From 333e6c234387f048557fdd4235c5a1809474f6f2 Mon Sep 17 00:00:00 2001 From: Max Rees Date: Mon, 18 Mar 2019 23:14:42 -0400 Subject: user/php7: bump to 7.2.16, modernize, build with enchant-2 * Drop CVE-2018-19935.patch: included as of version 7.2.14 --- user/php7/APKBUILD | 36 ++++++++++++------------ user/php7/CVE-2018-19935.patch | 52 ---------------------------------- user/php7/enchant-2.patch | 63 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 81 insertions(+), 70 deletions(-) delete mode 100644 user/php7/CVE-2018-19935.patch create mode 100644 user/php7/enchant-2.patch diff --git a/user/php7/APKBUILD b/user/php7/APKBUILD index 9da2b1de2..187646dd3 100644 --- a/user/php7/APKBUILD +++ b/user/php7/APKBUILD @@ -23,15 +23,25 @@ # ----------+-------------------------------------------- # zlib | https://bugs.alpinelinux.org/issues/8299 +# secfixes: +# 7.2.16-r0: +# - CVE-2016-10166 +# - CVE-2018-20783 +# - CVE-2019-6977 +# - CVE-2019-9020 +# - CVE-2019-9021 +# - CVE-2019-9022 +# - CVE-2019-9023 +# - CVE-2019-9024 + pkgname=php7 _pkgname=php -pkgver=7.2.11 -pkgrel=3 +pkgver=7.2.16 +pkgrel=0 _apiver=20170718 pkgdesc="The PHP7 language runtime engine" url="https://php.net/" arch="all" -options="!checkroot" license="PHP-3.01 AND Zend-2.0 AND Custom:TSRM AND LGPL-2.1+ AND MIT AND Beerware AND Public-Domain AND BSD-3-Clause AND Apache-1.0 AND PostgreSQL AND BSD-2-Clause AND Zlib AND BSD-4-Clause" depends="" depends_dev="$pkgname=$pkgver-r$pkgrel autoconf icu-dev libedit-dev libxml2-dev @@ -77,12 +87,12 @@ source="http://php.net/distributions/$_pkgname-$pkgver.tar.bz2 $_pkgname-fpm.logrotate $_pkgname-module.conf disabled-tests.list - CVE-2018-19935.patch install-pear.patch fpm-paths.patch allow-build-recode-and-imap-together.patch fix-tests-devserver.patch - pwbuflen.patch" + pwbuflen.patch + enchant-2.patch" builddir="$srcdir/$_pkgname-$pkgver" _libdir="/usr/lib/$_pkgname" _extension_dir="$_libdir/modules" @@ -229,8 +239,6 @@ enable_ext 'zip' \ # - CVE-2018-19935 prepare() { - cd "$builddir" - default_prepare update_config_sub @@ -269,8 +277,6 @@ prepare() { # * Doesn't work with system-provided onigurama, some tests fail (invalid code # point); probably because bundled onigurama is version 5.x, but we have 6.x. _build() { - cd "$builddir" - EXTENSION_DIR=$_extension_dir ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -302,8 +308,6 @@ _build() { } build() { - cd "$builddir" - # phpdbg _build --enable-phpdbg \ --enable-phpdbg-webhelper \ @@ -325,8 +329,6 @@ build() { } check() { - cd "$builddir" - # PHP is so stupid that it's not able to resolve dependencies # between extensions and load them in correct order, so we must # help it... @@ -346,8 +348,6 @@ check() { } package() { - cd "$builddir" - make -j1 INSTALL_ROOT="$pkgdir" install install -Dm644 php.ini-production "$pkgdir"/etc/$_pkgname/php.ini @@ -526,14 +526,14 @@ _mv() { mv $@ } -sha512sums="a6bdd639648ae7845467e01303d0b4f4b85fd541409be97a5a605e91a9c994609e4e221a9c87c576134e66a2439920486d1f444e6fe8c34b0e5d025cee6d0cc8 php-7.2.11.tar.bz2 +sha512sums="f97545905a3ec4bc1ce431e306bffb2d7b6357164ea035a6899ea1589d8df4e6617af3924fa1abcb5da428ad691967504c3f94187d4cae6f2ef285e963d07e3d php-7.2.16.tar.bz2 23df4e779c809db3e3b8e5b0353b1aafaad2f3dc56f2d1cd45f9b0e3ad71b32e40700d6ebfe914b3c87e8e0b670d0dc862ded1e5c898adf160e33dea372e044f php-fpm.initd 01d4ba3ef104ea378eb0e8cbb7bdee3fdf65e4bd6865eb3bc6c0dc4af31c2d52887abdf0150b5ef984b877860285a3b1af84b11ffebb5b8b722ea9faf83edfeb php-fpm.logrotate a7f9ba5e11652fd1cb9e756c3269269a95de083ecb5be936a85c7a09c1396db9088e0251c6a643c40235c0e776fce2a471e5c7f5a033b85c7d3b3110c2b39e48 php-module.conf b1008eabc86fcff88336fe2961e3229c159c930a05d97359136c381c5c1cc572a33110308a3e5ef5e31c60327f76c9ef02b375cd2ea8ff9caa7deeddc216f4ce disabled-tests.list -4b6e4a8062808fcc54321b159f0b8bfef93267e0824f698f6ab06fc82796d62878a2e73cb44ef4bbad231658f9c0ee819ece1f7ca7517e56eea54309c92128c7 CVE-2018-19935.patch f1177cbf6b1f44402f421c3d317aab1a2a40d0b1209c11519c1158df337c8945f3a313d689c939768584f3e4edbe52e8bd6103fb6777462326a9d94e8ab1f505 install-pear.patch a77dd3bdf9dc7a0f2c06ff3e7c425d062bbaa29902c17402ce98701dc99499be863ad543aa5e6a7d1c249702d6afb193398dd3199ae58e42b32b95d434fb1883 fpm-paths.patch f8ecae241a90cbc3e98aa4deb3d5d35ef555f51380e29f4e182a8060dffeb84be74f030a14c6b452668471030d78964f52795ca74275db05543ccad20ef1f2cc allow-build-recode-and-imap-together.patch f8bb322e56df79dd9f391737fb8737945cc730b14c7dc2ae8688979c565a9b97f5f2a12c9fcd0d8124624a9d09bd10228147d9e999bb94909bbe249f0a50646c fix-tests-devserver.patch -8e538063d872f6770a57cdb844226a771ccda3d387dd1f199bb08c274b94fbe12ec0ef6df75c32071f308cb8f4ab51b91b520c7c2ed687adf96d0d322788e463 pwbuflen.patch" +8e538063d872f6770a57cdb844226a771ccda3d387dd1f199bb08c274b94fbe12ec0ef6df75c32071f308cb8f4ab51b91b520c7c2ed687adf96d0d322788e463 pwbuflen.patch +03de56676449ddc1ba1fc9c4fee2b2ed620cd1a8ce52d288c91b42e081182871ade55c8dbbe1c8286bc4eadcd92d497a62ac7b689ea8d6b1bcb5eb25225595c4 enchant-2.patch" diff --git a/user/php7/CVE-2018-19935.patch b/user/php7/CVE-2018-19935.patch deleted file mode 100644 index e24310f42..000000000 --- a/user/php7/CVE-2018-19935.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 648fc1e369fc05fb9200a42c7938912236b2a318 Mon Sep 17 00:00:00 2001 -From: Stanislav Malyshev -Date: Sun, 11 Nov 2018 10:04:01 -0800 -Subject: [PATCH] Fix #77020: null pointer dereference in imap_mail - -If an empty $message is passed to imap_mail(), we must not set message -to NULL, since _php_imap_mail() is not supposed to handle NULL pointers -(opposed to pointers to NUL). - -(cherry picked from commit 7edc639b9ff1c3576773d79d016abbeed1f93846) ---- - ext/imap/php_imap.c | 1 - - ext/imap/tests/bug77020.phpt | 15 +++++++++++++++ - 2 files changed, 15 insertions(+), 1 deletion(-) - create mode 100644 ext/imap/tests/bug77020.phpt - -diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c -index 9e626a4..01d1a5f 100644 ---- a/ext/imap/php_imap.c -+++ b/ext/imap/php_imap.c -@@ -4116,7 +4116,6 @@ PHP_FUNCTION(imap_mail) - if (!ZSTR_LEN(message)) { - /* this is not really an error, so it is allowed. */ - php_error_docref(NULL, E_WARNING, "No message string in mail command"); -- message = NULL; - } - - if (_php_imap_mail(ZSTR_VAL(to), ZSTR_VAL(subject), ZSTR_VAL(message), headers?ZSTR_VAL(headers):NULL, cc?ZSTR_VAL(cc):NULL, -diff --git a/ext/imap/tests/bug77020.phpt b/ext/imap/tests/bug77020.phpt -new file mode 100644 -index 0000000..8a65232 ---- /dev/null -+++ b/ext/imap/tests/bug77020.phpt -@@ -0,0 +1,15 @@ -+--TEST-- -+Bug #77020 (null pointer dereference in imap_mail) -+--SKIPIF-- -+ -+--FILE-- -+ -+===DONE=== -+--EXPECTF-- -+Warning: imap_mail(): No message string in mail command in %s on line %d -+%s -+===DONE=== --- -2.1.4 - diff --git a/user/php7/enchant-2.patch b/user/php7/enchant-2.patch new file mode 100644 index 000000000..ed048de28 --- /dev/null +++ b/user/php7/enchant-2.patch @@ -0,0 +1,63 @@ +Lifted from Arch: https://git.archlinux.org/svntogit/packages.git/tree/trunk/enchant-2.patch?h=packages/php + +--- php-7.1.13/ext/enchant/config.m4.orig 2018-01-03 02:32:29.000000000 +0000 ++++ php-7.1.13/ext/enchant/config.m4 2018-01-21 22:10:03.788875780 +0000 +@@ -14,9 +14,9 @@ + ENCHANT_SEARCH_DIRS="/usr/local /usr" + fi + for i in $ENCHANT_SEARCH_DIRS; do +- if test -f $i/include/enchant/enchant.h; then ++ if test -f $i/include/enchant-2/enchant.h; then + ENCHANT_DIR=$i +- ENCHANT_INCDIR=$i/include/enchant ++ ENCHANT_INCDIR=$i/include/enchant-2 + elif test -f $i/include/enchant.h; then + ENCHANT_DIR=$i + ENCHANT_INCDIR=$i/include +@@ -31,7 +31,7 @@ + + AC_DEFINE(HAVE_ENCHANT,1,[ ]) + PHP_SUBST(ENCHANT_SHARED_LIBADD) +- PHP_ADD_LIBRARY_WITH_PATH(enchant, $ENCHANT_LIBDIR, ENCHANT_SHARED_LIBADD) ++ PHP_ADD_LIBRARY_WITH_PATH(enchant-2, $ENCHANT_LIBDIR, ENCHANT_SHARED_LIBADD) + PHP_ADD_INCLUDE($ENCHANT_INCDIR) + PHP_CHECK_LIBRARY(enchant, enchant_broker_set_param, + [ +--- php-7.2.1/ext/enchant/enchant.c.orig 2018-01-02 22:36:05.000000000 +0000 ++++ php-7.2.1/ext/enchant/enchant.c 2018-01-21 22:34:50.205791491 +0000 +@@ -741,7 +741,7 @@ + for (i = 0; i < n_sugg; i++) { + add_next_index_string(sugg, suggs[i]); + } +- enchant_dict_free_suggestions(pdict->pdict, suggs); ++ enchant_dict_free_string_list(pdict->pdict, suggs); + } + + +@@ -798,7 +798,7 @@ + add_next_index_string(return_value, suggs[i]); + } + +- enchant_dict_free_suggestions(pdict->pdict, suggs); ++ enchant_dict_free_string_list(pdict->pdict, suggs); + } + } + /* }}} */ +@@ -818,7 +818,7 @@ + + PHP_ENCHANT_GET_DICT; + +- enchant_dict_add_to_personal(pdict->pdict, word, wordlen); ++ enchant_dict_add(pdict->pdict, word, wordlen); + } + /* }}} */ + +@@ -856,7 +856,7 @@ + + PHP_ENCHANT_GET_DICT; + +- RETURN_BOOL(enchant_dict_is_in_session(pdict->pdict, word, wordlen)); ++ RETURN_BOOL(enchant_dict_is_added(pdict->pdict, word, wordlen)); + } + /* }}} */ + -- cgit v1.2.3-70-g09d2