From owner-svn-ports-all@FreeBSD.ORG  Fri May  2 17:48:15 2014
Return-Path: <owner-svn-ports-all@FreeBSD.ORG>
Delivered-To: svn-ports-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 8960854A;
 Fri,  2 May 2014 17:48:15 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 76091170F;
 Fri,  2 May 2014 17:48:15 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s42HmF3c069419;
 Fri, 2 May 2014 17:48:15 GMT (envelope-from flo@svn.freebsd.org)
Received: (from flo@localhost)
 by svn.freebsd.org (8.14.8/8.14.8/Submit) id s42HmEcd069412;
 Fri, 2 May 2014 17:48:14 GMT (envelope-from flo@svn.freebsd.org)
Message-Id: <201405021748.s42HmEcd069412@svn.freebsd.org>
From: Florian Smeets <flo@FreeBSD.org>
Date: Fri, 2 May 2014 17:48:14 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r352831 - in head/lang: php53 php53-extensions php53/files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 May 2014 17:48:15 -0000

Author: flo
Date: Fri May  2 17:48:14 2014
New Revision: 352831
URL: http://svnweb.freebsd.org/changeset/ports/352831
QAT: https://qat.redports.org/buildarchive/r352831/

Log:
  - Fix CVE-2014-0185 via patch until 5.3.29 is released
  - Use DEFAULT_VERSIONS [1]
  
  PR:		ports/188061 [1]
  Submitted by:	Spil <spil.oss@gmail.com> [1]
  MFH:		2014Q2

Added:
  head/lang/php53/files/patch-cve-2014-0185   (contents, props changed)
Modified:
  head/lang/php53-extensions/Makefile
  head/lang/php53/Makefile
  head/lang/php53/Makefile.ext

Modified: head/lang/php53-extensions/Makefile
==============================================================================
--- head/lang/php53-extensions/Makefile	Fri May  2 17:23:53 2014	(r352830)
+++ head/lang/php53-extensions/Makefile	Fri May  2 17:48:14 2014	(r352831)
@@ -11,8 +11,8 @@ EXTRACT_ONLY=	# none
 MAINTAINER=	flo@FreeBSD.org
 COMMENT=	A "meta-port" to install PHP extensions
 
-DEFAULT_PHP_VER=53
-IGNORE_WITH_PHP=5 52
+PHP_DEFAULT=	53
+IGNORE_WITH_PHP=5 52 55
 USE_PHP_BUILD=	yes
 
 NO_BUILD=	yes

Modified: head/lang/php53/Makefile
==============================================================================
--- head/lang/php53/Makefile	Fri May  2 17:23:53 2014	(r352830)
+++ head/lang/php53/Makefile	Fri May  2 17:48:14 2014	(r352831)
@@ -3,7 +3,7 @@
 
 PORTNAME=	php53
 PORTVERSION=	5.3.28
-PORTREVISION?=	1
+PORTREVISION?=	2
 CATEGORIES?=	lang devel www
 MASTER_SITES=	${MASTER_SITE_PHP}
 MASTER_SITE_SUBDIR=	distributions
@@ -14,7 +14,7 @@ COMMENT=	PHP Scripting Language
 
 LATEST_LINK=	${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}
 
-USE_BZIP2=	yes
+USES=tar:bzip2
 .if !defined(PKGNAMESUFFIX)
 USE_AUTOTOOLS=	autoconf
 

Modified: head/lang/php53/Makefile.ext
==============================================================================
--- head/lang/php53/Makefile.ext	Fri May  2 17:23:53 2014	(r352830)
+++ head/lang/php53/Makefile.ext	Fri May  2 17:48:14 2014	(r352831)
@@ -3,8 +3,8 @@ COMMENT=	The ${PHP_MODNAME} shared exten
 USE_PHP=	yes
 USE_PHPEXT=	yes
 PHP_MODNAME=	${PKGNAMESUFFIX:S/-//}
-DEFAULT_PHP_VER=53
-IGNORE_WITH_PHP=52 5
+PHP_DEFAULT=	53
+IGNORE_WITH_PHP=52 5 55
 
 EXTSUBDIR=	${DISTNAME}/ext/${PHP_MODNAME}
 WRKSRC=		${WRKDIR}/${EXTSUBDIR}

Added: head/lang/php53/files/patch-cve-2014-0185
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/lang/php53/files/patch-cve-2014-0185	Fri May  2 17:48:14 2014	(r352831)
@@ -0,0 +1,26 @@
+--- sapi/fpm/fpm/fpm_unix.c.orig	2014-05-02 19:01:53.759889551 +0200
++++ sapi/fpm/fpm/fpm_unix.c	2014-05-02 19:02:05.029888255 +0200
+@@ -35,7 +35,7 @@
+ 	/* uninitialized */
+ 	wp->socket_uid = -1;
+ 	wp->socket_gid = -1;
+-	wp->socket_mode = 0666;
++	wp->socket_mode = 0660;
+ 
+ 	if (!c) {
+ 		return 0;
+--- sapi/fpm/php-fpm.conf.in.orig	2014-05-02 19:03:03.746956989 +0200
++++ sapi/fpm/php-fpm.conf.in	2014-05-02 19:02:37.651887275 +0200
+@@ -158,10 +158,10 @@
+ ; permissions must be set in order to allow connections from a web server. Many
+ ; BSD-derived systems allow connections regardless of permissions. 
+ ; Default Values: user and group are set as the running user
+-;                 mode is set to 0666
++;                 mode is set to 0660
+ ;listen.owner = @php_fpm_user@
+ ;listen.group = @php_fpm_group@
+-;listen.mode = 0666
++;listen.mode = 0660
+  
+ ; List of ipv4 addresses of FastCGI clients which are allowed to connect.
+ ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original