Large number of changes in port and patch for ports tree for patchfiles in 'files' folders on slave ports because security patch must be applied to all - see http://lists.freebsd.org/pipermail/freebsd-ports/2012-February/072834.html (this topic is not answered, but I do not find other way - changed relative path to the working directory). Now all security fixes is ok, I checked it. Port commiters, please (re)move EXPIRATION_DATE to future - port is secure and install on my statistics about 1,000 people a month. Thank you in advance Changes: - security fixes CVE-2012-0830, CVE-2011-1466, CVE-2011-1471 in 20120203 security patchset - security problem fix for PHP extensions (now all security patches applied) - php52-backports patch allways installed now Fix: Patch attached with submission follows:
Maintainer of lang/php52, Please note that PR ports/164849 has just been submitted. If it contains a patch for an upgrade, an enhancement or a bug fix you agree on, reply to this email stating that you approve the patch and a committer will take care of it. The full text of the PR can be found at: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/164849 -- Edwin Groothuis via the GNATS Auto Assign Tool edwin@FreeBSD.org
State Changed From-To: open->feedback Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
please, commit this patch
State Changed From-To: feedback->open Maintainer approved
Responsible Changed From-To: freebsd-ports-bugs->rm I will take it.
Further fixes are needed. see <http://www.vuxml.org/freebsd/60de13d5-95f0-11e1-806a-001143cd36d8.html> php.net has not released a fix for 5.2 yet. -- Michael Scheidell, CTO >*| * SECNAP Network Security Corporation d: +1.561.948.2259 w: http://people.freebsd.org/~scheidell
rm 2012-05-05 15:18:09 UTC FreeBSD ports repository Modified files: converters/php52-mbstring/files patch-config.m4 patch-oniguruma_regerror.c databases/php52-dba/files patch-config.m4 databases/php52-oci8/files patch-config.m4 databases/php52-odbc/files patch-config.m4 databases/php52-pdo_oci/files patch-config.m4 databases/php52-pdo_sqlite/files patch-sqlite_statement.c databases/php52-pgsql/files patch-pgsql.c databases/php52-sqlite/files patch-config.m4 devel/php52-gettext/files patch-config.m4 devel/php52-pcre/files patch-php_pcre.c devel/php52-readline/files patch-config.m4 devel/php52-spl/files patch-config.m4 graphics/php52-gd/files patch-config.m4 patch-libgd_gd_png.c lang/php52 Makefile Makefile.ext math/php52-gmp/files patch-gmp.c net/php52-soap/files patch-soap.c security/php52-filter/files patch-config.m4 sysutils/php52-posix/files patch-posix.c textproc/php52-wddx/files patch-config.m4 patch-wddx.c textproc/php52-xml/files patch-compat.c textproc/php52-xsl/files patch-php_xsl.h Log: - apply BACKPORTS patch unconditionally and remove BACKPORTS option - update backports patch to latest version (20120504) - align pathnames in slave ports - bump PORTREVISION The only drawback of this change is that now for building of every slave port (php extension) we extracting full php52 source tree. Apologies that it took that long. PR: 164849 Submitted by: Svyatoslav Lempert <svyatoslav.lempert at gmail dot com> Approved by: Alex Keda <admin at lissyara dot su> Security: 60de13d5-95f0-11e1-806a-001143cd36d8 Revision Changes Path 1.2 +2 -2 ports/converters/php52-mbstring/files/patch-config.m4 1.2 +2 -2 ports/converters/php52-mbstring/files/patch-oniguruma_regerror.c 1.3 +2 -2 ports/databases/php52-dba/files/patch-config.m4 1.2 +2 -2 ports/databases/php52-oci8/files/patch-config.m4 1.2 +2 -2 ports/databases/php52-odbc/files/patch-config.m4 1.2 +2 -2 ports/databases/php52-pdo_oci/files/patch-config.m4 1.2 +2 -2 ports/databases/php52-pdo_sqlite/files/patch-sqlite_statement.c 1.2 +2 -2 ports/databases/php52-pgsql/files/patch-pgsql.c 1.2 +2 -2 ports/databases/php52-sqlite/files/patch-config.m4 1.2 +2 -2 ports/devel/php52-gettext/files/patch-config.m4 1.3 +2 -2 ports/devel/php52-pcre/files/patch-php_pcre.c 1.2 +2 -2 ports/devel/php52-readline/files/patch-config.m4 1.2 +2 -2 ports/devel/php52-spl/files/patch-config.m4 1.2 +2 -2 ports/graphics/php52-gd/files/patch-config.m4 1.2 +2 -2 ports/graphics/php52-gd/files/patch-libgd_gd_png.c 1.29 +7 -10 ports/lang/php52/Makefile 1.16 +10 -8 ports/lang/php52/Makefile.ext 1.2 +2 -2 ports/math/php52-gmp/files/patch-gmp.c 1.2 +2 -2 ports/net/php52-soap/files/patch-soap.c 1.2 +2 -2 ports/security/php52-filter/files/patch-config.m4 1.2 +2 -2 ports/sysutils/php52-posix/files/patch-posix.c 1.2 +2 -2 ports/textproc/php52-wddx/files/patch-config.m4 1.2 +2 -2 ports/textproc/php52-wddx/files/patch-wddx.c 1.2 +2 -2 ports/textproc/php52-xml/files/patch-compat.c 1.2 +2 -2 ports/textproc/php52-xsl/files/patch-php_xsl.h _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed, thank you!
Q: does CVE-2006-7243 still apply to backports? <http://www.vuxml.org/freebsd/CVE-2006-7243.html> Affected package: php52-5.2.17_8 Type of problem: php -- NULL byte poisoning. Reference: http://portaudit.FreeBSD.org/3761df02-0f9c-11e0-becc-0022156e8794.html I saw no reference to CVE-2006-7243 in <http://code.google.com/p/php52-backports/> -- Michael Scheidell, CTO >*| * SECNAP Network Security Corporation d: +1.561.948.2259 w: http://people.freebsd.org/~scheidell