[Pkg-php-commits] r1001 - in php5/branches/etch/debian: . patches

Thu Feb 21 05:31:20 UTC 2008

Author: seanius
Date: 2008-02-21 05:31:20 +0000 (Thu, 21 Feb 2008)
New Revision: 1001

Added:
   php5/branches/etch/debian/patches/131-build-fix.patch
Removed:
   php5/branches/etch/debian/patches/128-CVE-2007-4659.patch
Modified:
   php5/branches/etch/debian/changelog
Log:
sync with latest security update

Modified: php5/branches/etch/debian/changelog
===================================================================

--- php5/branches/etch/debian/changelog	2008-02-21 01:23:32 UTC (rev 1000)
+++ php5/branches/etch/debian/changelog	2008-02-21 05:31:20 UTC (rev 1001)
@@ -1,13 +1,19 @@
-php5 (5.2.0-8+etch9) UNRELEASED; urgency=low
+php5 (5.2.0-8+etch10) stable-security; urgency=high
 
-  * NOT RELEASED YET
-  * NMU prepared for the security team by the package maintainer.
-  * The following security issues are addressed with this update:
-    - CVE-2007-5898: partial multibyte sequences in htmlentities etc
-    - CVE-2007-5899: output_add_rewrite_var and non-local URL's
+  * Drop the patch for CVE-2007-4659 for now, since it causes
+    regressions in some environments.
 
- -- sean finney <seanius at debian.org>  Sun, 02 Dec 2007 14:26:36 +0100
+ -- Moritz Muehlenhoff <jmm at debian.org>  Fri, 18 Jan 2008 17:34:37 +0100
 
+php5 (5.2.0-8+etch9) stable-security; urgency=high
+
+  * Fix previous patch / compilation on 64 bit archs
+  * Add more patches by Sean from SVN:
+    - CVE-2007-5898: Fix insecure handling of htmlentities() and htmlspecialchars()
+    - CVE-2007-5899: Fix information leak in output_add_rewrite_var()
+
+ -- Moritz Muehlenhoff <jmm at debian.org>  Wed, 26 Dec 2007 15:50:55 +0000
+
 php5 (5.2.0-8+etch8) stable-security; urgency=low
 
   * NMU prepared for the security team by the package maintainer.

Deleted: php5/branches/etch/debian/patches/128-CVE-2007-4659.patch
===================================================================
--- php5/branches/etch/debian/patches/128-CVE-2007-4659.patch	2008-02-21 01:23:32 UTC (rev 1000)
+++ php5/branches/etch/debian/patches/128-CVE-2007-4659.patch	2008-02-21 05:31:20 UTC (rev 1001)
@@ -1,64 +0,0 @@
---- old/Zend/zend_ini.c	2007/04/16 08:09:54	1.39.2.2.2.8
-+++ new/Zend/zend_ini.c	2007/06/17 14:31:12	1.39.2.2.2.10
-@@ -55,7 +55,9 @@
- 				ini_entry->on_modify(ini_entry, ini_entry->orig_value, ini_entry->orig_value_length, ini_entry->mh_arg1, ini_entry->mh_arg2, ini_entry->mh_arg3, stage TSRMLS_CC);
- 			} zend_end_try();
- 		}
--		efree(ini_entry->value);
-+		if (ini_entry->value != ini_entry->orig_value) {
-+			efree(ini_entry->value);
-+		}
- 		ini_entry->value = ini_entry->orig_value;
- 		ini_entry->value_length = ini_entry->orig_value_length;
- 		ini_entry->modified = 0;
-@@ -234,30 +236,39 @@
- {
- 	zend_ini_entry *ini_entry;
- 	char *duplicate;
-+	zend_bool modified;
- 	TSRMLS_FETCH();
- 
- 	if (zend_hash_find(EG(ini_directives), name, name_length, (void **) &ini_entry)==FAILURE) {
- 		return FAILURE;
- 	}
- 
-+	if (stage == ZEND_INI_STAGE_ACTIVATE && modify_type == ZEND_INI_SYSTEM) {
-+		ini_entry->modifiable = ZEND_INI_SYSTEM;
-+	}
-+
- 	if (!(ini_entry->modifiable & modify_type)) {
- 		return FAILURE;
- 	}
- 
-+	modified = ini_entry->modified;
-+
-+	if (!EG(modified_ini_directives)) {
-+		ALLOC_HASHTABLE(EG(modified_ini_directives));
-+		zend_hash_init(EG(modified_ini_directives), 8, NULL, NULL, 0);
-+	}
-+	if (!modified) {
-+		ini_entry->orig_value = ini_entry->value;
-+		ini_entry->orig_value_length = ini_entry->value_length;
-+		ini_entry->modified = 1;
-+		zend_hash_add(EG(modified_ini_directives), name, name_length, &ini_entry, sizeof(zend_ini_entry*), NULL);
-+	}
-+
- 	duplicate = estrndup(new_value, new_value_length);
--	
-+
- 	if (!ini_entry->on_modify
- 		|| ini_entry->on_modify(ini_entry, duplicate, new_value_length, ini_entry->mh_arg1, ini_entry->mh_arg2, ini_entry->mh_arg3, stage TSRMLS_CC)==SUCCESS) {
--		if (!ini_entry->modified) {
--			ini_entry->orig_value = ini_entry->value;
--			ini_entry->orig_value_length = ini_entry->value_length;
--			ini_entry->modified = 1;
--			if (!EG(modified_ini_directives)) {
--				ALLOC_HASHTABLE(EG(modified_ini_directives));
--				zend_hash_init(EG(modified_ini_directives), 8, NULL, NULL, 0);
--			}
--			zend_hash_add(EG(modified_ini_directives), name, name_length, &ini_entry, sizeof(zend_ini_entry*), NULL);
--		} else { /* we already changed the value, free the changed value */
-+		if (modified && ini_entry->orig_value != ini_entry->value) { /* we already changed the value, free the changed value */
- 			efree(ini_entry->value);
- 		}
- 		ini_entry->value = duplicate;

Added: php5/branches/etch/debian/patches/131-build-fix.patch
===================================================================
--- php5/branches/etch/debian/patches/131-build-fix.patch	                        (rev 0)
+++ php5/branches/etch/debian/patches/131-build-fix.patch	2008-02-21 05:31:20 UTC (rev 1001)
@@ -0,0 +1,10 @@
+--- php5-5.2.0/ext/session/session.c.orig	2007-12-29 02:23:37.000000000 +0000
++++ php5-5.2.0/ext/session/session.c	2007-12-29 02:24:44.000000000 +0000
+@@ -46,6 +46,7 @@
+ #include "ext/standard/php_rand.h"                   /* for RAND_MAX */
+ #include "ext/standard/info.h"
+ #include "ext/standard/php_smart_str.h"
++#include "ext/standard/url.h"
+ 
+ #include "mod_files.h"
+ #include "mod_user.h"


