Bug 170063 - [update] lang/php52 to 5.2.17_10 (20120721)
[update] lang/php52 to 5.2.17_10 (20120721)
Status: Closed FIXED
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s)
Latest
Any Any
: Normal Affects Only Me
Assigned To: FreeBSD ports mailing list
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-07-22 08:30 UTC by Svyatoslav Lempert
Modified: 2012-09-20 02:20 UTC (History)
0 users

See Also:


Attachments
file.diff (1.63 KB, patch)
2012-07-22 08:30 UTC, Svyatoslav Lempert
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Svyatoslav Lempert 2012-07-22 08:30:05 UTC
- update backports patch to 20120721
- bump PORTREVISION

Fixes
CVE-2012-2688 (from PHP 5.3.15)
CVE-2012-0057
CVE-2011-1470 (was "bug 53579", but CVE marked this)
CVE-2011-1469 (was "bug 54092", but CVE team pointed)

Fix: Patch attached with submission follows:
Comment 1 Edwin Groothuis freebsd_committer 2012-07-22 08:30:13 UTC
Maintainer of lang/php52,

Please note that PR ports/170063 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/170063

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 2 Edwin Groothuis freebsd_committer 2012-07-22 08:30:16 UTC
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 3 admin 2012-07-22 15:04:03 UTC
please, commit this
Comment 4 dfilter freebsd_committer 2012-07-23 05:14:21 UTC
Author: rm
Date: Mon Jul 23 04:14:11 2012
New Revision: 301364
URL: http://svn.freebsd.org/changeset/ports/301364

Log:
  - update backports patch to 20120721
  - bump PORTREVISION
  
  PR:		170063
  Submitted by:	Svyatoslav Lempert <svyatoslav.lempert at gmail dot com>
  Approved by:	Alex Keda <admin at lissyara dot su> (maintainer)

Modified:
  head/lang/php52/Makefile
  head/lang/php52/distinfo

Modified: head/lang/php52/Makefile
==============================================================================
--- head/lang/php52/Makefile	Mon Jul 23 01:43:03 2012	(r301363)
+++ head/lang/php52/Makefile	Mon Jul 23 04:14:11 2012	(r301364)
@@ -7,7 +7,7 @@
 
 PORTNAME=	php52
 PORTVERSION=	5.2.17
-PORTREVISION=	9
+PORTREVISION=	10
 CATEGORIES?=	lang devel www
 MASTER_SITES=	${MASTER_SITE_PHP}
 MASTER_SITE_SUBDIR=	distributions
@@ -26,8 +26,8 @@ USE_BZIP2=	yes
 MAKE_JOBS_SAFE=	yes
 
 # BACKPORTS patch for lang/php52 and all php52-extensions
-PATCHFILES=	php52-backports-security-20120526.patch
-PATCH_SITES=	http://php52-backports.googlecode.com/files/
+PATCHFILES=	php52-backports-security-20120721.patch
+PATCH_SITES+=	http://php52-backports.googlecode.com/files/
 
 .if !defined(PKGNAMESUFFIX)
 USE_AUTOTOOLS=	autoconf

Modified: head/lang/php52/distinfo
==============================================================================
--- head/lang/php52/distinfo	Mon Jul 23 01:43:03 2012	(r301363)
+++ head/lang/php52/distinfo	Mon Jul 23 04:14:11 2012	(r301364)
@@ -1,7 +1,7 @@
 SHA256 (php-5.2.17.tar.bz2) = e81beb13ec242ab700e56f366e9da52fd6cf18961d155b23304ca870e53f116c
 SIZE (php-5.2.17.tar.bz2) = 9092312
-SHA256 (php52-backports-security-20120526.patch) = f5c62f44c2c040b89d14b55770aca7fae86d1f7c0f572f97d89550aec416d60d
-SIZE (php52-backports-security-20120526.patch) = 293532
+SHA256 (php52-backports-security-20120721.patch) = a8ef22aaf2c7c1ff43d4154709a465f1ae6afaf1aeb1e6a39e274dcf36e33499
+SIZE (php52-backports-security-20120721.patch) = 306125
 SHA256 (php-5.2.14-fpm-0.5.14-freebsd.patch.gz) = 354ce451417d14ef47761ae55147e9cee30fa0ff6f59447da021194c539f4d7f
 SIZE (php-5.2.14-fpm-0.5.14-freebsd.patch.gz) = 43550
 SHA256 (suhosin-patch-5.2.16-0.9.7.patch.gz) = aae115a318d80b3f32cedf876e7a8e4b932febb1b0c743c0b398003ebe122f91
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
Comment 5 Ruslan Makhmatkhanov freebsd_committer 2012-07-23 05:18:30 UTC
State Changed
From-To: feedback->closed

Committed, thank you!
Comment 6 dfilter freebsd_committer 2012-09-20 02:10:20 UTC
Author: bdrewery
Date: Thu Sep 20 01:09:57 2012
New Revision: 304558
URL: http://svn.freebsd.org/changeset/ports/304558

Log:
  - CVE-2012-2688 was addressed by php52-5.2.17_10
  
  PR:		ports/170063
  PR:		ports/171583
  Reported by:	Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
  Security:	bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Thu Sep 20 00:03:25 2012	(r304557)
+++ head/security/vuxml/vuln.xml	Thu Sep 20 01:09:57 2012	(r304558)
@@ -2507,7 +2507,7 @@ Note:  Please add new entries to the beg
       </package>
       <package>
 	<name>php52</name>
-	<range><le>5.2.17_10</le></range>
+	<range><lt>5.2.17_10</lt></range>
       </package>
     </affects>
     <description>
@@ -2526,6 +2526,7 @@ Note:  Please add new entries to the beg
     <dates>
       <discovery>2012-07-19</discovery>
       <entry>2012-07-23</entry>
+      <modified>2012-09-19</modified>
     </dates>
   </vuln>
 
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"