aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2014-03-05 10:35:58 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2014-03-05 10:35:58 +0000
commit4bac042f438038d28cfeec08b87ed83b44c4be04 (patch)
tree0f987a4778000dfb51098f2a4b9d9b2b6e9edbea
parent1933d0fb784eabd5081234251baeb16bab7a8be9 (diff)
downloadaports-4bac042f438038d28cfeec08b87ed83b44c4be04.tar.bz2
aports-4bac042f438038d28cfeec08b87ed83b44c4be04.tar.xz
main/php: security fix CVE-2013-6712. Fixes #2649
Diffstat
-rw-r--r--main/php/APKBUILD18
-rw-r--r--main/php/CVE-2013-6712.patch17
2 files changed, 33 insertions, 2 deletions
diff --git a/main/php/APKBUILD b/main/php/APKBUILD
index f355badcce..a89af48b9f 100644
--- a/main/php/APKBUILD
+++ b/main/php/APKBUILD
@@ -3,7 +3,7 @@
pkgname=php
pkgver=5.3.28
_suhosinver=5.3.9-0.9.10
-pkgrel=0
+pkgrel=1
pkgdesc="The PHP language runtime engine"
url="http://www.php.net/"
arch="all"
@@ -77,6 +77,7 @@ source="http://www.php.net/distributions/${pkgname}-${pkgver}.tar.bz2
php-install-pear-xml.patch
php-fpm.initd
php5-module.conf
+ CVE-2013-6712.patch
"
_apiver="20090626"
@@ -440,4 +441,17 @@ md5sums="56ff88934e068d142d6c0deefd1f396b php-5.3.28.tar.bz2
c099b3d7eac95018ababd41ded7f3066 suhosin-patch-5.3.9-0.9.10.patch.gz
5111e3be06d391f8772587c675240fab php-install-pear-xml.patch
9ab162ff3428511a68aa9801c746e0d5 php-fpm.initd
-67719f428f44ec004da18705cbabe2ee php5-module.conf"
+67719f428f44ec004da18705cbabe2ee php5-module.conf
+91934e87e24ff0551fc8fdc0ebb97699 CVE-2013-6712.patch"
+sha256sums="0cac960c651c4fbb3d21cf2f2b279a06e21948fb35a0d1439b97296cac1d8513 php-5.3.28.tar.bz2
+4438caeab0a10c6c94aee9f7eaa703f5799f97d4e0579f43a947bb7314e38317 suhosin-patch-5.3.9-0.9.10.patch.gz
+1eb9644c0fef5934e53627fbd52fe3d5f467ad994b4a7184ddf1ec70ba7cd9a7 php-install-pear-xml.patch
+96e68f7c545adcac56ed1f5824b33041e270680ca884a9cfe27e7f4ac8abfd3b php-fpm.initd
+ceec4d5b2a128c6a97e49830af604f0bb555bca1a86a9cd0366b828ba392257f php5-module.conf
+57ca9cbfbfdae125db7ce9f03944277c14202d1a05de472bc8d72ae29e7230ae CVE-2013-6712.patch"
+sha512sums="84b58379ca12748ae2c9ba37de28c80e78bf8e5b96cf9715b1eafd297a3e155089e9560d6fee7b031be0139dcbe954a9c0717b583ff1fb1cd8a89308b5f6dfd3 php-5.3.28.tar.bz2
+98c56d41fac123626cbd1bcf4ca8afba5a9a960fd58a60e08c91a68cab7589162c4f9e1b0c39abaf173775cb63091a04c4224ee278410ec0afdbe9f3cf05f322 suhosin-patch-5.3.9-0.9.10.patch.gz
+842d6ed04114959fa77597b055882cfaa74a51127c964db2575b36419c54215d1b3f541bdeead3a69b056c4d9532dda0406108286015f0d763ab01895023be39 php-install-pear-xml.patch
+33247a1c9188eba893bb0be13456eeeec9b971c7f482a4e2bd0f318fb63d8c67d379a021840768bef8e4d630be859c5bdb424c1e90b9b816ec691c078147e915 php-fpm.initd
+895e94c791bd82060ad820fef049d366a09c932097faa6b7b9a2c2e9e00a18cb7c0f9b128679c7659b404379266fd0f95dba5c0333f626194cf60f7bf6044102 php5-module.conf
+7328abb8de423906c24e6116029d26689f96f5d08c21e8ddbed901a578b55ab82740c63a243c47c0a7ad8970b182ae03fe8fe3222d8fca00a15816cbbfd37cae CVE-2013-6712.patch"
diff --git a/main/php/CVE-2013-6712.patch b/main/php/CVE-2013-6712.patch
new file mode 100644
index 0000000000..e21cf1dada
--- /dev/null
+++ b/main/php/CVE-2013-6712.patch
@@ -0,0 +1,17 @@
+diff --git a/main/php/CVE-2013-6712.patch b/main/php/CVE-2013-6712.patch
+new file mode 100644
+index 0000000..b98532e
+--- /dev/null
++++ b/main/php/CVE-2013-6712.patch
+@@ -0,0 +1,11 @@
++--- a/ext/date/lib/parse_iso_intervals.re.old 2013-11-08 18:09:18.815549958 +0100
+++++ b/ext/date/lib/parse_iso_intervals.re 2013-11-08 18:09:34.461608419 +0100
++@@ -348,7 +348,7 @@
++ break;
++ }
++ ptr++;
++- } while (*ptr);
+++ } while (!s->errors->error_count && *ptr);
++ s->have_period = 1;
++ TIMELIB_DEINIT;
++ return TIMELIB_PERIOD;
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-18 18:22:51 +0000