[php/f16] update to PHP 5.3.9 (security)
Remi Collet
remi at fedoraproject.org
Wed Jan 11 17:51:56 UTC 2012
commit d281072c94e16159cd6fa3808d81805b113d1c70
Author: remi <fedora at famillecollet.com>
Date: Wed Jan 11 18:51:31 2012 +0100
update to PHP 5.3.9 (security)
.gitignore | 1 +
php-5.3.7-gnusrc.patch | 115 --------------------
php-5.3.8-isa.patch | 45 --------
php-5.3.8-mysqlnd.patch | 77 -------------
....3.8-aconf259.patch => php-5.3.9-aconf259.patch | 49 ++++-----
php-5.3.9-gnusrc.patch | 115 ++++++++++++++++++++
php-5.3.9-mysqlnd.patch | 25 +++++
php.ini | 10 ++
php.spec | 25 +++--
sources | 2 +-
10 files changed, 190 insertions(+), 274 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 7f79b85..393f6c1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
php.spec~
/php-5.3.7.tar.bz2
/php-5.3.8.tar.bz2
+/php-5.3.9.tar.bz2
diff --git a/php-5.3.8-aconf259.patch b/php-5.3.9-aconf259.patch
similarity index 79%
rename from php-5.3.8-aconf259.patch
rename to php-5.3.9-aconf259.patch
index 1d9696b..3439a30 100644
--- a/php-5.3.8-aconf259.patch
+++ b/php-5.3.9-aconf259.patch
@@ -1,6 +1,6 @@
-diff -up php-5.3.8/build/buildcheck.sh.aconf259 php-5.3.8/build/buildcheck.sh
---- php-5.3.8/build/buildcheck.sh.aconf259 2011-05-18 21:55:34.000000000 +0200
-+++ php-5.3.8/build/buildcheck.sh 2011-09-12 17:42:17.016672712 +0200
+diff -up php-5.3.9/build/buildcheck.sh.aconf259 php-5.3.9/build/buildcheck.sh
+--- php-5.3.9/build/buildcheck.sh.aconf259 2011-05-18 21:55:34.000000000 +0200
++++ php-5.3.9/build/buildcheck.sh 2012-01-10 19:05:11.754924053 +0100
@@ -28,33 +28,23 @@ if test -z "$PHP_AUTOCONF"; then
PHP_AUTOCONF='autoconf'
fi
@@ -40,11 +40,11 @@ diff -up php-5.3.8/build/buildcheck.sh.aconf259 php-5.3.8/build/buildcheck.sh
if test "$1" = "2" -a "$2" -ge "50"; then
./vcsclean
-diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
---- php-5.3.8/configure.in.aconf259 2011-09-12 17:42:17.008672708 +0200
-+++ php-5.3.8/configure.in 2011-09-12 17:42:17.017672713 +0200
+diff -up php-5.3.9/configure.in.aconf259 php-5.3.9/configure.in
+--- php-5.3.9/configure.in.aconf259 2012-01-10 19:05:44.787924857 +0100
++++ php-5.3.9/configure.in 2012-01-10 19:06:55.260926529 +0100
@@ -1,28 +1,6 @@
- ## $Id: configure.in 315343 2011-08-23 08:56:29Z johannes $ -*- autoconf -*-
+ ## $Id: configure.in 322014 2012-01-10 11:21:57Z johannes $ -*- autoconf -*-
dnl ## Process this file with autoconf to produce a configure script.
-divert(1)
@@ -72,7 +72,7 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
dnl include Zend specific macro definitions first
dnl -------------------------------------------------------------------------
sinclude(Zend/acinclude.m4)
-@@ -30,8 +8,10 @@ sinclude(Zend/acinclude.m4)
+@@ -30,8 +8,9 @@ sinclude(Zend/acinclude.m4)
dnl Basic autoconf + automake initialization, generation of config.nice.
dnl -------------------------------------------------------------------------
@@ -80,11 +80,10 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
+AC_PREREQ(2.59)
AC_INIT(README.SVN-RULES)
+ifdef([AC_PRESERVE_HELP_ORDER], [AC_PRESERVE_HELP_ORDER], [])
-+
PHP_CONFIG_NICE(config.nice)
-@@ -292,14 +272,6 @@ sinclude(TSRM/threads.m4)
+@@ -292,14 +271,6 @@ sinclude(TSRM/threads.m4)
sinclude(TSRM/tsrm.m4)
@@ -99,7 +98,7 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
dnl .
dnl -------------------------------------------------------------------------
-@@ -331,13 +303,6 @@ if test "$enable_maintainer_zts" = "yes"
+@@ -331,13 +302,6 @@ if test "$enable_maintainer_zts" = "yes"
PTHREADS_FLAGS
fi
@@ -113,7 +112,7 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
dnl Starting system checks.
dnl -------------------------------------------------------------------------
-@@ -677,10 +642,6 @@ if test "x$php_crypt_r" = "x1"; then
+@@ -685,10 +649,6 @@ if test "x$php_crypt_r" = "x1"; then
PHP_CRYPT_R_STYLE
fi
@@ -124,7 +123,7 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
dnl General settings.
dnl -------------------------------------------------------------------------
PHP_CONFIGURE_PART(General settings)
-@@ -918,11 +879,6 @@ else
+@@ -926,11 +886,6 @@ else
AC_MSG_RESULT([using system default])
fi
@@ -136,9 +135,9 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
dnl Extension configuration.
dnl -------------------------------------------------------------------------
-diff -up php-5.3.8/ext/standard/config.m4.aconf259 php-5.3.8/ext/standard/config.m4
---- php-5.3.8/ext/standard/config.m4.aconf259 2010-06-17 12:22:03.000000000 +0200
-+++ php-5.3.8/ext/standard/config.m4 2011-09-12 17:42:17.018672714 +0200
+diff -up php-5.3.9/ext/standard/config.m4.aconf259 php-5.3.9/ext/standard/config.m4
+--- php-5.3.9/ext/standard/config.m4.aconf259 2012-01-10 19:09:03.896929612 +0100
++++ php-5.3.9/ext/standard/config.m4 2012-01-10 19:09:54.290930815 +0100
@@ -1,7 +1,5 @@
dnl $Id: config.m4 300511 2010-06-17 10:22:03Z pajoye $ -*- autoconf -*-
@@ -156,9 +155,9 @@ diff -up php-5.3.8/ext/standard/config.m4.aconf259 php-5.3.8/ext/standard/config
dnl
dnl Check if there is a support means of creating a new process
dnl and defining which handles it receives
-diff -up php-5.3.8/scripts/php-config.in.aconf259 php-5.3.8/scripts/php-config.in
---- php-5.3.8/scripts/php-config.in.aconf259 2011-04-18 13:13:37.000000000 +0200
-+++ php-5.3.8/scripts/php-config.in 2011-09-12 17:42:17.019672714 +0200
+diff -up php-5.3.9/scripts/php-config.in.aconf259 php-5.3.9/scripts/php-config.in
+--- php-5.3.9/scripts/php-config.in.aconf259 2011-04-18 13:13:37.000000000 +0200
++++ php-5.3.9/scripts/php-config.in 2012-01-10 19:05:11.755924053 +0100
@@ -2,6 +2,7 @@
SED="@SED@"
@@ -167,9 +166,9 @@ diff -up php-5.3.8/scripts/php-config.in.aconf259 php-5.3.8/scripts/php-config.i
exec_prefix="@exec_prefix@"
version="@PHP_VERSION@"
vernum="@PHP_VERSION_ID@"
-diff -up php-5.3.8/scripts/phpize.in.aconf259 php-5.3.8/scripts/phpize.in
---- php-5.3.8/scripts/phpize.in.aconf259 2009-06-24 09:42:33.000000000 +0200
-+++ php-5.3.8/scripts/phpize.in 2011-09-12 17:43:12.706714796 +0200
+diff -up php-5.3.9/scripts/phpize.in.aconf259 php-5.3.9/scripts/phpize.in
+--- php-5.3.9/scripts/phpize.in.aconf259 2009-06-24 09:42:33.000000000 +0200
++++ php-5.3.9/scripts/phpize.in 2012-01-10 19:05:11.755924053 +0100
@@ -2,6 +2,7 @@
# Variable declaration
@@ -178,9 +177,9 @@ diff -up php-5.3.8/scripts/phpize.in.aconf259 php-5.3.8/scripts/phpize.in
exec_prefix="`eval echo @exec_prefix@`"
phpdir="`eval echo @libdir@`/build"
includedir="`eval echo @includedir@`/php"
-diff -up php-5.3.8/scripts/phpize.m4.aconf259 php-5.3.8/scripts/phpize.m4
---- php-5.3.8/scripts/phpize.m4.aconf259 2010-11-02 10:58:08.000000000 +0100
-+++ php-5.3.8/scripts/phpize.m4 2011-09-12 17:42:17.020672715 +0200
+diff -up php-5.3.9/scripts/phpize.m4.aconf259 php-5.3.9/scripts/phpize.m4
+--- php-5.3.9/scripts/phpize.m4.aconf259 2010-11-02 10:58:08.000000000 +0100
++++ php-5.3.9/scripts/phpize.m4 2012-01-10 19:05:11.755924053 +0100
@@ -1,9 +1,8 @@
dnl This file becomes configure.in for self-contained extensions.
diff --git a/php-5.3.9-gnusrc.patch b/php-5.3.9-gnusrc.patch
new file mode 100644
index 0000000..0f3d9cc
--- /dev/null
+++ b/php-5.3.9-gnusrc.patch
@@ -0,0 +1,115 @@
+diff -up php-5.3.9/configure.in.gnusrc php-5.3.9/configure.in
+--- php-5.3.9/configure.in.gnusrc 2012-01-10 12:21:57.000000000 +0100
++++ php-5.3.9/configure.in 2012-01-10 18:53:24.020907113 +0100
+@@ -58,6 +58,8 @@ AC_DEFUN([PHP_EXT_DIR],[ext/$1])dnl
+ AC_DEFUN([PHP_EXT_SRCDIR],[$abs_srcdir/ext/$1])dnl
+ AC_DEFUN([PHP_ALWAYS_SHARED],[])dnl
+
++AC_DEFINE([_GNU_SOURCE], 1, [Define to enable GNU C Library extensions])
++
+ dnl Setting up the PHP version based on the information above.
+ dnl -------------------------------------------------------------------------
+
+diff -up php-5.3.9/ext/interbase/interbase.c.gnusrc php-5.3.9/ext/interbase/interbase.c
+--- php-5.3.9/ext/interbase/interbase.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/ext/interbase/interbase.c 2012-01-10 18:53:24.021907113 +0100
+@@ -24,7 +24,6 @@
+ #include "config.h"
+ #endif
+
+-#define _GNU_SOURCE
+
+ #include "php.h"
+
+diff -up php-5.3.9/ext/pdo_firebird/firebird_driver.c.gnusrc php-5.3.9/ext/pdo_firebird/firebird_driver.c
+--- php-5.3.9/ext/pdo_firebird/firebird_driver.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/ext/pdo_firebird/firebird_driver.c 2012-01-10 18:53:24.022907113 +0100
+@@ -22,7 +22,6 @@
+ #include "config.h"
+ #endif
+
+-#define _GNU_SOURCE
+
+ #include "php.h"
+ #ifdef ZEND_ENGINE_2
+diff -up php-5.3.9/ext/standard/file.c.gnusrc php-5.3.9/ext/standard/file.c
+--- php-5.3.9/ext/standard/file.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/ext/standard/file.c 2012-01-10 18:53:24.023907113 +0100
+@@ -113,9 +113,6 @@ php_file_globals file_globals;
+ #endif
+
+ #if defined(HAVE_FNMATCH) && !defined(PHP_WIN32)
+-# ifndef _GNU_SOURCE
+-# define _GNU_SOURCE
+-# endif
+ # include <fnmatch.h>
+ #endif
+
+diff -up php-5.3.9/ext/zlib/zlib_fopen_wrapper.c.gnusrc php-5.3.9/ext/zlib/zlib_fopen_wrapper.c
+--- php-5.3.9/ext/zlib/zlib_fopen_wrapper.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/ext/zlib/zlib_fopen_wrapper.c 2012-01-10 18:53:52.308907791 +0100
+@@ -19,8 +19,6 @@
+
+ /* $Id: zlib_fopen_wrapper.c 321634 2012-01-01 13:15:04Z felipe $ */
+
+-#define _GNU_SOURCE
+-
+ #include "php.h"
+ #include "php_zlib.h"
+ #include "fopen_wrappers.h"
+diff -up php-5.3.9/main/php.h.gnusrc php-5.3.9/main/php.h
+--- php-5.3.9/main/php.h.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/main/php.h 2012-01-10 18:53:24.025907114 +0100
+@@ -30,6 +30,7 @@
+ #define PHP_HAVE_STREAMS
+ #define YYDEBUG 0
+
++#include "php_config.h"
+ #include "php_version.h"
+ #include "zend.h"
+ #include "zend_qsort.h"
+diff -up php-5.3.9/main/streams/cast.c.gnusrc php-5.3.9/main/streams/cast.c
+--- php-5.3.9/main/streams/cast.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/main/streams/cast.c 2012-01-10 18:54:09.479908202 +0100
+@@ -18,7 +18,6 @@
+
+ /* $Id: cast.c 321634 2012-01-01 13:15:04Z felipe $ */
+
+-#define _GNU_SOURCE
+ #include "php.h"
+ #include "php_globals.h"
+ #include "php_network.h"
+diff -up php-5.3.9/main/streams/memory.c.gnusrc php-5.3.9/main/streams/memory.c
+--- php-5.3.9/main/streams/memory.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/main/streams/memory.c 2012-01-10 18:54:25.102908576 +0100
+@@ -18,7 +18,6 @@
+
+ /* $Id: memory.c 321634 2012-01-01 13:15:04Z felipe $ */
+
+-#define _GNU_SOURCE
+ #include "php.h"
+
+ PHPAPI int php_url_decode(char *str, int len);
+diff -up php-5.3.9/main/streams/streams.c.gnusrc php-5.3.9/main/streams/streams.c
+--- php-5.3.9/main/streams/streams.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/main/streams/streams.c 2012-01-10 18:54:42.953909003 +0100
+@@ -21,7 +21,6 @@
+
+ /* $Id: streams.c 321634 2012-01-01 13:15:04Z felipe $ */
+
+-#define _GNU_SOURCE
+ #include "php.h"
+ #include "php_globals.h"
+ #include "php_network.h"
+diff -up php-5.3.9/Zend/zend_language_parser.c.gnusrc php-5.3.9/Zend/zend_language_parser.c
+--- php-5.3.9/Zend/zend_language_parser.c.gnusrc 2012-01-10 14:37:07.000000000 +0100
++++ php-5.3.9/Zend/zend_language_parser.c 2012-01-10 18:53:24.031907115 +0100
+@@ -112,6 +112,8 @@
+ #include "zend_API.h"
+ #include "zend_constants.h"
+
++#include <string.h>
++
+
+ #define YYERROR_VERBOSE
+ #define YYSTYPE znode
diff --git a/php-5.3.9-mysqlnd.patch b/php-5.3.9-mysqlnd.patch
new file mode 100644
index 0000000..f55a392
--- /dev/null
+++ b/php-5.3.9-mysqlnd.patch
@@ -0,0 +1,25 @@
+diff -up php-5.3.9/ext/mysqlnd/config9.m4.mysqlnd php-5.3.9/ext/mysqlnd/config9.m4
+diff -up php-5.3.9/ext/mysqlnd/mysqlnd.c.mysqlnd php-5.3.9/ext/mysqlnd/mysqlnd.c
+--- php-5.3.9/ext/mysqlnd/mysqlnd.c.mysqlnd 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/ext/mysqlnd/mysqlnd.c 2012-01-10 19:12:06.813933986 +0100
+@@ -620,7 +620,7 @@ MYSQLND_METHOD(mysqlnd_conn, connect)(MY
+ if (host_len == sizeof("localhost") - 1 && !strncasecmp(host, "localhost", host_len)) {
+ DBG_INF_FMT("socket=%s", socket_or_pipe? socket_or_pipe:"n/a");
+ if (!socket_or_pipe) {
+- socket_or_pipe = "/tmp/mysql.sock";
++ socket_or_pipe = "/var/lib/mysql/mysql.sock";
+ }
+ transport_len = spprintf(&transport, 0, "unix://%s", socket_or_pipe);
+ unix_socket = TRUE;
+diff -up php-5.3.9/ext/pdo_mysql/pdo_mysql.c.mysqlnd php-5.3.9/ext/pdo_mysql/pdo_mysql.c
+--- php-5.3.9/ext/pdo_mysql/pdo_mysql.c.mysqlnd 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/ext/pdo_mysql/pdo_mysql.c 2012-01-10 19:17:51.608942238 +0100
+@@ -50,7 +50,7 @@ ZEND_DECLARE_MODULE_GLOBALS(pdo_mysql);
+ # define PDO_MYSQL_UNIX_ADDR PHP_MYSQL_UNIX_SOCK_ADDR
+ # else
+ # if !PHP_WIN32
+-# define PDO_MYSQL_UNIX_ADDR "/tmp/mysql.sock"
++# define PDO_MYSQL_UNIX_ADDR "/var/lib/mysql/mysql.sock"
+ # else
+ # define PDO_MYSQL_UNIX_ADDR NULL
+ # endif
diff --git a/php.ini b/php.ini
index 929adf2..d850a45 100644
--- a/php.ini
+++ b/php.ini
@@ -420,6 +420,10 @@ disable_classes =
; http://www.php.net/manual/en/ini.core.php#ini.realpath-cache-ttl
;realpath_cache_ttl = 120
+; Enables or disables the circular reference collector.
+; http://php.net/zend.enable-gc
+zend.enable_gc = On
+
;;;;;;;;;;;;;;;;;
; Miscellaneous ;
;;;;;;;;;;;;;;;;;
@@ -452,6 +456,9 @@ max_input_time = 60
; http://www.php.net/manual/en/info.configuration.php#ini.max-input-nesting-level
;max_input_nesting_level = 64
+; How many GET/POST/COOKIE input variables may be accepted
+max_input_vars = 1000
+
; Maximum amount of memory a script may consume (128MB)
; http://www.php.net/manual/en/ini.core.php#ini.memory-limit
memory_limit = 128M
@@ -877,6 +884,9 @@ file_uploads = On
; http://www.php.net/manual/en/ini.core.php#ini.upload-max-filesize
upload_max_filesize = 2M
+; Maximum number of files that can be uploaded via a single request
+max_file_uploads = 20
+
;;;;;;;;;;;;;;;;;;
; Fopen wrappers ;
;;;;;;;;;;;;;;;;;;
diff --git a/php.spec b/php.spec
index 431dd19..f84e750 100644
--- a/php.spec
+++ b/php.spec
@@ -36,8 +36,8 @@
Summary: PHP scripting language for creating dynamic web sites
Name: php
-Version: 5.3.8
-Release: 3%{?dist}
+Version: 5.3.9
+Release: 1%{?dist}
License: PHP
Group: Development/Languages
URL: http://www.php.net/
@@ -52,7 +52,7 @@ Source6: php-fpm.init
Source7: php-fpm.logrotate
# Build fixes
-Patch1: php-5.3.7-gnusrc.patch
+Patch1: php-5.3.9-gnusrc.patch
Patch2: php-5.3.0-install.patch
Patch3: php-5.2.4-norpath.patch
Patch5: php-5.2.0-includedir.patch
@@ -60,10 +60,9 @@ Patch6: php-5.2.4-embed.patch
Patch7: php-5.3.0-recode.patch
# from http://svn.php.net/viewvc?view=revision&revision=311042
# and http://svn.php.net/viewvc?view=revision&revision=311908
-Patch8: php-5.3.8-aconf259.patch
-# from http://svn.php.net/viewvc?view=revision&revision=316281
-# + fix harcoded mysql.sock path
-Patch9: php-5.3.8-mysqlnd.patch
+Patch8: php-5.3.9-aconf259.patch
+# fix harcoded mysql.sock path
+Patch9: php-5.3.9-mysqlnd.patch
# Fixes for extension modules
Patch20: php-4.3.11-shutdown.patch
@@ -75,8 +74,6 @@ Patch41: php-5.3.0-easter.patch
Patch42: php-5.3.1-systzdata-v7.patch
# See http://bugs.php.net/53436
Patch43: php-5.3.4-phpize.patch
-# http://svn.php.net/viewvc?view=revision&revision=317183
-Patch44: php-5.3.8-isa.patch
# Fixes for tests
Patch61: php-5.0.4-tests-wddx.patch
@@ -563,7 +560,6 @@ support for using the enchant library to PHP.
%patch41 -p1 -b .easter
%patch42 -p1 -b .systzdata
%patch43 -p0 -b .headers
-%patch44 -p4 -b .isa
%patch61 -p1 -b .tests-wddx
@@ -1058,9 +1054,10 @@ fi
%{_initrddir}/php-fpm
%dir %{_sysconfdir}/php-fpm.d
# log owned by apache for log
-%attr(770,apache,apache) %dir %{_localstatedir}/log/php-fpm
+%attr(770,apache,root) %dir %{_localstatedir}/log/php-fpm
%dir %{_localstatedir}/run/php-fpm
%{_mandir}/man8/php-fpm.8*
+%{_datadir}/fpm/status.html
%endif
%files devel
@@ -1105,6 +1102,12 @@ fi
%changelog
+* Wed Jan 11 2012 Remi Collet <remi at fedoraproject.org> 5.3.9-1
+- update to 5.3.9
+ http://www.php.net/ChangeLog-5.php#5.3.9
+- fix owner of /var/log/php-fpm (bug #773077)
+- add max_input_vars, max_file_uploads, zend.enable_gc to php.ini
+
* Wed Sep 28 2011 Remi Collet <remi at fedoraproject.org> 5.3.8-3
- revert is_a() to php <= 5.3.6 behavior (from upstream)
with new option (allow_string) for new behavior
diff --git a/sources b/sources
index 1281f44..5bc699a 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-704cd414a0565d905e1074ffdc1fadfb php-5.3.8.tar.bz2
+dd3288ed5c08cd61ac5bf619cb357521 php-5.3.9.tar.bz2
More information about the scm-commits
mailing list