From owner-svn-ports-all@FreeBSD.ORG  Mon Jul 23 14:39:49 2012
Return-Path: <owner-svn-ports-all@FreeBSD.ORG>
Delivered-To: svn-ports-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 84F97106566B;
	Mon, 23 Jul 2012 14:39:49 +0000 (UTC) (envelope-from flo@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id 6EA1E8FC14;
	Mon, 23 Jul 2012 14:39:49 +0000 (UTC)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q6NEdngg018635;
	Mon, 23 Jul 2012 14:39:49 GMT (envelope-from flo@svn.freebsd.org)
Received: (from flo@localhost)
	by svn.freebsd.org (8.14.4/8.14.4/Submit) id q6NEdmTr018630;
	Mon, 23 Jul 2012 14:39:48 GMT (envelope-from flo@svn.freebsd.org)
Message-Id: <201207231439.q6NEdmTr018630@svn.freebsd.org>
From: Florian Smeets <flo@FreeBSD.org>
Date: Mon, 23 Jul 2012 14:39:48 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
	svn-ports-head@freebsd.org
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r301401 - in head: databases/php53-pdo_mysql lang/php53
	security/vuxml
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
	<mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
	<mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jul 2012 14:39:49 -0000

Author: flo
Date: Mon Jul 23 14:39:48 2012
New Revision: 301401
URL: http://svn.freebsd.org/changeset/ports/301401

Log:
  - update to 5.3.15
  - document php vulnerabilities
  
  Security:	http://www.vuxml.org/freebsd/bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89.html

Modified:
  head/databases/php53-pdo_mysql/Makefile
  head/lang/php53/Makefile   (contents, props changed)
  head/lang/php53/distinfo   (contents, props changed)
  head/security/vuxml/vuln.xml   (contents, props changed)

Modified: head/databases/php53-pdo_mysql/Makefile
==============================================================================
--- head/databases/php53-pdo_mysql/Makefile	Mon Jul 23 14:25:13 2012	(r301400)
+++ head/databases/php53-pdo_mysql/Makefile	Mon Jul 23 14:39:48 2012	(r301401)
@@ -5,8 +5,6 @@
 # $FreeBSD$
 #
 
-PORTREVISION=	1
-
 CATEGORIES=	databases
 
 MASTERDIR=	${.CURDIR}/../../lang/php53

Modified: head/lang/php53/Makefile
==============================================================================
--- head/lang/php53/Makefile	Mon Jul 23 14:25:13 2012	(r301400)
+++ head/lang/php53/Makefile	Mon Jul 23 14:39:48 2012	(r301401)
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	php53
-PORTVERSION=	5.3.14
+PORTVERSION=	5.3.15
 PORTREVISION?=	0
 CATEGORIES?=	lang devel www
 MASTER_SITES=	${MASTER_SITE_PHP}

Modified: head/lang/php53/distinfo
==============================================================================
--- head/lang/php53/distinfo	Mon Jul 23 14:25:13 2012	(r301400)
+++ head/lang/php53/distinfo	Mon Jul 23 14:39:48 2012	(r301401)
@@ -1,5 +1,5 @@
-SHA256 (php-5.3.14.tar.bz2) = c8075b6e83c5db0d26cc8426a7456856421089a76c963813b1fcac3ced041cb3
-SIZE (php-5.3.14.tar.bz2) = 11408016
+SHA256 (php-5.3.15.tar.bz2) = f9b725659e64228a60883bd134afe1f638900b6b8fa93ba98053095b0892f1ef
+SIZE (php-5.3.15.tar.bz2) = 11307865
 SHA256 (suhosin-patch-5.3.x-0.9.10.patch.gz) = 4438caeab0a10c6c94aee9f7eaa703f5799f97d4e0579f43a947bb7314e38317
 SIZE (suhosin-patch-5.3.x-0.9.10.patch.gz) = 40967
 SHA256 (php-5.3.x-mail-header.patch) = 5a677448b32d9f592703e2323a33facdb45e5c237dcca04aaea8ec3287f7db84

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Mon Jul 23 14:25:13 2012	(r301400)
+++ head/security/vuxml/vuln.xml	Mon Jul 23 14:39:48 2012	(r301401)
@@ -52,6 +52,41 @@ Note:  Please add new entries to the beg
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="bdab0acd-d4cd-11e1-8a1c-14dae9ebcf89">
+    <topic>php -- potential overflow in _php_stream_scandir</topic>
+    <affects>
+      <package>
+	<name>php5</name>
+	<range><gt>5.4</gt><lt>5.4.5</lt></range>
+      </package>
+      <package>
+	<name>php53</name>
+	<range><lt>5.3.15</lt></range>
+      </package>
+      <package>
+	<name>php52</name>
+	<range><le>5.2.17_10</le></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>The PHP Development Team reports:</p>
+	<blockquote cite="http://www.php.net/archive/2012.php#id2012-07-19-1">
+	  <p>The release of PHP 5.4.15 and 5.4.5 fix a potential overflow in
+	    _php_stream_scandir</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+	<cvename>CVE-2012-2688</cvename>
+	<url>http://www.php.net/archive/2012.php#id2012-07-19-1</url>
+    </references>
+    <dates>
+      <discovery>2012-07-19</discovery>
+      <entry>2012-07-23</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="ce82bfeb-d276-11e1-92c6-14dae938ec40">
     <topic>dns/nsd -- DoS vulnerability from non-standard DNS packet</topic>
     <affects>