aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndy Postnikov <apostnikov@gmail.com>2022-10-21 18:07:52 +0200
committerAndy Postnikov <apostnikov@gmail.com>2022-10-21 19:26:37 +0200
commit6b6fb9e8ecc04f610d55b9aff41df94283577965 (patch)
treecc701b5758de5f18654706f42f7e60d5b0f8d7f7
parent1fbe62997fe586e9f01ef51655e2363885b4a6e6 (diff)
community/php8: security upgrade to 8.0.24
-rw-r--r--community/php8/APKBUILD13
-rw-r--r--community/php8/fix-fpm-deps.patch34
-rw-r--r--community/php8/fix-phar-msg.patch11
3 files changed, 56 insertions, 2 deletions
diff --git a/community/php8/APKBUILD b/community/php8/APKBUILD
index 4eff64259d0..d7ad007cad5 100644
--- a/community/php8/APKBUILD
+++ b/community/php8/APKBUILD
@@ -25,7 +25,7 @@
pkgname=php8
_pkgreal=php
-pkgver=8.0.13
+pkgver=8.0.24
pkgrel=0
_apiver=20200930
_suffix=${pkgname#php}
@@ -100,6 +100,8 @@ source="https://php.net/distributions/$_pkgreal-$pkgver.tar.xz
sharedir.patch
$pkgname-fpm-version-suffix.patch
fix-tests-devserver.patch
+ fix-phar-msg.patch
+ fix-fpm-deps.patch
"
builddir="$srcdir/$_pkgreal-$pkgver"
@@ -172,6 +174,11 @@ done
subpackages="$subpackages $pkgname-common::noarch"
# secfixes:
+# 8.0.24-r0:
+# - CVE-2022-31628
+# - CVE-2022-31629
+# - CVE-2022-31625
+# - CVE-2022-31626
# 8.0.13-r0:
# - CVE-2021-21707
# 8.0.12-r0:
@@ -614,7 +621,7 @@ _mv() {
}
sha512sums="
-cb00482b74146670c4644f4b5da63b40d9afd111e198cdf1e67bfcf4280501a657b4fbad8fd7580f4e3f537db3c8a9db5f4115d3a466392cefac9866e233fa49 php-8.0.13.tar.xz
+f4922c03b613aae35005b6b39630c0de7c25929b7f4edd9c5062a747a747df065ae9b52c17c34433ecb801bc54fce2fa34ae46165deb527f0fe2c86e5da73400 php-8.0.24.tar.xz
8a9a63cddfd9bdde23db85a7be0711e14688bab35b580abd0184d370c54de80b72cbdeb369570cd23927154984f024eaad5d222d53d9e19130fb2e8758dd4540 php8-fpm.initd
cd3a96d3febde3b6657ed80ff58945641443e84e5e0fd3d9df29e640e9549bc452a3412f1999fa02ae1ee2b64c08040998fa75805f67e0252741c376e26e1c3c php8-fpm.logrotate
95f536addfbb28fbca8b14da46d95a3595369d6e98d345f55f0fda1b12bdefd1579a27505424e7d1088a987d330798253cec9bd42b544bb567189cba746217c7 php8-module.conf
@@ -624,4 +631,6 @@ ec206639d076ddac6c2d1db697a5428ed3be979157db39417af7fbe6ab837e8dc00315ae0e55aea4
b5d7e87df4f45171a185aec1d4cf96157b3c6b9ea9625237e31b0756220a12a64c260cc20c38bfb0146f11fca25c9c25be1981a922ecb14de5cc2965d29d8fe3 sharedir.patch
f634ac591576dff87487d239578420364edb56e977535c4a5ab799d360a799179edf1e7e6a4e6b6e5b4f58e267dbf913ed77bde140ad8425e6df4093bfa69e70 php8-fpm-version-suffix.patch
1b64a7cef9e81387f955cb60ffa4e3d2277b4f6072e9328d779c0d447c202c8ee9dff0d8d8c34abc82c150311f51c4e9316a3b72a383ca6c9a6e683bc5b349a0 fix-tests-devserver.patch
+0e429ec503c1ad1d6f97be13a990906d90639e13c16aaf9e3bdc73992d0b1f3d17ff5e3e097991df85e2bbfe652147d6fabd06500dcd7adec59d8939f2d294eb fix-phar-msg.patch
+3d720de5596b4f68cc1a19608d86f4e84bd2c89b4cbbccb16a7e05350a1e68cec1f070e6cd9120764d7c8488e735f6fbb723a6ec3f6b0204ccfef0ea5e22d8ae fix-fpm-deps.patch
"
diff --git a/community/php8/fix-fpm-deps.patch b/community/php8/fix-fpm-deps.patch
new file mode 100644
index 00000000000..237f4954ccb
--- /dev/null
+++ b/community/php8/fix-fpm-deps.patch
@@ -0,0 +1,34 @@
+commit d1a89882d368b05748c828112cf01c05a44e32f4
+Author: Andy Postnikov <apostnikov@gmail.com>
+Date: Fri Sep 30 07:52:50 2022 +0200
+
+ Fix test when session extesion is shared
+
+ When extension is build as shared then testing fpm configuration gets no extensions from EXTENSIONS section
+
+diff --git a/sapi/fpm/tests/bug77780-header-sent-error.phpt b/sapi/fpm/tests/bug77780-header-sent-error.phpt
+index b5e7691854..89780879a2 100644
+--- a/sapi/fpm/tests/bug77780-header-sent-error.phpt
++++ b/sapi/fpm/tests/bug77780-header-sent-error.phpt
+@@ -24,7 +24,7 @@
+ EOT;
+
+ $tester = new FPM\Tester($cfg, $code);
+-$tester->start();
++$tester->start(['-dextension=session']);
+ $tester->expectLogStartNotices();
+ $tester
+ ->request(
+diff --git a/sapi/fpm/tests/tester.inc b/sapi/fpm/tests/tester.inc
+index 1d27ffc2c8..2fb8fbd5fa 100644
+--- a/sapi/fpm/tests/tester.inc
++++ b/sapi/fpm/tests/tester.inc
+@@ -392,7 +392,7 @@ class Tester
+ $configFile = $this->createConfig();
+ $desc = $this->outDesc ? [] : [1 => array('pipe', 'w'), 2 => array('redirect', 1)];
+
+- $cmd = [self::findExecutable(), '-F', '-y', $configFile];
++ $cmd = [self::findExecutable(), '-F', '-y', $configFile, '-dextension_dir=modules'];
+
+ if ($forceStderr) {
+ $cmd[] = '-O';
diff --git a/community/php8/fix-phar-msg.patch b/community/php8/fix-phar-msg.patch
new file mode 100644
index 00000000000..1d4fc06d454
--- /dev/null
+++ b/community/php8/fix-phar-msg.patch
@@ -0,0 +1,11 @@
+diff --git b/ext/phar/tests/bug81726.phpt a/ext/phar/tests/bug81726.phpt
+index 4f7467c23a..a86c52a649 100644
+--- b/ext/phar/tests/bug81726.phpt
++++ a/ext/phar/tests/bug81726.phpt
+@@ -8,5 +8,5 @@
+ var_dump(fopen("phar://" . __DIR__ . "/bug81726.gz", "r"));
+ ?>
+ --EXPECTF--
+-Warning: fopen(phar://%s): failed to open stream: unable to decompress gzipped phar archive "%s" in %s on line %d
++Warning: fopen(phar://%s): Failed to open stream: unable to decompress gzipped phar archive "%s" in %s on line %d
+ bool(false)