rpms/php/FC-6 php-5.1.6-CVE-2007-1864.patch, NONE, 1.1 php-5.1.6-ftpcrlf.patch, NONE, 1.1 php-5.1.6-soapredir.patch, NONE, 1.1 php.spec, 1.125, 1.126
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed May 9 15:08:44 UTC 2007
- Previous message (by thread): rpms/freeradius/devel freeradius-1.0.1-CVE-2007-2028.patch, NONE, 1.1 freeradius.spec, 1.41, 1.42
- Next message (by thread): rpms/php/FC-5 php-5.1.6-CVE-2007-1864.patch, NONE, 1.1 php-5.1.6-ftpcrlf.patch, NONE, 1.1 php-5.1.6-soapredir.patch, NONE, 1.1 php.spec, 1.118, 1.119
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jorton
Update of /cvs/dist/rpms/php/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv16854
Modified Files:
php.spec
Added Files:
php-5.1.6-CVE-2007-1864.patch php-5.1.6-ftpcrlf.patch
php-5.1.6-soapredir.patch
Log Message:
* Wed May 9 2007 Joe Orton <jorton at redhat.com> 5.1.6-3.6.fc6
- add security fixes for CVE-2007-1864, CVE-2007-2509, CVE-2007-2510 (#235016)
- add README.FastCGI to -cli subpackage (#236555)
php-5.1.6-CVE-2007-1864.patch:
xml_to_soap.c | 2 +-
1 files changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE php-5.1.6-CVE-2007-1864.patch ---
--- php-5.1.6/ext/xmlrpc/libxmlrpc/xml_to_soap.c.cve1864
+++ php-5.1.6/ext/xmlrpc/libxmlrpc/xml_to_soap.c
@@ -75,7 +75,7 @@
}
struct array_info {
- char kids_type[30];
+ char kids_type[128];
unsigned long size;
/* ... ? */
};
php-5.1.6-ftpcrlf.patch:
ftp.c | 6 ++++++
1 files changed, 6 insertions(+)
--- NEW FILE php-5.1.6-ftpcrlf.patch ---
CVE-2007-2509
--- php-5.1.6/ext/ftp/ftp.c.ftpcrlf
+++ php-5.1.6/ext/ftp/ftp.c
@@ -1103,12 +1103,18 @@
int size;
char *data;
+ if (strpbrk(cmd, "\r\n")) {
+ return 0;
+ }
/* build the output buffer */
if (args && args[0]) {
/* "cmd args\r\n\0" */
if (strlen(cmd) + strlen(args) + 4 > FTP_BUFSIZE) {
return 0;
}
+ if (strpbrk(args, "\r\n")) {
+ return 0;
+ }
size = sprintf(ftp->outbuf, "%s %s\r\n", cmd, args);
} else {
/* "cmd\r\n\0" */
php-5.1.6-soapredir.patch:
php_http.c | 23 ++++++++++++-----------
1 files changed, 12 insertions(+), 11 deletions(-)
--- NEW FILE php-5.1.6-soapredir.patch ---
CVE-2007-2510
--- php-5.1.6/ext/soap/php_http.c.soapredir
+++ php-5.1.6/ext/soap/php_http.c
@@ -891,19 +891,20 @@
efree(http_body);
efree(loc);
if (new_url->scheme == NULL && new_url->path != NULL) {
- new_url->scheme = estrdup(phpurl->scheme);
- new_url->host = estrdup(phpurl->host);
+ new_url->scheme = NULL;
+ new_url->host = phpurl->host ? estrdup(phpurl->host) : NULL;
new_url->port = phpurl->port;
if (new_url->path && new_url->path[0] != '/') {
- char *t = phpurl->path?phpurl->path:"/";
- char *p = strrchr(t, '/');
- char *s = emalloc((p - t) + strlen(new_url->path) + 2);
-
- strncpy(s, t, (p - t) + 1);
- s[(p - t) + 1] = 0;
- strcat(s, new_url->path);
- efree(new_url->path);
- new_url->path = s;
+ char *t = phpurl->path;
+ char *p = t ? strrchr(t, '/') : NULL;
+ if (p) {
+ char *s = emalloc((p - t) + strlen(new_url->path) + 2);
+ strncpy(s, t, (p - t) + 1);
+ s[(p - t) + 1] = 0;
+ strcat(s, new_url->path);
+ efree(new_url->path);
+ new_url->path = s;
+ }
}
}
phpurl = new_url;
Index: php.spec
===================================================================
RCS file: /cvs/dist/rpms/php/FC-6/php.spec,v
retrieving revision 1.125
retrieving revision 1.126
diff -u -r1.125 -r1.126
--- php.spec 5 Apr 2007 13:30:42 -0000 1.125
+++ php.spec 9 May 2007 15:08:42 -0000 1.126
@@ -6,7 +6,7 @@
Summary: The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Name: php
Version: 5.1.6
-Release: 3.5%{?dist}
+Release: 3.6%{?dist}
License: The PHP License v3.01
Group: Development/Languages
URL: http://www.php.net/
@@ -52,6 +52,9 @@
Patch81: php-5.1.6-CVE-2007-0455.patch
Patch82: php-5.1.6-CVE-2007-1001.patch
Patch83: php-5.1.6-CVE-2007-1718.patch
+Patch84: php-5.1.6-CVE-2007-1864.patch
+Patch85: php-5.1.6-soapredir.patch
+Patch86: php-5.1.6-ftpcrlf.patch
BuildRoot: %{_tmppath}/%{name}-root
@@ -341,6 +344,9 @@
%patch81 -p1 -b .cve0455
%patch82 -p1 -b .cve1001
%patch83 -p1 -b .cve1718
+%patch84 -p1 -b .cve1864
+%patch85 -p1 -b .soapredir
+%patch86 -p1 -b .ftpcrlf
# Prevent %%doc confusion over LICENSE files
cp Zend/LICENSE Zend/ZEND_LICENSE
@@ -636,6 +642,7 @@
%{_bindir}/php
%{_bindir}/php-cgi
%{_mandir}/man1/php.1*
+%doc sapi/cli/README.FastCGI
%files devel
%defattr(-,root,root)
@@ -664,6 +671,10 @@
%files pdo -f files.pdo
%changelog
+* Wed May 9 2007 Joe Orton <jorton at redhat.com> 5.1.6-3.6.fc6
+- add security fixes for CVE-2007-1864, CVE-2007-2509, CVE-2007-2510 (#235016)
+- add README.FastCGI to -cli subpackage (#236555)
+
* Thu Apr 5 2007 Joe Orton <jorton at redhat.com> 5.1.6-3.5.fc6
- add security fixes for CVE-2007-0455, CVE-2007-1001,
CVE-2007-1285, CVE-2007-1583, CVE-2007-1718 (#235364)
- Previous message (by thread): rpms/freeradius/devel freeradius-1.0.1-CVE-2007-2028.patch, NONE, 1.1 freeradius.spec, 1.41, 1.42
- Next message (by thread): rpms/php/FC-5 php-5.1.6-CVE-2007-1864.patch, NONE, 1.1 php-5.1.6-ftpcrlf.patch, NONE, 1.1 php-5.1.6-soapredir.patch, NONE, 1.1 php.spec, 1.118, 1.119
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list