From 1eaa4814b8ccf3f4f742c5a223f4ba3dedef38b1 Mon Sep 17 00:00:00 2001 From: Christian Hoffmann Date: Fri, 28 Mar 2008 19:19:43 +0000 Subject: addpecl-apc-3.0.16-r1, including a fix for CVE-2008-1488, since 3.0.17 causes segfaults (thanks to jakub) Package-Manager: portage-2.1.4.4 --- dev-php5/pecl-apc/ChangeLog | 7 +- dev-php5/pecl-apc/Manifest | 12 ++-- .../files/pecl-apc-3.0.16-CVE-2008-1488.patch | 12 ++++ dev-php5/pecl-apc/pecl-apc-3.0.16-r1.ebuild | 77 ++++++++++++++++++++++ 4 files changed, 102 insertions(+), 6 deletions(-) create mode 100644 dev-php5/pecl-apc/files/pecl-apc-3.0.16-CVE-2008-1488.patch create mode 100644 dev-php5/pecl-apc/pecl-apc-3.0.16-r1.ebuild (limited to 'dev-php5') diff --git a/dev-php5/pecl-apc/ChangeLog b/dev-php5/pecl-apc/ChangeLog index 0393f162b724..6ec087329b72 100644 --- a/dev-php5/pecl-apc/ChangeLog +++ b/dev-php5/pecl-apc/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for dev-php5/pecl-apc # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-php5/pecl-apc/ChangeLog,v 1.38 2008/03/25 22:51:57 hoffie Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-php5/pecl-apc/ChangeLog,v 1.39 2008/03/28 19:19:42 hoffie Exp $ + + 28 Mar 2008; Jakub Moc + +files/pecl-apc-3.0.16-CVE-2008-1488.patch, + +pecl-apc-3.0.16-r1.ebuild: + Add patched 3.0.16 for CVE-2008-1488 since 3.0.17 causes segfaults. 25 Mar 2008; Jakub Moc +pecl-apc-3.0.17.ebuild: diff --git a/dev-php5/pecl-apc/Manifest b/dev-php5/pecl-apc/Manifest index 9c932ac6762c..060549bf2894 100644 --- a/dev-php5/pecl-apc/Manifest +++ b/dev-php5/pecl-apc/Manifest @@ -1,6 +1,7 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +AUX pecl-apc-3.0.16-CVE-2008-1488.patch 733 RMD160 ab533f369c22eb0ef12fc1e62e28981ba762fa6f SHA1 7b6962260cdcf4f940e99994b423f5c282268c19 SHA256 4d2dc22c1b2f2fe89848b2167605af2d5d0cab906de306ac29ace9319aed2e0c AUX pecl-apc-3.0.16-apc_set_signals.patch 317 RMD160 a154278cfd09e36dff07b2f29bff48d1df06e625 SHA1 fd4c340ea746b26be0e74465fe19e890ff0e968f SHA256 99ef89e19effcff193791910ce376e9b284c8f8048407e86f81d6746656db95c DIST APC-3.0.12p2.tgz 94809 RMD160 d88c75a348a51b0f0e379704dee5e1edc9fbf8ae SHA1 79476e6071ff5eead2d1e7cc92ed614ef2fd7f67 SHA256 a663f65a8207c930efbd8a1dda9e90bf4cd76166d8534771824f80e98081b297 DIST APC-3.0.15.tgz 112056 RMD160 ede098ca1411dd14f29da9d12795807e4c9dffcb SHA1 a54254728967de4adc4a57f0a6dd74bd92b6dcbe SHA256 1c475a84d12db2a45f1489a48f375d77854ae2c1d6626db3e812ccc04461911a @@ -8,14 +9,15 @@ DIST APC-3.0.16.tgz 114298 RMD160 76f5eaefcf1d664d7ffafd7a9a101495c7b862d6 SHA1 DIST APC-3.0.17.tgz 116058 RMD160 f3b549b107d2846c85b7e979a321f905c6a77924 SHA1 ef968194e4bda0eb45897c8975e16d24c8151a6b SHA256 75273bb55a0f81ea38ca8cfa8de58515c568d977d78d5d31fa5cb926337febf5 EBUILD pecl-apc-3.0.12_p2.ebuild 2397 RMD160 35569838a991c17c1fe139d109094528751941da SHA1 cba4ebf10404d3caf010ee29af79bcf3ebad6707 SHA256 d5e632fef5868e797b2a10e1919ac680eb31d12172bda15dda1d357743fa312c EBUILD pecl-apc-3.0.15.ebuild 2058 RMD160 c54fecc86934563d36c92204276d6137b99b348d SHA1 792f85f95146aebd5a61367f91f0bd1bd3104e7a SHA256 15366ce2d11bed53ea7008d412f7d0c82cc58244a980b024cdac820f742d895b +EBUILD pecl-apc-3.0.16-r1.ebuild 2307 RMD160 9d61653cc0dd6cfd8f7418b0cd610fbf18804319 SHA1 2820faaad7c4ce0b938da1fa49db4f3ed654f9c8 SHA256 af755e81a1444f75269fa8304ca648a11af1ead985f0fe038a81d7c9fa854c28 EBUILD pecl-apc-3.0.16.ebuild 2217 RMD160 1b85ebd5d87ab695b48cd9405ddda0c6617a3bcf SHA1 2b5dead72d60d2f601f2b018df74af8f63178634 SHA256 e17566a6c4237d0580082883c35f56e50e8c81a0913b2c255deeb7f5d2cb0013 EBUILD pecl-apc-3.0.17.ebuild 2060 RMD160 2ccf86171abd95c16884c2c307ce1a59385bed73 SHA1 f19c272ce3e83c52bf9667133000ff72766afb37 SHA256 09a227d707719933dc17aef0d938b685f3e9e21cab91917c140f3bc39b229ab4 -MISC ChangeLog 5380 RMD160 e74a53fa2fa088997566ca3ff7c6657ede4d60a4 SHA1 d08ec04c21985ca643d96f6c6e12b2f620a470f0 SHA256 b581ffe058538f3a01ceef67a313061663ae347badd7b73377512bb9cbe29a59 +MISC ChangeLog 5571 RMD160 8b417592e4b6ce18c31e6d129fa0de0c3f69dce7 SHA1 20056921c98bd57aea1039f531f7a368195bfc51 SHA256 d493df96a1444fc5fcdcd017d8164f2f2370288762b98d5cfa8f9ef0dda68c76 MISC metadata.xml 157 RMD160 a98db3a086fae3c09a903dadbc05f60443ec4b1a SHA1 ddaa23cc35eb917bf8962b652442bebb1ce0f440 SHA256 54f8878ca0228e380abbaa4b529806b5533a6b9b51b3b16c0909e906586a91a1 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.7 (GNU/Linux) +Version: GnuPG v2.0.9 (GNU/Linux) -iD8DBQFH6YIW1pDSCpzPSZgRAlbwAJ90IEsoJVoldtujZvOMdm5m5c2DewCg1Ft4 -sNY0WVizYh91t40gKgFBgHo= -=MFr3 +iEYEARECAAYFAkftRNkACgkQV6E0EIywUuVKoACfWkh/Q9ikGY2YihRM0TiPJrXd +BQcAoKrUgTzgFlfz5rtkXu+811LwqGsR +=Pk4u -----END PGP SIGNATURE----- diff --git a/dev-php5/pecl-apc/files/pecl-apc-3.0.16-CVE-2008-1488.patch b/dev-php5/pecl-apc/files/pecl-apc-3.0.16-CVE-2008-1488.patch new file mode 100644 index 000000000000..7ece786c4c25 --- /dev/null +++ b/dev-php5/pecl-apc/files/pecl-apc-3.0.16-CVE-2008-1488.patch @@ -0,0 +1,12 @@ +--- apc.c.old 2008-03-26 19:22:02.000000000 +0100 ++++ apc.c 2008-03-26 19:22:23.000000000 +0100 +@@ -331,7 +331,7 @@ + /* not: [no active file] or no path */ + memcpy(fileinfo->fullpath, exec_fname, exec_fname_length); + fileinfo->fullpath[exec_fname_length] = DEFAULT_SLASH; +- strcpy(fileinfo->fullpath +exec_fname_length +1, filename); ++ strlcpy(fileinfo->fullpath +exec_fname_length +1, filename,sizeof(fileinfo->fullpath)-exec_fname_length-1); + /* apc_wprint("filename: %s, exec_fname: %s, fileinfo->fullpath: %s", filename, exec_fname, fileinfo->fullpath); */ + if (apc_stat(fileinfo->fullpath, &fileinfo->st_buf) == 0) { + found = 1; + diff --git a/dev-php5/pecl-apc/pecl-apc-3.0.16-r1.ebuild b/dev-php5/pecl-apc/pecl-apc-3.0.16-r1.ebuild new file mode 100644 index 000000000000..f95d91ec4952 --- /dev/null +++ b/dev-php5/pecl-apc/pecl-apc-3.0.16-r1.ebuild @@ -0,0 +1,77 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-php5/pecl-apc/pecl-apc-3.0.16-r1.ebuild,v 1.1 2008/03/28 19:19:42 hoffie Exp $ + +PHP_EXT_NAME="apc" +PHP_EXT_PECL_PKG="APC" +PHP_EXT_INI="yes" +PHP_EXT_ZENDEXT="no" +DOCS="CHANGELOG INSTALL NOTICE TECHNOTES.txt TODO" + +inherit php-ext-pecl-r1 confutils eutils + +KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86" + +DESCRIPTION="A free, open, and robust framework for caching and optimizing PHP code." +LICENSE="PHP-3.01" +SLOT="0" +IUSE="mmap" + +DEPEND="!dev-php5/eaccelerator !dev-php5/xcache" +RDEPEND="${DEPEND}" + +need_php_by_category + +pkg_setup() { + has_php + require_php_sapi_from cgi apache2 +} + +src_unpack() { + unpack ${A} + cd "${S}" + + # patch for CVE-2008-1488, Bug 214576 + epatch "${FILESDIR}"/${P}-CVE-2008-1488.patch + # http://pecl.php.net/bugs/bug.php?id=12777, Bug 204224 + epatch "${FILESDIR}"/${P}-apc_set_signals.patch +} + +src_compile() { + has_php + + my_conf="--enable-apc" + enable_extension_enable "apc-mmap" "mmap" 0 + enable_extension_with_built_with =${PHP_PKG} apache2 apxs /usr/sbin/apxs2 "optimisation for apache2" + + php-ext-pecl-r1_src_compile +} + +src_install() { + php-ext-pecl-r1_src_install + + php-ext-base-r1_addtoinifiles "apc.enabled" '"1"' + php-ext-base-r1_addtoinifiles "apc.shm_segments" '"1"' + php-ext-base-r1_addtoinifiles "apc.shm_size" '"30"' + php-ext-base-r1_addtoinifiles "apc.optimization" '"0"' + php-ext-base-r1_addtoinifiles "apc.num_files_hint" '"1024"' + php-ext-base-r1_addtoinifiles "apc.ttl" '"7200"' + php-ext-base-r1_addtoinifiles "apc.user_ttl" '"7200"' + php-ext-base-r1_addtoinifiles "apc.gc_ttl" '"3600"' + php-ext-base-r1_addtoinifiles "apc.cache_by_default" '"1"' + php-ext-base-r1_addtoinifiles ";apc.mmap_file_mask" '"/tmp/apcphp5.XXXXXX"' + php-ext-base-r1_addtoinifiles "apc.file_update_protection" '"2"' + php-ext-base-r1_addtoinifiles "apc.enable_cli" '"0"' + php-ext-base-r1_addtoinifiles "apc.max_file_size" '"1M"' + php-ext-base-r1_addtoinifiles "apc.stat" '"1"' + php-ext-base-r1_addtoinifiles "apc.write_lock" '"1"' + + dodir "${PHP_EXT_SHARED_DIR}" + insinto "${PHP_EXT_SHARED_DIR}" + doins apc.php +} + +pkg_postinst() { + elog "The apc.php file shipped with this release of PECL-APC was" + elog "installed into ${ROOT}usr/share/php5/apc/." +} -- cgit v1.2.3-65-gdbad