[php-maint] Re: packages for sarge?
Adam Conrad
adconrad at debian.org
Thu Aug 25 15:18:17 UTC 2005
Martin Schulze wrote:
>--- php4-4.3.10/debian/rules
>+++ php4-4.3.10/debian/rules
>@@ -319,6 +319,10 @@
> chmod 755 $(CURDIR)/debian/php4-pear/usr/share/php/tests/DB/tests/driver/run.cvs
> chmod 755 $(CURDIR)/debian/php4-pear/usr/share/php/tests/DB/tests/run.cvs
>
>+ # PEAR security patches
>+ patch -p0 < debian/patches/PEAR-CAN_2005_1921_xmlrpc.nopatch
>+ patch -p0 < debian/patches/PEAR-CAN_2005_2498_xmlrpc.nopatch
>+
> # install extensions
> ext=`./debian/libapache-mod-php4/usr/bin/php-config --extension-dir`;\
> for i in libapache-mod-php4 libapache2-mod-php4 php4-cgi php4-cli; do \
>only in patch2:
>
>I wonder where php4-4.3.10/debian/patches/CAN-2005-1751-1759.patch
>gets applied.
>
>Hmm, maybe that's the regular debian/patches mechanism? Then I'm
>asking the other way round, why do you mix debian/patches/*.patch
>and *.nopatch? That will only make maintenance more difficult in
>the future.
>
>
Indeed, the regular debian/patches mechanism handles anything ending in
*.patch, and patches before build. Unfortunately, the PEAR stuff is
contained in tarballs in the source, and isn't really patchable until
after it's been extracted and installed in debian/*, so I hacked this
up. With any luck, there won't be many more PEAR vulns (these were the
first two we've ever had to patch for).
... Adam
More information about the pkg-php-maint
mailing list