Bug 220598 - lang/php71 add $FreeBSD$ to Makefile.ext and switch to devel/oniguruma6 if possible
Summary: lang/php71 add $FreeBSD$ to Makefile.ext and switch to devel/oniguruma6 if po...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Torsten Zuehlsdorff
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-07-10 10:05 UTC by Trond.Endrestol
Modified: 2017-08-02 14:25 UTC (History)
7 users (show)

See Also:
i.dani: maintainer-feedback? (ale)
tz: merge-quarterly+


Attachments
Patch for lang/php{56,70,71}/Makefile.ext (1.60 KB, patch)
2017-07-10 10:05 UTC, Trond.Endrestol
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Trond.Endrestol 2017-07-10 10:05:19 UTC
Created attachment 184226 [details]
Patch for lang/php{56,70,71}/Makefile.ext

lang/php{56,70,71}/Makefile.ext are missing the $FreeBSD$ keyword at the top.
devel/oniguruma6 has been updated due to a mishandling of certain regexps patterns. devel/oniguruma5 hasn't been updated so far.
Maybe phpNN-mbstring should switch to devel/oniguruma6 or even to the bundled oniguruma 6.3.

Note, devel/oniguruma{4,5,6} can't be installed simultaneously, thus you should ensure other ports can cope with devel/oniguruma6 being installed.
Comment 1 commit-hook freebsd_committer 2017-07-10 11:41:41 UTC
A commit references this bug:

Author: tz
Date: Mon Jul 10 11:40:49 UTC 2017
New revision: 445429
URL: https://svnweb.freebsd.org/changeset/ports/445429

Log:
  PHP 7.0 and 7.1: switch to devel/oniguruma6

  For mbstring extensions switch from devel/oniguruma5
  to devel/oniguruma6 to fix security issues covert in
  Oniguruma 6.4.

  PHP bundles oniguruma 6.3 but i did some more tests,
  to make sure nothing breaks.

  Also add $FreeBSD$ header to Makefile.ext

  PR:           220598
  Submitted by: Trond.Endrestol@ximalas.info
  MFH:          2017Q3

Changes:
  head/converters/php70-mbstring/Makefile
  head/converters/php71-mbstring/Makefile
  head/lang/php70/Makefile.ext
  head/lang/php71/Makefile.ext
Comment 2 Torsten Zuehlsdorff freebsd_committer 2017-07-10 11:43:52 UTC
The patch misses a PORTREVISION bumb for mb-string extensions. I added it.

Also i can't just commit it for PHP 5.6, since i'm not the maintainer. If you want it therefore we need to get approval of ale@.
Comment 3 Trond.Endrestol 2017-07-10 11:49:23 UTC
(In reply to Torsten Zuehlsdorff from comment #2)
I don't use PHP 5.6 on my systems, but for the benefit of those that do, you should do them such a service. Adding ale@ to the CC-list.
Comment 4 Trond.Endrestol 2017-07-10 11:49:43 UTC
(In reply to Torsten Zuehlsdorff from comment #2)
I don't use PHP 5.6 on my systems, but for the benefit of those that do, you should do them such a service. Adding ale@ to the CC-list.
Comment 5 Dani 2017-07-10 11:55:50 UTC
Tested with multiple sites and via vli on FreeBSD 10.3 with PHP 5.6, worked fine.
Comment 6 Dani 2017-07-10 12:01:34 UTC
(In reply to Torsten Zuehlsdorff from comment #2)

You missed to change the version for php70, php71 is correct:
https://svnweb.freebsd.org/ports/head/lang/php70/Makefile.ext?r1=445429&r2=445428&pathrev=445429
Comment 7 commit-hook freebsd_committer 2017-07-10 12:12:09 UTC
A commit references this bug:

Author: tz
Date: Mon Jul 10 12:11:45 UTC 2017
New revision: 445433
URL: https://svnweb.freebsd.org/changeset/ports/445433

Log:
  lang/php70: switch to devel/oniguruma6

  This change should have been part of r445429.

  Changelog was:
  For mbstring extensions switch from devel/oniguruma5
  to devel/oniguruma6 to fix security issues covert in
  Oniguruma 6.4.

  PHP bundles oniguruma 6.3 but i did some more tests,
  to make sure nothing breaks.

  PR:           220598
  Submitted by: Trond.Endrestol@ximalas.info
  MFH:          2017Q3

Changes:
  head/lang/php70/Makefile.ext
Comment 8 Torsten Zuehlsdorff freebsd_committer 2017-07-10 12:14:43 UTC
(In reply to Dani from comment #6)

> You missed to change the version for php70, php71 is correct:

Thanks for the notice! Screwed the commit, fixed now!
Comment 9 commit-hook freebsd_committer 2017-07-11 08:38:26 UTC
A commit references this bug:

Author: tz
Date: Tue Jul 11 08:38:08 UTC 2017
New revision: 445475
URL: https://svnweb.freebsd.org/changeset/ports/445475

Log:
  MFH: r445429

  PHP 7.0 and 7.1: switch to devel/oniguruma6

  For mbstring extensions switch from devel/oniguruma5
  to devel/oniguruma6 to fix security issues covert in
  Oniguruma 6.4.

  PHP bundles oniguruma 6.3 but i did some more tests,
  to make sure nothing breaks.

  Also add $FreeBSD$ header to Makefile.ext

  PR:           220598
  Submitted by: Trond.Endrestol@ximalas.info

  Approved by:  ports-secteam (junovitch)

Changes:
_U  branches/2017Q3/
  branches/2017Q3/converters/php70-mbstring/Makefile
  branches/2017Q3/converters/php71-mbstring/Makefile
  branches/2017Q3/lang/php70/Makefile.ext
  branches/2017Q3/lang/php71/Makefile.ext
Comment 10 commit-hook freebsd_committer 2017-07-11 08:39:29 UTC
A commit references this bug:

Author: tz
Date: Tue Jul 11 08:39:18 UTC 2017
New revision: 445476
URL: https://svnweb.freebsd.org/changeset/ports/445476

Log:
  MFH: r445433

  lang/php70: switch to devel/oniguruma6

  This change should have been part of r445429.

  Changelog was:
  For mbstring extensions switch from devel/oniguruma5
  to devel/oniguruma6 to fix security issues covert in
  Oniguruma 6.4.

  PHP bundles oniguruma 6.3 but i did some more tests,
  to make sure nothing breaks.

  PR:           220598
  Submitted by: Trond.Endrestol@ximalas.info

  Approved by:  ports-secteam (junovitch)

Changes:
_U  branches/2017Q3/
  branches/2017Q3/lang/php70/Makefile.ext
Comment 11 Torsten Zuehlsdorff freebsd_committer 2017-07-11 08:52:36 UTC
The changes are merged. Also the oniguruma was merged into quarterly. Thanks to junovitch for noticing this.
Comment 12 Terry Kennedy 2017-07-14 16:23:40 UTC
This doesn't appear to have made it to php56. Can someone re-open and commit? Thanks!
Comment 13 Torsten Zuehlsdorff freebsd_committer 2017-07-17 13:11:38 UTC
Reopen. Waiting for approval by ale@ for PHP 5.6 changes.
Comment 14 Terry Kennedy 2017-07-29 20:24:58 UTC
(In reply to Torsten Zuehlsdorff from comment #13)

Any progress? It has been nearly 2 weeks and I'm still getting nightly security complaints.

Thanks!
Comment 15 Torsten Zuehlsdorff freebsd_committer 2017-08-02 14:25:16 UTC
(In reply to Terry Kennedy from comment #14)

> Any progress? It has been nearly 2 weeks and I'm still getting nightly 
> security complaints.

You mean php56? See: 220809