[php/f18] - update to 5.4.12 - security fixes for CVE-2013-1635 and CVE-2013-1643 - enable tokyocabinet dba ha
Remi Collet
remi at fedoraproject.org
Wed Feb 20 11:33:33 UTC 2013
commit aed4b555f7db20d5b34e199e2489766760d083ce
Author: Remi Collet <rcollet at redhat.com>
Date: Wed Feb 20 12:33:26 2013 +0100
- update to 5.4.12
- security fixes for CVE-2013-1635 and CVE-2013-1643
- enable tokyocabinet dba handler
- upstream patch (5.4.13) to fix dval to lval conversion https://bugs.php.net/64142
- upstream patch (5.4.13) for 2 failed tests
- fix buit-in web server on ppc64 (fdset usage) https://bugs.php.net/64128
.gitignore | 3 ++
php-5.4.11-conv.patch | 29 +++++++++++++++++++
php-5.4.11-select.patch | 68 ++++++++++++++++++++++++++++++++++++++++++++++
php-5.4.11-sockets.patch | 53 +++++++++++++++++++++++++++++++++++
php.spec | 28 +++++++++++++++++--
sources | 2 +-
6 files changed, 179 insertions(+), 4 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index ad67dc5..c40f438 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,3 +11,6 @@ php-5.3*.bz2
/php-5.4.10.tar.bz2
/php-5.4.11RC1.tar.bz2
/php-5.4.11.tar.bz2
+/php-5.4.12RC1.tar.bz2
+/php-5.4.12RC2.tar.bz2
+/php-5.4.12.tar.bz2
diff --git a/php-5.4.11-conv.patch b/php-5.4.11-conv.patch
new file mode 100644
index 0000000..a105d76
--- /dev/null
+++ b/php-5.4.11-conv.patch
@@ -0,0 +1,29 @@
+From e67a2b9e471a7bc0b774b9056bb38745b7187969 Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi at php.net>
+Date: Mon, 11 Feb 2013 09:10:51 +0100
+Subject: [PATCH] Fixed bug #64142 (dval to lval different behavior on ppc64)
+
+See discussion on internals
+http://marc.info/?t=136042277700003&r=1&w=2
+---
+ NEWS | 3 +++
+ Zend/zend_operators.h | 3 ++-
+ 2 files changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/Zend/zend_operators.h b/Zend/zend_operators.h
+index 02a96dd..047b92e 100644
+--- a/Zend/zend_operators.h
++++ b/Zend/zend_operators.h
+@@ -79,7 +79,8 @@ static zend_always_inline long zend_dval_to_lval(double d)
+ #else
+ static zend_always_inline long zend_dval_to_lval(double d)
+ {
+- if (d > LONG_MAX) {
++ /* >= as (double)LONG_MAX is outside signed range */
++ if (d >= LONG_MAX) {
+ return (long)(unsigned long) d;
+ }
+ return (long) d;
+--
+1.7.11.5
+
diff --git a/php-5.4.11-select.patch b/php-5.4.11-select.patch
new file mode 100644
index 0000000..3c2a9a3
--- /dev/null
+++ b/php-5.4.11-select.patch
@@ -0,0 +1,68 @@
+From 0cea9e6843384c6c0ebb52047c42b0431a4f5660 Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi at php.net>
+Date: Fri, 1 Feb 2013 19:23:25 +0100
+Subject: [PATCH] Fixed bug #64128 buit-in web server is broken on ppc64.
+
+fdset management using bit operator is broken on non-x86 arch
+and cause built-in server the enter an infinite loop of "select"
+and never handle any request.
+---
+ NEWS | 3 +++
+ sapi/cli/php_cli_server.c | 30 +++++++++++++-----------------
+ 2 files changed, 16 insertions(+), 17 deletions(-)
+
+diff --git a/sapi/cli/php_cli_server.c b/sapi/cli/php_cli_server.c
+index 28aba19..6a4e7c5 100644
+--- a/sapi/cli/php_cli_server.c
++++ b/sapi/cli/php_cli_server.c
+@@ -710,10 +710,9 @@ static void php_cli_server_poller_remove(php_cli_server_poller *poller, int mode
+ if (fd == poller->max_fd) {
+ while (fd > 0) {
+ fd--;
+- if (((unsigned int *)&poller->rfds)[fd / (8 * sizeof(unsigned int))] || ((unsigned int *)&poller->wfds)[fd / (8 * sizeof(unsigned int))]) {
++ if (PHP_SAFE_FD_ISSET(fd, &poller->rfds) || PHP_SAFE_FD_ISSET(fd, &poller->wfds)) {
+ break;
+ }
+- fd -= fd % (8 * sizeof(unsigned int));
+ }
+ poller->max_fd = fd;
+ }
+@@ -772,23 +771,20 @@ static int php_cli_server_poller_iter_on_active(php_cli_server_poller *poller, v
+ }
+
+ #else
+- php_socket_t fd = 0;
++ php_socket_t fd;
+ const php_socket_t max_fd = poller->max_fd;
+- const unsigned int *pr = (unsigned int *)&poller->active.rfds,
+- *pw = (unsigned int *)&poller->active.wfds,
+- *e = pr + (max_fd + (8 * sizeof(unsigned int)) - 1) / (8 * sizeof(unsigned int));
+- unsigned int mask;
+- while (pr < e && fd <= max_fd) {
+- for (mask = 1; mask; mask <<= 1, fd++) {
+- int events = (*pr & mask ? POLLIN: 0) | (*pw & mask ? POLLOUT: 0);
+- if (events) {
+- if (SUCCESS != callback(opaque, fd, events)) {
+- retval = FAILURE;
+- }
+- }
++
++ for (fd=0 ; fd<=max_fd ; fd++) {
++ if (PHP_SAFE_FD_ISSET(fd, &poller->active.rfds)) {
++ if (SUCCESS != callback(opaque, fd, POLLIN)) {
++ retval = FAILURE;
++ }
++ }
++ if (PHP_SAFE_FD_ISSET(fd, &poller->active.wfds)) {
++ if (SUCCESS != callback(opaque, fd, POLLOUT)) {
++ retval = FAILURE;
++ }
+ }
+- pr++;
+- pw++;
+ }
+ #endif
+ return retval;
+--
+1.7.11.5
+
diff --git a/php-5.4.11-sockets.patch b/php-5.4.11-sockets.patch
new file mode 100644
index 0000000..1fc375b
--- /dev/null
+++ b/php-5.4.11-sockets.patch
@@ -0,0 +1,53 @@
+From f7362232f47a9fcaf0162087dbbbdb0b4562b59d Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi at php.net>
+Date: Thu, 31 Jan 2013 14:22:56 +0100
+Subject: [PATCH] Fix failed test: sys_errlist[116] have changed on recent
+ glibc (Fedora 18) old: Stale NFS file handle new: Stale
+ file handle
+
+---
+ ext/sockets/tests/socket_strerror.phpt | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ext/sockets/tests/socket_strerror.phpt b/ext/sockets/tests/socket_strerror.phpt
+index 7985fad..fb9925e 100644
+--- a/ext/sockets/tests/socket_strerror.phpt
++++ b/ext/sockets/tests/socket_strerror.phpt
+@@ -138,7 +138,7 @@ string(12) "Host is down"
+ string(16) "No route to host"
+ string(29) "Operation already in progress"
+ string(25) "Operation now in progress"
+-string(21) "Stale NFS file handle"
++string(%d) "Stale%sfile handle"
+ string(24) "Structure needs cleaning"
+ string(27) "Not a XENIX named type file"
+ string(29) "No XENIX semaphores available"
+--
+1.7.11.5
+
+From 9d75bf35e96bfc5c8d629ecef6807a90b4c98be7 Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi at php.net>
+Date: Thu, 31 Jan 2013 14:38:39 +0100
+Subject: [PATCH] Mark this test as requiring internet connecion.
+
+---
+ ext/sockets/tests/socket_bind.phpt | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/ext/sockets/tests/socket_bind.phpt b/ext/sockets/tests/socket_bind.phpt
+index 15181e6..7ea2df8 100644
+--- a/ext/sockets/tests/socket_bind.phpt
++++ b/ext/sockets/tests/socket_bind.phpt
+@@ -8,6 +8,9 @@ fa at php.net
+ if (!extension_loaded('sockets')) {
+ die('skip - sockets extension not available.');
+ }
++ if (getenv("SKIP_ONLINE_TESTS")) {
++ die("skip test requiring internet connection");
++ }
+ ?>
+ --FILE--
+ <?php
+--
+1.7.11.5
+
diff --git a/php.spec b/php.spec
index e620e42..4233039 100644
--- a/php.spec
+++ b/php.spec
@@ -53,11 +53,11 @@
%global db_devel libdb-devel
%endif
-#global rcver RC1
+#global rcver RC2
Summary: PHP scripting language for creating dynamic web sites
Name: php
-Version: 5.4.11
+Version: 5.4.12
Release: 1%{?dist}
# All files licensed under PHP version 3.01, except
# Zend is licensed under Zend
@@ -86,6 +86,10 @@ Patch8: php-5.4.7-libdb.patch
# Fixes for extension modules
# https://bugs.php.net/63171 no odbc call during timeout
Patch21: php-5.4.7-odbctimer.patch
+# https://bugs.php.net/64128 buit-in web server is broken on ppc64
+Patch22: php-5.4.11-select.patch
+# https://bugs.php.net/64142 dval to lval issue on ppc64
+Patch23: php-5.4.11-conv.patch
# Functional changes
Patch40: php-5.4.0-dlopen.patch
@@ -104,8 +108,10 @@ Patch47: php-5.4.9-phpinfo.patch
# Fixes for tests
+Patch50: php-5.4.11-sockets.patch
-BuildRequires: bzip2-devel, curl-devel >= 7.9, %{db_devel}, gmp-devel
+
+BuildRequires: bzip2-devel, curl-devel >= 7.9, gmp-devel
BuildRequires: httpd-devel >= 2.0.46-1, pam-devel
BuildRequires: libstdc++-devel, openssl-devel
BuildRequires: sqlite-devel >= 3.6.0
@@ -543,6 +549,7 @@ Summary: A database abstraction layer module for PHP applications
Group: Development/Languages
# All files licensed under PHP version 3.01
License: PHP
+BuildRequires: %{db_devel}, tokyocabinet-devel
Requires: php-common%{?_isa} = %{version}-%{release}
%description dba
@@ -658,6 +665,8 @@ support for using the enchant library to PHP.
%patch8 -p1 -b .libdb
%patch21 -p1 -b .odbctimer
+%patch22 -p1 -b .select
+%patch23 -p1 -b .conv
%patch40 -p1 -b .dlopen
%patch41 -p1 -b .easter
@@ -671,6 +680,7 @@ support for using the enchant library to PHP.
%endif
%patch46 -p1 -b .fixheader
%patch47 -p1 -b .phpinfo
+%patch50 -p1 -b .sockets
# Prevent %%doc confusion over LICENSE files
cp Zend/LICENSE Zend/ZEND_LICENSE
@@ -863,6 +873,7 @@ build --enable-force-cgi-redirect \
--with-gd=shared \
--enable-bcmath=shared \
--enable-dba=shared --with-db4=%{_prefix} \
+ --with-tcadb=%{_prefix} \
--with-xmlrpc=shared \
--with-ldap=shared --with-ldap-sasl \
--enable-mysqlnd=shared \
@@ -965,6 +976,7 @@ build --enable-force-cgi-redirect \
--with-gd=shared \
--enable-bcmath=shared \
--enable-dba=shared --with-db4=%{_prefix} \
+ --with-tcadb=%{_prefix} \
--with-xmlrpc=shared \
--with-ldap=shared --with-ldap-sasl \
--enable-mysqlnd=shared \
@@ -1403,6 +1415,16 @@ fi
%changelog
+* Wed Feb 20 2013 Remi Collet <remi at fedoraproject.org> 5.4.12-1
+- update to 5.4.12
+- security fixes for CVE-2013-1635 and CVE-2013-1643
+- enable tokyocabinet dba handler
+- upstream patch (5.4.13) to fix dval to lval conversion
+ https://bugs.php.net/64142
+- upstream patch (5.4.13) for 2 failed tests
+- fix buit-in web server on ppc64 (fdset usage)
+ https://bugs.php.net/64128
+
* Wed Jan 16 2013 Remi Collet <rcollet at redhat.com> 5.4.11-1
- update to 5.4.11
- fix php.conf to allow MultiViews managed by php scripts
diff --git a/sources b/sources
index c09a98e..25e27e0 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-9975e68c22b86b013b934743ad2d2276 php-5.4.11.tar.bz2
+5c7b614242ae12e9cacca21c8ab84818 php-5.4.12.tar.bz2
More information about the scm-commits
mailing list