From b0bc4844ac4ec572c796568a3400ad17d8f3d3f6 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Wed, 21 Jun 2017 11:24:47 +0200 Subject: 7.1.7RC1 --- failed.txt | 6 +- php-onigurama.patch | 181 ---------------------------------------------------- php.spec | 15 +++-- 3 files changed, 13 insertions(+), 189 deletions(-) delete mode 100644 php-onigurama.patch diff --git a/failed.txt b/failed.txt index 20fea31..ad7d2a4 100644 --- a/failed.txt +++ b/failed.txt @@ -1,15 +1,17 @@ -===== 7.1.6 (2017-06-08) +===== 7.1.7RC1 (2017-06-22) $ grep -r 'Tests failed' /var/lib/mock/scl71*/build.log /var/lib/mock/scl70el6x/build.log:Tests failed : 0 -/var/lib/mock/scl70el7x/build.log:Tests failed : 0 +/var/lib/mock/scl70el7x/build.log:Tests failed : 1 /var/lib/mock/scl70fc23x/build.log:Tests failed : 0 /var/lib/mock/scl70fc24x/build.log:Tests failed : 0 /var/lib/mock/scl70fc25x/build.log:Tests failed : 0 /var/lib/mock/scl70fc26x/build.log:Tests failed : 0 +el7x + (1) Bug #60120 proc_open hangs with stdin/out with 2048+ bytes [ext/standard/tests/streams/proc_open_bug60120.phpt] (1) proc_open give erratic test results :( diff --git a/php-onigurama.patch b/php-onigurama.patch deleted file mode 100644 index f4e3c1f..0000000 --- a/php-onigurama.patch +++ /dev/null @@ -1,181 +0,0 @@ -From 1e0c4386ab87c6f6392933450130470cbd1a2b19 Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Tue, 30 May 2017 15:35:42 +0200 -Subject: [PATCH] Patch from the upstream git - https://github.com/kkos/oniguruma/issues/55 (CVE-2017-9226) - b4bf968ad52afe14e60a2dc8a95d3555c543353a Modified for onig 5.9.6 - f015fbdd95f76438cd86366467bb2b39870dd7c6 Modified for onig 5.9.6 - -Thanks to Mamoru TASAKA ---- - ext/mbstring/oniguruma/regparse.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/ext/mbstring/oniguruma/regparse.c b/ext/mbstring/oniguruma/regparse.c -index bf72300..c6822e6 100644 ---- a/ext/mbstring/oniguruma/regparse.c -+++ b/ext/mbstring/oniguruma/regparse.c -@@ -3064,7 +3064,7 @@ fetch_token_in_cc(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env) - PUNFETCH; - prev = p; - num = scan_unsigned_octal_number(&p, end, 3, enc); -- if (num < 0) return ONIGERR_TOO_BIG_NUMBER; -+ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; - if (p == prev) { /* can't read nothing. */ - num = 0; /* but, it's not error */ - } -@@ -3436,7 +3436,7 @@ fetch_token(OnigToken* tok, UChar** src, UChar* end, ScanEnv* env) - if (IS_SYNTAX_OP(syn, ONIG_SYN_OP_ESC_OCTAL3)) { - prev = p; - num = scan_unsigned_octal_number(&p, end, (c == '0' ? 2:3), enc); -- if (num < 0) return ONIGERR_TOO_BIG_NUMBER; -+ if (num < 0 || num >= 256) return ONIGERR_TOO_BIG_NUMBER; - if (p == prev) { /* can't read nothing. */ - num = 0; /* but, it's not error */ - } -@@ -4084,7 +4084,11 @@ next_state_val(CClassNode* cc, OnigCodePoint *vs, OnigCodePoint v, - switch (*state) { - case CCS_VALUE: - if (*type == CCV_SB) -+ { -+ if (*vs > 0xff) -+ return ONIGERR_INVALID_CODE_POINT_VALUE; - BITSET_SET_BIT(cc->bs, (int )(*vs)); -+ } - else if (*type == CCV_CODE_POINT) { - r = add_code_range(&(cc->mbuf), env, *vs, *vs); - if (r < 0) return r; --- -2.1.4 - -From 60b1829e1cd18facc696264fd830c4bbd593cfa9 Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Tue, 30 May 2017 15:37:11 +0200 -Subject: [PATCH] Patch from the upstream git - https://github.com/kkos/oniguruma/issues/57 (CVE-2017-9224) - -Thanks to Mamoru TASAKA ---- - ext/mbstring/oniguruma/regexec.c | 5 ----- - 1 file changed, 5 deletions(-) - -diff --git a/ext/mbstring/oniguruma/regexec.c b/ext/mbstring/oniguruma/regexec.c -index 7430d78..5e26896 100644 ---- a/ext/mbstring/oniguruma/regexec.c -+++ b/ext/mbstring/oniguruma/regexec.c -@@ -1425,14 +1425,9 @@ match_at(regex_t* reg, const UChar* str, const UChar* end, - break; - - case OP_EXACT1: MOP_IN(OP_EXACT1); --#if 0 - DATA_ENSURE(1); - if (*p != *s) goto fail; - p++; s++; --#endif -- if (*p != *s++) goto fail; -- DATA_ENSURE(0); -- p++; - MOP_OUT; - break; - --- -2.1.4 - -From 6a8ae7cf8db3ec8dabfd027e01cdbcbb52654c90 Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Tue, 30 May 2017 15:38:17 +0200 -Subject: [PATCH] Patch from the upstream git - https://github.com/kkos/oniguruma/issues/58 (CVE-2017-9227) - -Thanks to Mamoru TASAKA ---- - ext/mbstring/oniguruma/regexec.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/ext/mbstring/oniguruma/regexec.c b/ext/mbstring/oniguruma/regexec.c -index 5e26896..97d5f32 100644 ---- a/ext/mbstring/oniguruma/regexec.c -+++ b/ext/mbstring/oniguruma/regexec.c -@@ -3123,6 +3123,8 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s, - } - else { - UChar *q = p + reg->dmin; -+ -+ if (q >= end) return 0; /* fail */ - while (p < q) p += enclen(reg->enc, p); - } - } --- -2.1.4 - -From 5416deec665db293ae25548828791453d776a6bf Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Tue, 30 May 2017 15:39:21 +0200 -Subject: [PATCH] Patch from the upstream git - https://github.com/kkos/oniguruma/issues/59 (CVE-2017-9229) - b690371bbf97794b4a1d3f295d4fb9a8b05d402d Modified for onig 5.9.6 - -Thanks to Mamoru TASAKA ---- - ext/mbstring/oniguruma/regexec.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/ext/mbstring/oniguruma/regexec.c b/ext/mbstring/oniguruma/regexec.c -index 97d5f32..42a31bd 100644 ---- a/ext/mbstring/oniguruma/regexec.c -+++ b/ext/mbstring/oniguruma/regexec.c -@@ -3205,7 +3205,13 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s, - else { - if (reg->dmax != ONIG_INFINITE_DISTANCE) { - *low = p - reg->dmax; -- if (*low > s) { -+ if (p - str < reg->dmax) { -+ *low = (UChar* )str; -+ if (low_prev) -+ *low_prev = onigenc_get_prev_char_head(reg->enc, str, *low); -+ } -+ else { -+ if (*low > s) { - *low = onigenc_get_right_adjust_char_head_with_prev(reg->enc, s, - *low, (const UChar** )low_prev); - if (low_prev && IS_NULL(*low_prev)) -@@ -3218,6 +3224,7 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s, - (pprev ? pprev : str), *low); - } - } -+ } - } - /* no needs to adjust *high, *high is used as range check only */ - *high = p - reg->dmin; --- -2.1.4 - -From 1c845d295037702d63097e2216b3c5db53f79273 Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Tue, 30 May 2017 15:40:32 +0200 -Subject: [PATCH] Patch from the upstream git - https://github.com/kkos/oniguruma/issues/60 (CVE-2017-9228) - -Thanks to Mamoru TASAKA ---- - ext/mbstring/oniguruma/regparse.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/ext/mbstring/oniguruma/regparse.c b/ext/mbstring/oniguruma/regparse.c -index c6822e6..d2925f1 100644 ---- a/ext/mbstring/oniguruma/regparse.c -+++ b/ext/mbstring/oniguruma/regparse.c -@@ -4068,7 +4068,9 @@ next_state_class(CClassNode* cc, OnigCodePoint* vs, enum CCVALTYPE* type, - } - } - -- *state = CCS_VALUE; -+ if (*state != CCS_START) -+ *state = CCS_VALUE; -+ - *type = CCV_CLASS; - return 0; - } --- -2.1.4 - diff --git a/php.spec b/php.spec index b082d3a..fd7abc4 100644 --- a/php.spec +++ b/php.spec @@ -26,7 +26,7 @@ %global zendver 20160303 %global pdover 20150127 # Extension version -%global oci8ver 2.1.4 +%global oci8ver 2.1.5 # Adds -z now to the linker flags %global _hardened_build 1 @@ -55,7 +55,7 @@ %global mysql_sock %(mysql_config --socket 2>/dev/null || echo /var/lib/mysql/mysql.sock) -%global oraclever 12.1 +%global oraclever 12.2 # Build for LiteSpeed Web Server (LSAPI) %global with_lsws 1 @@ -124,8 +124,8 @@ %global db_devel libdb-devel %endif -%global upver 7.1.6 -#global rcver RC1 +%global upver 7.1.7 +%global rcver RC1 Summary: PHP scripting language for creating dynamic web sites @@ -187,7 +187,6 @@ Patch91: php-5.6.3-oci8conf.patch # Upstream fixes (100+) # Security fixes (200+) -Patch200: php-onigurama.patch # Fixes for tests (300+) # Factory is droped from system tzdata @@ -894,7 +893,6 @@ support for JavaScript Object Notation (JSON) to PHP. # upstream patches # security patches -%patch200 -p1 -b .onig # Fixes for tests %patch300 -p1 -b .datetests @@ -1815,6 +1813,11 @@ fi %changelog +* Wed Jun 21 2017 Remi Collet - 7.1.7~RC1-1 +- Update to 7.1.7RC1 +- oci8 version is now 2.1.5 +- use oracle instant client version 12.2 + * Wed Jun 7 2017 Remi Collet - 7.1.6-1 - Update to 7.1.6 - http://www.php.net/releases/7_1_6.php - add upstream security patches for oniguruma -- cgit