220598 – lang/php71 add $FreeBSD$ to Makefile.ext and switch to devel/oniguruma6 if possible

Bug 220598 - lang/php71 add $FreeBSD$ to Makefile.ext and switch to devel/oniguruma6 if possible

Summary: lang/php71 add $FreeBSD$ to Makefile.ext and switch to devel/oniguruma6 if po...

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	Torsten Zuehlsdorff

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-07-10 10:05 UTC by Trond Endrestøl
Modified:	2017-08-02 14:25 UTC (History)
CC List:	7 users (show)

See Also:	220586 220818 220809

Flags:	i.dani: maintainer-feedback? (ale) tz: merge-quarterly+

Attachments
Patch for lang/php{56,70,71}/Makefile.ext (1.60 KB, patch) 2017-07-10 10:05 UTC, Trond Endrestøl	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Trond Endrestøl 2017-07-10 10:05:19 UTC

Created attachment 184226 [details]
Patch for lang/php{56,70,71}/Makefile.ext

lang/php{56,70,71}/Makefile.ext are missing the $FreeBSD$ keyword at the top.
devel/oniguruma6 has been updated due to a mishandling of certain regexps patterns. devel/oniguruma5 hasn't been updated so far.
Maybe phpNN-mbstring should switch to devel/oniguruma6 or even to the bundled oniguruma 6.3.

Note, devel/oniguruma{4,5,6} can't be installed simultaneously, thus you should ensure other ports can cope with devel/oniguruma6 being installed.

Comment 1 commit-hook freebsd_committer

2017-07-10 11:41:41 UTC

A commit references this bug:

Author: tz
Date: Mon Jul 10 11:40:49 UTC 2017
New revision: 445429
URL: https://svnweb.freebsd.org/changeset/ports/445429

Log:
  PHP 7.0 and 7.1: switch to devel/oniguruma6

  For mbstring extensions switch from devel/oniguruma5
  to devel/oniguruma6 to fix security issues covert in
  Oniguruma 6.4.

  PHP bundles oniguruma 6.3 but i did some more tests,
  to make sure nothing breaks.

  Also add $FreeBSD$ header to Makefile.ext

  PR:           220598
  Submitted by: Trond.Endrestol@ximalas.info
  MFH:          2017Q3

Changes:
  head/converters/php70-mbstring/Makefile
  head/converters/php71-mbstring/Makefile
  head/lang/php70/Makefile.ext
  head/lang/php71/Makefile.ext

Comment 2 Torsten Zuehlsdorff freebsd_committer

2017-07-10 11:43:52 UTC

The patch misses a PORTREVISION bumb for mb-string extensions. I added it.

Also i can't just commit it for PHP 5.6, since i'm not the maintainer. If you want it therefore we need to get approval of ale@.

Comment 3 Trond Endrestøl 2017-07-10 11:49:23 UTC

(In reply to Torsten Zuehlsdorff from comment #2)
I don't use PHP 5.6 on my systems, but for the benefit of those that do, you should do them such a service. Adding ale@ to the CC-list.

Comment 4 Trond Endrestøl 2017-07-10 11:49:43 UTC

(In reply to Torsten Zuehlsdorff from comment #2)
I don't use PHP 5.6 on my systems, but for the benefit of those that do, you should do them such a service. Adding ale@ to the CC-list.

Comment 5 Dani I. 2017-07-10 11:55:50 UTC

Tested with multiple sites and via vli on FreeBSD 10.3 with PHP 5.6, worked fine.

Comment 6 Dani I. 2017-07-10 12:01:34 UTC

(In reply to Torsten Zuehlsdorff from comment #2)

You missed to change the version for php70, php71 is correct:
https://svnweb.freebsd.org/ports/head/lang/php70/Makefile.ext?r1=445429&r2=445428&pathrev=445429

Comment 7 commit-hook freebsd_committer

2017-07-10 12:12:09 UTC

A commit references this bug:

Author: tz
Date: Mon Jul 10 12:11:45 UTC 2017
New revision: 445433
URL: https://svnweb.freebsd.org/changeset/ports/445433

Log:
  lang/php70: switch to devel/oniguruma6

  This change should have been part of r445429.

  Changelog was:
  For mbstring extensions switch from devel/oniguruma5
  to devel/oniguruma6 to fix security issues covert in
  Oniguruma 6.4.

  PHP bundles oniguruma 6.3 but i did some more tests,
  to make sure nothing breaks.

  PR:           220598
  Submitted by: Trond.Endrestol@ximalas.info
  MFH:          2017Q3

Changes:
  head/lang/php70/Makefile.ext

Comment 8 Torsten Zuehlsdorff freebsd_committer

2017-07-10 12:14:43 UTC

(In reply to Dani from comment #6)

> You missed to change the version for php70, php71 is correct:

Thanks for the notice! Screwed the commit, fixed now!

Comment 9 commit-hook freebsd_committer

2017-07-11 08:38:26 UTC

A commit references this bug:

Author: tz
Date: Tue Jul 11 08:38:08 UTC 2017
New revision: 445475
URL: https://svnweb.freebsd.org/changeset/ports/445475

Log:
  MFH: r445429

  PHP 7.0 and 7.1: switch to devel/oniguruma6

  For mbstring extensions switch from devel/oniguruma5
  to devel/oniguruma6 to fix security issues covert in
  Oniguruma 6.4.

  PHP bundles oniguruma 6.3 but i did some more tests,
  to make sure nothing breaks.

  Also add $FreeBSD$ header to Makefile.ext

  PR:           220598
  Submitted by: Trond.Endrestol@ximalas.info

  Approved by:  ports-secteam (junovitch)

Changes:
_U  branches/2017Q3/
  branches/2017Q3/converters/php70-mbstring/Makefile
  branches/2017Q3/converters/php71-mbstring/Makefile
  branches/2017Q3/lang/php70/Makefile.ext
  branches/2017Q3/lang/php71/Makefile.ext

Comment 10 commit-hook freebsd_committer

2017-07-11 08:39:29 UTC

A commit references this bug:

Author: tz
Date: Tue Jul 11 08:39:18 UTC 2017
New revision: 445476
URL: https://svnweb.freebsd.org/changeset/ports/445476

Log:
  MFH: r445433

  lang/php70: switch to devel/oniguruma6

  This change should have been part of r445429.

  Changelog was:
  For mbstring extensions switch from devel/oniguruma5
  to devel/oniguruma6 to fix security issues covert in
  Oniguruma 6.4.

  PHP bundles oniguruma 6.3 but i did some more tests,
  to make sure nothing breaks.

  PR:           220598
  Submitted by: Trond.Endrestol@ximalas.info

  Approved by:  ports-secteam (junovitch)

Changes:
_U  branches/2017Q3/
  branches/2017Q3/lang/php70/Makefile.ext

Comment 11 Torsten Zuehlsdorff freebsd_committer

2017-07-11 08:52:36 UTC

The changes are merged. Also the oniguruma was merged into quarterly. Thanks to junovitch for noticing this.

Comment 12 Terry Kennedy 2017-07-14 16:23:40 UTC

This doesn't appear to have made it to php56. Can someone re-open and commit? Thanks!

Comment 13 Torsten Zuehlsdorff freebsd_committer

2017-07-17 13:11:38 UTC

Reopen. Waiting for approval by ale@ for PHP 5.6 changes.

Comment 14 Terry Kennedy 2017-07-29 20:24:58 UTC

(In reply to Torsten Zuehlsdorff from comment #13)

Any progress? It has been nearly 2 weeks and I'm still getting nightly security complaints.

Thanks!

Comment 15 Torsten Zuehlsdorff freebsd_committer

2017-08-02 14:25:16 UTC

(In reply to Terry Kennedy from comment #14)

> Any progress? It has been nearly 2 weeks and I'm still getting nightly 
> security complaints.

You mean php56? See: 220809