[php/f15] update to PHP 5.3.9 (security)
Remi Collet
remi at fedoraproject.org
Wed Jan 11 18:43:02 UTC 2012
commit b4b0c94ca8c12776505346fd56fd9ed01732464c
Author: remi <fedora at famillecollet.com>
Date: Wed Jan 11 19:42:37 2012 +0100
update to PHP 5.3.9 (security)
.gitignore | 1 +
php-5.3.7-gnusrc.patch | 115 --------------------
php-5.3.8-isa.patch | 45 --------
....3.8-aconf259.patch => php-5.3.9-aconf259.patch | 51 +++++-----
php-5.3.9-gnusrc.patch | 115 ++++++++++++++++++++
php.ini | 10 ++
php.spec | 33 ++++--
sources | 2 +-
8 files changed, 173 insertions(+), 199 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 7f79b85..393f6c1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
php.spec~
/php-5.3.7.tar.bz2
/php-5.3.8.tar.bz2
+/php-5.3.9.tar.bz2
diff --git a/php-5.3.8-aconf259.patch b/php-5.3.9-aconf259.patch
similarity index 78%
rename from php-5.3.8-aconf259.patch
rename to php-5.3.9-aconf259.patch
index b135fc4..3439a30 100644
--- a/php-5.3.8-aconf259.patch
+++ b/php-5.3.9-aconf259.patch
@@ -1,6 +1,6 @@
-diff -up php-5.3.8/build/buildcheck.sh.aconf259 php-5.3.8/build/buildcheck.sh
---- php-5.3.8/build/buildcheck.sh.aconf259 2011-05-18 21:55:34.000000000 +0200
-+++ php-5.3.8/build/buildcheck.sh 2011-08-23 13:43:08.977271533 +0200
+diff -up php-5.3.9/build/buildcheck.sh.aconf259 php-5.3.9/build/buildcheck.sh
+--- php-5.3.9/build/buildcheck.sh.aconf259 2011-05-18 21:55:34.000000000 +0200
++++ php-5.3.9/build/buildcheck.sh 2012-01-10 19:05:11.754924053 +0100
@@ -28,33 +28,23 @@ if test -z "$PHP_AUTOCONF"; then
PHP_AUTOCONF='autoconf'
fi
@@ -40,11 +40,11 @@ diff -up php-5.3.8/build/buildcheck.sh.aconf259 php-5.3.8/build/buildcheck.sh
if test "$1" = "2" -a "$2" -ge "50"; then
./vcsclean
-diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
---- php-5.3.8/configure.in.aconf259 2011-08-23 13:43:08.971271521 +0200
-+++ php-5.3.8/configure.in 2011-08-23 13:43:34.264326174 +0200
+diff -up php-5.3.9/configure.in.aconf259 php-5.3.9/configure.in
+--- php-5.3.9/configure.in.aconf259 2012-01-10 19:05:44.787924857 +0100
++++ php-5.3.9/configure.in 2012-01-10 19:06:55.260926529 +0100
@@ -1,28 +1,6 @@
- ## $Id: configure.in 315343 2011-08-23 08:56:29Z johannes $ -*- autoconf -*-
+ ## $Id: configure.in 322014 2012-01-10 11:21:57Z johannes $ -*- autoconf -*-
dnl ## Process this file with autoconf to produce a configure script.
-divert(1)
@@ -72,7 +72,7 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
dnl include Zend specific macro definitions first
dnl -------------------------------------------------------------------------
sinclude(Zend/acinclude.m4)
-@@ -30,8 +8,10 @@ sinclude(Zend/acinclude.m4)
+@@ -30,8 +8,9 @@ sinclude(Zend/acinclude.m4)
dnl Basic autoconf + automake initialization, generation of config.nice.
dnl -------------------------------------------------------------------------
@@ -80,11 +80,10 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
+AC_PREREQ(2.59)
AC_INIT(README.SVN-RULES)
+ifdef([AC_PRESERVE_HELP_ORDER], [AC_PRESERVE_HELP_ORDER], [])
-+
PHP_CONFIG_NICE(config.nice)
-@@ -292,14 +272,6 @@ sinclude(TSRM/threads.m4)
+@@ -292,14 +271,6 @@ sinclude(TSRM/threads.m4)
sinclude(TSRM/tsrm.m4)
@@ -99,7 +98,7 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
dnl .
dnl -------------------------------------------------------------------------
-@@ -331,13 +303,6 @@ if test "$enable_maintainer_zts" = "yes"
+@@ -331,13 +302,6 @@ if test "$enable_maintainer_zts" = "yes"
PTHREADS_FLAGS
fi
@@ -113,7 +112,7 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
dnl Starting system checks.
dnl -------------------------------------------------------------------------
-@@ -677,10 +642,6 @@ if test "x$php_crypt_r" = "x1"; then
+@@ -685,10 +649,6 @@ if test "x$php_crypt_r" = "x1"; then
PHP_CRYPT_R_STYLE
fi
@@ -124,7 +123,7 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
dnl General settings.
dnl -------------------------------------------------------------------------
PHP_CONFIGURE_PART(General settings)
-@@ -918,11 +879,6 @@ else
+@@ -926,11 +886,6 @@ else
AC_MSG_RESULT([using system default])
fi
@@ -136,9 +135,9 @@ diff -up php-5.3.8/configure.in.aconf259 php-5.3.8/configure.in
dnl Extension configuration.
dnl -------------------------------------------------------------------------
-diff -up php-5.3.8/ext/standard/config.m4.aconf259 php-5.3.8/ext/standard/config.m4
---- php-5.3.8/ext/standard/config.m4.aconf259 2010-06-17 12:22:03.000000000 +0200
-+++ php-5.3.8/ext/standard/config.m4 2011-08-23 13:43:08.979271537 +0200
+diff -up php-5.3.9/ext/standard/config.m4.aconf259 php-5.3.9/ext/standard/config.m4
+--- php-5.3.9/ext/standard/config.m4.aconf259 2012-01-10 19:09:03.896929612 +0100
++++ php-5.3.9/ext/standard/config.m4 2012-01-10 19:09:54.290930815 +0100
@@ -1,7 +1,5 @@
dnl $Id: config.m4 300511 2010-06-17 10:22:03Z pajoye $ -*- autoconf -*-
@@ -156,9 +155,9 @@ diff -up php-5.3.8/ext/standard/config.m4.aconf259 php-5.3.8/ext/standard/config
dnl
dnl Check if there is a support means of creating a new process
dnl and defining which handles it receives
-diff -up php-5.3.8/scripts/php-config.in.aconf259 php-5.3.8/scripts/php-config.in
---- php-5.3.8/scripts/php-config.in.aconf259 2011-04-18 13:13:37.000000000 +0200
-+++ php-5.3.8/scripts/php-config.in 2011-08-23 13:43:08.980271540 +0200
+diff -up php-5.3.9/scripts/php-config.in.aconf259 php-5.3.9/scripts/php-config.in
+--- php-5.3.9/scripts/php-config.in.aconf259 2011-04-18 13:13:37.000000000 +0200
++++ php-5.3.9/scripts/php-config.in 2012-01-10 19:05:11.755924053 +0100
@@ -2,6 +2,7 @@
SED="@SED@"
@@ -167,20 +166,20 @@ diff -up php-5.3.8/scripts/php-config.in.aconf259 php-5.3.8/scripts/php-config.i
exec_prefix="@exec_prefix@"
version="@PHP_VERSION@"
vernum="@PHP_VERSION_ID@"
-diff -up php-5.3.8/scripts/phpize.in.aconf259 php-5.3.8/scripts/phpize.in
---- php-5.3.8/scripts/phpize.in.aconf259 2011-08-23 13:43:08.968271513 +0200
-+++ php-5.3.8/scripts/phpize.in 2011-08-23 13:43:08.981271543 +0200
+diff -up php-5.3.9/scripts/phpize.in.aconf259 php-5.3.9/scripts/phpize.in
+--- php-5.3.9/scripts/phpize.in.aconf259 2009-06-24 09:42:33.000000000 +0200
++++ php-5.3.9/scripts/phpize.in 2012-01-10 19:05:11.755924053 +0100
@@ -2,6 +2,7 @@
# Variable declaration
prefix='@prefix@'
+datarootdir='@datarootdir@'
exec_prefix="`eval echo @exec_prefix@`"
- phpdir="@libdir@/php/build"
+ phpdir="`eval echo @libdir@`/build"
includedir="`eval echo @includedir@`/php"
-diff -up php-5.3.8/scripts/phpize.m4.aconf259 php-5.3.8/scripts/phpize.m4
---- php-5.3.8/scripts/phpize.m4.aconf259 2010-11-02 10:58:08.000000000 +0100
-+++ php-5.3.8/scripts/phpize.m4 2011-08-23 13:43:08.982271545 +0200
+diff -up php-5.3.9/scripts/phpize.m4.aconf259 php-5.3.9/scripts/phpize.m4
+--- php-5.3.9/scripts/phpize.m4.aconf259 2010-11-02 10:58:08.000000000 +0100
++++ php-5.3.9/scripts/phpize.m4 2012-01-10 19:05:11.755924053 +0100
@@ -1,9 +1,8 @@
dnl This file becomes configure.in for self-contained extensions.
diff --git a/php-5.3.9-gnusrc.patch b/php-5.3.9-gnusrc.patch
new file mode 100644
index 0000000..0f3d9cc
--- /dev/null
+++ b/php-5.3.9-gnusrc.patch
@@ -0,0 +1,115 @@
+diff -up php-5.3.9/configure.in.gnusrc php-5.3.9/configure.in
+--- php-5.3.9/configure.in.gnusrc 2012-01-10 12:21:57.000000000 +0100
++++ php-5.3.9/configure.in 2012-01-10 18:53:24.020907113 +0100
+@@ -58,6 +58,8 @@ AC_DEFUN([PHP_EXT_DIR],[ext/$1])dnl
+ AC_DEFUN([PHP_EXT_SRCDIR],[$abs_srcdir/ext/$1])dnl
+ AC_DEFUN([PHP_ALWAYS_SHARED],[])dnl
+
++AC_DEFINE([_GNU_SOURCE], 1, [Define to enable GNU C Library extensions])
++
+ dnl Setting up the PHP version based on the information above.
+ dnl -------------------------------------------------------------------------
+
+diff -up php-5.3.9/ext/interbase/interbase.c.gnusrc php-5.3.9/ext/interbase/interbase.c
+--- php-5.3.9/ext/interbase/interbase.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/ext/interbase/interbase.c 2012-01-10 18:53:24.021907113 +0100
+@@ -24,7 +24,6 @@
+ #include "config.h"
+ #endif
+
+-#define _GNU_SOURCE
+
+ #include "php.h"
+
+diff -up php-5.3.9/ext/pdo_firebird/firebird_driver.c.gnusrc php-5.3.9/ext/pdo_firebird/firebird_driver.c
+--- php-5.3.9/ext/pdo_firebird/firebird_driver.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/ext/pdo_firebird/firebird_driver.c 2012-01-10 18:53:24.022907113 +0100
+@@ -22,7 +22,6 @@
+ #include "config.h"
+ #endif
+
+-#define _GNU_SOURCE
+
+ #include "php.h"
+ #ifdef ZEND_ENGINE_2
+diff -up php-5.3.9/ext/standard/file.c.gnusrc php-5.3.9/ext/standard/file.c
+--- php-5.3.9/ext/standard/file.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/ext/standard/file.c 2012-01-10 18:53:24.023907113 +0100
+@@ -113,9 +113,6 @@ php_file_globals file_globals;
+ #endif
+
+ #if defined(HAVE_FNMATCH) && !defined(PHP_WIN32)
+-# ifndef _GNU_SOURCE
+-# define _GNU_SOURCE
+-# endif
+ # include <fnmatch.h>
+ #endif
+
+diff -up php-5.3.9/ext/zlib/zlib_fopen_wrapper.c.gnusrc php-5.3.9/ext/zlib/zlib_fopen_wrapper.c
+--- php-5.3.9/ext/zlib/zlib_fopen_wrapper.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/ext/zlib/zlib_fopen_wrapper.c 2012-01-10 18:53:52.308907791 +0100
+@@ -19,8 +19,6 @@
+
+ /* $Id: zlib_fopen_wrapper.c 321634 2012-01-01 13:15:04Z felipe $ */
+
+-#define _GNU_SOURCE
+-
+ #include "php.h"
+ #include "php_zlib.h"
+ #include "fopen_wrappers.h"
+diff -up php-5.3.9/main/php.h.gnusrc php-5.3.9/main/php.h
+--- php-5.3.9/main/php.h.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/main/php.h 2012-01-10 18:53:24.025907114 +0100
+@@ -30,6 +30,7 @@
+ #define PHP_HAVE_STREAMS
+ #define YYDEBUG 0
+
++#include "php_config.h"
+ #include "php_version.h"
+ #include "zend.h"
+ #include "zend_qsort.h"
+diff -up php-5.3.9/main/streams/cast.c.gnusrc php-5.3.9/main/streams/cast.c
+--- php-5.3.9/main/streams/cast.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/main/streams/cast.c 2012-01-10 18:54:09.479908202 +0100
+@@ -18,7 +18,6 @@
+
+ /* $Id: cast.c 321634 2012-01-01 13:15:04Z felipe $ */
+
+-#define _GNU_SOURCE
+ #include "php.h"
+ #include "php_globals.h"
+ #include "php_network.h"
+diff -up php-5.3.9/main/streams/memory.c.gnusrc php-5.3.9/main/streams/memory.c
+--- php-5.3.9/main/streams/memory.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/main/streams/memory.c 2012-01-10 18:54:25.102908576 +0100
+@@ -18,7 +18,6 @@
+
+ /* $Id: memory.c 321634 2012-01-01 13:15:04Z felipe $ */
+
+-#define _GNU_SOURCE
+ #include "php.h"
+
+ PHPAPI int php_url_decode(char *str, int len);
+diff -up php-5.3.9/main/streams/streams.c.gnusrc php-5.3.9/main/streams/streams.c
+--- php-5.3.9/main/streams/streams.c.gnusrc 2012-01-01 14:15:04.000000000 +0100
++++ php-5.3.9/main/streams/streams.c 2012-01-10 18:54:42.953909003 +0100
+@@ -21,7 +21,6 @@
+
+ /* $Id: streams.c 321634 2012-01-01 13:15:04Z felipe $ */
+
+-#define _GNU_SOURCE
+ #include "php.h"
+ #include "php_globals.h"
+ #include "php_network.h"
+diff -up php-5.3.9/Zend/zend_language_parser.c.gnusrc php-5.3.9/Zend/zend_language_parser.c
+--- php-5.3.9/Zend/zend_language_parser.c.gnusrc 2012-01-10 14:37:07.000000000 +0100
++++ php-5.3.9/Zend/zend_language_parser.c 2012-01-10 18:53:24.031907115 +0100
+@@ -112,6 +112,8 @@
+ #include "zend_API.h"
+ #include "zend_constants.h"
+
++#include <string.h>
++
+
+ #define YYERROR_VERBOSE
+ #define YYSTYPE znode
diff --git a/php.ini b/php.ini
index 929adf2..d850a45 100644
--- a/php.ini
+++ b/php.ini
@@ -420,6 +420,10 @@ disable_classes =
; http://www.php.net/manual/en/ini.core.php#ini.realpath-cache-ttl
;realpath_cache_ttl = 120
+; Enables or disables the circular reference collector.
+; http://php.net/zend.enable-gc
+zend.enable_gc = On
+
;;;;;;;;;;;;;;;;;
; Miscellaneous ;
;;;;;;;;;;;;;;;;;
@@ -452,6 +456,9 @@ max_input_time = 60
; http://www.php.net/manual/en/info.configuration.php#ini.max-input-nesting-level
;max_input_nesting_level = 64
+; How many GET/POST/COOKIE input variables may be accepted
+max_input_vars = 1000
+
; Maximum amount of memory a script may consume (128MB)
; http://www.php.net/manual/en/ini.core.php#ini.memory-limit
memory_limit = 128M
@@ -877,6 +884,9 @@ file_uploads = On
; http://www.php.net/manual/en/ini.core.php#ini.upload-max-filesize
upload_max_filesize = 2M
+; Maximum number of files that can be uploaded via a single request
+max_file_uploads = 20
+
;;;;;;;;;;;;;;;;;;
; Fopen wrappers ;
;;;;;;;;;;;;;;;;;;
diff --git a/php.spec b/php.spec
index e9f68d6..c6bdc5f 100644
--- a/php.spec
+++ b/php.spec
@@ -36,8 +36,8 @@
Summary: PHP scripting language for creating dynamic web sites
Name: php
-Version: 5.3.8
-Release: 3%{?dist}
+Version: 5.3.9
+Release: 1%{?dist}
License: PHP
Group: Development/Languages
URL: http://www.php.net/
@@ -52,16 +52,15 @@ Source6: php-fpm.init
Source7: php-fpm.logrotate
# Build fixes
-Patch1: php-5.3.7-gnusrc.patch
+Patch1: php-5.3.9-gnusrc.patch
Patch2: php-5.3.0-install.patch
Patch3: php-5.2.4-norpath.patch
-Patch4: php-5.3.0-phpize64.patch
Patch5: php-5.2.0-includedir.patch
Patch6: php-5.2.4-embed.patch
Patch7: php-5.3.0-recode.patch
# from http://svn.php.net/viewvc?view=revision&revision=311042
# and http://svn.php.net/viewvc?view=revision&revision=311908
-Patch8: php-5.3.8-aconf259.patch
+Patch8: php-5.3.9-aconf259.patch
# Fixes for extension modules
Patch20: php-4.3.11-shutdown.patch
@@ -73,8 +72,6 @@ Patch41: php-5.3.0-easter.patch
Patch42: php-5.3.1-systzdata-v7.patch
# See http://bugs.php.net/53436
Patch43: php-5.3.4-phpize.patch
-# http://svn.php.net/viewvc?view=revision&revision=317183
-Patch44: php-5.3.8-isa.patch
# Fixes for tests
Patch61: php-5.0.4-tests-wddx.patch
@@ -532,7 +529,6 @@ support for using the enchant library to PHP.
%patch1 -p1 -b .gnusrc
%patch2 -p1 -b .install
%patch3 -p1 -b .norpath
-%patch4 -p1 -b .phpize64
%patch5 -p1 -b .includedir
%patch6 -p1 -b .embed
%patch7 -p1 -b .recode
@@ -545,7 +541,6 @@ support for using the enchant library to PHP.
%patch41 -p1 -b .easter
%patch42 -p1 -b .systzdata
%patch43 -p0 -b .headers
-%patch44 -p4 -b .isa
%patch61 -p1 -b .tests-wddx
@@ -707,6 +702,7 @@ make %{?_smp_mflags}
# Build /usr/bin/php-cgi with the CGI SAPI, and all the shared extensions
pushd build-cgi
build --enable-force-cgi-redirect \
+ --libdir=%{_libdir}/php \
--enable-pcntl \
--with-imap=shared --with-imap-ssl \
--enable-mbstring=shared \
@@ -767,13 +763,17 @@ without_shared="--without-mysql --without-gd \
# Build Apache module, and the CLI SAPI, /usr/bin/php
pushd build-apache
-build --with-apxs2=%{_sbindir}/apxs ${without_shared}
+build --with-apxs2=%{_sbindir}/apxs \
+ --libdir=%{_libdir}/php \
+ ${without_shared}
popd
%if %{with_fpm}
# Build php-fpm
pushd build-fpm
-build --enable-fpm ${without_shared}
+build --enable-fpm \
+ --libdir=%{_libdir}/php \
+ ${without_shared}
popd
%endif
@@ -787,6 +787,7 @@ popd
pushd build-zts
EXTENSION_DIR=%{_libdir}/php/modules-zts
build --with-apxs2=%{_sbindir}/apxs ${without_shared} \
+ --libdir=%{_libdir}/php-zts \
--enable-maintainer-zts \
--with-config-file-scan-dir=%{_sysconfdir}/php-zts.d
popd
@@ -1007,9 +1008,10 @@ fi
%{_initrddir}/php-fpm
%dir %{_sysconfdir}/php-fpm.d
# log owned by apache for log
-%attr(770,apache,apache) %dir %{_localstatedir}/log/php-fpm
+%attr(770,apache,root) %dir %{_localstatedir}/log/php-fpm
%dir %{_localstatedir}/run/php-fpm
%{_mandir}/man8/php-fpm.8*
+%{_datadir}/fpm/status.html
%endif
%files devel
@@ -1052,6 +1054,13 @@ fi
%files enchant -f files.enchant
%changelog
+* Wed Jan 11 2012 Remi Collet <remi at fedoraproject.org> 5.3.9-1
+- update to 5.3.9
+ http://www.php.net/ChangeLog-5.php#5.3.9
+- fix owner of /var/log/php-fpm (bug #773077)
+- add max_input_vars, max_file_uploads, zend.enable_gc to php.ini
+- drop patch4, use --libdir to use /usr/lib*/php/build
+
* Wed Sep 28 2011 Remi Collet <remi at fedoraproject.org> 5.3.8-3
- revert is_a() to php <= 5.3.6 behavior (from upstream)
with new option (allow_string) for new behavior
diff --git a/sources b/sources
index 1281f44..5bc699a 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-704cd414a0565d905e1074ffdc1fadfb php-5.3.8.tar.bz2
+dd3288ed5c08cd61ac5bf619cb357521 php-5.3.9.tar.bz2
More information about the scm-commits
mailing list