Bug 220532 - lang/php71: Update to 7.1.7
Summary: lang/php71: Update to 7.1.7
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Torsten Zuehlsdorff
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-07-07 07:52 UTC by Fabiano Sidler
Modified: 2017-07-10 09:23 UTC (History)
4 users (show)

See Also:
bugzilla: maintainer-feedback? (tz)
i.dani: maintainer-feedback? (secteam)
tz: merge-quarterly+

Attachments
patch (880 bytes, text/plain)
2017-07-07 07:52 UTC, Fabiano Sidler 		no flags Details
Update to PHP 7.1.7 (2.70 KB, patch)
2017-07-07 09:17 UTC, Dani I. 		i.dani: maintainer-approval? (tz)
 Details | Diff
Small patch for Makefile.ext suggesting adding $FreeBSD$ and a possible switch to devel/oniguruma6 (1.60 KB, patch)
2017-07-09 13:38 UTC, Trond Endrestøl 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Fabiano Sidler 2017-07-07 07:52:57 UTC 
Created attachment 184148 [details]
patch

Also, please don't forget to MTQ3! ;)
Comment 1 Torsten Zuehlsdorff freebsd_committer freebsd_triage 2017-07-07 08:04:38 UTC 
The patch isn't fully correct, because it misses to remove PORTREVISION at least from www/php71-opcache.

But i already have it done yesterday and will commit it today :)
Comment 2 Dani I. 2017-07-07 09:17:23 UTC 
Created attachment 184150 [details]
Update to PHP 7.1.7

Update PHP 7.1 from 7.1.6 to 7.1.7
    - Remove PORTREVISION from: devel/php71-readline, www/php71-opcache
    - Fix distinfo (previous patch has wrong size
    - Remove patch "patch-main_php__ini.c", has been patched upstream

Changelog: http://www.php.net/ChangeLog-7.php#7.1.7
Comment 3 Dani I. 2017-07-07 09:37:35 UTC 
Diff can be found here: review D11516
Comment 4 commit-hook freebsd_committer freebsd_triage 2017-07-07 09:45:22 UTC 
A commit references this bug:

Author: tz
Date: Fri Jul  7 09:44:32 UTC 2017
New revision: 445228
URL: https://svnweb.freebsd.org/changeset/ports/445228

Log:
  Update PHP 7.1 from 7.1.6 to 7.1.7

  Changelog: http://www.php.net/ChangeLog-7.php#7.1.7

  PR:          220532
  Reported by: Fabiano Sidler <fabianosidler@swissonline.ch>, Dani <i.dani@outlook.com>
  MFH:         2017Q3
  Security:    CVE-2017-9224
  Security:    CVE-2017-9226
  Security:    CVE-2017-9227
  Security:    CVE-2017-9228
  Security:    CVE-2017-9229

Changes:
  head/devel/php71-readline/Makefile
  head/lang/php71/Makefile
  head/lang/php71/distinfo
  head/lang/php71/files/patch-main_php__ini.c
  head/www/php71-opcache/Makefile
Comment 5 Torsten Zuehlsdorff freebsd_committer freebsd_triage 2017-07-07 09:47:09 UTC 
The second patch is correct; but as i wrote: i already created it yesterday :)
Its committed in HEAD.
Comment 6 Trond Endrestøl 2017-07-09 13:37:32 UTC 
Pardon for intruding.

I suggest adding $FreeBSD$ to every Makefile.ext, i.e. lang/php{56,70,71}/Makefile.ext.

If devel/oniguruma5 won't be updated, then maybe phpNN-mbstring should switch to devel/oniguruma6, or start using oniguruma from the php distributions.

See attached patch.
Comment 7 Trond Endrestøl 2017-07-09 13:38:41 UTC 
Created attachment 184201 [details]
Small patch for Makefile.ext suggesting adding $FreeBSD$ and a possible switch to devel/oniguruma6
Comment 8 commit-hook freebsd_committer freebsd_triage 2017-07-10 08:47:24 UTC 
A commit references this bug:

Author: tz
Date: Mon Jul 10 08:47:13 UTC 2017
New revision: 445419
URL: https://svnweb.freebsd.org/changeset/ports/445419

Log:
  MFH: r445228

  Update PHP 7.1 from 7.1.6 to 7.1.7

  Changelog: http://www.php.net/ChangeLog-7.php#7.1.7

  PR:          220532
  Reported by: Fabiano Sidler <fabianosidler@swissonline.ch>, Dani <i.dani@outlook.com>
  Security:    CVE-2017-9224
  Security:    CVE-2017-9226
  Security:    CVE-2017-9227
  Security:    CVE-2017-9228
  Security:    CVE-2017-9229

  Approved by: ports-secteam (junovitch)

Changes:
_U  branches/2017Q3/
  branches/2017Q3/devel/php71-readline/Makefile
  branches/2017Q3/lang/php71/Makefile
  branches/2017Q3/lang/php71/distinfo
  branches/2017Q3/lang/php71/files/patch-main_php__ini.c
  branches/2017Q3/www/php71-opcache/Makefile
Comment 9 Dani I. 2017-07-10 09:15:10 UTC 
Comment on attachment 184201 [details]
Small patch for Makefile.ext suggesting adding $FreeBSD$ and a possible switch to devel/oniguruma6

Built fine for me with devel/oniguruma6..
Since this is security related, it would be nice to see a fast fix.
Comment 10 Torsten Zuehlsdorff freebsd_committer freebsd_triage 2017-07-10 09:21:46 UTC 
This does need more than just a build-test. Also everything is already committed. 

Can you please open a new PR and repost the patch? I will handle it there to avoid confusions. :) Thanks!

Since the update is committed in head and quarterly i close this PR.
Comment 11 Torsten Zuehlsdorff freebsd_committer freebsd_triage 2017-07-10 09:23:31 UTC 
(Forgot to mention: it is very likely to be fine, since PHP itself bundles currently 6.3. But you could never be sure without any test)