summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--php-5.5.0-CVE-2013-4013.patch181
-rw-r--r--php55.spec30
2 files changed, 22 insertions, 189 deletions
diff --git a/php-5.5.0-CVE-2013-4013.patch b/php-5.5.0-CVE-2013-4013.patch
deleted file mode 100644
index dfa2c86..0000000
--- a/php-5.5.0-CVE-2013-4013.patch
+++ /dev/null
@@ -1,181 +0,0 @@
-From 7d163e8a0880ae8af2dd869071393e5dc07ef271 Mon Sep 17 00:00:00 2001
-From: Rob Richards <rrichards@php.net>
-Date: Sat, 6 Jul 2013 07:53:07 -0400
-Subject: [PATCH] truncate results at depth of 255 to prevent corruption
-
----
- ext/xml/xml.c | 90 +++++++++++++++++++++++++++++++++--------------------------
- 1 file changed, 50 insertions(+), 40 deletions(-)
-
-diff --git a/ext/xml/xml.c b/ext/xml/xml.c
-index 1f0480b..9f0bc30 100644
---- a/ext/xml/xml.c
-+++ b/ext/xml/xml.c
-@@ -428,7 +428,7 @@ static void xml_parser_dtor(zend_rsrc_list_entry *rsrc TSRMLS_DC)
- }
- if (parser->ltags) {
- int inx;
-- for (inx = 0; inx < parser->level; inx++)
-+ for (inx = 0; ((inx < parser->level) && (inx < XML_MAXLEVEL)); inx++)
- efree(parser->ltags[ inx ]);
- efree(parser->ltags);
- }
-@@ -805,45 +805,50 @@ void _xml_startElementHandler(void *userData, const XML_Char *name, const XML_Ch
- }
-
- if (parser->data) {
-- zval *tag, *atr;
-- int atcnt = 0;
-+ if (parser->level <= XML_MAXLEVEL) {
-+ zval *tag, *atr;
-+ int atcnt = 0;
-
-- MAKE_STD_ZVAL(tag);
-- MAKE_STD_ZVAL(atr);
-+ MAKE_STD_ZVAL(tag);
-+ MAKE_STD_ZVAL(atr);
-
-- array_init(tag);
-- array_init(atr);
-+ array_init(tag);
-+ array_init(atr);
-
-- _xml_add_to_info(parser,((char *) tag_name) + parser->toffset);
-+ _xml_add_to_info(parser,((char *) tag_name) + parser->toffset);
-
-- add_assoc_string(tag,"tag",((char *) tag_name) + parser->toffset,1); /* cast to avoid gcc-warning */
-- add_assoc_string(tag,"type","open",1);
-- add_assoc_long(tag,"level",parser->level);
-+ add_assoc_string(tag,"tag",((char *) tag_name) + parser->toffset,1); /* cast to avoid gcc-warning */
-+ add_assoc_string(tag,"type","open",1);
-+ add_assoc_long(tag,"level",parser->level);
-
-- parser->ltags[parser->level-1] = estrdup(tag_name);
-- parser->lastwasopen = 1;
-+ parser->ltags[parser->level-1] = estrdup(tag_name);
-+ parser->lastwasopen = 1;
-
-- attributes = (const XML_Char **) attrs;
-+ attributes = (const XML_Char **) attrs;
-
-- while (attributes && *attributes) {
-- att = _xml_decode_tag(parser, attributes[0]);
-- val = xml_utf8_decode(attributes[1], strlen(attributes[1]), &val_len, parser->target_encoding);
--
-- add_assoc_stringl(atr,att,val,val_len,0);
-+ while (attributes && *attributes) {
-+ att = _xml_decode_tag(parser, attributes[0]);
-+ val = xml_utf8_decode(attributes[1], strlen(attributes[1]), &val_len, parser->target_encoding);
-
-- atcnt++;
-- attributes += 2;
-+ add_assoc_stringl(atr,att,val,val_len,0);
-
-- efree(att);
-- }
-+ atcnt++;
-+ attributes += 2;
-
-- if (atcnt) {
-- zend_hash_add(Z_ARRVAL_P(tag),"attributes",sizeof("attributes"),&atr,sizeof(zval*),NULL);
-- } else {
-- zval_ptr_dtor(&atr);
-- }
-+ efree(att);
-+ }
-+
-+ if (atcnt) {
-+ zend_hash_add(Z_ARRVAL_P(tag),"attributes",sizeof("attributes"),&atr,sizeof(zval*),NULL);
-+ } else {
-+ zval_ptr_dtor(&atr);
-+ }
-
-- zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),(void *) &parser->ctag);
-+ zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),(void *) &parser->ctag);
-+ } else if (parser->level == (XML_MAXLEVEL + 1)) {
-+ TSRMLS_FETCH();
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Maximum depth exceeded - Results truncated");
-+ }
- }
-
- efree(tag_name);
-@@ -895,7 +900,7 @@ void _xml_endElementHandler(void *userData, const XML_Char *name)
-
- efree(tag_name);
-
-- if (parser->ltags) {
-+ if ((parser->ltags) && (parser->level <= XML_MAXLEVEL)) {
- efree(parser->ltags[parser->level-1]);
- }
-
-@@ -979,18 +984,23 @@ void _xml_characterDataHandler(void *userData, const XML_Char *s, int len)
- }
- }
-
-- MAKE_STD_ZVAL(tag);
--
-- array_init(tag);
--
-- _xml_add_to_info(parser,parser->ltags[parser->level-1] + parser->toffset);
-+ if (parser->level <= XML_MAXLEVEL) {
-+ MAKE_STD_ZVAL(tag);
-
-- add_assoc_string(tag,"tag",parser->ltags[parser->level-1] + parser->toffset,1);
-- add_assoc_string(tag,"value",decoded_value,0);
-- add_assoc_string(tag,"type","cdata",1);
-- add_assoc_long(tag,"level",parser->level);
-+ array_init(tag);
-
-- zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),NULL);
-+ _xml_add_to_info(parser,parser->ltags[parser->level-1] + parser->toffset);
-+
-+ add_assoc_string(tag,"tag",parser->ltags[parser->level-1] + parser->toffset,1);
-+ add_assoc_string(tag,"value",decoded_value,0);
-+ add_assoc_string(tag,"type","cdata",1);
-+ add_assoc_long(tag,"level",parser->level);
-+
-+ zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),NULL);
-+ } else if (parser->level == (XML_MAXLEVEL + 1)) {
-+ TSRMLS_FETCH();
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Maximum depth exceeded - Results truncated");
-+ }
- }
- } else {
- efree(decoded_value);
---
-1.7.11.5
-
-From 710eee5555bc5c95692bd3c84f5d2b5d687349b6 Mon Sep 17 00:00:00 2001
-From: =?utf8?q?Johannes=20Schl=C3=BCter?= <johannes@php.net>
-Date: Wed, 10 Jul 2013 19:35:18 +0200
-Subject: [PATCH] add test for bug #65236
-
----
- ext/xml/tests/bug65236.phpt | 15 +++++++++++++++
- 1 file changed, 15 insertions(+)
- create mode 100644 ext/xml/tests/bug65236.phpt
-
-diff --git a/ext/xml/tests/bug65236.phpt b/ext/xml/tests/bug65236.phpt
-new file mode 100644
-index 0000000..67b26d6
---- /dev/null
-+++ b/ext/xml/tests/bug65236.phpt
-@@ -0,0 +1,15 @@
-+--TEST--
-+Bug #65236 (heap corruption in xml parser)
-+--SKIPIF--
-+<?php
-+require_once("skipif.inc");
-+?>
-+--FILE--
-+<?php
-+xml_parse_into_struct(xml_parser_create_ns(), str_repeat("<blah>", 1000), $a);
-+
-+echo "Done\n";
-+?>
-+--EXPECTF--
-+Warning: xml_parse_into_struct(): Maximum depth exceeded - Results truncated in %s on line %d
-+Done
---
-1.7.11.5
-
diff --git a/php55.spec b/php55.spec
index 0143a42..eececbe 100644
--- a/php55.spec
+++ b/php55.spec
@@ -4,7 +4,7 @@
%global pdover 20080721
# Extension version
%global opcachever 7.0.2-dev
-%global oci8ver 1.4.9
+%global oci8ver 1.4.10
# Adds -z now to the linker flags
%global _hardened_build 1
@@ -85,11 +85,11 @@
Summary: PHP scripting language for creating dynamic web sites
Name: php
-Version: 5.5.0
+Version: 5.5.1
%if 0%{?snapdate:1}%{?rcver:1}
Release: 0.1.%{?snapdate}%{?rcver}%{?dist}
%else
-Release: 2%{?dist}
+Release: 1%{?dist}
%endif
# All files licensed under PHP version 3.01, except
# Zend is licensed under Zend
@@ -147,7 +147,6 @@ Patch46: php-5.4.9-fixheader.patch
Patch47: php-5.4.9-phpinfo.patch
# Security fixes
-Patch60: php-5.5.0-CVE-2013-4013.patch
# Fixes for tests
@@ -400,6 +399,7 @@ License: PHP
Requires: php-common%{?_isa} = %{version}-%{release}
# ABI/API check - Arch specific
Provides: php-pdo-abi = %{pdover}%{isasuffix}
+Provides: php(pdo-abi) = %{pdover}%{isasuffix}
Provides: php-sqlite3, php-sqlite3%{?_isa}
Provides: php-pdo_sqlite, php-pdo_sqlite%{?_isa}
Obsoletes: php53-pdo, php53u-pdo, php54-pdo, php55-pdo
@@ -804,7 +804,7 @@ The php-intl package contains a dynamic shared object that will add
support for using the ICU library to PHP.
%package enchant
-Summary: Human Language and Character Encoding Support
+Summary: Enchant spelling extension for PHP applications
Group: System Environment/Libraries
# All files licensed under PHP version 3.0
License: PHP
@@ -813,7 +813,7 @@ BuildRequires: enchant-devel >= 1.2.4
Obsoletes: php53-enchant, php53u-enchant, php54-enchant, php55-enchant
%description enchant
-The php-intl package contains a dynamic shared object that will add
+The php-enchant package contains a dynamic shared object that will add
support for using the enchant library to PHP.
@@ -850,8 +850,6 @@ httpd -V | grep -q 'threaded:.*yes' && exit 1
%patch46 -p1 -b .fixheader
%patch47 -p1 -b .phpinfo
-%patch60 -p1 -b .cve4113
-
%patch91 -p1 -b .remi-oci8
# wip patches
@@ -1559,6 +1557,9 @@ cat files.zip >> files.common
# The default Zend OPcache blacklist file
install -m 644 %{SOURCE51} $RPM_BUILD_ROOT%{_sysconfdir}/php.d/opcache-default.blacklist
+install -m 644 %{SOURCE51} $RPM_BUILD_ROOT%{_sysconfdir}/php-zts.d/opcache-default.blacklist
+sed -e '/blacklist_filename/s/php.d/php-zts.d/' \
+ -i $RPM_BUILD_ROOT%{_sysconfdir}/php-zts.d/opcache.ini
# Install the macros file:
install -d $RPM_BUILD_ROOT%{_sysconfdir}/rpm
@@ -1712,6 +1713,9 @@ fi
# provides phpize here (not in -devel) for pecl command
%{_bindir}/phpize
%{_mandir}/man1/php.1*
+%{_mandir}/man1/php-cgi.1*
+%{_mandir}/man1/phar.1*
+%{_mandir}/man1/phar.phar.1*
%{_mandir}/man1/phpize.1*
%doc sapi/cgi/README* sapi/cli/README
@@ -1801,12 +1805,22 @@ fi
%files mysqlnd -f files.mysqlnd
%files opcache -f files.opcache
%config(noreplace) %{_sysconfdir}/php.d/opcache-default.blacklist
+%config(noreplace) %{_sysconfdir}/php-zts.d/opcache-default.blacklist
%if %{with_oci8}
%files oci8 -f files.oci8
%endif
%changelog
+* Mon Jul 22 2013 Remi Collet <rcollet@redhat.com> - 5.5.1-1
+- update to 5.5.1
+- add Provides: php(pdo-abi), for consistency with php(api)
+ and php(zend-abi)
+- improved description for mod_php
+- fix opcache ZTS configuration (blacklists in /etc/php-zts.d)
+- add missing man pages (phar, php-cgi)
+- fix php-enchant summary and description
+
* Fri Jul 12 2013 Remi Collet <rcollet@redhat.com> - 5.5.0-2
- add security fix for CVE-2013-4113
- add missing ASL 1.0 license