From owner-svn-ports-head@FreeBSD.ORG Sat Dec 14 23:30:39 2013 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E7D37CE1; Sat, 14 Dec 2013 23:30:38 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C7A9F16DE; Sat, 14 Dec 2013 23:30:38 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id rBENUcvX014557; Sat, 14 Dec 2013 23:30:38 GMT (envelope-from flo@svn.freebsd.org) Received: (from flo@localhost) by svn.freebsd.org (8.14.7/8.14.7/Submit) id rBENUb0T012996; Sat, 14 Dec 2013 23:30:37 GMT (envelope-from flo@svn.freebsd.org) Message-Id: <201312142330.rBENUb0T012996@svn.freebsd.org> From: Florian Smeets Date: Sat, 14 Dec 2013 23:30:37 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r336500 - in head: databases/php53-interbase databases/php53-pdo_firebird ftp/php53-curl lang/php53 lang/php53/files security/php53-openssl security/vuxml X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Dec 2013 23:30:39 -0000 Author: flo Date: Sat Dec 14 23:30:36 2013 New Revision: 336500 URL: http://svnweb.freebsd.org/changeset/ports/336500 Log: Update to 5.3.28 Security: 47b4e713-6513-11e3-868f-0025905a4771 Deleted: head/lang/php53/files/patch-ext_openssl_openssl.c Modified: head/databases/php53-interbase/Makefile head/databases/php53-pdo_firebird/Makefile head/ftp/php53-curl/Makefile head/lang/php53/Makefile head/lang/php53/distinfo head/security/php53-openssl/Makefile head/security/vuxml/vuln.xml Modified: head/databases/php53-interbase/Makefile ============================================================================== --- head/databases/php53-interbase/Makefile Sat Dec 14 23:23:45 2013 (r336499) +++ head/databases/php53-interbase/Makefile Sat Dec 14 23:30:36 2013 (r336500) @@ -1,6 +1,5 @@ # $FreeBSD$ -PORTREVISION= 1 CATEGORIES= databases MASTERDIR= ${.CURDIR}/../../lang/php53 Modified: head/databases/php53-pdo_firebird/Makefile ============================================================================== --- head/databases/php53-pdo_firebird/Makefile Sat Dec 14 23:23:45 2013 (r336499) +++ head/databases/php53-pdo_firebird/Makefile Sat Dec 14 23:30:36 2013 (r336500) @@ -1,6 +1,5 @@ # $FreeBSD$ -PORTREVISION= 2 CATEGORIES= databases MASTERDIR= ${.CURDIR}/../../lang/php53 Modified: head/ftp/php53-curl/Makefile ============================================================================== --- head/ftp/php53-curl/Makefile Sat Dec 14 23:23:45 2013 (r336499) +++ head/ftp/php53-curl/Makefile Sat Dec 14 23:30:36 2013 (r336500) @@ -1,7 +1,6 @@ # $FreeBSD$ CATEGORIES= ftp -PORTREVISION= 1 MASTERDIR= ${.CURDIR}/../../lang/php53 Modified: head/lang/php53/Makefile ============================================================================== --- head/lang/php53/Makefile Sat Dec 14 23:23:45 2013 (r336499) +++ head/lang/php53/Makefile Sat Dec 14 23:30:36 2013 (r336500) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= php53 -PORTVERSION= 5.3.27 +PORTVERSION= 5.3.28 PORTREVISION?= 0 CATEGORIES?= lang devel www MASTER_SITES= ${MASTER_SITE_PHP} Modified: head/lang/php53/distinfo ============================================================================== --- head/lang/php53/distinfo Sat Dec 14 23:23:45 2013 (r336499) +++ head/lang/php53/distinfo Sat Dec 14 23:30:36 2013 (r336500) @@ -1,5 +1,5 @@ -SHA256 (php-5.3.27.tar.bz2) = e12db21c623b82a2244c4dd9b06bb75af20868c1b748a105a6829a5acc36b287 -SIZE (php-5.3.27.tar.bz2) = 11432791 +SHA256 (php-5.3.28.tar.bz2) = 0cac960c651c4fbb3d21cf2f2b279a06e21948fb35a0d1439b97296cac1d8513 +SIZE (php-5.3.28.tar.bz2) = 11051714 SHA256 (suhosin-patch-5.3.x-0.9.10.4.patch.gz) = 694f81a68120df89589d20262389b25431f8f2485b81da7519ffbf39edef14fd SIZE (suhosin-patch-5.3.x-0.9.10.4.patch.gz) = 40805 SHA256 (php-5.3.x-mail-header.patch) = 5a677448b32d9f592703e2323a33facdb45e5c237dcca04aaea8ec3287f7db84 Modified: head/security/php53-openssl/Makefile ============================================================================== --- head/security/php53-openssl/Makefile Sat Dec 14 23:23:45 2013 (r336499) +++ head/security/php53-openssl/Makefile Sat Dec 14 23:30:36 2013 (r336500) @@ -1,7 +1,5 @@ # $FreeBSD$ -PORTREVISION= 1 - CATEGORIES= security MASTERDIR= ${.CURDIR}/../../lang/php53 Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sat Dec 14 23:23:45 2013 (r336499) +++ head/security/vuxml/vuln.xml Sat Dec 14 23:30:36 2013 (r336500) @@ -51,6 +51,53 @@ Note: Please add new entries to the beg --> + + PHP5 -- memory corruption in openssl_x509_parse() + + + php5 + 5.4.05.4.23 + + + php53 + 5.3.28 + + + php55 + 5.5.05.5.7 + + + + +

Stefan Esser reports:

+
+

The PHP function openssl_x509_parse() uses a helper function + called asn1_time_to_time_t() to convert timestamps from ASN1 + string format into integer timestamp values. The parser within + this helper function is not binary safe and can therefore be + tricked to write up to five NUL bytes outside of an allocated + buffer.

+

This problem can be triggered by x509 certificates that contain + NUL bytes in their notBefore and notAfter timestamp fields and + leads to a memory corruption that might result in arbitrary + code execution.

+

Depending on how openssl_x509_parse() is used within a PHP + application the attack requires either a malicious cert signed + by a compromised/malicious CA or can be carried out with a + self-signed cert.

+
+ +
+ + CVE-2013-6420 + https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html + + + 2013-12-13 + 2013-12-14 + +
+ mozilla -- multiple vulnerabilities