svn commit: r301401 - in head: databases/php53-pdo_mysql lang/php53 security/vuxml
Florian Smeets
flo at FreeBSD.org
Mon Jul 23 14:39:49 UTC 2012
Author: flo
Date: Mon Jul 23 14:39:48 2012
New Revision: 301401
URL: http://svn.freebsd.org/changeset/ports/301401
Log:
- update to 5.3.15
- document php vulnerabilities
Security: http://www.vuxml.org/freebsd/bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89.html
Modified:
head/databases/php53-pdo_mysql/Makefile
head/lang/php53/Makefile (contents, props changed)
head/lang/php53/distinfo (contents, props changed)
head/security/vuxml/vuln.xml (contents, props changed)
Modified: head/databases/php53-pdo_mysql/Makefile
==============================================================================
--- head/databases/php53-pdo_mysql/Makefile Mon Jul 23 14:25:13 2012 (r301400)
+++ head/databases/php53-pdo_mysql/Makefile Mon Jul 23 14:39:48 2012 (r301401)
@@ -5,8 +5,6 @@
# $FreeBSD$
#
-PORTREVISION= 1
-
CATEGORIES= databases
MASTERDIR= ${.CURDIR}/../../lang/php53
Modified: head/lang/php53/Makefile
==============================================================================
--- head/lang/php53/Makefile Mon Jul 23 14:25:13 2012 (r301400)
+++ head/lang/php53/Makefile Mon Jul 23 14:39:48 2012 (r301401)
@@ -6,7 +6,7 @@
#
PORTNAME= php53
-PORTVERSION= 5.3.14
+PORTVERSION= 5.3.15
PORTREVISION?= 0
CATEGORIES?= lang devel www
MASTER_SITES= ${MASTER_SITE_PHP}
Modified: head/lang/php53/distinfo
==============================================================================
--- head/lang/php53/distinfo Mon Jul 23 14:25:13 2012 (r301400)
+++ head/lang/php53/distinfo Mon Jul 23 14:39:48 2012 (r301401)
@@ -1,5 +1,5 @@
-SHA256 (php-5.3.14.tar.bz2) = c8075b6e83c5db0d26cc8426a7456856421089a76c963813b1fcac3ced041cb3
-SIZE (php-5.3.14.tar.bz2) = 11408016
+SHA256 (php-5.3.15.tar.bz2) = f9b725659e64228a60883bd134afe1f638900b6b8fa93ba98053095b0892f1ef
+SIZE (php-5.3.15.tar.bz2) = 11307865
SHA256 (suhosin-patch-5.3.x-0.9.10.patch.gz) = 4438caeab0a10c6c94aee9f7eaa703f5799f97d4e0579f43a947bb7314e38317
SIZE (suhosin-patch-5.3.x-0.9.10.patch.gz) = 40967
SHA256 (php-5.3.x-mail-header.patch) = 5a677448b32d9f592703e2323a33facdb45e5c237dcca04aaea8ec3287f7db84
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Jul 23 14:25:13 2012 (r301400)
+++ head/security/vuxml/vuln.xml Mon Jul 23 14:39:48 2012 (r301401)
@@ -52,6 +52,41 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89">
+ <topic>php -- potential overflow in _php_stream_scandir</topic>
+ <affects>
+ <package>
+ <name>php5</name>
+ <range><gt>5.4</gt><lt>5.4.5</lt></range>
+ </package>
+ <package>
+ <name>php53</name>
+ <range><lt>5.3.15</lt></range>
+ </package>
+ <package>
+ <name>php52</name>
+ <range><le>5.2.17_10</le></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The PHP Development Team reports:</p>
+ <blockquote cite="http://www.php.net/archive/2012.php#id2012-07-19-1">
+ <p>The release of PHP 5.4.15 and 5.4.5 fix a potential overflow in
+ _php_stream_scandir</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2012-2688</cvename>
+ <url>http://www.php.net/archive/2012.php#id2012-07-19-1</url>
+ </references>
+ <dates>
+ <discovery>2012-07-19</discovery>
+ <entry>2012-07-23</entry>
+ </dates>
+ </vuln>
+
<vuln vid="ce82bfeb-d276-11e1-92c6-14dae938ec40">
<topic>dns/nsd -- DoS vulnerability from non-standard DNS packet</topic>
<affects>
More information about the svn-ports-all
mailing list