svn commit: r323445 - in head: security/vuxml www/suphp
Bryan Drewery
bdrewery at FreeBSD.org
Mon Jul 22 13:24:06 UTC 2013
Author: bdrewery
Date: Mon Jul 22 13:24:05 2013
New Revision: 323445
URL: http://svnweb.freebsd.org/changeset/ports/323445
Log:
- Update suPHP to 0.7.2
- Document possible privilege escalation
Approved by: maintainer timeout
Security: 2fbfd455-f2d0-11e2-8a46-000d601460a4
Modified:
head/security/vuxml/vuln.xml
head/www/suphp/Makefile
head/www/suphp/distinfo
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Jul 22 13:13:20 2013 (r323444)
+++ head/security/vuxml/vuln.xml Mon Jul 22 13:24:05 2013 (r323445)
@@ -51,6 +51,42 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="2fbfd455-f2d0-11e2-8a46-000d601460a4">
+ <topic>suPHP -- Privilege escalation</topic>
+ <affects>
+ <package>
+ <name>suphp</name>
+ <range><lt>0.7.2</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>suPHP developer Sebastian Marsching reports:</p>
+ <blockquote cite="https://lists.marsching.com/pipermail/suphp/2013-May/002552.html">
+ <p>When the suPHP_PHPPath was set, mod_suphp would use the specified PHP
+ executable to pretty-print PHP source files (MIME type
+ x-httpd-php-source or application/x-httpd-php-source).
+
+ However, it would not sanitize the environment. Thus a user that was
+ allowed to use the SetEnv directive in a .htaccess file (AllowOverride
+ FileInfo) could make PHP load a malicious configuration file (e.g.
+ loading malicious extensions).
+
+ As the PHP process for highlighting the source file was run with the
+ privileges of the user Apache HTTPd was running as, a local attacker
+ could probably execute arbitrary code with the privileges of this user.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://lists.marsching.com/pipermail/suphp/2013-May/002552.html</url>
+ </references>
+ <dates>
+ <discovery>2013-05-20</discovery>
+ <entry>2013-07-22</entry>
+ </dates>
+ </vuln>
+
<vuln vid="ca4d63fb-f15c-11e2-b183-20cf30e32f6d">
<topic>apache24 -- several vulnerabilities</topic>
<affects>
Modified: head/www/suphp/Makefile
==============================================================================
--- head/www/suphp/Makefile Mon Jul 22 13:13:20 2013 (r323444)
+++ head/www/suphp/Makefile Mon Jul 22 13:24:05 2013 (r323445)
@@ -2,8 +2,7 @@
# $FreeBSD$
PORTNAME= suphp
-PORTVERSION= 0.7.1
-PORTREVISION= 5
+PORTVERSION= 0.7.2
CATEGORIES= www
MASTER_SITES= http://www.suphp.org/download/ \
${MASTER_SITE_LOCAL:S|%SUBDIR%|koitsu|}
@@ -12,7 +11,8 @@ MAINTAINER= yzlin at FreeBSD.org
COMMENT= Securely execute PHP scripts under Apache
GNU_CONFIGURE= yes
-USE_AUTOTOOLS= aclocal:env automake:env autoconf:env libtool:env
+USE_AUTOTOOLS= aclocal:env automake autoconf:env libtool:env
+AUTOMAKE_ARGS+= --add-missing
# Maintainer has not tested suPHP 0.6.x on Apache 1.3.
USE_APACHE= 22
@@ -39,11 +39,9 @@ CONFIGURE_ARGS+= --with-apr=${LOCALBASE}
AUTOTOOLSFILES= aclocal.m4
post-patch:
- @${REINPLACE_CMD} -e 's|2.61|%%AUTOCONF_VERSION%%|g' \
- -e 's|1.10.1|%%AUTOMAKE_APIVER%%|g' \
- -e 's|1.10|%%AUTOMAKE_VERSION%%|g' \
+ @${REINPLACE_CMD} -e 's|2.68|%%AUTOCONF_VERSION%%|g' \
+ -e 's|1.11.3|%%AUTOMAKE_VERSION%%|g' \
${WRKSRC}/aclocal.m4
- @${CHMOD} 755 ${WRKSRC}/config/install-sh
post-install:
.if !defined(NOPORTDOCS)
Modified: head/www/suphp/distinfo
==============================================================================
--- head/www/suphp/distinfo Mon Jul 22 13:13:20 2013 (r323444)
+++ head/www/suphp/distinfo Mon Jul 22 13:24:05 2013 (r323445)
@@ -1,2 +1,2 @@
-SHA256 (suphp-0.7.1.tar.gz) = 91d180046f95f66c9ad12f3ca67bba87e2b64338543145e68370babc4434e58a
-SIZE (suphp-0.7.1.tar.gz) = 386521
+SHA256 (suphp-0.7.2.tar.gz) = e09d4d73a552f4a5bb46961ac7e7ea61c5c24757a8b80d8d770e4c7ed6519760
+SIZE (suphp-0.7.2.tar.gz) = 343223
More information about the svn-ports-head
mailing list