aboutsummaryrefslogtreecommitdiffstats
path: root/lang/php5
diff options
context:
space:
mode:
authorale <ale@FreeBSD.org>2008-09-04 21:55:11 +0800
committerale <ale@FreeBSD.org>2008-09-04 21:55:11 +0800
commited4098b08281e8c246e8a5169fa43eb7bbfbf585 (patch)
tree75280eb8c26d8a9d15cd4ef86cb8d9351fd0132b /lang/php5
parent6f06da2ef598f1099e6beb78c8cabf3f99645456 (diff)
downloadfreebsd-ports-gnome-ed4098b08281e8c246e8a5169fa43eb7bbfbf585.tar.gz
freebsd-ports-gnome-ed4098b08281e8c246e8a5169fa43eb7bbfbf585.tar.zst
freebsd-ports-gnome-ed4098b08281e8c246e8a5169fa43eb7bbfbf585.zip
Fix for CVE-2008-2665 and CVE-2008-2666.
Obtained from: PHP CVS
Diffstat (limited to 'lang/php5')
-rw-r--r--lang/php5/Makefile2
-rw-r--r--lang/php5/files/patch-main_safe_mode.c17
2 files changed, 18 insertions, 1 deletions
diff --git a/lang/php5/Makefile b/lang/php5/Makefile
index f5148c497f24..b0354884ee5b 100644
--- a/lang/php5/Makefile
+++ b/lang/php5/Makefile
@@ -7,7 +7,7 @@
PORTNAME= php5
PORTVERSION= 5.2.6
-PORTREVISION?= 1
+PORTREVISION?= 2
CATEGORIES?= lang devel www
MASTER_SITES= ${MASTER_SITE_PHP}
MASTER_SITE_SUBDIR= distributions
diff --git a/lang/php5/files/patch-main_safe_mode.c b/lang/php5/files/patch-main_safe_mode.c
new file mode 100644
index 000000000000..4b0d4e1c531c
--- /dev/null
+++ b/lang/php5/files/patch-main_safe_mode.c
@@ -0,0 +1,17 @@
+--- main/safe_mode.c.orig 2008-09-04 15:52:19.000000000 +0200
++++ main/safe_mode.c 2008-09-04 15:52:35.000000000 +0200
+@@ -74,14 +74,6 @@
+ }
+ }
+
+- /*
+- * If given filepath is a URL, allow - safe mode stuff
+- * related to URL's is checked in individual functions
+- */
+- wrapper = php_stream_locate_url_wrapper(filename, NULL, STREAM_LOCATE_WRAPPERS_ONLY TSRMLS_CC);
+- if (wrapper != NULL)
+- return 1;
+-
+ /* First we see if the file is owned by the same user...
+ * If that fails, passthrough and check directory...
+ */