From 11ed11780def16426cca4dcc55239540e9fa2a3a Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Sat, 6 Feb 2016 23:26:07 +0100 Subject: [PATCH 1/8] php5: update to 5.6.18 Note: Upstream tagged this as security release. Signed-off-by: Michael Heimpold --- lang/php5/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/php5/Makefile b/lang/php5/Makefile index 17314cfeb..731ca7703 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php -PKG_VERSION:=5.6.17 +PKG_VERSION:=5.6.18 PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo , Michael Heimpold @@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://www.php.net/distributions/ -PKG_MD5SUM:=5e080e4b7df5db24f1b64313f8114bd8 +PKG_MD5SUM:=177ba962557795866ae331ad4ad99bba PKG_FIXUP:=libtool autoreconf PKG_BUILD_PARALLEL:=1 From 9b44ecc86f939812b8bc97d9ccb51e2373da0417 Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Wed, 23 Mar 2016 21:13:55 +0100 Subject: [PATCH 2/8] php5: update to 5.6.19 Signed-off-by: Michael Heimpold --- lang/php5/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/php5/Makefile b/lang/php5/Makefile index 731ca7703..2216528db 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php -PKG_VERSION:=5.6.18 +PKG_VERSION:=5.6.19 PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo , Michael Heimpold @@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://www.php.net/distributions/ -PKG_MD5SUM:=177ba962557795866ae331ad4ad99bba +PKG_MD5SUM:=aab960cc1b2bfbeb00d030a9d42b38bd PKG_FIXUP:=libtool autoreconf PKG_BUILD_PARALLEL:=1 From eb71734dba9a9e8f52b499fe3d1a8884bee705c8 Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Sun, 24 Apr 2016 22:40:53 +0200 Subject: [PATCH 3/8] php5: add mod_intl (resolves #2620) Signed-off-by: Michael Heimpold --- lang/php5/Makefile | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/lang/php5/Makefile b/lang/php5/Makefile index 2216528db..79f03dc5b 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php PKG_VERSION:=5.6.19 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_MAINTAINER:=W. Michael Petullo , Michael Heimpold @@ -32,7 +32,7 @@ PHP5_MODULES = \ ftp \ gettext gd gmp \ hash \ - iconv \ + iconv intl \ json \ ldap \ mbstring mcrypt mysql mysqli \ @@ -98,6 +98,7 @@ endef define Package/php5-cli $(call Package/php5/Default) + DEPENDS+= +PACKAGE_php5-mod-intl:libstdcpp TITLE+= (CLI) endef @@ -108,6 +109,7 @@ endef define Package/php5-cgi $(call Package/php5/Default) + DEPENDS+= +PACKAGE_php5-mod-intl:libstdcpp TITLE+= (CGI & FastCGI) endef @@ -237,6 +239,12 @@ else CONFIGURE_ARGS+= --without-iconv endif +ifneq ($(SDK)$(CONFIG_PACKAGE_php5-mod-intl),) + CONFIGURE_ARGS+= --enable-intl=shared +else + CONFIGURE_ARGS+= --disable-intl +endif + ifneq ($(SDK)$(CONFIG_PACKAGE_php5-mod-json),) CONFIGURE_ARGS+= --enable-json=shared else @@ -543,6 +551,7 @@ $(eval $(call BuildModule,gettext,Gettext,+PACKAGE_php5-mod-gettext:libintl-full $(eval $(call BuildModule,gmp,GMP,+PACKAGE_php5-mod-gmp:libgmp)) $(eval $(call BuildModule,hash,Hash)) $(eval $(call BuildModule,iconv,iConv,$(ICONV_DEPENDS))) +$(eval $(call BuildModule,intl,Internationalization Functions,+PACKAGE_php5-mod-intl:icu)) $(eval $(call BuildModule,json,JSON)) $(eval $(call BuildModule,ldap,LDAP,+PACKAGE_php5-mod-ldap:libopenldap +PACKAGE_php5-mod-ldap:libsasl2)) $(eval $(call BuildModule,mbstring,MBString)) From 01e3a2fe18182b3d40c89f05dee48e4c00cbfd3a Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Sat, 21 May 2016 22:12:25 +0200 Subject: [PATCH 4/8] php5: update to 5.6.21 This fixes the following CVEs: - in BCMath: CVE-2016-4537, CVE-2016-4538 - in EXIF: CVE-2016-4542, CVE-2016-4543, CVE-2016-4544 - in GD: CVE-2016-3074 - in Intl: CVE-2016-4540, CVE-2016-4541 - in XML: CVE-2016-4539 Signed-off-by: Michael Heimpold --- lang/php5/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lang/php5/Makefile b/lang/php5/Makefile index 79f03dc5b..d57c52f27 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -8,8 +8,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php -PKG_VERSION:=5.6.19 -PKG_RELEASE:=2 +PKG_VERSION:=5.6.21 +PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo , Michael Heimpold @@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://www.php.net/distributions/ -PKG_MD5SUM:=aab960cc1b2bfbeb00d030a9d42b38bd +PKG_MD5SUM:=177c69d47024541739c439c9d9eb6ba5 PKG_FIXUP:=libtool autoreconf PKG_BUILD_PARALLEL:=1 From 48b402eb65c62c819aff13ed6fc6b3e1423aa14e Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Tue, 19 Jul 2016 23:14:33 +0200 Subject: [PATCH 5/8] php5: update to 5.6.23 This fixes the following CVEs: - in GD: CVE-2015-8874, CVE-2016-5766, CVE-2016-5767 - in mbstring: CVE-2016-5768 - in mcrypt: CVE-2016-5769 - in SPL: CVE-2016-5770, CVE-2016-5771 - in WDDX: CVE-2016-5772 - in zip: CVE-2016-5773 Signed-off-by: Michael Heimpold --- lang/php5/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lang/php5/Makefile b/lang/php5/Makefile index d57c52f27..5641ac089 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php -PKG_VERSION:=5.6.21 +PKG_VERSION:=5.6.23 PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo , Michael Heimpold @@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://www.php.net/distributions/ -PKG_MD5SUM:=177c69d47024541739c439c9d9eb6ba5 +PKG_MD5SUM:=c2d2155e50bcbaa0ee7a63845862c894 PKG_FIXUP:=libtool autoreconf PKG_BUILD_PARALLEL:=1 @@ -266,7 +266,7 @@ else endif ifneq ($(SDK)$(CONFIG_PACKAGE_php5-mod-mcrypt),) - CONFIGURE_ARGS+= --with-mcrypt=shared,"$(STAGING_DIR)/usr" + CONFIGURE_ARGS+= --with-mcrypt=shared,"$(STAGING_DIR)/usr" else CONFIGURE_ARGS+= --without-mcrypt endif From 0897526541791554618ddeb1c221ec083e679f68 Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Sun, 28 Aug 2016 00:10:42 +0200 Subject: [PATCH 6/8] php5: update to 5.6.25 Signed-off-by: Michael Heimpold --- lang/php5/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/php5/Makefile b/lang/php5/Makefile index 5641ac089..47b15e9e1 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php -PKG_VERSION:=5.6.23 +PKG_VERSION:=5.6.25 PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo , Michael Heimpold @@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://www.php.net/distributions/ -PKG_MD5SUM:=c2d2155e50bcbaa0ee7a63845862c894 +PKG_MD5SUM:=81cb8c0de0d0b714587edbd27a2a75bb PKG_FIXUP:=libtool autoreconf PKG_BUILD_PARALLEL:=1 From b8a8d398de1597349bb5cc315461a8c660939ac0 Mon Sep 17 00:00:00 2001 From: Michael Heimpold Date: Wed, 21 Sep 2016 21:52:43 +0200 Subject: [PATCH 7/8] php5: update to 5.6.26 This fixes the following CVEs: - in intl: CVE-2016-7416 - in mysqlnd: CVE-2016-7412 - in phar: CVE-2016-7414 - in spl: CVE-2016-7417 - in standard: CVS-2016-7411 - in wddx: CVE-2016-7413, CVE-2016-7418 Signed-off-by: Michael Heimpold --- lang/php5/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/php5/Makefile b/lang/php5/Makefile index 47b15e9e1..009bbeef5 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php -PKG_VERSION:=5.6.25 +PKG_VERSION:=5.6.26 PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo , Michael Heimpold @@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://www.php.net/distributions/ -PKG_MD5SUM:=81cb8c0de0d0b714587edbd27a2a75bb +PKG_MD5SUM:=c51e9115263b4d63ef8f68935cefd7d4 PKG_FIXUP:=libtool autoreconf PKG_BUILD_PARALLEL:=1 From 42736411782aea8bcc6d1429b571df138ca3cf64 Mon Sep 17 00:00:00 2001 From: Zoltan HERPAI Date: Fri, 10 Nov 2017 22:12:34 +0100 Subject: [PATCH 8/8] php5: bump to 5.6.32 Fixes since 5.6.26: - ton of bugs - CVE-2016-9933 - CVE-2016-9934 - CVE-2016-9935 - CVE-2016-10158 - CVE-2016-10167 - CVE-2016-10168 - CVE-2016-10159 - CVE-2016-10160 - CVE-2016-10161 - CVE-2017-7890 - CVE-2017-9224 - CVE-2017-9226 - CVE-2017-9227 - CVE-2017-9228 - CVE-2017-9229 - CVE-2016-1283 Signed-off-by: Zoltan HERPAI --- lang/php5/Makefile | 4 ++-- ...ebian_patches_use_embedded_timezonedb.patch | 18 +++++++++--------- ...ext-opcache-fix-detection-of-shm-mmap.patch | 5 ----- .../950-Fix-dl-cross-compiling-issue.patch | 2 +- 4 files changed, 12 insertions(+), 17 deletions(-) diff --git a/lang/php5/Makefile b/lang/php5/Makefile index 009bbeef5..8e0718664 100644 --- a/lang/php5/Makefile +++ b/lang/php5/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=php -PKG_VERSION:=5.6.26 +PKG_VERSION:=5.6.32 PKG_RELEASE:=1 PKG_MAINTAINER:=W. Michael Petullo , Michael Heimpold @@ -18,7 +18,7 @@ PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://www.php.net/distributions/ -PKG_MD5SUM:=c51e9115263b4d63ef8f68935cefd7d4 +PKG_MD5SUM:=660cd5bc0f16eaad655b7815c757aadc PKG_FIXUP:=libtool autoreconf PKG_BUILD_PARALLEL:=1 diff --git a/lang/php5/patches/102-debian_patches_use_embedded_timezonedb.patch b/lang/php5/patches/102-debian_patches_use_embedded_timezonedb.patch index bfbed435c..ea38b05a3 100644 --- a/lang/php5/patches/102-debian_patches_use_embedded_timezonedb.patch +++ b/lang/php5/patches/102-debian_patches_use_embedded_timezonedb.patch @@ -20,9 +20,9 @@ r1: initial revision --- a/ext/date/lib/parse_tz.c +++ b/ext/date/lib/parse_tz.c -@@ -18,8 +18,22 @@ - - /* $Id$ */ +@@ -22,8 +22,22 @@ + * THE SOFTWARE. + */ +#ifndef PATH_MAX +#define PATH_MAX 4096 @@ -43,7 +43,7 @@ r1: initial revision #include #ifdef HAVE_LOCALE_H -@@ -32,8 +46,12 @@ +@@ -36,8 +50,12 @@ #include #endif @@ -56,7 +56,7 @@ r1: initial revision #if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__)) # if defined(__LITTLE_ENDIAN__) -@@ -55,6 +73,11 @@ static int read_preamble(const unsigned +@@ -59,6 +77,11 @@ static int read_preamble(const unsigned { uint32_t version; @@ -68,7 +68,7 @@ r1: initial revision /* read ID */ version = (*tzf)[3] - '0'; *tzf += 4; -@@ -298,7 +321,406 @@ void timelib_dump_tzinfo(timelib_tzinfo +@@ -302,7 +325,406 @@ void timelib_dump_tzinfo(timelib_tzinfo } } @@ -476,7 +476,7 @@ r1: initial revision { int left = 0, right = tzdb->index_size - 1; #ifdef HAVE_SETLOCALE -@@ -337,21 +759,90 @@ static int seek_to_tz_position(const uns +@@ -341,21 +763,90 @@ static int seek_to_tz_position(const uns return 0; } @@ -568,7 +568,7 @@ r1: initial revision } static void skip_64bit_preamble(const unsigned char **tzf, timelib_tzinfo *tz) -@@ -376,10 +867,12 @@ static void read_64bit_header(const unsi +@@ -380,10 +871,12 @@ static void read_64bit_header(const unsi timelib_tzinfo *timelib_parse_tzfile(char *timezone, const timelib_tzdb *tzdb) { const unsigned char *tzf; @@ -582,7 +582,7 @@ r1: initial revision tmp = timelib_tzinfo_ctor(timezone); version = read_preamble(&tzf, tmp); -@@ -393,7 +886,34 @@ timelib_tzinfo *timelib_parse_tzfile(cha +@@ -397,7 +890,34 @@ timelib_tzinfo *timelib_parse_tzfile(cha skip_64bit_types(&tzf, tmp); skip_posix_string(&tzf, tmp); } diff --git a/lang/php5/patches/200-ext-opcache-fix-detection-of-shm-mmap.patch b/lang/php5/patches/200-ext-opcache-fix-detection-of-shm-mmap.patch index d2a1e91af..0576ed89f 100644 --- a/lang/php5/patches/200-ext-opcache-fix-detection-of-shm-mmap.patch +++ b/lang/php5/patches/200-ext-opcache-fix-detection-of-shm-mmap.patch @@ -18,8 +18,6 @@ Signed-off-by: Michael Heimpold ext/opcache/config.m4 | 122 ++----------------------------------------------- 1 file changed, 4 insertions(+), 118 deletions(-) -diff --git a/ext/opcache/config.m4 b/ext/opcache/config.m4 -index b7e4835..7b6c0aa 100644 --- a/ext/opcache/config.m4 +++ b/ext/opcache/config.m4 @@ -11,127 +11,13 @@ if test "$PHP_OPCACHE" != "no"; then @@ -154,6 +152,3 @@ index b7e4835..7b6c0aa 100644 AC_MSG_CHECKING(for mmap() using /dev/zero shared memory support) AC_TRY_RUN([ --- -1.7.10.4 - diff --git a/lang/php5/patches/950-Fix-dl-cross-compiling-issue.patch b/lang/php5/patches/950-Fix-dl-cross-compiling-issue.patch index 22122ec82..d6a777e27 100644 --- a/lang/php5/patches/950-Fix-dl-cross-compiling-issue.patch +++ b/lang/php5/patches/950-Fix-dl-cross-compiling-issue.patch @@ -55,5 +55,5 @@ + AC_MSG_RESULT("no") +]) - if test "$flock_type" == "unknown"; then + if test "$flock_type" = "unknown"; then AC_MSG_ERROR([Don't know how to define struct flock on this system[,] set --enable-opcache=no])