sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-07-18 09:49:18 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update to 5.3.23

Browse source 
Security:	1d23109a-9005-11e2-9602-d43d7e0c7c02
This commit is contained in:
Florian Smeets 2013-03-18 20:46:51 +00:00
parent 7f2b9a5f5e
commit ed24f52ac4
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=314596
3 changed files with 43 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lang/php53/Makefile
View file

@ -2,7 +2,7 @@
# $FreeBSD$ # $FreeBSD$
PORTNAME= php53 PORTNAME= php53
PORTVERSION= 5.3.22 PORTVERSION= 5.3.23
PORTREVISION?= 0 PORTREVISION?= 0
CATEGORIES?= lang devel www CATEGORIES?= lang devel www
MASTER_SITES= ${MASTER_SITE_PHP} MASTER_SITES= ${MASTER_SITE_PHP}
@ -63,7 +63,7 @@ PATCH_SITES+= ${MASTER_SITE_LOCAL} \
PATCH_SITE_SUBDIR= flo PATCH_SITE_SUBDIR= flo
.if ${PORT_OPTIONS:MSUHOSIN} .if ${PORT_OPTIONS:MSUHOSIN}
PATCHFILES+= suhosin-patch-5.3.x-0.9.10.2.patch.gz PATCHFILES+= suhosin-patch-5.3.x-0.9.10.3.patch.gz
PLIST_SUB+= SUHOSIN="" PLIST_SUB+= SUHOSIN=""
.else .else
PLIST_SUB+= SUHOSIN="@comment " PLIST_SUB+= SUHOSIN="@comment "

8
lang/php53/distinfo
View file

@ -1,6 +1,6 @@
SHA256 (php-5.3.22.tar.bz2) = 2da5fefdd24dafd8a94b6e41ba2c308ee216f97b3d605abde513d0cdc680d588 SHA256 (php-5.3.23.tar.bz2) = 69473eae7c752987a8fc7619bae9f7121cfe7c6603a2ebf13c8e036dff6a4944
SIZE (php-5.3.22.tar.bz2) = 11366482 SIZE (php-5.3.23.tar.bz2) = 11410987
SHA256 (suhosin-patch-5.3.x-0.9.10.2.patch.gz) = 886bc7d7816fcce93792bd4a847731c460460b4f3987e0a5f6bf44b1979f5daa SHA256 (suhosin-patch-5.3.x-0.9.10.3.patch.gz) = 40a5de284f3bec4e5f7d54093ff23fd909030f84852fb2157780d41378932b82
SIZE (suhosin-patch-5.3.x-0.9.10.2.patch.gz) = 40806 SIZE (suhosin-patch-5.3.x-0.9.10.3.patch.gz) = 40957
SHA256 (php-5.3.x-mail-header.patch) = 5a677448b32d9f592703e2323a33facdb45e5c237dcca04aaea8ec3287f7db84 SHA256 (php-5.3.x-mail-header.patch) = 5a677448b32d9f592703e2323a33facdb45e5c237dcca04aaea8ec3287f7db84
SIZE (php-5.3.x-mail-header.patch) = 3325 SIZE (php-5.3.x-mail-header.patch) = 3325

37
security/vuxml/vuln.xml
View file

@ -51,6 +51,43 @@ Note: Please add new entries to the beginning of this file.
--> -->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="1d23109a-9005-11e2-9602-d43d7e0c7c02">
<topic>php5 -- Multiple vulnerabilities</topic>
<affects>
<package>
<name>php5</name>
<range><lt>5.4.13</lt></range>
</package>
<package>
<name>php53</name>
<range><lt>5.3.23</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>The PHP development team reports:</p>
<blockquote cite="http://www.php.net/ChangeLog-5.php">
<p>PHP does not validate the relationship between the soap.wsdl_cache_dir
directive and the open_basedir directive, which allows remote attackers to
bypass intended access restrictions by triggering the creation of cached
SOAP WSDL files in an arbitrary directory.</p>
<p>The SOAP parser in PHP allows remote attackers to read arbitrary files
via a SOAP WSDL file containing an XML external entity declaration in
conjunction with an entity reference, related to an XML External Entity
(XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions.</p>
</blockquote>
</body>
</description>
<references>
<cvename>CVE-2013-1635</cvename>
<cvename>CVE-2013-1643</cvename>
</references>
<dates>
<discovery>2013-03-04</discovery>
<entry>2013-03-18</entry>
</dates>
</vuln>
<vuln vid="edd201a5-8fc3-11e2-b131-000c299b62e1"> <vuln vid="edd201a5-8fc3-11e2-b131-000c299b62e1">
<topic>piwigo -- CSRF/Path Traversal</topic> <topic>piwigo -- CSRF/Path Traversal</topic>
<affects> <affects>