Date: Fri, 2 May 2014 17:57:49 +0000 (UTC) From: Florian Smeets <flo@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r352832 - in branches/2014Q2/lang: php53 php53-extensions php53/files Message-ID: <201405021757.s42HvnmK073573@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: flo Date: Fri May 2 17:57:48 2014 New Revision: 352832 URL: http://svnweb.freebsd.org/changeset/ports/352832 QAT: https://qat.redports.org/buildarchive/r352832/ Log: MFH: r352831 - Fix CVE-2014-0185 via patch until 5.3.29 is released - Use DEFAULT_VERSIONS [1] PR: ports/188061 [1] Submitted by: Spil <spil.oss@gmail.com> [1] Approved by: portmgr (bdrewery) Added: branches/2014Q2/lang/php53/files/patch-cve-2014-0185 - copied unchanged from r352831, head/lang/php53/files/patch-cve-2014-0185 Modified: branches/2014Q2/lang/php53-extensions/Makefile branches/2014Q2/lang/php53/Makefile branches/2014Q2/lang/php53/Makefile.ext Directory Properties: branches/2014Q2/ (props changed) Modified: branches/2014Q2/lang/php53-extensions/Makefile ============================================================================== --- branches/2014Q2/lang/php53-extensions/Makefile Fri May 2 17:48:14 2014 (r352831) +++ branches/2014Q2/lang/php53-extensions/Makefile Fri May 2 17:57:48 2014 (r352832) @@ -11,8 +11,8 @@ EXTRACT_ONLY= # none MAINTAINER= flo@FreeBSD.org COMMENT= A "meta-port" to install PHP extensions -DEFAULT_PHP_VER=53 -IGNORE_WITH_PHP=5 52 +PHP_DEFAULT= 53 +IGNORE_WITH_PHP=5 52 55 USE_PHP_BUILD= yes NO_BUILD= yes Modified: branches/2014Q2/lang/php53/Makefile ============================================================================== --- branches/2014Q2/lang/php53/Makefile Fri May 2 17:48:14 2014 (r352831) +++ branches/2014Q2/lang/php53/Makefile Fri May 2 17:57:48 2014 (r352832) @@ -3,7 +3,7 @@ PORTNAME= php53 PORTVERSION= 5.3.28 -PORTREVISION?= 0 +PORTREVISION?= 2 CATEGORIES?= lang devel www MASTER_SITES= ${MASTER_SITE_PHP} MASTER_SITE_SUBDIR= distributions @@ -14,7 +14,7 @@ COMMENT= PHP Scripting Language LATEST_LINK= ${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX} -USE_BZIP2= yes +USES=tar:bzip2 .if !defined(PKGNAMESUFFIX) USE_AUTOTOOLS= autoconf Modified: branches/2014Q2/lang/php53/Makefile.ext ============================================================================== --- branches/2014Q2/lang/php53/Makefile.ext Fri May 2 17:48:14 2014 (r352831) +++ branches/2014Q2/lang/php53/Makefile.ext Fri May 2 17:57:48 2014 (r352832) @@ -3,8 +3,8 @@ COMMENT= The ${PHP_MODNAME} shared exten USE_PHP= yes USE_PHPEXT= yes PHP_MODNAME= ${PKGNAMESUFFIX:S/-//} -DEFAULT_PHP_VER=53 -IGNORE_WITH_PHP=52 5 +PHP_DEFAULT= 53 +IGNORE_WITH_PHP=52 5 55 EXTSUBDIR= ${DISTNAME}/ext/${PHP_MODNAME} WRKSRC= ${WRKDIR}/${EXTSUBDIR} Copied: branches/2014Q2/lang/php53/files/patch-cve-2014-0185 (from r352831, head/lang/php53/files/patch-cve-2014-0185) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2014Q2/lang/php53/files/patch-cve-2014-0185 Fri May 2 17:57:48 2014 (r352832, copy of r352831, head/lang/php53/files/patch-cve-2014-0185) @@ -0,0 +1,26 @@ +--- sapi/fpm/fpm/fpm_unix.c.orig 2014-05-02 19:01:53.759889551 +0200 ++++ sapi/fpm/fpm/fpm_unix.c 2014-05-02 19:02:05.029888255 +0200 +@@ -35,7 +35,7 @@ + /* uninitialized */ + wp->socket_uid = -1; + wp->socket_gid = -1; +- wp->socket_mode = 0666; ++ wp->socket_mode = 0660; + + if (!c) { + return 0; +--- sapi/fpm/php-fpm.conf.in.orig 2014-05-02 19:03:03.746956989 +0200 ++++ sapi/fpm/php-fpm.conf.in 2014-05-02 19:02:37.651887275 +0200 +@@ -158,10 +158,10 @@ + ; permissions must be set in order to allow connections from a web server. Many + ; BSD-derived systems allow connections regardless of permissions. + ; Default Values: user and group are set as the running user +-; mode is set to 0666 ++; mode is set to 0660 + ;listen.owner = @php_fpm_user@ + ;listen.group = @php_fpm_group@ +-;listen.mode = 0666 ++;listen.mode = 0660 + + ; List of ipv4 addresses of FastCGI clients which are allowed to connect. + ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201405021757.s42HvnmK073573>