summaryrefslogtreecommitdiff
path: root/user/php7
diff options
context:
space:
mode:
Diffstat (limited to 'user/php7')
-rw-r--r--user/php7/APKBUILD36
-rw-r--r--user/php7/CVE-2018-19935.patch52
-rw-r--r--user/php7/enchant-2.patch63
3 files changed, 81 insertions, 70 deletions
diff --git a/user/php7/APKBUILD b/user/php7/APKBUILD
index 9da2b1de2..187646dd3 100644
--- a/user/php7/APKBUILD
+++ b/user/php7/APKBUILD
@@ -23,15 +23,25 @@
# ----------+--------------------------------------------
# zlib | https://bugs.alpinelinux.org/issues/8299
+# secfixes:
+# 7.2.16-r0:
+# - CVE-2016-10166
+# - CVE-2018-20783
+# - CVE-2019-6977
+# - CVE-2019-9020
+# - CVE-2019-9021
+# - CVE-2019-9022
+# - CVE-2019-9023
+# - CVE-2019-9024
+
pkgname=php7
_pkgname=php
-pkgver=7.2.11
-pkgrel=3
+pkgver=7.2.16
+pkgrel=0
_apiver=20170718
pkgdesc="The PHP7 language runtime engine"
url="https://php.net/"
arch="all"
-options="!checkroot"
license="PHP-3.01 AND Zend-2.0 AND Custom:TSRM AND LGPL-2.1+ AND MIT AND Beerware AND Public-Domain AND BSD-3-Clause AND Apache-1.0 AND PostgreSQL AND BSD-2-Clause AND Zlib AND BSD-4-Clause"
depends=""
depends_dev="$pkgname=$pkgver-r$pkgrel autoconf icu-dev libedit-dev libxml2-dev
@@ -77,12 +87,12 @@ source="http://php.net/distributions/$_pkgname-$pkgver.tar.bz2
$_pkgname-fpm.logrotate
$_pkgname-module.conf
disabled-tests.list
- CVE-2018-19935.patch
install-pear.patch
fpm-paths.patch
allow-build-recode-and-imap-together.patch
fix-tests-devserver.patch
- pwbuflen.patch"
+ pwbuflen.patch
+ enchant-2.patch"
builddir="$srcdir/$_pkgname-$pkgver"
_libdir="/usr/lib/$_pkgname"
_extension_dir="$_libdir/modules"
@@ -229,8 +239,6 @@ enable_ext 'zip' \
# - CVE-2018-19935
prepare() {
- cd "$builddir"
-
default_prepare
update_config_sub
@@ -269,8 +277,6 @@ prepare() {
# * Doesn't work with system-provided onigurama, some tests fail (invalid code
# point); probably because bundled onigurama is version 5.x, but we have 6.x.
_build() {
- cd "$builddir"
-
EXTENSION_DIR=$_extension_dir ./configure \
--build=$CBUILD \
--host=$CHOST \
@@ -302,8 +308,6 @@ _build() {
}
build() {
- cd "$builddir"
-
# phpdbg
_build --enable-phpdbg \
--enable-phpdbg-webhelper \
@@ -325,8 +329,6 @@ build() {
}
check() {
- cd "$builddir"
-
# PHP is so stupid that it's not able to resolve dependencies
# between extensions and load them in correct order, so we must
# help it...
@@ -346,8 +348,6 @@ check() {
}
package() {
- cd "$builddir"
-
make -j1 INSTALL_ROOT="$pkgdir" install
install -Dm644 php.ini-production "$pkgdir"/etc/$_pkgname/php.ini
@@ -526,14 +526,14 @@ _mv() {
mv $@
}
-sha512sums="a6bdd639648ae7845467e01303d0b4f4b85fd541409be97a5a605e91a9c994609e4e221a9c87c576134e66a2439920486d1f444e6fe8c34b0e5d025cee6d0cc8 php-7.2.11.tar.bz2
+sha512sums="f97545905a3ec4bc1ce431e306bffb2d7b6357164ea035a6899ea1589d8df4e6617af3924fa1abcb5da428ad691967504c3f94187d4cae6f2ef285e963d07e3d php-7.2.16.tar.bz2
23df4e779c809db3e3b8e5b0353b1aafaad2f3dc56f2d1cd45f9b0e3ad71b32e40700d6ebfe914b3c87e8e0b670d0dc862ded1e5c898adf160e33dea372e044f php-fpm.initd
01d4ba3ef104ea378eb0e8cbb7bdee3fdf65e4bd6865eb3bc6c0dc4af31c2d52887abdf0150b5ef984b877860285a3b1af84b11ffebb5b8b722ea9faf83edfeb php-fpm.logrotate
a7f9ba5e11652fd1cb9e756c3269269a95de083ecb5be936a85c7a09c1396db9088e0251c6a643c40235c0e776fce2a471e5c7f5a033b85c7d3b3110c2b39e48 php-module.conf
b1008eabc86fcff88336fe2961e3229c159c930a05d97359136c381c5c1cc572a33110308a3e5ef5e31c60327f76c9ef02b375cd2ea8ff9caa7deeddc216f4ce disabled-tests.list
-4b6e4a8062808fcc54321b159f0b8bfef93267e0824f698f6ab06fc82796d62878a2e73cb44ef4bbad231658f9c0ee819ece1f7ca7517e56eea54309c92128c7 CVE-2018-19935.patch
f1177cbf6b1f44402f421c3d317aab1a2a40d0b1209c11519c1158df337c8945f3a313d689c939768584f3e4edbe52e8bd6103fb6777462326a9d94e8ab1f505 install-pear.patch
a77dd3bdf9dc7a0f2c06ff3e7c425d062bbaa29902c17402ce98701dc99499be863ad543aa5e6a7d1c249702d6afb193398dd3199ae58e42b32b95d434fb1883 fpm-paths.patch
f8ecae241a90cbc3e98aa4deb3d5d35ef555f51380e29f4e182a8060dffeb84be74f030a14c6b452668471030d78964f52795ca74275db05543ccad20ef1f2cc allow-build-recode-and-imap-together.patch
f8bb322e56df79dd9f391737fb8737945cc730b14c7dc2ae8688979c565a9b97f5f2a12c9fcd0d8124624a9d09bd10228147d9e999bb94909bbe249f0a50646c fix-tests-devserver.patch
-8e538063d872f6770a57cdb844226a771ccda3d387dd1f199bb08c274b94fbe12ec0ef6df75c32071f308cb8f4ab51b91b520c7c2ed687adf96d0d322788e463 pwbuflen.patch"
+8e538063d872f6770a57cdb844226a771ccda3d387dd1f199bb08c274b94fbe12ec0ef6df75c32071f308cb8f4ab51b91b520c7c2ed687adf96d0d322788e463 pwbuflen.patch
+03de56676449ddc1ba1fc9c4fee2b2ed620cd1a8ce52d288c91b42e081182871ade55c8dbbe1c8286bc4eadcd92d497a62ac7b689ea8d6b1bcb5eb25225595c4 enchant-2.patch"
diff --git a/user/php7/CVE-2018-19935.patch b/user/php7/CVE-2018-19935.patch
deleted file mode 100644
index e24310f42..000000000
--- a/user/php7/CVE-2018-19935.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 648fc1e369fc05fb9200a42c7938912236b2a318 Mon Sep 17 00:00:00 2001
-From: Stanislav Malyshev <stas@php.net>
-Date: Sun, 11 Nov 2018 10:04:01 -0800
-Subject: [PATCH] Fix #77020: null pointer dereference in imap_mail
-
-If an empty $message is passed to imap_mail(), we must not set message
-to NULL, since _php_imap_mail() is not supposed to handle NULL pointers
-(opposed to pointers to NUL).
-
-(cherry picked from commit 7edc639b9ff1c3576773d79d016abbeed1f93846)
----
- ext/imap/php_imap.c | 1 -
- ext/imap/tests/bug77020.phpt | 15 +++++++++++++++
- 2 files changed, 15 insertions(+), 1 deletion(-)
- create mode 100644 ext/imap/tests/bug77020.phpt
-
-diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c
-index 9e626a4..01d1a5f 100644
---- a/ext/imap/php_imap.c
-+++ b/ext/imap/php_imap.c
-@@ -4116,7 +4116,6 @@ PHP_FUNCTION(imap_mail)
- if (!ZSTR_LEN(message)) {
- /* this is not really an error, so it is allowed. */
- php_error_docref(NULL, E_WARNING, "No message string in mail command");
-- message = NULL;
- }
-
- if (_php_imap_mail(ZSTR_VAL(to), ZSTR_VAL(subject), ZSTR_VAL(message), headers?ZSTR_VAL(headers):NULL, cc?ZSTR_VAL(cc):NULL,
-diff --git a/ext/imap/tests/bug77020.phpt b/ext/imap/tests/bug77020.phpt
-new file mode 100644
-index 0000000..8a65232
---- /dev/null
-+++ b/ext/imap/tests/bug77020.phpt
-@@ -0,0 +1,15 @@
-+--TEST--
-+Bug #77020 (null pointer dereference in imap_mail)
-+--SKIPIF--
-+<?php
-+if (!extension_loaded('imap')) die('skip imap extension not available');
-+?>
-+--FILE--
-+<?php
-+imap_mail('1', 1, NULL);
-+?>
-+===DONE===
-+--EXPECTF--
-+Warning: imap_mail(): No message string in mail command in %s on line %d
-+%s
-+===DONE===
---
-2.1.4
-
diff --git a/user/php7/enchant-2.patch b/user/php7/enchant-2.patch
new file mode 100644
index 000000000..ed048de28
--- /dev/null
+++ b/user/php7/enchant-2.patch
@@ -0,0 +1,63 @@
+Lifted from Arch: https://git.archlinux.org/svntogit/packages.git/tree/trunk/enchant-2.patch?h=packages/php
+
+--- php-7.1.13/ext/enchant/config.m4.orig 2018-01-03 02:32:29.000000000 +0000
++++ php-7.1.13/ext/enchant/config.m4 2018-01-21 22:10:03.788875780 +0000
+@@ -14,9 +14,9 @@
+ ENCHANT_SEARCH_DIRS="/usr/local /usr"
+ fi
+ for i in $ENCHANT_SEARCH_DIRS; do
+- if test -f $i/include/enchant/enchant.h; then
++ if test -f $i/include/enchant-2/enchant.h; then
+ ENCHANT_DIR=$i
+- ENCHANT_INCDIR=$i/include/enchant
++ ENCHANT_INCDIR=$i/include/enchant-2
+ elif test -f $i/include/enchant.h; then
+ ENCHANT_DIR=$i
+ ENCHANT_INCDIR=$i/include
+@@ -31,7 +31,7 @@
+
+ AC_DEFINE(HAVE_ENCHANT,1,[ ])
+ PHP_SUBST(ENCHANT_SHARED_LIBADD)
+- PHP_ADD_LIBRARY_WITH_PATH(enchant, $ENCHANT_LIBDIR, ENCHANT_SHARED_LIBADD)
++ PHP_ADD_LIBRARY_WITH_PATH(enchant-2, $ENCHANT_LIBDIR, ENCHANT_SHARED_LIBADD)
+ PHP_ADD_INCLUDE($ENCHANT_INCDIR)
+ PHP_CHECK_LIBRARY(enchant, enchant_broker_set_param,
+ [
+--- php-7.2.1/ext/enchant/enchant.c.orig 2018-01-02 22:36:05.000000000 +0000
++++ php-7.2.1/ext/enchant/enchant.c 2018-01-21 22:34:50.205791491 +0000
+@@ -741,7 +741,7 @@
+ for (i = 0; i < n_sugg; i++) {
+ add_next_index_string(sugg, suggs[i]);
+ }
+- enchant_dict_free_suggestions(pdict->pdict, suggs);
++ enchant_dict_free_string_list(pdict->pdict, suggs);
+ }
+
+
+@@ -798,7 +798,7 @@
+ add_next_index_string(return_value, suggs[i]);
+ }
+
+- enchant_dict_free_suggestions(pdict->pdict, suggs);
++ enchant_dict_free_string_list(pdict->pdict, suggs);
+ }
+ }
+ /* }}} */
+@@ -818,7 +818,7 @@
+
+ PHP_ENCHANT_GET_DICT;
+
+- enchant_dict_add_to_personal(pdict->pdict, word, wordlen);
++ enchant_dict_add(pdict->pdict, word, wordlen);
+ }
+ /* }}} */
+
+@@ -856,7 +856,7 @@
+
+ PHP_ENCHANT_GET_DICT;
+
+- RETURN_BOOL(enchant_dict_is_in_session(pdict->pdict, word, wordlen));
++ RETURN_BOOL(enchant_dict_is_added(pdict->pdict, word, wordlen));
+ }
+ /* }}} */
+