Revbump to fix http://bugs.php.net/bug.php?id=35067.

(Portage version: 2.0.53_rc6)

6 files changed, 206 insertions, 2 deletions

diff --git a/dev-php/php-cgi/ChangeLog b/dev-php/php-cgi/ChangeLog
index 1cb1c2db9d5e..b96df0907ebe 100644
--- a/dev-php/php-cgi/ChangeLog
+++ b/dev-php/php-cgi/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for dev-php/php-cgi
 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/dev-php/php-cgi/ChangeLog,v 1.106 2005/11/04 10:57:27 chtekk Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-php/php-cgi/ChangeLog,v 1.107 2005/11/04 12:11:00 chtekk Exp $
+
+*php-cgi-4.4.0-r5 (04 Nov 2005)
+*php-cgi-4.3.11-r5 (04 Nov 2005)
+
+  04 Nov 2005; Luca Longinotti <chtekk@gentoo.org>
+  +php-cgi-4.3.11-r5.ebuild, +php-cgi-4.4.0-r5.ebuild:
+  Revbump to fix http://bugs.php.net/bug.php?id=35067.
 
   04 Nov 2005; Luca Longinotti <chtekk@gentoo.org>
   files/php4.3.11-globals_overwrite.patch,
diff --git a/dev-php/php-cgi/Manifest b/dev-php/php-cgi/Manifest
index ecb4a1817b6c..58cd94c06ad8 100644
--- a/dev-php/php-cgi/Manifest
+++ b/dev-php/php-cgi/Manifest
@@ -1,11 +1,13 @@
-MD5 ee86d70cbb907c45aa1de1a795935379 ChangeLog 15793
+MD5 b70b3834faf9116091bd508e2839e11a ChangeLog 16021
 MD5 cc21a816357d93a1d31cd44f861183c7 files/digest-php-cgi-4.3.11-r1 287
 MD5 05df4c881b1833626d9a75a08a0098fd files/digest-php-cgi-4.3.11-r2 364
 MD5 05df4c881b1833626d9a75a08a0098fd files/digest-php-cgi-4.3.11-r4 364
+MD5 05df4c881b1833626d9a75a08a0098fd files/digest-php-cgi-4.3.11-r5 364
 MD5 09d7dee078c684b0de0e4de6209ef634 files/digest-php-cgi-4.4.0 285
 MD5 09d7dee078c684b0de0e4de6209ef634 files/digest-php-cgi-4.4.0-r1 285
 MD5 472ce8342d69fdad9d2a642b03b31bac files/digest-php-cgi-4.4.0-r2 362
 MD5 472ce8342d69fdad9d2a642b03b31bac files/digest-php-cgi-4.4.0-r4 362
+MD5 472ce8342d69fdad9d2a642b03b31bac files/digest-php-cgi-4.4.0-r5 362
 MD5 cdec3284251432935f950c2d15a405b7 files/php-4.3.11-flash.patch 694
 MD5 b2aa5952d5c805b3e57a5a6bf0f0b8d0 files/php-4.3.11-gmp.patch 925
 MD5 09637e8f6f861b1f3698ec0390ec6b57 files/php4.3.11-curl_safemode.patch 5129
@@ -30,7 +32,9 @@ MD5 38fe937e954ab7109395cefa86fcd2d4 metadata.xml 384
 MD5 ff97ecdd5c6b9744c3770bf335bb1157 php-cgi-4.3.11-r1.ebuild 1116
 MD5 f03786f41f7eb2be4bf8854c52d09f97 php-cgi-4.3.11-r2.ebuild 1866
 MD5 0c9a7ada8a0d25557a23085f12325d39 php-cgi-4.3.11-r4.ebuild 2792
+MD5 4258042523ab7acfdcbf019fd8767055 php-cgi-4.3.11-r5.ebuild 2795
 MD5 56118eb0c5d90c47c6f73c9db6eccb69 php-cgi-4.4.0-r1.ebuild 972
 MD5 d9deaac08b78b996c648e1cbc9640ffa php-cgi-4.4.0-r2.ebuild 1711
 MD5 806d1e1d7328261507b266b11849344a php-cgi-4.4.0-r4.ebuild 2631
+MD5 fd426d178a3c942d712c89cb91ddb5cb php-cgi-4.4.0-r5.ebuild 2634
 MD5 daa51bac42996b36311b5c6049f95b4e php-cgi-4.4.0.ebuild 972
diff --git a/dev-php/php-cgi/files/digest-php-cgi-4.3.11-r5 b/dev-php/php-cgi/files/digest-php-cgi-4.3.11-r5
new file mode 100644
index 000000000000..8a51d50e2303
--- /dev/null
+++ b/dev-php/php-cgi/files/digest-php-cgi-4.3.11-r5
@@ -0,0 +1,5 @@
+MD5 611cdddabfd71ffb724c428be33c14cb hardening-patch-4.3.11-0.3.2.patch.gz 80613
+MD5 fbc67d240812136a9842bc1f2a217b7a php-4.3.11.tar.bz2 4012575
+MD5 912ff94309b762563d0542db5187315f php-4.3.2-fopen-url-secure.patch 416
+MD5 fbb6b365f4c0263b1dfd498aef092a77 php-4.3.6-includepath.diff 285
+MD5 33be24619f3a10953f9e1e32beeee97a php-pcrelib-new-secpatch.tar.bz2 357619
diff --git a/dev-php/php-cgi/files/digest-php-cgi-4.4.0-r5 b/dev-php/php-cgi/files/digest-php-cgi-4.4.0-r5
new file mode 100644
index 000000000000..dfbd3919a8b5
--- /dev/null
+++ b/dev-php/php-cgi/files/digest-php-cgi-4.4.0-r5
@@ -0,0 +1,5 @@
+MD5 0a52b85692ebbc299e6b1f6d9d206691 hardening-patch-4.4.0-0.3.2.patch.gz 33347
+MD5 912ff94309b762563d0542db5187315f php-4.3.2-fopen-url-secure.patch 416
+MD5 fbb6b365f4c0263b1dfd498aef092a77 php-4.3.6-includepath.diff 285
+MD5 e85b606fe48198bfcd785e5a5b1c9613 php-4.4.0.tar.bz2 4086074
+MD5 33be24619f3a10953f9e1e32beeee97a php-pcrelib-new-secpatch.tar.bz2 357619
diff --git a/dev-php/php-cgi/php-cgi-4.3.11-r5.ebuild b/dev-php/php-cgi/php-cgi-4.3.11-r5.ebuild
new file mode 100644
index 000000000000..6d831338afd1
--- /dev/null
+++ b/dev-php/php-cgi/php-cgi-4.3.11-r5.ebuild
@@ -0,0 +1,95 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/dev-php/php-cgi/php-cgi-4.3.11-r5.ebuild,v 1.1 2005/11/04 12:11:00 chtekk Exp $
+
+PHPSAPI="cgi"
+inherit php-sapi eutils
+
+DESCRIPTION="PHP CGI"
+SLOT="0"
+IUSE="force-cgi-redirect"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~sparc ~x86"
+
+# for this revision only
+PDEPEND=">=${PHP_PROVIDER_PKG}-4.3.11"
+PROVIDE="${PROVIDE} virtual/httpd-php"
+
+# fixed PCRE library for security issues, bug #102373
+SRC_URI="${SRC_URI} http://gentoo.longitekk.com/php-pcrelib-new-secpatch.tar.bz2"
+
+src_unpack() {
+	php-sapi_src_unpack
+
+	# Bug 88756
+	use flash && epatch "${FILESDIR}/php-4.3.11-flash.patch"
+
+	# Bug 88795
+	use gmp && epatch "${FILESDIR}/php-4.3.11-gmp.patch"
+
+	# fix imap symlink creation, bug #105351
+	use imap && epatch "${FILESDIR}/php4.3.11-imap-symlink.diff"
+
+	# patch to fix pspell extension, bug #99312 (new patch by upstream)
+	use spell && epatch "${FILESDIR}/php4.3.11-pspell-ext-segf.patch"
+
+	# patch to fix safe_mode bypass in GD extension, bug #109669
+	if use gd || use gd-external ; then
+		epatch "${FILESDIR}/php4.3.11-gd_safe_mode.patch"
+	fi
+
+	# patch fo fix safe_mode bypass in CURL extension, bug #111032
+	use curl && epatch "${FILESDIR}/php4.3.11-curl_safemode.patch"
+
+	# patch $GLOBALS overwrite vulnerability, bug #111011 and bug #111014
+	epatch "${FILESDIR}/php4.3.11-globals_overwrite.patch"
+
+	# patch phpinfo() XSS vulnerability, bug #111015
+	epatch "${FILESDIR}/php4.3.11-phpinfo_xss.patch"
+
+	# patch open_basedir directory bypass, bug #102943
+	epatch "${FILESDIR}/php4.3.11-fopen_wrappers.patch"
+
+	# patch to fix session.save_path segfault and other issues in
+	# the apache2handler SAPI, bug #107602
+	epatch "${FILESDIR}/php4.3.11-session_save_path-segf.patch"
+
+	# we need to unpack the files here, the eclass doesn't handle this
+	cd "${WORKDIR}"
+	unpack php-pcrelib-new-secpatch.tar.bz2
+	cd "${S}"
+
+	# patch to fix PCRE library security issues, bug #102373
+	epatch "${FILESDIR}/php4.3.11-pcre-security.patch"
+
+	# sobstitute the bundled PCRE library with a fixed version for bug #102373
+	einfo "Updating bundled PCRE library"
+	rm -rf "${S}/ext/pcre/pcrelib" && mv -f "${WORKDIR}/pcrelib-new" "${S}/ext/pcre/pcrelib" || die "Unable to update the bundled PCRE library"
+}
+
+src_compile() {
+	# CLI needed to build stuff
+	myconf="${myconf} \
+		--enable-cgi \
+		--enable-cli \
+		--enable-fastcgi"
+
+	if use force-cgi-redirect; then
+		myconf="${myconf} --enable-force-cgi-redirect"
+	fi
+
+	php-sapi_src_compile
+}
+
+src_install() {
+	PHP_INSTALLTARGETS="install"
+	php-sapi_src_install
+
+	rm -f "${D}/usr/bin/php"
+	# rename binary
+	newbin "${S}/sapi/cgi/php" php-cgi
+}
+
+pkg_postinst() {
+	php-sapi_pkg_postinst
+	einfo "This is a CGI only build."
+}
diff --git a/dev-php/php-cgi/php-cgi-4.4.0-r5.ebuild b/dev-php/php-cgi/php-cgi-4.4.0-r5.ebuild
new file mode 100644
index 000000000000..d4d49a1dcd46
--- /dev/null
+++ b/dev-php/php-cgi/php-cgi-4.4.0-r5.ebuild
@@ -0,0 +1,88 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/dev-php/php-cgi/php-cgi-4.4.0-r5.ebuild,v 1.1 2005/11/04 12:11:00 chtekk Exp $
+
+PHPSAPI="cgi"
+inherit php-sapi eutils
+
+DESCRIPTION="PHP CGI"
+SLOT="0"
+IUSE="fastcgi force-cgi-redirect"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~sparc ~x86"
+
+# for this revision only
+PDEPEND=">=${PHP_PROVIDER_PKG}-4.4.0"
+PROVIDE="${PROVIDE} virtual/httpd-php"
+
+# fixed PCRE library for security issues, bug #102373
+SRC_URI="${SRC_URI} http://gentoo.longitekk.com/php-pcrelib-new-secpatch.tar.bz2"
+
+src_unpack() {
+	php-sapi_src_unpack
+
+	# fix imap symlink creation, bug #105351
+	use imap && epatch "${FILESDIR}/php4.4.0-imap-symlink.diff"
+
+	# patch to fix pspell extension, bug #99312 (new patch by upstream)
+	use spell && epatch "${FILESDIR}/php4.4.0-pspell-ext-segf.patch"
+
+	# patch to fix safe_mode bypass in GD extension, bug #109669
+	if use gd || use gd-external ; then
+		epatch "${FILESDIR}/php4.4.0-gd_safe_mode.patch"
+	fi
+
+	# patch fo fix safe_mode bypass in CURL extension, bug #111032
+	use curl && epatch "${FILESDIR}/php4.4.0-curl_safemode.patch"
+
+	# patch $GLOBALS overwrite vulnerability, bug #111011 and bug #111014
+	epatch "${FILESDIR}/php4.4.0-globals_overwrite.patch"
+
+	# patch phpinfo() XSS vulnerability, bug #111015
+	epatch "${FILESDIR}/php4.4.0-phpinfo_xss.patch"
+
+	# patch open_basedir directory bypass, bug #102943
+	epatch "${FILESDIR}/php4.4.0-fopen_wrappers.patch"
+
+	# patch to fix session.save_path segfault and other issues in
+	# the apache2handler SAPI, bug #107602
+	epatch "${FILESDIR}/php4.4.0-session_save_path-segf.patch"
+
+	# we need to unpack the files here, the eclass doesn't handle this
+	cd "${WORKDIR}"
+	unpack php-pcrelib-new-secpatch.tar.bz2
+	cd "${S}"
+
+	# patch to fix PCRE library security issues, bug #102373
+	epatch "${FILESDIR}/php4.4.0-pcre-security.patch"
+
+	# sobstitute the bundled PCRE library with a fixed version for bug #102373
+	einfo "Updating bundled PCRE library"
+	rm -rf "${S}/ext/pcre/pcrelib" && mv -f "${WORKDIR}/pcrelib-new" "${S}/ext/pcre/pcrelib" || die "Unable to update the bundled PCRE library"
+}
+
+src_compile() {
+	myconf="${myconf} --enable-cgi --disable-cli"
+
+	if use fastcgi; then
+		myconf="${myconf} --enable-fastcgi"
+	fi
+
+	if use force-cgi-redirect; then
+		myconf="${myconf} --enable-force-cgi-redirect"
+	fi
+
+	php-sapi_src_compile
+}
+
+src_install() {
+	PHP_INSTALLTARGETS="install"
+	php-sapi_src_install
+
+	# rename binary
+	newbin "${S}/sapi/cgi/php" php-cgi
+}
+
+pkg_postinst() {
+	php-sapi_pkg_postinst
+	einfo "This is a CGI only build."
+}