Bug 170063 - [update] lang/php52 to 5.2.17_10 (20120721)
Summary: [update] lang/php52 to 5.2.17_10 (20120721)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-07-22 08:30 UTC by Svyatoslav Lempert
Modified: 2012-09-20 02:20 UTC (History)
0 users

See Also:

Attachments
file.diff (1.63 KB, patch)
2012-07-22 08:30 UTC, Svyatoslav Lempert 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Svyatoslav Lempert 2012-07-22 08:30:05 UTC 
- update backports patch to 20120721
- bump PORTREVISION

Fixes
CVE-2012-2688 (from PHP 5.3.15)
CVE-2012-0057
CVE-2011-1470 (was "bug 53579", but CVE marked this)
CVE-2011-1469 (was "bug 54092", but CVE team pointed)

Fix: Patch attached with submission follows:
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2012-07-22 08:30:13 UTC 
Maintainer of lang/php52,

Please note that PR ports/170063 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/170063

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 2 Edwin Groothuis freebsd_committer freebsd_triage 2012-07-22 08:30:16 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 3 admin 2012-07-22 15:04:03 UTC 
please, commit this
Comment 4 dfilter service freebsd_committer freebsd_triage 2012-07-23 05:14:21 UTC 
Author: rm
Date: Mon Jul 23 04:14:11 2012
New Revision: 301364
URL: http://svn.freebsd.org/changeset/ports/301364

Log:
  - update backports patch to 20120721
  - bump PORTREVISION
  
  PR:		170063
  Submitted by:	Svyatoslav Lempert <svyatoslav.lempert at gmail dot com>
  Approved by:	Alex Keda <admin at lissyara dot su> (maintainer)

Modified:
  head/lang/php52/Makefile
  head/lang/php52/distinfo

Modified: head/lang/php52/Makefile
==============================================================================
--- head/lang/php52/Makefile	Mon Jul 23 01:43:03 2012	(r301363)
+++ head/lang/php52/Makefile	Mon Jul 23 04:14:11 2012	(r301364)
@@ -7,7 +7,7 @@
 
 PORTNAME=	php52
 PORTVERSION=	5.2.17
-PORTREVISION=	9
+PORTREVISION=	10
 CATEGORIES?=	lang devel www
 MASTER_SITES=	${MASTER_SITE_PHP}
 MASTER_SITE_SUBDIR=	distributions
@@ -26,8 +26,8 @@ USE_BZIP2=	yes
 MAKE_JOBS_SAFE=	yes
 
 # BACKPORTS patch for lang/php52 and all php52-extensions
-PATCHFILES=	php52-backports-security-20120526.patch
-PATCH_SITES=	http://php52-backports.googlecode.com/files/
+PATCHFILES=	php52-backports-security-20120721.patch
+PATCH_SITES+=	http://php52-backports.googlecode.com/files/
 
 .if !defined(PKGNAMESUFFIX)
 USE_AUTOTOOLS=	autoconf

Modified: head/lang/php52/distinfo
==============================================================================
--- head/lang/php52/distinfo	Mon Jul 23 01:43:03 2012	(r301363)
+++ head/lang/php52/distinfo	Mon Jul 23 04:14:11 2012	(r301364)
@@ -1,7 +1,7 @@
 SHA256 (php-5.2.17.tar.bz2) = e81beb13ec242ab700e56f366e9da52fd6cf18961d155b23304ca870e53f116c
 SIZE (php-5.2.17.tar.bz2) = 9092312
-SHA256 (php52-backports-security-20120526.patch) = f5c62f44c2c040b89d14b55770aca7fae86d1f7c0f572f97d89550aec416d60d
-SIZE (php52-backports-security-20120526.patch) = 293532
+SHA256 (php52-backports-security-20120721.patch) = a8ef22aaf2c7c1ff43d4154709a465f1ae6afaf1aeb1e6a39e274dcf36e33499
+SIZE (php52-backports-security-20120721.patch) = 306125
 SHA256 (php-5.2.14-fpm-0.5.14-freebsd.patch.gz) = 354ce451417d14ef47761ae55147e9cee30fa0ff6f59447da021194c539f4d7f
 SIZE (php-5.2.14-fpm-0.5.14-freebsd.patch.gz) = 43550
 SHA256 (suhosin-patch-5.2.16-0.9.7.patch.gz) = aae115a318d80b3f32cedf876e7a8e4b932febb1b0c743c0b398003ebe122f91
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
Comment 5 Ruslan Makhmatkhanov freebsd_committer freebsd_triage 2012-07-23 05:18:30 UTC 
State Changed
From-To: feedback->closed

Committed, thank you!
Comment 6 dfilter service freebsd_committer freebsd_triage 2012-09-20 02:10:20 UTC 
Author: bdrewery
Date: Thu Sep 20 01:09:57 2012
New Revision: 304558
URL: http://svn.freebsd.org/changeset/ports/304558

Log:
  - CVE-2012-2688 was addressed by php52-5.2.17_10
  
  PR:		ports/170063
  PR:		ports/171583
  Reported by:	Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
  Security:	bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Thu Sep 20 00:03:25 2012	(r304557)
+++ head/security/vuxml/vuln.xml	Thu Sep 20 01:09:57 2012	(r304558)
@@ -2507,7 +2507,7 @@ Note:  Please add new entries to the beg
       </package>
       <package>
 	<name>php52</name>
-	<range><le>5.2.17_10</le></range>
+	<range><lt>5.2.17_10</lt></range>
       </package>
     </affects>
     <description>
@@ -2526,6 +2526,7 @@ Note:  Please add new entries to the beg
     <dates>
       <discovery>2012-07-19</discovery>
       <entry>2012-07-23</entry>
+      <modified>2012-09-19</modified>
     </dates>
   </vuln>
 
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"