From nobody@FreeBSD.org  Sun Jul 22 07:28:15 2012
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id BECB1106568E
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 22 Jul 2012 07:28:15 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 91B8E8FC30
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 22 Jul 2012 07:28:15 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id q6M7SFZJ086022
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 22 Jul 2012 07:28:15 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id q6M7SF4R086021;
	Sun, 22 Jul 2012 07:28:15 GMT
	(envelope-from nobody)
Message-Id: <201207220728.q6M7SF4R086021@red.freebsd.org>
Date: Sun, 22 Jul 2012 07:28:15 GMT
From: Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [update] lang/php52 to 5.2.17_10 (20120721)
X-Send-Pr-Version: www-3.1
X-GNATS-Notify: admin@lissyara.su

>Number:         170063
>Category:       ports
>Synopsis:       [update] lang/php52 to 5.2.17_10 (20120721)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jul 22 07:30:05 UTC 2012
>Closed-Date:    Mon Jul 23 04:18:32 UTC 2012
>Last-Modified:  Thu Sep 20 01:20:05 UTC 2012
>Originator:     Svyatoslav Lempert
>Release:        
>Organization:
>Environment:
>Description:
- update backports patch to 20120721
- bump PORTREVISION

Fixes
CVE-2012-2688 (from PHP 5.3.15)
CVE-2012-0057
CVE-2011-1470 (was "bug 53579", but CVE marked this)
CVE-2011-1469 (was "bug 54092", but CVE team pointed)
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

diff -Nru php52.old/Makefile php52/Makefile
--- php52.old/Makefile	2012-06-30 23:00:58.000000000 +0000
+++ php52/Makefile	2012-07-21 18:32:00.000000000 +0000
@@ -7,7 +7,7 @@
 
 PORTNAME=	php52
 PORTVERSION=	5.2.17
-PORTREVISION=	9
+PORTREVISION=	10
 CATEGORIES?=	lang devel www
 MASTER_SITES=	${MASTER_SITE_PHP}
 MASTER_SITE_SUBDIR=	distributions
@@ -26,8 +26,8 @@
 MAKE_JOBS_SAFE=	yes
 
 # BACKPORTS patch for lang/php52 and all php52-extensions
-PATCHFILES=	php52-backports-security-20120526.patch
-PATCH_SITES=	http://php52-backports.googlecode.com/files/
+PATCHFILES=	php52-backports-security-20120721.patch
+PATCH_SITES+=	http://php52-backports.googlecode.com/files/
 
 .if !defined(PKGNAMESUFFIX)
 USE_AUTOTOOLS=	autoconf
diff -Nru php52.old/distinfo php52/distinfo
--- php52.old/distinfo	2012-06-30 23:00:58.000000000 +0000
+++ php52/distinfo	2012-07-21 18:33:52.000000000 +0000
@@ -1,7 +1,7 @@
 SHA256 (php-5.2.17.tar.bz2) = e81beb13ec242ab700e56f366e9da52fd6cf18961d155b23304ca870e53f116c
 SIZE (php-5.2.17.tar.bz2) = 9092312
-SHA256 (php52-backports-security-20120526.patch) = f5c62f44c2c040b89d14b55770aca7fae86d1f7c0f572f97d89550aec416d60d
-SIZE (php52-backports-security-20120526.patch) = 293532
+SHA256 (php52-backports-security-20120721.patch) = a8ef22aaf2c7c1ff43d4154709a465f1ae6afaf1aeb1e6a39e274dcf36e33499
+SIZE (php52-backports-security-20120721.patch) = 306125
 SHA256 (php-5.2.14-fpm-0.5.14-freebsd.patch.gz) = 354ce451417d14ef47761ae55147e9cee30fa0ff6f59447da021194c539f4d7f
 SIZE (php-5.2.14-fpm-0.5.14-freebsd.patch.gz) = 43550
 SHA256 (suhosin-patch-5.2.16-0.9.7.patch.gz) = aae115a318d80b3f32cedf876e7a8e4b932febb1b0c743c0b398003ebe122f91


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: edwin 
State-Changed-When: Sun Jul 22 07:30:16 UTC 2012 
State-Changed-Why:  
Awaiting maintainers feedback (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=170063 

From: Edwin Groothuis <edwin@FreeBSD.org>
To: admin@lissyara.su
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/170063: [update] lang/php52 to 5.2.17_10 (20120721)
Date: Sun, 22 Jul 2012 07:30:13 UT

 Maintainer of lang/php52,
 
 Please note that PR ports/170063 has just been submitted.
 
 If it contains a patch for an upgrade, an enhancement or a bug fix
 you agree on, reply to this email stating that you approve the patch
 and a committer will take care of it.
 
 The full text of the PR can be found at:
     http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/170063
 
 -- 
 Edwin Groothuis via the GNATS Auto Assign Tool
 edwin@FreeBSD.org

From: Alex Keda <admin@lissyara.su>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/170063: [update] lang/php52 to 5.2.17_10 (20120721)
Date: Sun, 22 Jul 2012 18:04:03 +0400

 please, commit this
 
State-Changed-From-To: feedback->closed 
State-Changed-By: rm 
State-Changed-When: Mon Jul 23 04:18:30 UTC 2012 
State-Changed-Why:  
Committed, thank you! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=170063 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/170063: commit references a PR
Date: Mon, 23 Jul 2012 04:14:21 +0000 (UTC)

 Author: rm
 Date: Mon Jul 23 04:14:11 2012
 New Revision: 301364
 URL: http://svn.freebsd.org/changeset/ports/301364
 
 Log:
   - update backports patch to 20120721
   - bump PORTREVISION
   
   PR:		170063
   Submitted by:	Svyatoslav Lempert <svyatoslav.lempert at gmail dot com>
   Approved by:	Alex Keda <admin at lissyara dot su> (maintainer)
 
 Modified:
   head/lang/php52/Makefile
   head/lang/php52/distinfo
 
 Modified: head/lang/php52/Makefile
 ==============================================================================
 --- head/lang/php52/Makefile	Mon Jul 23 01:43:03 2012	(r301363)
 +++ head/lang/php52/Makefile	Mon Jul 23 04:14:11 2012	(r301364)
 @@ -7,7 +7,7 @@
  
  PORTNAME=	php52
  PORTVERSION=	5.2.17
 -PORTREVISION=	9
 +PORTREVISION=	10
  CATEGORIES?=	lang devel www
  MASTER_SITES=	${MASTER_SITE_PHP}
  MASTER_SITE_SUBDIR=	distributions
 @@ -26,8 +26,8 @@ USE_BZIP2=	yes
  MAKE_JOBS_SAFE=	yes
  
  # BACKPORTS patch for lang/php52 and all php52-extensions
 -PATCHFILES=	php52-backports-security-20120526.patch
 -PATCH_SITES=	http://php52-backports.googlecode.com/files/
 +PATCHFILES=	php52-backports-security-20120721.patch
 +PATCH_SITES+=	http://php52-backports.googlecode.com/files/
  
  .if !defined(PKGNAMESUFFIX)
  USE_AUTOTOOLS=	autoconf
 
 Modified: head/lang/php52/distinfo
 ==============================================================================
 --- head/lang/php52/distinfo	Mon Jul 23 01:43:03 2012	(r301363)
 +++ head/lang/php52/distinfo	Mon Jul 23 04:14:11 2012	(r301364)
 @@ -1,7 +1,7 @@
  SHA256 (php-5.2.17.tar.bz2) = e81beb13ec242ab700e56f366e9da52fd6cf18961d155b23304ca870e53f116c
  SIZE (php-5.2.17.tar.bz2) = 9092312
 -SHA256 (php52-backports-security-20120526.patch) = f5c62f44c2c040b89d14b55770aca7fae86d1f7c0f572f97d89550aec416d60d
 -SIZE (php52-backports-security-20120526.patch) = 293532
 +SHA256 (php52-backports-security-20120721.patch) = a8ef22aaf2c7c1ff43d4154709a465f1ae6afaf1aeb1e6a39e274dcf36e33499
 +SIZE (php52-backports-security-20120721.patch) = 306125
  SHA256 (php-5.2.14-fpm-0.5.14-freebsd.patch.gz) = 354ce451417d14ef47761ae55147e9cee30fa0ff6f59447da021194c539f4d7f
  SIZE (php-5.2.14-fpm-0.5.14-freebsd.patch.gz) = 43550
  SHA256 (suhosin-patch-5.2.16-0.9.7.patch.gz) = aae115a318d80b3f32cedf876e7a8e4b932febb1b0c743c0b398003ebe122f91
 _______________________________________________
 svn-ports-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-ports-all
 To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/170063: commit references a PR
Date: Thu, 20 Sep 2012 01:10:20 +0000 (UTC)

 Author: bdrewery
 Date: Thu Sep 20 01:09:57 2012
 New Revision: 304558
 URL: http://svn.freebsd.org/changeset/ports/304558
 
 Log:
   - CVE-2012-2688 was addressed by php52-5.2.17_10
   
   PR:		ports/170063
   PR:		ports/171583
   Reported by:	Svyatoslav Lempert <svyatoslav.lempert@gmail.com>
   Security:	bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89
 
 Modified:
   head/security/vuxml/vuln.xml
 
 Modified: head/security/vuxml/vuln.xml
 ==============================================================================
 --- head/security/vuxml/vuln.xml	Thu Sep 20 00:03:25 2012	(r304557)
 +++ head/security/vuxml/vuln.xml	Thu Sep 20 01:09:57 2012	(r304558)
 @@ -2507,7 +2507,7 @@ Note:  Please add new entries to the beg
        </package>
        <package>
  	<name>php52</name>
 -	<range><le>5.2.17_10</le></range>
 +	<range><lt>5.2.17_10</lt></range>
        </package>
      </affects>
      <description>
 @@ -2526,6 +2526,7 @@ Note:  Please add new entries to the beg
      <dates>
        <discovery>2012-07-19</discovery>
        <entry>2012-07-23</entry>
 +      <modified>2012-09-19</modified>
      </dates>
    </vuln>
  
 _______________________________________________
 svn-ports-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-ports-all
 To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
 
>Unformatted:
