- update backports patch to latest version (20120526) - magic_quotes_gpc fix for regression introduced by CVE-2012-0831 fix - security 3761df02-0f9c-11e0-becc-0022156e8794 59b68b1e-9c78-11e1-b5e0-000c299b62e1 Please remove security vulnerabilities http://www.vuxml.org/freebsd/3761df02-0f9c-11e0-becc-0022156e8794.html CVE-2006-7243 : This is NOT vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=662707 We do not consider safe_mode / open_basedir restriction bypass issues to be security sensitive. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1 http://www.vuxml.org/freebsd/59b68b1e-9c78-11e1-b5e0-000c299b62e1.html CVE-2012-1823 : was fixed in 5.2.17_8 CVE-2012-2311 : fixed in the last patch CVE-2012-2329 : this flaw only affects PHP 5.4.0 through 5.4.2 https://access.redhat.com/security/cve/CVE-2012-2329 https://bugzilla.redhat.com/show_bug.cgi?id=820000 Fix: Patch attached with submission follows:
Maintainer of lang/php52, Please note that PR ports/169272 has just been submitted. If it contains a patch for an upgrade, an enhancement or a bug fix you agree on, reply to this email stating that you approve the patch and a committer will take care of it. The full text of the PR can be found at: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/169272 -- Edwin Groothuis via the GNATS Auto Assign Tool edwin@FreeBSD.org
State Changed From-To: open->feedback Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
please, commit this
State Changed From-To: feedback->open Maintainer approved.
Responsible Changed From-To: freebsd-ports-bugs->rm I will take it.
rm 2012-06-30 23:00:58 UTC FreeBSD ports repository Modified files: lang/php52 Makefile distinfo Log: - update backports patch to 20120526 - bump PORTREVISION PR: 169272 Submitted by: Svyatoslav Lempert <svyatoslav.lempert at gmail dot com> Approved by: Alex Keda <admin at lissyara dot su> (maintainer) Revision Changes Path 1.31 +2 -2 ports/lang/php52/Makefile 1.14 +2 -2 ports/lang/php52/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->patched Update had committed, thank you. Now checking the CVE stuff.
State Changed From-To: patched->closed First issue still wasn't fixed, as I understand, while second one was fixed in 5.2.17_9 and vuxml entry was already updated. So no changes is needed according to this pr. Safe to close.