Date: Mon, 22 Jul 2013 13:24:05 +0000 (UTC) From: Bryan Drewery <bdrewery@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r323445 - in head: security/vuxml www/suphp Message-ID: <201307221324.r6MDO59v074409@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bdrewery Date: Mon Jul 22 13:24:05 2013 New Revision: 323445 URL: http://svnweb.freebsd.org/changeset/ports/323445 Log: - Update suPHP to 0.7.2 - Document possible privilege escalation Approved by: maintainer timeout Security: 2fbfd455-f2d0-11e2-8a46-000d601460a4 Modified: head/security/vuxml/vuln.xml head/www/suphp/Makefile head/www/suphp/distinfo Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Mon Jul 22 13:13:20 2013 (r323444) +++ head/security/vuxml/vuln.xml Mon Jul 22 13:24:05 2013 (r323445) @@ -51,6 +51,42 @@ Note: Please add new entries to the beg --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="2fbfd455-f2d0-11e2-8a46-000d601460a4"> + <topic>suPHP -- Privilege escalation</topic> + <affects> + <package> + <name>suphp</name> + <range><lt>0.7.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>suPHP developer Sebastian Marsching reports:</p> + <blockquote cite="https://lists.marsching.com/pipermail/suphp/2013-May/002552.html">; + <p>When the suPHP_PHPPath was set, mod_suphp would use the specified PHP + executable to pretty-print PHP source files (MIME type + x-httpd-php-source or application/x-httpd-php-source). + + However, it would not sanitize the environment. Thus a user that was + allowed to use the SetEnv directive in a .htaccess file (AllowOverride + FileInfo) could make PHP load a malicious configuration file (e.g. + loading malicious extensions). + + As the PHP process for highlighting the source file was run with the + privileges of the user Apache HTTPd was running as, a local attacker + could probably execute arbitrary code with the privileges of this user.</p> + </blockquote> + </body> + </description> + <references> + <url>https://lists.marsching.com/pipermail/suphp/2013-May/002552.html</url>; + </references> + <dates> + <discovery>2013-05-20</discovery> + <entry>2013-07-22</entry> + </dates> + </vuln> + <vuln vid="ca4d63fb-f15c-11e2-b183-20cf30e32f6d"> <topic>apache24 -- several vulnerabilities</topic> <affects> Modified: head/www/suphp/Makefile ============================================================================== --- head/www/suphp/Makefile Mon Jul 22 13:13:20 2013 (r323444) +++ head/www/suphp/Makefile Mon Jul 22 13:24:05 2013 (r323445) @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= suphp -PORTVERSION= 0.7.1 -PORTREVISION= 5 +PORTVERSION= 0.7.2 CATEGORIES= www MASTER_SITES= http://www.suphp.org/download/ \ ${MASTER_SITE_LOCAL:S|%SUBDIR%|koitsu|} @@ -12,7 +11,8 @@ MAINTAINER= yzlin@FreeBSD.org COMMENT= Securely execute PHP scripts under Apache GNU_CONFIGURE= yes -USE_AUTOTOOLS= aclocal:env automake:env autoconf:env libtool:env +USE_AUTOTOOLS= aclocal:env automake autoconf:env libtool:env +AUTOMAKE_ARGS+= --add-missing # Maintainer has not tested suPHP 0.6.x on Apache 1.3. USE_APACHE= 22 @@ -39,11 +39,9 @@ CONFIGURE_ARGS+= --with-apr=${LOCALBASE} AUTOTOOLSFILES= aclocal.m4 post-patch: - @${REINPLACE_CMD} -e 's|2.61|%%AUTOCONF_VERSION%%|g' \ - -e 's|1.10.1|%%AUTOMAKE_APIVER%%|g' \ - -e 's|1.10|%%AUTOMAKE_VERSION%%|g' \ + @${REINPLACE_CMD} -e 's|2.68|%%AUTOCONF_VERSION%%|g' \ + -e 's|1.11.3|%%AUTOMAKE_VERSION%%|g' \ ${WRKSRC}/aclocal.m4 - @${CHMOD} 755 ${WRKSRC}/config/install-sh post-install: .if !defined(NOPORTDOCS) Modified: head/www/suphp/distinfo ============================================================================== --- head/www/suphp/distinfo Mon Jul 22 13:13:20 2013 (r323444) +++ head/www/suphp/distinfo Mon Jul 22 13:24:05 2013 (r323445) @@ -1,2 +1,2 @@ -SHA256 (suphp-0.7.1.tar.gz) = 91d180046f95f66c9ad12f3ca67bba87e2b64338543145e68370babc4434e58a -SIZE (suphp-0.7.1.tar.gz) = 386521 +SHA256 (suphp-0.7.2.tar.gz) = e09d4d73a552f4a5bb46961ac7e7ea61c5c24757a8b80d8d770e4c7ed6519760 +SIZE (suphp-0.7.2.tar.gz) = 343223
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201307221324.r6MDO59v074409>