diff options
| author | flo <flo@FreeBSD.org> | 2014-05-03 01:48:14 +0800 |
|---|---|---|
| committer | flo <flo@FreeBSD.org> | 2014-05-03 01:48:14 +0800 |
| commit | d2a2b17eaf3aaff0dd25dbdca6750e911a2d0bf7 (patch) | |
| tree | 513aaf0616a72f204c7610cf3fca4ec1816c1647 /lang/php53 | |
| parent | 0f6fdfc09c60bc160bce7d593cef206d089e579c (diff) | |
| download | freebsd-ports-gnome-d2a2b17eaf3aaff0dd25dbdca6750e911a2d0bf7.tar.gz freebsd-ports-gnome-d2a2b17eaf3aaff0dd25dbdca6750e911a2d0bf7.tar.zst freebsd-ports-gnome-d2a2b17eaf3aaff0dd25dbdca6750e911a2d0bf7.zip | |
- Fix CVE-2014-0185 via patch until 5.3.29 is released
- Use DEFAULT_VERSIONS [1]
PR: ports/188061 [1]
Submitted by: Spil <spil.oss@gmail.com> [1]
MFH: 2014Q2
Diffstat (limited to 'lang/php53')
| -rw-r--r-- | lang/php53/Makefile | 4 | ||||
| -rw-r--r-- | lang/php53/Makefile.ext | 4 | ||||
| -rw-r--r-- | lang/php53/files/patch-cve-2014-0185 | 26 |
3 files changed, 30 insertions, 4 deletions
diff --git a/lang/php53/Makefile b/lang/php53/Makefile index 4d67c04addef..2e3a04eb63e4 100644 --- a/lang/php53/Makefile +++ b/lang/php53/Makefile @@ -3,7 +3,7 @@ PORTNAME= php53 PORTVERSION= 5.3.28 -PORTREVISION?= 1 +PORTREVISION?= 2 CATEGORIES?= lang devel www MASTER_SITES= ${MASTER_SITE_PHP} MASTER_SITE_SUBDIR= distributions @@ -14,7 +14,7 @@ COMMENT= PHP Scripting Language LATEST_LINK= ${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX} -USE_BZIP2= yes +USES=tar:bzip2 .if !defined(PKGNAMESUFFIX) USE_AUTOTOOLS= autoconf diff --git a/lang/php53/Makefile.ext b/lang/php53/Makefile.ext index a8fa498cfc29..eb39cf96006c 100644 --- a/lang/php53/Makefile.ext +++ b/lang/php53/Makefile.ext @@ -3,8 +3,8 @@ COMMENT= The ${PHP_MODNAME} shared extension for php USE_PHP= yes USE_PHPEXT= yes PHP_MODNAME= ${PKGNAMESUFFIX:S/-//} -DEFAULT_PHP_VER=53 -IGNORE_WITH_PHP=52 5 +PHP_DEFAULT= 53 +IGNORE_WITH_PHP=52 5 55 EXTSUBDIR= ${DISTNAME}/ext/${PHP_MODNAME} WRKSRC= ${WRKDIR}/${EXTSUBDIR} diff --git a/lang/php53/files/patch-cve-2014-0185 b/lang/php53/files/patch-cve-2014-0185 new file mode 100644 index 000000000000..fba6fe870146 --- /dev/null +++ b/lang/php53/files/patch-cve-2014-0185 @@ -0,0 +1,26 @@ +--- sapi/fpm/fpm/fpm_unix.c.orig 2014-05-02 19:01:53.759889551 +0200 ++++ sapi/fpm/fpm/fpm_unix.c 2014-05-02 19:02:05.029888255 +0200 +@@ -35,7 +35,7 @@ + /* uninitialized */ + wp->socket_uid = -1; + wp->socket_gid = -1; +- wp->socket_mode = 0666; ++ wp->socket_mode = 0660; + + if (!c) { + return 0; +--- sapi/fpm/php-fpm.conf.in.orig 2014-05-02 19:03:03.746956989 +0200 ++++ sapi/fpm/php-fpm.conf.in 2014-05-02 19:02:37.651887275 +0200 +@@ -158,10 +158,10 @@ + ; permissions must be set in order to allow connections from a web server. Many + ; BSD-derived systems allow connections regardless of permissions. + ; Default Values: user and group are set as the running user +-; mode is set to 0666 ++; mode is set to 0660 + ;listen.owner = @php_fpm_user@ + ;listen.group = @php_fpm_group@ +-;listen.mode = 0666 ++;listen.mode = 0660 + + ; List of ipv4 addresses of FastCGI clients which are allowed to connect. + ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original |