[Pkg-php-commits] r1196 - in php5/branches/lenny/debian: . patches
Sean Finney
seanius at alioth.debian.org
Sun Jan 11 21:28:21 UTC 2009
tags 508989 pending
tags 511493 pending
thanks
Author: seanius
Date: 2009-01-11 21:28:21 +0000 (Sun, 11 Jan 2009)
New Revision: 1196
Added:
php5/branches/lenny/debian/patches/BG-initializing-fix.patch
php5/branches/lenny/debian/patches/CVE-2008-5557.patch
php5/branches/lenny/debian/patches/pdo-fetchobject-prototype-error.patch
php5/branches/lenny/debian/patches/zend_object_handlers-invalid-write.patch
Modified:
php5/branches/lenny/debian/changelog
php5/branches/lenny/debian/control
php5/branches/lenny/debian/patches/series
Log:
merge from trunk
Modified: php5/branches/lenny/debian/changelog
===================================================================
--- php5/branches/lenny/debian/changelog 2009-01-11 20:23:54 UTC (rev 1195)
+++ php5/branches/lenny/debian/changelog 2009-01-11 21:28:21 UTC (rev 1196)
@@ -1,13 +1,28 @@
php5 (5.2.6.dfsg.1-1+lenny1) UNRELEASED; urgency=low
+ [ Sean Finney ]
* Not released yet.
* Incorporate changes from NMU
* Updated system tzdata patch from Joe Orton.
- * Removed tzdb-nofree_ents_ifnotzdata.patch, which is now incorporated
+ * Removed tzdb-nofree_ents_ifnotzdata.patch, which is now incorporated
into Joe's patch.
+ * Two backported fixes from 5.2.8, thanks to Olivier Bonvalet for looking
+ them up.
+ - Upstream bug #46157 (PDOStatement::fetchObject prototype error)
+ Patch: pdo-fetchobject-prototype-error.patch
+ - Upstream bug #46308 (Invalid write in zend object handler / getter)
+ Patch: zend_object_handlers-invalid-write.patch
+ * Security related fixes:
+ - Incorporate fix from 5.3 for proper initialization of uid/gid for
+ apache2 sapi.
+ - CVE-2008-5557: heap overflows in the mbstring extension.
+ Patch: CVE-2008-5557.patch (closes: #511493).
- -- Sean Finney <seanius at debian.org> Thu, 06 Nov 2008 08:23:12 +0100
+ [ Thijs Kinkhorst ]
+ * Correct description typo, thanks Mathias Brodala (Closes: #508989).
+ -- Sean Finney <seanius at debian.org> Sun, 11 Jan 2009 22:27:29 +0100
+
php5 (5.2.6.dfsg.1-0.1~lenny1) testing; urgency=low
* Non-maintainer upload.
Modified: php5/branches/lenny/debian/control
===================================================================
--- php5/branches/lenny/debian/control 2009-01-11 20:23:54 UTC (rev 1195)
+++ php5/branches/lenny/debian/control 2009-01-11 21:28:21 UTC (rev 1196)
@@ -122,7 +122,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-dbg
@@ -137,7 +137,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php-pear
@@ -155,7 +155,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-curl
@@ -166,7 +166,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-gd
@@ -178,7 +178,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-gmp
@@ -190,7 +190,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-imap
@@ -201,7 +201,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-interbase
@@ -212,7 +212,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-ldap
@@ -223,7 +223,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-mcrypt
@@ -234,7 +234,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-mhash
@@ -245,7 +245,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-mysql
@@ -262,7 +262,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-odbc
@@ -275,7 +275,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-pgsql
@@ -288,7 +288,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-pspell
@@ -299,7 +299,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-recode
@@ -310,7 +310,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-snmp
@@ -321,7 +321,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-sqlite
@@ -335,7 +335,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-sybase
@@ -349,7 +349,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-tidy
@@ -365,7 +365,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-xmlrpc
@@ -376,7 +376,7 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Package: php5-xsl
@@ -387,6 +387,6 @@
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
- in. The goal of the language is to allow web developers to write dinamically
+ in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Copied: php5/branches/lenny/debian/patches/BG-initializing-fix.patch (from rev 1195, php5/trunk/debian/patches/BG-initializing-fix.patch)
===================================================================
--- php5/branches/lenny/debian/patches/BG-initializing-fix.patch (rev 0)
+++ php5/branches/lenny/debian/patches/BG-initializing-fix.patch 2009-01-11 21:28:21 UTC (rev 1196)
@@ -0,0 +1,23 @@
+proper initialization for uid/gid in apache sapis.
+downloaded from
+http://cvs.php.net/viewvc.cgi/php-src/ext/standard/basic_functions.c?r1=1.725.2.31.2.78&r2=1.725.2.31.2.79&view=patch
+--- php5-5.2.6.dfsg.1.orig/ext/standard/basic_functions.c
++++ php5-5.2.6.dfsg.1/ext/standard/basic_functions.c
+@@ -3919,6 +3919,8 @@ static void basic_globals_ctor(php_basic
+ memset(&BG(mblen_state), 0, sizeof(BG(mblen_state)));
+ #endif
+ BG(incomplete_class) = incomplete_class_entry;
++ BG(page_uid) = -1;
++ BG(page_gid) = -1;
+ }
+
+
+@@ -4221,6 +4223,8 @@ PHP_RSHUTDOWN_FUNCTION(basic)
+
+ PHP_RSHUTDOWN(user_filters)(SHUTDOWN_FUNC_ARGS_PASSTHRU);
+
++ BG(page_uid) = -1;
++ BG(page_gid) = -1;
+ return SUCCESS;
+ }
+
Copied: php5/branches/lenny/debian/patches/CVE-2008-5557.patch (from rev 1195, php5/trunk/debian/patches/CVE-2008-5557.patch)
===================================================================
--- php5/branches/lenny/debian/patches/CVE-2008-5557.patch (rev 0)
+++ php5/branches/lenny/debian/patches/CVE-2008-5557.patch 2009-01-11 21:28:21 UTC (rev 1196)
@@ -0,0 +1,40 @@
+heap overflow fix in mbstring functions (CVE-2008-5557). taken from
+http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/libmbfl/filters/mbfilter_htmlent.c?r1=1.7&r2=1.8&view=patch
+--- php5-5.2.6.dfsg.1.orig/ext/mbstring/libmbfl/filters/mbfilter_htmlent.c
++++ php5-5.2.6.dfsg.1/ext/mbstring/libmbfl/filters/mbfilter_htmlent.c
+@@ -232,8 +232,7 @@ int mbfl_filt_conv_html_dec(int c, mbfl_
+ mbfl_filt_conv_html_dec_flush(filter);
+ if (c=='&')
+ {
+- filter->status = 1;
+- buffer[0] = '&';
++ buffer[filter->status++] = '&';
+ }
+ }
+ }
+@@ -244,17 +243,19 @@ int mbfl_filt_conv_html_dec(int c, mbfl_
+ int mbfl_filt_conv_html_dec_flush(mbfl_convert_filter *filter)
+ {
+ int status, pos = 0;
+- char *buffer;
++ unsigned char *buffer;
++ int err = 0;
+
+- buffer = (char*)filter->opaque;
++ buffer = (unsigned char*)filter->opaque;
+ status = filter->status;
++ filter->status = 0;
+ /* flush fragments */
+ while (status--) {
+- CK((*filter->output_function)(buffer[pos++], filter->data));
++ int e = (*filter->output_function)(buffer[pos++], filter->data);
++ if (e != 0)
++ err = e;
+ }
+- filter->status = 0;
+- /*filter->buffer = 0; of cause NOT*/
+- return 0;
++ return err;
+ }
+
+
Copied: php5/branches/lenny/debian/patches/pdo-fetchobject-prototype-error.patch (from rev 1195, php5/trunk/debian/patches/pdo-fetchobject-prototype-error.patch)
===================================================================
--- php5/branches/lenny/debian/patches/pdo-fetchobject-prototype-error.patch (rev 0)
+++ php5/branches/lenny/debian/patches/pdo-fetchobject-prototype-error.patch 2009-01-11 21:28:21 UTC (rev 1196)
@@ -0,0 +1,20 @@
+--- php5-5.2.6.dfsg.1.orig/ext/pdo/pdo_stmt.c
++++ php5-5.2.6.dfsg.1/ext/pdo/pdo_stmt.c
+@@ -46,7 +46,7 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_pdostatem
+ ZEND_ARG_INFO(0, orientation)
+ ZEND_ARG_INFO(0, offset)
+ ZEND_END_ARG_INFO()
+-ZEND_BEGIN_ARG_INFO_EX(arginfo_pdostatement_fetchobject, 0, 0, 1)
++ZEND_BEGIN_ARG_INFO_EX(arginfo_pdostatement_fetchobject, 0, 0, 0)
+ ZEND_ARG_INFO(0, class_name)
+ ZEND_ARG_INFO(0, ctor_args) /* array */
+ ZEND_END_ARG_INFO()
+@@ -1365,7 +1365,7 @@ static PHP_METHOD(PDOStatement, fetch)
+ }
+ /* }}} */
+
+-/* {{{ proto mixed PDOStatement::fetchObject(string class_name [, NULL|array ctor_args])
++/* {{{ proto mixed PDOStatement::fetchObject([string class_name [, NULL|array ctor_args]])
+ Fetches the next row and returns it as an object. */
+ static PHP_METHOD(PDOStatement, fetchObject)
+ {
Modified: php5/branches/lenny/debian/patches/series
===================================================================
--- php5/branches/lenny/debian/patches/series 2009-01-11 20:23:54 UTC (rev 1195)
+++ php5/branches/lenny/debian/patches/series 2009-01-11 21:28:21 UTC (rev 1196)
@@ -38,3 +38,7 @@
CVE-2008-3658.patch
CVE-2008-3659.patch
CVE-2008-3660.patch
+BG-initializing-fix.patch
+CVE-2008-5557.patch
+pdo-fetchobject-prototype-error.patch
+zend_object_handlers-invalid-write.patch
Copied: php5/branches/lenny/debian/patches/zend_object_handlers-invalid-write.patch (from rev 1195, php5/trunk/debian/patches/zend_object_handlers-invalid-write.patch)
===================================================================
--- php5/branches/lenny/debian/patches/zend_object_handlers-invalid-write.patch (rev 0)
+++ php5/branches/lenny/debian/patches/zend_object_handlers-invalid-write.patch 2009-01-11 21:28:21 UTC (rev 1196)
@@ -0,0 +1,63 @@
+fix for http://bugs.php.net/bug.php?id=46308
+downloaded from http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_object_handlers.c?r1=1.135.2.6.2.28&r2=1.135.2.6.2.29&view=patch
+--- php5-5.2.6.dfsg.1.orig/Zend/zend_object_handlers.c
++++ php5-5.2.6.dfsg.1/Zend/zend_object_handlers.c
+@@ -328,6 +328,7 @@ zval *zend_std_read_property(zval *objec
+ zend_get_property_guard(zobj, property_info, member, &guard) == SUCCESS &&
+ !guard->in_get) {
+ /* have getter - try with it! */
++ ZVAL_ADDREF(object);
+ guard->in_get = 1; /* prevent circular getting */
+ rv = zend_std_call_getter(object, member TSRMLS_CC);
+ guard->in_get = 0;
+@@ -352,6 +353,7 @@ zval *zend_std_read_property(zval *objec
+ } else {
+ retval = &EG(uninitialized_zval_ptr);
+ }
++ zval_ptr_dtor(&object);
+ } else {
+ if (!silent) {
+ zend_error(E_NOTICE,"Undefined property: %s::$%s", zobj->ce->name, Z_STRVAL_P(member));
+@@ -422,12 +424,14 @@ static void zend_std_write_property(zval
+ if (zobj->ce->__set &&
+ zend_get_property_guard(zobj, property_info, member, &guard) == SUCCESS &&
+ !guard->in_set) {
++ ZVAL_ADDREF(object);
+ guard->in_set = 1; /* prevent circular setting */
+ if (zend_std_call_setter(object, member, value TSRMLS_CC) != SUCCESS) {
+ /* for now, just ignore it - __set should take care of warnings, etc. */
+ }
+ setter_done = 1;
+ guard->in_set = 0;
++ zval_ptr_dtor(&object);
+ }
+ if (!setter_done && property_info) {
+ zval **foo;
+@@ -602,9 +606,11 @@ static void zend_std_unset_property(zval
+ zend_get_property_guard(zobj, property_info, member, &guard) == SUCCESS &&
+ !guard->in_unset) {
+ /* have unseter - try with it! */
++ ZVAL_ADDREF(object);
+ guard->in_unset = 1; /* prevent circular unsetting */
+ zend_std_call_unsetter(object, member TSRMLS_CC);
+ guard->in_unset = 0;
++ zval_ptr_dtor(&object);
+ }
+ }
+
+@@ -1020,6 +1026,7 @@ static int zend_std_has_property(zval *o
+ zval *rv;
+
+ /* have issetter - try with it! */
++ ZVAL_ADDREF(object);
+ guard->in_isset = 1; /* prevent circular getting */
+ rv = zend_std_call_issetter(object, member TSRMLS_CC);
+ if (rv) {
+@@ -1037,6 +1044,7 @@ static int zend_std_has_property(zval *o
+ }
+ }
+ guard->in_isset = 0;
++ zval_ptr_dtor(&object);
+ }
+ } else {
+ switch (has_set_exists) {
More information about the Pkg-php-commits
mailing list