summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRemi Collet <fedora@famillecollet.com>2013-08-19 15:15:55 +0200
committerRemi Collet <fedora@famillecollet.com>2013-08-19 15:15:55 +0200
commitfd4d1afde90d94006397e86d2d161dd88d114a2c (patch)
treeba941a187b51bd0972989b52e9c569b785c34908
parentec69cb07a56dfafd131672bc62f25f5f09a0486c (diff)
PHP 5.4.18
Diffstat
-rw-r--r--php-5.4.17-CVE-2013-4013.patch181
-rw-r--r--php-5.4.17-man.patch668
-rw-r--r--php-5.4.18-bison.patch29
-rw-r--r--php54.spec30
4 files changed, 49 insertions, 859 deletions
diff --git a/php-5.4.17-CVE-2013-4013.patch b/php-5.4.17-CVE-2013-4013.patch
deleted file mode 100644
index dfa2c86..0000000
--- a/php-5.4.17-CVE-2013-4013.patch
+++ /dev/null
@@ -1,181 +0,0 @@
-From 7d163e8a0880ae8af2dd869071393e5dc07ef271 Mon Sep 17 00:00:00 2001
-From: Rob Richards <rrichards@php.net>
-Date: Sat, 6 Jul 2013 07:53:07 -0400
-Subject: [PATCH] truncate results at depth of 255 to prevent corruption
-
----
- ext/xml/xml.c | 90 +++++++++++++++++++++++++++++++++--------------------------
- 1 file changed, 50 insertions(+), 40 deletions(-)
-
-diff --git a/ext/xml/xml.c b/ext/xml/xml.c
-index 1f0480b..9f0bc30 100644
---- a/ext/xml/xml.c
-+++ b/ext/xml/xml.c
-@@ -428,7 +428,7 @@ static void xml_parser_dtor(zend_rsrc_list_entry *rsrc TSRMLS_DC)
- }
- if (parser->ltags) {
- int inx;
-- for (inx = 0; inx < parser->level; inx++)
-+ for (inx = 0; ((inx < parser->level) && (inx < XML_MAXLEVEL)); inx++)
- efree(parser->ltags[ inx ]);
- efree(parser->ltags);
- }
-@@ -805,45 +805,50 @@ void _xml_startElementHandler(void *userData, const XML_Char *name, const XML_Ch
- }
-
- if (parser->data) {
-- zval *tag, *atr;
-- int atcnt = 0;
-+ if (parser->level <= XML_MAXLEVEL) {
-+ zval *tag, *atr;
-+ int atcnt = 0;
-
-- MAKE_STD_ZVAL(tag);
-- MAKE_STD_ZVAL(atr);
-+ MAKE_STD_ZVAL(tag);
-+ MAKE_STD_ZVAL(atr);
-
-- array_init(tag);
-- array_init(atr);
-+ array_init(tag);
-+ array_init(atr);
-
-- _xml_add_to_info(parser,((char *) tag_name) + parser->toffset);
-+ _xml_add_to_info(parser,((char *) tag_name) + parser->toffset);
-
-- add_assoc_string(tag,"tag",((char *) tag_name) + parser->toffset,1); /* cast to avoid gcc-warning */
-- add_assoc_string(tag,"type","open",1);
-- add_assoc_long(tag,"level",parser->level);
-+ add_assoc_string(tag,"tag",((char *) tag_name) + parser->toffset,1); /* cast to avoid gcc-warning */
-+ add_assoc_string(tag,"type","open",1);
-+ add_assoc_long(tag,"level",parser->level);
-
-- parser->ltags[parser->level-1] = estrdup(tag_name);
-- parser->lastwasopen = 1;
-+ parser->ltags[parser->level-1] = estrdup(tag_name);
-+ parser->lastwasopen = 1;
-
-- attributes = (const XML_Char **) attrs;
-+ attributes = (const XML_Char **) attrs;
-
-- while (attributes && *attributes) {
-- att = _xml_decode_tag(parser, attributes[0]);
-- val = xml_utf8_decode(attributes[1], strlen(attributes[1]), &val_len, parser->target_encoding);
--
-- add_assoc_stringl(atr,att,val,val_len,0);
-+ while (attributes && *attributes) {
-+ att = _xml_decode_tag(parser, attributes[0]);
-+ val = xml_utf8_decode(attributes[1], strlen(attributes[1]), &val_len, parser->target_encoding);
-
-- atcnt++;
-- attributes += 2;
-+ add_assoc_stringl(atr,att,val,val_len,0);
-
-- efree(att);
-- }
-+ atcnt++;
-+ attributes += 2;
-
-- if (atcnt) {
-- zend_hash_add(Z_ARRVAL_P(tag),"attributes",sizeof("attributes"),&atr,sizeof(zval*),NULL);
-- } else {
-- zval_ptr_dtor(&atr);
-- }
-+ efree(att);
-+ }
-+
-+ if (atcnt) {
-+ zend_hash_add(Z_ARRVAL_P(tag),"attributes",sizeof("attributes"),&atr,sizeof(zval*),NULL);
-+ } else {
-+ zval_ptr_dtor(&atr);
-+ }
-
-- zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),(void *) &parser->ctag);
-+ zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),(void *) &parser->ctag);
-+ } else if (parser->level == (XML_MAXLEVEL + 1)) {
-+ TSRMLS_FETCH();
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Maximum depth exceeded - Results truncated");
-+ }
- }
-
- efree(tag_name);
-@@ -895,7 +900,7 @@ void _xml_endElementHandler(void *userData, const XML_Char *name)
-
- efree(tag_name);
-
-- if (parser->ltags) {
-+ if ((parser->ltags) && (parser->level <= XML_MAXLEVEL)) {
- efree(parser->ltags[parser->level-1]);
- }
-
-@@ -979,18 +984,23 @@ void _xml_characterDataHandler(void *userData, const XML_Char *s, int len)
- }
- }
-
-- MAKE_STD_ZVAL(tag);
--
-- array_init(tag);
--
-- _xml_add_to_info(parser,parser->ltags[parser->level-1] + parser->toffset);
-+ if (parser->level <= XML_MAXLEVEL) {
-+ MAKE_STD_ZVAL(tag);
-
-- add_assoc_string(tag,"tag",parser->ltags[parser->level-1] + parser->toffset,1);
-- add_assoc_string(tag,"value",decoded_value,0);
-- add_assoc_string(tag,"type","cdata",1);
-- add_assoc_long(tag,"level",parser->level);
-+ array_init(tag);
-
-- zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),NULL);
-+ _xml_add_to_info(parser,parser->ltags[parser->level-1] + parser->toffset);
-+
-+ add_assoc_string(tag,"tag",parser->ltags[parser->level-1] + parser->toffset,1);
-+ add_assoc_string(tag,"value",decoded_value,0);
-+ add_assoc_string(tag,"type","cdata",1);
-+ add_assoc_long(tag,"level",parser->level);
-+
-+ zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),NULL);
-+ } else if (parser->level == (XML_MAXLEVEL + 1)) {
-+ TSRMLS_FETCH();
-+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Maximum depth exceeded - Results truncated");
-+ }
- }
- } else {
- efree(decoded_value);
---
-1.7.11.5
-
-From 710eee5555bc5c95692bd3c84f5d2b5d687349b6 Mon Sep 17 00:00:00 2001
-From: =?utf8?q?Johannes=20Schl=C3=BCter?= <johannes@php.net>
-Date: Wed, 10 Jul 2013 19:35:18 +0200
-Subject: [PATCH] add test for bug #65236
-
----
- ext/xml/tests/bug65236.phpt | 15 +++++++++++++++
- 1 file changed, 15 insertions(+)
- create mode 100644 ext/xml/tests/bug65236.phpt
-
-diff --git a/ext/xml/tests/bug65236.phpt b/ext/xml/tests/bug65236.phpt
-new file mode 100644
-index 0000000..67b26d6
---- /dev/null
-+++ b/ext/xml/tests/bug65236.phpt
-@@ -0,0 +1,15 @@
-+--TEST--
-+Bug #65236 (heap corruption in xml parser)
-+--SKIPIF--
-+<?php
-+require_once("skipif.inc");
-+?>
-+--FILE--
-+<?php
-+xml_parse_into_struct(xml_parser_create_ns(), str_repeat("<blah>", 1000), $a);
-+
-+echo "Done\n";
-+?>
-+--EXPECTF--
-+Warning: xml_parse_into_struct(): Maximum depth exceeded - Results truncated in %s on line %d
-+Done
---
-1.7.11.5
-
diff --git a/php-5.4.17-man.patch b/php-5.4.17-man.patch
deleted file mode 100644
index d0c034a..0000000
--- a/php-5.4.17-man.patch
+++ /dev/null
@@ -1,668 +0,0 @@
->From c940aab7895fa4cb109e7790ae14080090b04959 Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@php.net>
-Date: Tue, 2 Jul 2013 10:42:47 +0200
-Subject: [PATCH] Fixed Bug #65143 Missing php-cgi man page
-
-Currently php-cgi man page is a simple redirect to
-php (CLI) man page.
-
-Could be splited / improved in the future.
----
- sapi/cgi/Makefile.frag | 3 +++
- sapi/cgi/config9.m4 | 2 ++
- sapi/cgi/php-cgi.1.in | 1 +
- sapi/cli/php.1.in | 2 ++
- 4 files changed, 8 insertions(+)
- create mode 100644 sapi/cgi/php-cgi.1.in
-
-diff --git a/sapi/cgi/Makefile.frag b/sapi/cgi/Makefile.frag
-index 505119e..d54dd40 100644
---- a/sapi/cgi/Makefile.frag
-+++ b/sapi/cgi/Makefile.frag
-@@ -6,4 +6,7 @@ $(SAPI_CGI_PATH): $(PHP_GLOBAL_OBJS) $(PHP_BINARY_OBJS) $(PHP_CGI_OBJS)
- install-cgi: $(SAPI_CGI_PATH)
- @echo "Installing PHP CGI binary: $(INSTALL_ROOT)$(bindir)/"
- @$(INSTALL) -m 0755 $(SAPI_CGI_PATH) $(INSTALL_ROOT)$(bindir)/$(program_prefix)php-cgi$(program_suffix)$(EXEEXT)
-+ @echo "Installing PHP CGI man page: $(INSTALL_ROOT)$(mandir)/man1/"
-+ @$(mkinstalldirs) $(INSTALL_ROOT)$(mandir)/man1
-+ @$(INSTALL_DATA) sapi/cgi/php-cgi.1 $(INSTALL_ROOT)$(mandir)/man1/$(program_prefix)php-cgi$(program_suffix).1
-
-diff --git a/sapi/cgi/config9.m4 b/sapi/cgi/config9.m4
-index 67251ae..49e61c8 100644
---- a/sapi/cgi/config9.m4
-+++ b/sapi/cgi/config9.m4
-@@ -71,6 +71,8 @@ if test "$PHP_CGI" != "no"; then
- dnl Expose to Makefile
- PHP_SUBST(SAPI_CGI_PATH)
- PHP_SUBST(BUILD_CGI)
-+
-+ PHP_OUTPUT(sapi/cgi/php-cgi.1)
- else
- AC_MSG_RESULT(yes)
- fi
-diff --git a/sapi/cgi/php-cgi.1.in b/sapi/cgi/php-cgi.1.in
-new file mode 100644
-index 0000000..340e6c5
---- /dev/null
-+++ b/sapi/cgi/php-cgi.1.in
-@@ -0,0 +1 @@
-+.so man1/php.1
-diff --git a/sapi/cli/php.1.in b/sapi/cli/php.1.in
-index 0e9d07a..6f0266d 100644
---- a/sapi/cli/php.1.in
-+++ b/sapi/cli/php.1.in
-@@ -1,6 +1,8 @@
- .TH PHP 1 "2013" "The PHP Group" "Scripting Language"
- .SH NAME
- php \- PHP Command Line Interface 'CLI'
-+.P
-+php-cgi \- PHP Command Gateway Interface 'CGI'
- .SH SYNOPSIS
- .B php
- [options] [
---
-1.7.11.5
-
->From f4ce5e7fb65ce215ea5fd182a90aaa4d634f6023 Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@php.net>
-Date: Tue, 2 Jul 2013 10:46:50 +0200
-Subject: [PATCH] Fixed Bug #65142 Missing phar man page
-
-Simple man page from phar help output.
----
- NEWS | 3 +
- ext/phar/Makefile.frag | 4 +
- ext/phar/config.m4 | 2 +
- ext/phar/phar.1.in | 523 ++++++++++++++++++++++++++++++++++++++++++++++++
- ext/phar/phar.phar.1.in | 1 +
- 5 files changed, 533 insertions(+)
- create mode 100644 ext/phar/phar.1.in
- create mode 100644 ext/phar/phar.phar.1.in
-
-diff --git a/ext/phar/Makefile.frag b/ext/phar/Makefile.frag
-index b1c820f..ed6de9f 100644
---- a/ext/phar/Makefile.frag
-+++ b/ext/phar/Makefile.frag
-@@ -40,3 +40,7 @@ install-pharcmd: pharcmd
- $(INSTALL) $(builddir)/phar.phar $(INSTALL_ROOT)$(bindir)
- -@rm -f $(INSTALL_ROOT)$(bindir)/phar
- $(LN_S) -f $(bindir)/phar.phar $(INSTALL_ROOT)$(bindir)/phar
-+ @$(mkinstalldirs) $(INSTALL_ROOT)$(mandir)/man1
-+ @$(INSTALL_DATA) $(builddir)/phar.1 $(INSTALL_ROOT)$(mandir)/man1/phar.1
-+ @$(INSTALL_DATA) $(builddir)/phar.phar.1 $(INSTALL_ROOT)$(mandir)/man1/phar.phar.1
-+
-diff --git a/ext/phar/config.m4 b/ext/phar/config.m4
-index 2ac7f3d..d424060 100644
---- a/ext/phar/config.m4
-+++ b/ext/phar/config.m4
-@@ -27,4 +27,6 @@ if test "$PHP_PHAR" != "no"; then
- PHP_ADD_EXTENSION_DEP(phar, hash, true)
- PHP_ADD_EXTENSION_DEP(phar, spl, true)
- PHP_ADD_MAKEFILE_FRAGMENT
-+
-+ PHP_OUTPUT(ext/phar/phar.1 ext/phar/phar.phar.1)
- fi
-diff --git a/ext/phar/phar.1.in b/ext/phar/phar.1.in
-new file mode 100644
-index 0000000..259a2ba
---- /dev/null
-+++ b/ext/phar/phar.1.in
-@@ -0,0 +1,523 @@
-+.TH PHAR 1 "2013" "The PHP Group" "User Commands"
-+.SH NAME
-+phar, phar.phar \- PHAR (PHP archive) command line tool
-+.SH SYNOPSIS
-+.B phar
-+<command> [options] ...
-+.LP
-+.SH DESCRIPTION
-+The \fBPHAR\fP file format provides a way to put entire PHP applications into a single
-+file called a "phar" (PHP Archive) for easy distribution and installation.
-+.P
-+With the \fBphar\fP command you can create, update or extract PHP archives.
-+.P
-+Commands:
-+add compress delete extract help help-list info list meta-del
-+meta-get meta-set pack sign stub-get stub-set tree version
-+
-+.SH add command
-+Add entries to a PHAR package.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.TP
-+.PD
-+.B ...
-+Any number of input files and directories. If -i is in
-+use then ONLY files and matching the given regular
-+expression are being packed. If -x is given then files
-+matching that regular expression are NOT being packed.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-a \fIalias\fP
-+Provide an \fIalias\fP name for the phar file.
-+.TP
-+.PD
-+.B \-c \fIalgo\fP
-+Compression algorithm (see
-+.SM
-+.B COMPRESSION
-+)
-+.TP
-+.PD
-+.B \-i \fIregex\fP
-+Specifies a regular expression for input files.
-+.TP
-+.PD
-+.B \-l \fIlevel\fP
-+Number of preceding subdirectories to strip from file entries
-+.TP
-+.PD
-+.B \-x \fIregex\fP
-+Regular expression for input files to exclude.
-+
-+.SH compress command
-+Compress or uncompress all files or a selected entry.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B \-c \fIalgo\fP
-+Compression algorithm (see
-+.SM
-+.B COMPRESSION
-+)
-+.TP
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -e \fIentry\fP
-+Name of \fIentry\fP to work on (must include PHAR internal
-+directory name if any).
-+
-+.SH delete command
-+Delete entry from a PHAR archive
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B \-e \fIentry\fP
-+Name of \fIentry\fP to work on (must include PHAR internal
-+directory name if any).
-+.TP
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+
-+.SH extract command
-+Extract a PHAR package to a directory.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -i \fIregex\fP
-+Specifies a regular expression for input files.
-+.TP
-+.PD
-+.B -x \fIregex\fP
-+Regular expression for input files to exclude.
-+.TP
-+.PD
-+.B ...
-+Directory to extract to (defaults to '.').
-+
-+
-+.SH help command
-+This help or help for a selected command.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B ...
-+Optional command to retrieve help for.
-+
-+.SH help-list command
-+Lists available commands.
-+
-+.SH info command
-+Get information about a PHAR package.
-+.P
-+By using -k it is possible to return a single value.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -k \fIindex\fP
-+Subscription \fIindex\fP to work on.
-+
-+.SH list command
-+List contents of a PHAR archive.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -i \fIregex\fP
-+Specifies a regular expression for input files.
-+.TP
-+.PD
-+.B -x \fIregex\fP
-+Regular expression for input files to exclude.
-+
-+
-+.SH meta-del command
-+Delete meta information of a PHAR entry or a PHAR package.
-+.P
-+If -k is given then the metadata is expected to be an array and the
-+given index is being deleted.
-+.P
-+If something was deleted the return value is 0 otherwise it is 1.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -e \fIentry\fP
-+Name of \fIentry\fP to work on (must include PHAR internal
-+directory name if any).
-+.TP
-+.PD
-+.B -k \fIindex\fP
-+Subscription \fIindex\fP to work on.
-+
-+.SH meta-get command
-+Get meta information of a PHAR entry or a PHAR package in serialized from. If
-+no output file is specified for meta data then stdout is being used.
-+You can also specify a particular index using -k. In that case the
-+metadata is expected to be an array and the value of the given index
-+is returned using echo rather than using serialize. If that index does
-+not exist or no meta data is present then the return value is 1.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -e \fIentry\fP
-+Name of \fIentry\fP to work on (must include PHAR internal
-+directory name if any).
-+.TP
-+.PD
-+.B -k \fIindex\fP
-+Subscription \fIindex\fP to work on.
-+
-+.SH meta-set command
-+Set meta data of a PHAR entry or a PHAR package using serialized input. If no
-+input file is specified for meta data then stdin is being used. You can
-+also specify a particular index using -k. In that case the metadata is
-+expected to be an array and the value of the given index is being set.
-+If the metadata is not present or empty a new array will be created.
-+If the metadata is present and a flat value then the return value is
-+1. Also using -k the input is been taken directly rather then being
-+serialized.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.TP
-+.PD
-+.B -m \fImeta\fP
-+Meta data to store with entry (serialized php data).
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B -e \fIentry\fP
-+Name of \fIentry\fP to work on (must include PHAR internal
-+directory name if any).
-+.TP
-+.PD
-+.B -k \fIindex\fP
-+Subscription \fIindex\fP to work on.
-+
-+.SH pack command
-+Pack files into a PHAR archive.
-+.P
-+When using -s <stub>, then the stub file is being excluded from the
-+list of input files/dirs.To create an archive that contains PEAR class
-+PHP_Archive then point -p argument to PHP/Archive.php.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.TP
-+.PD
-+.B ...
-+Any number of input files and directories. If -i is in
-+use then ONLY files and matching the given regular
-+expression are being packed. If -x is given then files
-+matching that regular expression are NOT being packed.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-a \fIalias\fP
-+Provide an \fIalias\fP name for the phar file.
-+.TP
-+.PD
-+.B \-b \fIbang\fP
-+Hash-bang line to start the archive (e.g. #!/usr/bin/php).
-+The hash mark itself '#!' and the newline character are optional.
-+.TP
-+.PD
-+.B \-c \fIalgo\fP
-+Compression algorithm (see
-+.SM
-+.B COMPRESSION
-+)
-+.TP
-+.PD
-+.B \-h \fIhash\fP
-+Selects the \fIhash\fP algorithm (see
-+.SM
-+.B HASH
-+)
-+.TP
-+.PD
-+.B \-i \fIregex\fP
-+Specifies a regular expression for input files.
-+.TP
-+.PD
-+.B \-l \fIlevel\fP
-+Number of preceding subdirectories to strip from file entries
-+.TP
-+.PD
-+.B \-p \fIloader\fP
-+Location of PHP_Archive class file (pear list-files
-+PHP_Archive).You can use '0' or '1' to locate it
-+automatically using the mentioned pear command. When
-+using '0' the command does not error out when the class
-+file cannot be located. This switch also adds some code
-+around the stub so that class PHP_Archive gets
-+registered as phar:// stream wrapper if necessary. And
-+finally this switch will add the file phar.inc from
-+this package and load it to ensure class Phar is
-+present.
-+.TP
-+.PD
-+.B \-s \fIstub\fP
-+Select the \fIstub\fP file.
-+.TP
-+.PD
-+.B \-x \fIregex\fP
-+Regular expression for input files to exclude.
-+.TP
-+.PD
-+.B \-y \fIkey\fP
-+Private \fIkey\fP for OpenSSL signing.
-+
-+.SH sign command
-+Set signature hash algorithm.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.TP
-+.PD
-+.B \-h \fIhash\fP
-+Selects the \fIhash\fP algorithm (see
-+.SM
-+.B HASH
-+)
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-y \fIkey\fP
-+Private \fIkey\fP for OpenSSL signing.
-+
-+.SH stub-get command
-+Get the stub of a PHAR file. If no output file is specified as stub then stdout
-+is being used.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-s \fIstub\fP
-+Select the \fIstub\fP file.
-+
-+.SH stub-set command
-+Set the stub of a PHAR file. If no input file is specified as stub then stdin
-+is being used.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-b \fIbang\fP
-+Hash-bang line to start the archive (e.g. #!/usr/bin/php).
-+The hash mark itself '#!' and the newline character are optional.
-+.TP
-+.PD
-+.B \-p \fIloader\fP
-+Location of PHP_Archive class file (pear list-files
-+PHP_Archive).You can use '0' or '1' to locate it
-+automatically using the mentioned pear command. When
-+using '0' the command does not error out when the class
-+file cannot be located. This switch also adds some code
-+around the stub so that class PHP_Archive gets
-+registered as phar:// stream wrapper if necessary. And
-+finally this switch will add the file phar.inc from
-+this package and load it to ensure class Phar is
-+present.
-+.TP
-+.PD
-+.B \-s \fIstub\fP
-+Select the \fIstub\fP file.
-+
-+
-+.SH tree command
-+Get a directory tree for a PHAR archive.
-+.P
-+Required arguments:
-+.TP 15
-+.PD
-+.B -f \fIfile\fP
-+Specifies the phar \fIfile\fP to work on.
-+.P
-+Optional arguments:
-+.TP 15
-+.PD
-+.B \-i \fIregex\fP
-+Specifies a regular expression for input files.
-+.TP
-+.PD
-+.B \-x \fIregex\fP
-+Regular expression for input files to exclude.
-+
-+.SH version command
-+Get information about the PHAR environment and the tool version.
-+
-+
-+.SH COMPRESSION
-+Algorithms:
-+.TP 15
-+.PD
-+.B 0
-+No compression
-+.TP
-+.PD
-+.B none
-+No compression
-+.TP
-+.PD
-+.B auto
-+Automatically select compression algorithm
-+.TP
-+.PD
-+.B gz
-+GZip compression
-+.TP
-+.PD
-+.B gzip
-+GZip compression
-+.TP
-+.PD
-+.B bz2
-+BZip2 compression
-+.TP
-+.PD
-+.B bzip2
-+BZip2 compression
-+
-+.SH HASH
-+Algorithms:
-+.TP 15
-+.PD
-+.TP
-+.PD
-+.B md5
-+MD5
-+.TP
-+.PD
-+.B sha1
-+SHA1
-+.TP
-+.PD
-+.B sha256
-+SHA256
-+.TP
-+.PD
-+.B sha512
-+SHA512
-+.TP
-+.PD
-+.B openssl
-+OpenSSL
-+
-+.SH SEE ALSO
-+For a more or less complete description of PHAR look here:
-+.PD 0
-+.P
-+.B http://php.net/phar
-+.PD 1
-+.P
-+.SH BUGS
-+You can view the list of known bugs or report any new bug you
-+found at:
-+.PD 0
-+.P
-+.B http://bugs.php.net
-+.PD 1
-+.SH AUTHORS
-+The PHP Group: Thies C. Arntzen, Stig Bakken, Andi Gutmans, Rasmus Lerdorf, Sam Ruby, Sascha Schumann, Zeev Suraski, Jim Winstead, Andrei Zmievski.
-+.P
-+Work for the PHP archive was done by Gregory Beaver, Marcus Boerger.
-+.P
-+A List of active developers can be found here:
-+.PD 0
-+.P
-+.B http://www.php.net/credits.php
-+.PD 1
-+.P
-+And last but not least PHP was developed with the help of a huge amount of
-+contributors all around the world.
-+.SH VERSION INFORMATION
-+This manpage describes \fBphar\fP, version @PHP_VERSION@.
-+.SH COPYRIGHT
-+Copyright \(co 1997\-2013 The PHP Group
-+.LP
-+This source file is subject to version 3.01 of the PHP license,
-+that is bundled with this package in the file LICENSE, and is
-+available through the world-wide-web at the following url:
-+.PD 0
-+.P
-+.B http://www.php.net/license/3_01.txt
-+.PD 1
-+.P
-+If you did not receive a copy of the PHP license and are unable to
-+obtain it through the world-wide-web, please send a note to
-+.B license@php.net
-+so we can mail you a copy immediately.
-diff --git a/ext/phar/phar.phar.1.in b/ext/phar/phar.phar.1.in
-new file mode 100644
-index 0000000..b5eecbf
---- /dev/null
-+++ b/ext/phar/phar.phar.1.in
-@@ -0,0 +1 @@
-+.so man1/phar.1
---
-1.7.11.5
-
->From 67817a199ca4c8bcff163cb005287c0087db6bf3 Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@php.net>
-Date: Tue, 2 Jul 2013 12:19:09 +0200
-Subject: [PATCH] fix typo in php man page
-
----
- sapi/cli/php.1.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/sapi/cli/php.1.in b/sapi/cli/php.1.in
-index 6f0266d..749baa8 100644
---- a/sapi/cli/php.1.in
-+++ b/sapi/cli/php.1.in
-@@ -2,7 +2,7 @@
- .SH NAME
- php \- PHP Command Line Interface 'CLI'
- .P
--php-cgi \- PHP Command Gateway Interface 'CGI'
-+php-cgi \- PHP Common Gateway Interface 'CGI' command
- .SH SYNOPSIS
- .B php
- [options] [
---
-1.7.11.5
-
diff --git a/php-5.4.18-bison.patch b/php-5.4.18-bison.patch
new file mode 100644
index 0000000..dd2481d
--- /dev/null
+++ b/php-5.4.18-bison.patch
@@ -0,0 +1,29 @@
+diff --git a/Zend/zend_language_parser.y b/Zend/zend_language_parser.y
+index ccbc9b1..6a9a24a 100644
+--- a/Zend/zend_language_parser.y
++++ b/Zend/zend_language_parser.y
+@@ -41,17 +41,19 @@ static YYSIZE_T zend_yytnamerr(char*, const char*);
+
+ #define YYERROR_VERBOSE
+ #define YYSTYPE znode
+-#ifdef ZTS
+-# define YYPARSE_PARAM tsrm_ls
+-# define YYLEX_PARAM tsrm_ls
+-#endif
+-
+
+ %}
+
+ %pure_parser
+ %expect 3
+
++%code requires {
++#ifdef ZTS
++# define YYPARSE_PARAM tsrm_ls
++# define YYLEX_PARAM tsrm_ls
++#endif
++}
++
+ %token END 0 "end of file"
+ %left T_INCLUDE T_INCLUDE_ONCE T_EVAL T_REQUIRE T_REQUIRE_ONCE
+ %token T_INCLUDE "include (T_INCLUDE)"
diff --git a/php54.spec b/php54.spec
index e2de3ac..d32a548 100644
--- a/php54.spec
+++ b/php54.spec
@@ -17,7 +17,7 @@
%ifarch ppc ppc64
%global oraclever 10.2.0.2
%else
-%global oraclever 11.2
+%global oraclever 12.1
%endif
# Regression tests take a long time, you can skip 'em with this
@@ -75,11 +75,11 @@
Summary: PHP scripting language for creating dynamic web sites
Name: php
-Version: 5.4.17
+Version: 5.4.18
%if 0%{?snapdate:1}%{?rcver:1}
Release: 0.5.%{?snapdate}%{?rcver}%{?dist}
%else
-Release: 2%{?dist}
+Release: 1%{?dist}
%endif
# All files licensed under PHP version 3.01, except
# Zend is licensed under Zend
@@ -109,13 +109,12 @@ Patch5: php-5.2.0-includedir.patch
Patch6: php-5.2.4-embed.patch
Patch7: php-5.3.0-recode.patch
Patch8: php-5.4.7-libdb.patch
+# Patch for https://bugs.php.net/65460
+Patch9: php-5.4.18-bison.patch
# Fixes for extension modules
# https://bugs.php.net/63171 no odbc call during timeout
Patch21: php-5.4.7-odbctimer.patch
-# https://bugs.php.net/65143 php-cgi man page
-# https://bugs.php.net/65142 phar man page
-Patch22: php-5.4.17-man.patch
# Functional changes
Patch40: php-5.4.0-dlopen.patch
@@ -133,7 +132,6 @@ Patch46: php-5.4.9-fixheader.patch
Patch47: php-5.4.9-phpinfo.patch
# Security fixes
-Patch60: php-5.4.17-CVE-2013-4013.patch
# Fixes for tests
@@ -161,6 +159,8 @@ BuildRequires: libtool-ltdl-devel
%if %{with_libzip}
BuildRequires: libzip-devel >= 0.10
%endif
+# Temporary for need for https://bugs.php.net/65460
+BuildRequires: bison
Obsoletes: php53, php53u, php54
Provides: php-zts = %{version}-%{release}
@@ -770,9 +770,12 @@ httpd -V | grep -q 'threaded:.*yes' && exit 1
%patch7 -p1 -b .recode
%patch8 -p1 -b .libdb
rm -f ext/json/utf8_to_utf16.*
+%if 0%{?fedora} > 10 || 0%{?rhel} > 5
+# bison >= 2.4
+%patch9 -p1 -b .bison
+%endif
%patch21 -p1 -b .odbctimer
-%patch22 -p1 -b .manpages
%patch40 -p1 -b .dlopen
%patch41 -p1 -b .easter
@@ -789,10 +792,13 @@ rm -f ext/json/utf8_to_utf16.*
%patch46 -p1 -b .fixheader
%patch47 -p1 -b .phpinfo
-%patch60 -p1 -b .cve4113
-
%patch91 -p1 -b .remi-oci8
+# Temporary workaround for https://bugs.php.net/65460
+# Regenerated bison files
+rm Zend/zend_{language,ini}_parser.[ch]
+./genfiles
+
# Prevent %%doc confusion over LICENSE files
cp Zend/LICENSE Zend/ZEND_LICENSE
@@ -1635,6 +1641,10 @@ fi
%changelog
+* Mon Aug 19 2013 Remi Collet <remi@fedoraproject.org> 5.4.18-1
+- update to 5.4.18, fix for CVE-2013-4248
+- php-oci8 build with oracle instantclient 12.1
+
* Fri Jul 12 2013 Remi Collet <rcollet@redhat.com> - 5.4.17-2
- add security fix for CVE-2013-4113
- add missing ASL 1.0 license
generated by cgit (git 2.34.1) at 2024-05-05 00:18:30 +0000