From owner-svn-ports-all@FreeBSD.ORG  Mon Jul 22 13:24:06 2013
Return-Path: <owner-svn-ports-all@FreeBSD.ORG>
Delivered-To: svn-ports-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 838AA893;
 Mon, 22 Jul 2013 13:24:06 +0000 (UTC)
 (envelope-from bdrewery@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 73EE62E44;
 Mon, 22 Jul 2013 13:24:06 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r6MDO6Nk074412;
 Mon, 22 Jul 2013 13:24:06 GMT
 (envelope-from bdrewery@svn.freebsd.org)
Received: (from bdrewery@localhost)
 by svn.freebsd.org (8.14.7/8.14.5/Submit) id r6MDO59v074409;
 Mon, 22 Jul 2013 13:24:05 GMT
 (envelope-from bdrewery@svn.freebsd.org)
Message-Id: <201307221324.r6MDO59v074409@svn.freebsd.org>
From: Bryan Drewery <bdrewery@FreeBSD.org>
Date: Mon, 22 Jul 2013 13:24:05 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r323445 - in head: security/vuxml www/suphp
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jul 2013 13:24:06 -0000

Author: bdrewery
Date: Mon Jul 22 13:24:05 2013
New Revision: 323445
URL: http://svnweb.freebsd.org/changeset/ports/323445

Log:
  - Update suPHP to 0.7.2
  - Document possible privilege escalation
  
  Approved by:	maintainer timeout
  Security:	2fbfd455-f2d0-11e2-8a46-000d601460a4

Modified:
  head/security/vuxml/vuln.xml
  head/www/suphp/Makefile
  head/www/suphp/distinfo

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Mon Jul 22 13:13:20 2013	(r323444)
+++ head/security/vuxml/vuln.xml	Mon Jul 22 13:24:05 2013	(r323445)
@@ -51,6 +51,42 @@ Note:  Please add new entries to the beg
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="2fbfd455-f2d0-11e2-8a46-000d601460a4">
+    <topic>suPHP -- Privilege escalation</topic>
+    <affects>
+      <package>
+	<name>suphp</name>
+	<range><lt>0.7.2</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>suPHP developer Sebastian Marsching reports:</p>
+	<blockquote cite="https://lists.marsching.com/pipermail/suphp/2013-May/002552.html">
+	  <p>When the suPHP_PHPPath was set, mod_suphp would use the specified PHP
+	    executable to pretty-print PHP source files (MIME type
+	    x-httpd-php-source or application/x-httpd-php-source).
+
+	    However, it would not sanitize the environment. Thus a user that was
+	    allowed to use the SetEnv directive in a .htaccess file (AllowOverride
+	    FileInfo) could make PHP load a malicious configuration file (e.g.
+	    loading malicious extensions).
+
+	    As the PHP process for highlighting the source file was run with the
+	    privileges of the user Apache HTTPd was running as, a local attacker
+	    could probably execute arbitrary code with the privileges of this user.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <url>https://lists.marsching.com/pipermail/suphp/2013-May/002552.html</url>
+    </references>
+    <dates>
+      <discovery>2013-05-20</discovery>
+      <entry>2013-07-22</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="ca4d63fb-f15c-11e2-b183-20cf30e32f6d">
     <topic>apache24 -- several vulnerabilities</topic>
     <affects>

Modified: head/www/suphp/Makefile
==============================================================================
--- head/www/suphp/Makefile	Mon Jul 22 13:13:20 2013	(r323444)
+++ head/www/suphp/Makefile	Mon Jul 22 13:24:05 2013	(r323445)
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	suphp
-PORTVERSION=	0.7.1
-PORTREVISION=	5
+PORTVERSION=	0.7.2
 CATEGORIES=	www
 MASTER_SITES=	http://www.suphp.org/download/ \
 		${MASTER_SITE_LOCAL:S|%SUBDIR%|koitsu|}
@@ -12,7 +11,8 @@ MAINTAINER=	yzlin@FreeBSD.org
 COMMENT=	Securely execute PHP scripts under Apache
 
 GNU_CONFIGURE=	yes
-USE_AUTOTOOLS=	aclocal:env automake:env autoconf:env libtool:env
+USE_AUTOTOOLS=	aclocal:env automake autoconf:env libtool:env
+AUTOMAKE_ARGS+=	--add-missing
 
 # Maintainer has not tested suPHP 0.6.x on Apache 1.3.
 USE_APACHE=	22
@@ -39,11 +39,9 @@ CONFIGURE_ARGS+=	--with-apr=${LOCALBASE}
 AUTOTOOLSFILES=	aclocal.m4
 
 post-patch:
-	@${REINPLACE_CMD} -e 's|2.61|%%AUTOCONF_VERSION%%|g' \
-			  -e 's|1.10.1|%%AUTOMAKE_APIVER%%|g' \
-			  -e 's|1.10|%%AUTOMAKE_VERSION%%|g' \
+	@${REINPLACE_CMD} -e 's|2.68|%%AUTOCONF_VERSION%%|g' \
+			  -e 's|1.11.3|%%AUTOMAKE_VERSION%%|g' \
 			  ${WRKSRC}/aclocal.m4
-	@${CHMOD} 755 ${WRKSRC}/config/install-sh
 
 post-install:
 .if !defined(NOPORTDOCS)

Modified: head/www/suphp/distinfo
==============================================================================
--- head/www/suphp/distinfo	Mon Jul 22 13:13:20 2013	(r323444)
+++ head/www/suphp/distinfo	Mon Jul 22 13:24:05 2013	(r323445)
@@ -1,2 +1,2 @@
-SHA256 (suphp-0.7.1.tar.gz) = 91d180046f95f66c9ad12f3ca67bba87e2b64338543145e68370babc4434e58a
-SIZE (suphp-0.7.1.tar.gz) = 386521
+SHA256 (suphp-0.7.2.tar.gz) = e09d4d73a552f4a5bb46961ac7e7ea61c5c24757a8b80d8d770e4c7ed6519760
+SIZE (suphp-0.7.2.tar.gz) = 343223