[arch-commits] Commit in php/trunk (CVE-2008-0599.patch PKGBUILD)
Pierre Schmitz
pierre at archlinux.org
Thu May 1 21:02:35 UTC 2008
Date: Thursday, May 1, 2008 @ 17:02:34
Author: pierre
Revision: 1203
upgpkg: php 5.2.6-1
Modified:
php/trunk/PKGBUILD
Deleted:
php/trunk/CVE-2008-0599.patch
---------------------+
CVE-2008-0599.patch | 11 -----------
PKGBUILD | 19 +++++++------------
2 files changed, 7 insertions(+), 23 deletions(-)
Deleted: CVE-2008-0599.patch
===================================================================
--- CVE-2008-0599.patch 2008-05-01 20:08:29 UTC (rev 1202)
+++ CVE-2008-0599.patch 2008-05-01 21:02:34 UTC (rev 1203)
@@ -1,11 +0,0 @@
---- sapi/cgi/cgi_main.c 2007/12/31 07:20:16 1.267.2.15.2.54
-+++ sapi/cgi/cgi_main.c 2008/02/28 00:29:29 1.267.2.15.2.55
-@@ -1017,7 +1017,7 @@
- ) {
- /* PATH_TRANSLATED = PATH_TRANSLATED - SCRIPT_NAME + PATH_INFO */
- int ptlen = strlen(pt) - strlen(env_script_name);
-- int path_translated_len = ptlen + env_path_info ? strlen(env_path_info) : 0;
-+ int path_translated_len = ptlen + (env_path_info ? strlen(env_path_info) : 0);
- char *path_translated = NULL;
-
- path_translated = (char *) emalloc(path_translated_len + 1);
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2008-05-01 20:08:29 UTC (rev 1202)
+++ PKGBUILD 2008-05-01 21:02:34 UTC (rev 1203)
@@ -1,8 +1,8 @@
# $Id$
# Maintainer: Pierre Schmitz <pierre at archlinux.de>
pkgname=php
-pkgver=5.2.5
-pkgrel=11
+pkgver=5.2.6
+pkgrel=1
_suhosinver=0.9.6.2
pkgdesc='A high-level scripting language'
arch=('i686' 'x86_64')
@@ -37,13 +37,11 @@
)
options=('emptydirs' '!makeflags')
source=("http://www.php.net/distributions/${pkgname}-${pkgver}.tar.bz2" \
- "http://www.hardened-php.net/suhosin/_media/suhosin-patch-${pkgver}-${_suhosinver}.patch.gz" \
- 'php.ini' \
- 'CVE-2008-0599.patch')
-md5sums=('1fe14ca892460b09f06729941a1bb605' \
- 'a43f1a0ee9e7c41c4cb6890174f1f9d8' \
- '7cb9c272fb373ee431f4a808952e0bef' \
- 'ba28bf5e7aeaefa7d7e328eecd30207c')
+ "http://download.suhosin.org/suhosin-patch-${pkgver}-${_suhosinver}.patch.gz" \
+ 'php.ini')
+md5sums=('7380ffecebd95c6edb317ef861229ebd' \
+ 'f2ec986341a314c271259dbe4d940858' \
+ '7cb9c272fb373ee431f4a808952e0bef')
build() {
[ -e /usr/lib/libdb-4.1.so ] && echo 'remove db4.1 package' && return 1
@@ -126,9 +124,6 @@
cd ${startdir}/src/${pkgname}-${pkgver}
- # fix security issue CVE-2008-0599
- patch -p0 -i ${startdir}/src/CVE-2008-0599.patch || return 1
-
# apply suhosin patch
patch -p1 -i ${startdir}/src/suhosin-patch-${pkgver}-${_suhosinver}.patch || return 1
More information about the arch-commits
mailing list