 @@
+Tue Jan 24 09:18:43 UTC 2012 - pgaj...@suse.com
+
+- security update:
+ * CVE-2012-0781 [bnc#742273]
+ * CVE-2012-0788 [bnc#742806]
+ * memory corruption in parse_ini_string() [bnc#742806]
+ * CVE-2012-0789 [bnc#742806]
+
+---
New:
php-5.3.8-CVE-2012-0781.patch
php-5.3.8-CVE-2012-0788.patch
php-5.3.8-CVE-2012-0789.patch
php-5.3.8-memory-corruption-parse_ini_string.patch
Other differences:
--
++ php5.spec ++
--- /var/tmp/diff_new_pack.QBW3MA/_old 2012-01-30 20:40:48.0 +0100
+++ /var/tmp/diff_new_pack.QBW3MA/_new 2012-01-30 20:40:48.0 +0100
@@ -162,6 +162,10 @@
Patch36:php-5.3.8-CVE-2011-4566.patch
Patch37:php-5.3.8-CVE-2011-1466.patch
Patch38:php-5.3.8-CVE-2011-4885.patch
+Patch39:php-5.3.8-CVE-2012-0781.patch
+Patch40:php-5.3.8-CVE-2012-0788.patch
+Patch41:php-5.3.8-memory-corruption-parse_ini_string.patch
+Patch42:php-5.3.8-CVE-2012-0789.patch
Url:http://www.php.net
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Summary:PHP5 Core Files
@@ -1276,6 +1280,10 @@
%patch36
%patch37
%patch38
+%patch39
+%patch40
+%patch41
+%patch42
# Safety check for API version change.
vapi=`sed -n '/#define PHP_API_VERSION/{s/.* //;p}' main/php.h`
if test x${vapi} != x%{apiver}; then
++ php-5.3.8-CVE-2011-1466.patch ++
--- /var/tmp/diff_new_pack.QBW3MA/_old 2012-01-30 20:40:48.0 +0100
+++ /var/tmp/diff_new_pack.QBW3MA/_new 2012-01-30 20:40:48.0 +0100
@@ -39,10 +39,11 @@
/* Calculate the century (year/100). */
century = temp / DAYS_PER_400_YEARS;
-@@ -190,6 +182,10 @@ void SdnToGregorian(
+@@ -190,6 +182,11 @@ void SdnToGregorian(
*pYear = year;
*pMonth = month;
*pDay = day;
++ return;
+fail:
+ *pYear = 0;
+ *pMonth = 0;
++ php-5.3.8-CVE-2012-0781.patch ++
http://svn.php.net/viewvc?view=revisionrevision=319254
--- ext/tidy/tidy.c 2011/11/15 14:20:13 319253
+++ ext/tidy/tidy.c 2011/11/15 15:16:20 319254
@@ -1288,7 +1288,7 @@
{
TIDY_FETCH_OBJECT;
- if (tidyRunDiagnostics(obj-ptdoc-doc) = 0) {
+ if (tidyStatus(obj-ptdoc-doc) != 0
tidyRunDiagnostics(obj-ptdoc-doc) = 0) {
tidy_doc_update_properties(obj TSRMLS_CC);
RETURN_TRUE;
}
++ php-5.3.8-CVE-2012-0788.patch ++
http://svn.php.net/viewvc/?view=revisionamp;revision=317272
--- ext/pdo/pdo_stmt.c 2011/09/25 12:14:09 317271
+++ ext/pdo/pdo_stmt.c 2011/09/25 12:39:05 317272
@@ -2351,6 +2351,7 @@
}
zend_object_handlers pdo_dbstmt_object_handlers;
+static int pdo_row_serialize(zval *object, unsigned char **buffer, zend_uint
*buf_len, zend_serialize_data *data TSRMLS_DC);
void pdo_stmt_init(TSRMLS_D)
{
@@ -2374,6 +2375,7 @@
pdo_row_ce = zend_register_internal_class(ce TSRMLS_CC);
pdo_row_ce-ce_flags |= ZEND_ACC_FINAL_CLASS; /* when removing this a
lot of handlers need to be redone */
pdo_row_ce-create_object = pdo_row_new;
+ pdo_row_ce-serialize = pdo_row_serialize;
}
static void free_statement(pdo_stmt_t *stmt TSRMLS_DC)
@@ -2796,6 +2798,12 @@
retval.handlers = pdo_row_object_handlers;
return retval;
+}
+
+static int pdo_row_serialize(zval *object, unsigned char **buffer, zend_uint
*buf_len, zend_serialize_data *data TSRMLS_DC)
+{
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, PDORow instances may not
be serialized);
+ return FAILURE;
}
/* }}} */
++ php-5.3.8-CVE-2012-0789.patch ++
http://svn.php.net/viewvc/?view=revisionamp;revision=320481
Modified: ext/date/lib/parse_date.re
===
Index: ext/date/lib/parse_date.re
===
--- ext/date/lib/parse_date.re.orig
+++ ext/date/lib/parse_date.re
@@ -775,7 +775,7 @@ static long timelib_lookup_zone(char **p
return value;
}
-static long timelib_get_zone(char **ptr, int *dst, timelib_time *t, int
*tz_not_found, const timelib_tzdb *tzdb)
+static long timelib_get_zone(char **ptr,
commit php5 for openSUSE:12.1:Update:Test
Hello community, here is the log from the commit of package php5 for openSUSE:12.1:Update:Test checked in at 2012-01-20 19:08:09 Comparing /work/SRC/openSUSE:12.1:Update:Test/php5 (Old) and /work/SRC/openSUSE:12.1:Update:Test/.php5.new (New) Package is php5, Maintainer is pgaj...@suse.com Changes: --- /work/SRC/openSUSE:12.1:Update:Test/php5/php5.changes 2012-01-05 17:06:41.0 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.php5.new/php5.changes 2012-01-20 19:08:10.0 +0100 @@ -11 +11,2 @@ -- apache module conflicts with apache2-worker [bnc#728671] +- amend README.SUSE to discourage using apache module with + apache2-worker [bnc#728671] Other differences: -- ++ php5.spec ++ 712 lines (skipped) between /work/SRC/openSUSE:12.1:Update:Test/php5/php5.spec and /work/SRC/openSUSE:12.1:Update:Test/.php5.new/php5.spec ++ php-suse-addons.tar.bz2 ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/php-suse-addons/README.SUSE new/php-suse-addons/README.SUSE --- old/php-suse-addons/README.SUSE 2005-02-09 15:40:33.0 +0100 +++ new/php-suse-addons/README.SUSE 2012-01-18 10:01:25.0 +0100 @@ -41,6 +41,11 @@ Enabling/disabling the PHP5 module for Apache = + - PHP.net does not recommend to use PHP with Apache Worker, as some of the + libraries PHP relies on are not thread safe; see +http://php.net/manual/en/install.unix.apache2.php + http://www.php.net/manual/en/faq.installation.php#faq.installation.apache2 + for details - in /etc/sysconfig/apache2, add php5 to APACHE_MODULES, or remove it to disable - possibly include /etc/apache2/conf.d/mod_php5.conf in individual virtual -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit php5 for openSUSE:12.1:Update:Test
Hello community,
here is the log from the commit of package php5 for openSUSE:12.1:Update:Test
checked in at 2012-01-05 17:06:35
Comparing /work/SRC/openSUSE:12.1:Update:Test/php5 (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.php5.new (New)
Package is php5, Maintainer is pgaj...@suse.com
Changes:
--- /work/SRC/openSUSE:12.1:Update:Test/php5/php5.changes 2012-01-05
17:06:40.0 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.php5.new/php5.changes 2012-01-05
17:06:41.0 +0100
@@ -1,0 +2,19 @@
+Mon Jan 2 14:36:39 UTC 2012 - pgaj...@suse.com
+
+- security update:
+ * CVE-2011-4885 [bnc#738221] -- added max_input_vars directive
+to prevent attacks based on hash collisions
+
+---
+Tue Dec 20 12:58:50 UTC 2011 - pgaj...@suse.com
+
+- apache module conflicts with apache2-worker [bnc#728671]
+
+---
+Fri Dec 9 11:35:56 UTC 2011 - pgaj...@suse.com
+
+- security update:
+ * CVE-2011-4566 [bnc#733590]
+ * CVE-2011-1466 [bnc#736169]
+
+---
New:
php-5.3.8-CVE-2011-1466.patch
php-5.3.8-CVE-2011-4566.patch
php-5.3.8-CVE-2011-4885.patch
Other differences:
--
++ php5.spec ++
--- /var/tmp/diff_new_pack.00es7w/_old 2012-01-05 17:06:41.0 +0100
+++ /var/tmp/diff_new_pack.00es7w/_new 2012-01-05 17:06:41.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package php5
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -137,6 +137,9 @@
%endif
Patch34:php5-2g-crash.patch
Patch35:php-5.3.8-CVE-2011-3379.patch
+Patch36:php-5.3.8-CVE-2011-4566.patch
+Patch37:php-5.3.8-CVE-2011-1466.patch
+Patch38:php-5.3.8-CVE-2011-4885.patch
Url:http://www.php.net
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Summary:PHP5 Core Files
@@ -219,6 +222,7 @@
Requires: apache2-prefork %{apache2_mmn} %{name} = %{version}
PreReq: apache2
Conflicts: apache2-mod_php4
+Conflicts: apache2-worker
Provides: mod_php_any php-xml php-spl php-simplexml php-session php-pcre
php-date php-reflection php-filter
%description -n apache2-mod_php5
@@ -1246,6 +1250,9 @@
%endif
%patch34
%patch35
+%patch36
+%patch37
+%patch38
# Safety check for API version change.
vapi=`sed -n '/#define PHP_API_VERSION/{s/.* //;p}' main/php.h`
if test x${vapi} != x%{apiver}; then
++ php-5.3.8-CVE-2011-1466.patch ++
http://svn.php.net/viewvc/?view=revisionamp;revision=306475
http://svn.php.net/viewvc/?view=revisionamp;revision=317360
http://svn.php.net/viewvc/?view=revisionamp;revision=317387
Index: ext/calendar/gregor.c
===
--- ext/calendar/gregor.c.orig
+++ ext/calendar/gregor.c
@@ -127,6 +127,7 @@
**/
#include sdncal.h
+#include limits.h
#define GREGOR_SDN_OFFSET 32045
#define DAYS_PER_5_MONTHS 153
@@ -146,21 +147,12 @@ void SdnToGregorian(
long int temp;
int dayOfYear;
- if (sdn = 0) {
- *pYear = 0;
- *pMonth = 0;
- *pDay = 0;
- return;
+ if (sdn = 0 ||
+ sdn (LONG_MAX - 4 * GREGOR_SDN_OFFSET) / 4) {
+ goto fail;
}
temp = (sdn + GREGOR_SDN_OFFSET) * 4 - 1;
- if (temp 0) {
- *pYear = 0;
- *pMonth = 0;
- *pDay = 0;
- return;
- }
-
/* Calculate the century (year/100). */
century = temp / DAYS_PER_400_YEARS;
@@ -190,6 +182,10 @@ void SdnToGregorian(
*pYear = year;
*pMonth = month;
*pDay = day;
+fail:
+ *pYear = 0;
+ *pMonth = 0;
+ *pDay = 0;
}
long int GregorianToSdn(
++ php-5.3.8-CVE-2011-4566.patch ++
http://svn.php.net/viewvc/?view=revisionamp;revision=319535
--- ext/exif/exif.c 2011/11/19 04:41:03 319534
+++ ext/exif/exif.c 2011/11/19 04:49:36 319535
@@ -2874,11 +2874,11 @@
offset_val = php_ifd_get32u(dir_entry+8,
ImageInfo-motorola_intel);
/* If its bigger than 4 bytes, the dir entry contains an
offset. */
value_ptr = offset_base+offset_val;
- if (offset_val+byte_count IFDlength || value_ptr dir_entry)
{
+
