diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2014-07-10 12:25:26 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-07-10 12:31:02 +0000 |
| commit | 3bb07a73dd462bbb228c7ea29411e50e79483939 (patch) | |
| tree | de68f983c0e864641978465b7352b4d3bba3fd51 /main/php | |
| parent | 0b0243aac8a73b3f1036202dd2d3b8f0339d53b1 (diff) | |
| download | aports-3bb07a73dd462bbb228c7ea29411e50e79483939.tar.bz2 aports-3bb07a73dd462bbb228c7ea29411e50e79483939.tar.xz | |
main/php: upgrade to 5.5.14
Diffstat (limited to 'main/php')
| -rw-r--r-- | main/php/APKBUILD | 20 | ||||
| -rw-r--r-- | main/php/CVE-2014-4049.patch | 30 |
2 files changed, 8 insertions, 42 deletions
diff --git a/main/php/APKBUILD b/main/php/APKBUILD index 9871d6958..c4379008d 100644 --- a/main/php/APKBUILD +++ b/main/php/APKBUILD @@ -1,8 +1,8 @@ # Contributor: Carlo Landmeter <clandmeter@gmail.com> # Maintainer: Matt Smith <mcs@darkregion.net> pkgname=php -pkgver=5.5.13 -pkgrel=4 +pkgver=5.5.14 +pkgrel=0 pkgdesc="The PHP language runtime engine" url="http://www.php.net/" arch="all" @@ -109,7 +109,6 @@ source="http://php.net/distributions/php-$pkgver.tar.bz2 php-install-pear-xml.patch gd-iconv.patch php-fix-crypt.patch - CVE-2014-4049.patch " _apiver="20121113" @@ -487,24 +486,21 @@ pdo_dblib() { _mv_ext pdo_dblib "php-pdo freetds"; } wddx() { _mv_ext wddx; } opcache() { _mv_ext opcache; } -md5sums="e26e90af25ee6505dc18855e0180ffe9 php-5.5.13.tar.bz2 +md5sums="b53e5f47c59ffbe26d20957636695baa php-5.5.14.tar.bz2 2e86e55c29c81282474dea27cc97b873 php-fpm.initd 67719f428f44ec004da18705cbabe2ee php5-module.conf 483bc0a85c50a9a9aedbe14a19ed4526 php-install-pear-xml.patch 162d8d079944387eab2bc80edab347ae gd-iconv.patch -36862b64aa9d2c527ef634610644aa66 php-fix-crypt.patch -bd763609e1a4cd15ba0142cb7e5bc7a4 CVE-2014-4049.patch" -sha256sums="e58a4a754eb18d2d8b1a120cad5cce4ed24a7db5d49eca5830a40e4c8ca78b9c php-5.5.13.tar.bz2 +36862b64aa9d2c527ef634610644aa66 php-fix-crypt.patch" +sha256sums="df5a057877f827549e0a60b43fb01e4bd440814bcf04fbd70bacbddf74482610 php-5.5.14.tar.bz2 375892c6997f48659f7087ccb7fac039e4bb2f375453247295caa7858b9e15b9 php-fpm.initd ceec4d5b2a128c6a97e49830af604f0bb555bca1a86a9cd0366b828ba392257f php5-module.conf f739ca427a1dd53a388bad0823565299c5d4a5796b1171b892884e4d7d099bab php-install-pear-xml.patch 6122bf279cdb7c387dd000761b2426969a73cf63a10a132aa98a79eb1dd259b2 gd-iconv.patch -bd44019db3c36d09502a4f869b4824364375df460aceef2d2b0a1956dc75e7cb php-fix-crypt.patch -fc2275931dee760718a935d7247e57b36879ae6adba4ecdc2e5b824f3834db05 CVE-2014-4049.patch" -sha512sums="0c82635d73b328c5798163dba2b293fc1ad976793a9fac21a36840594c4f26d5a6582ba437f54bfaacf1fde3df2d09366b106bb555cb42a29097e6ad33ac36d9 php-5.5.13.tar.bz2 +bd44019db3c36d09502a4f869b4824364375df460aceef2d2b0a1956dc75e7cb php-fix-crypt.patch" +sha512sums="344d65e2bb1dfb1e663782e6ee74818d8792790d7ebcde1ada84282430588c5649caa2d149fee93511e49446425500c91fcaafe046e0db722cb4f4fd52d74e7d php-5.5.14.tar.bz2 2d294022f2c45b2f3229655e5883b8ccab6852ed0378df682b9dd85a31038666ad3a622580861ce2d26dedf187326727ecf93694eb716271e9be25f79daddae9 php-fpm.initd 895e94c791bd82060ad820fef049d366a09c932097faa6b7b9a2c2e9e00a18cb7c0f9b128679c7659b404379266fd0f95dba5c0333f626194cf60f7bf6044102 php5-module.conf f1177cbf6b1f44402f421c3d317aab1a2a40d0b1209c11519c1158df337c8945f3a313d689c939768584f3e4edbe52e8bd6103fb6777462326a9d94e8ab1f505 php-install-pear-xml.patch 59443fb464f49ff7d9b64739df982e7240f9d4792226d96ad1538286945125fc7eb6f0cab88b64d5c81ee3679fd89bffdca59ebd20eca2778ab801ee54529028 gd-iconv.patch -278b629ffd0796c85799e7a047c5d50c4186e81f68265247d1fb688431b303351feec519ef1b3318d7f1b15cf3e75e0f745aeb84218ada2a0a94777d57f4cf2c php-fix-crypt.patch -d852e632b145d6157469bea7f76128ddec8a0634739c302d5888d6a135246ecb44ff7d65e9557049b0e655845b79c9f6ebed2afca8402d34b2ee5cae9ad71220 CVE-2014-4049.patch" +278b629ffd0796c85799e7a047c5d50c4186e81f68265247d1fb688431b303351feec519ef1b3318d7f1b15cf3e75e0f745aeb84218ada2a0a94777d57f4cf2c php-fix-crypt.patch" diff --git a/main/php/CVE-2014-4049.patch b/main/php/CVE-2014-4049.patch deleted file mode 100644 index c614d432c..000000000 --- a/main/php/CVE-2014-4049.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 4f73394fdd95d3165b4391e1b0dedd57fced8c3b Mon Sep 17 00:00:00 2001 -From: Sara Golemon <pollita@php.net> -Date: Tue, 10 Jun 2014 11:18:02 -0700 -Subject: [PATCH] Fix potential segfault in dns_get_record() - -If the remote sends us a packet with a malformed TXT record, -we could end up trying to over-consume the packet and wander -off into overruns. ---- - ext/standard/dns.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/ext/standard/dns.c b/ext/standard/dns.c -index 6a89446..214a7dc 100644 ---- a/ext/standard/dns.c -+++ b/ext/standard/dns.c -@@ -517,6 +517,10 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int - - while (ll < dlen) { - n = cp[ll]; -+ if ((ll + n) >= dlen) { -+ // Invalid chunk length, truncate -+ n = dlen - (ll + 1); -+ } - memcpy(tp + ll , cp + ll + 1, n); - add_next_index_stringl(entries, cp + ll + 1, n, 1); - ll = ll + n + 1; --- -1.9.3 - |