diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-03-08 20:26:54 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-03-08 22:40:50 +0100 |
| commit | a24031248459c107553c13f30fd4bd94a44758e1 (patch) | |
| tree | 50bd7142faec4cea4f3389d1bc2ef1003801345e /source/n/php | |
| parent | 95095a0e2499322212eec0e9ac228095540ede4b (diff) | |
| download | current-a24031248459c107553c13f30fd4bd94a44758e1.tar.gz current-a24031248459c107553c13f30fd4bd94a44758e1.tar.xz | |
Wed Mar 8 20:26:54 UTC 202320230308202654
Hey folks, just some more updates on the road to an eventual beta. :-)
At this point nothing remains linked with openssl-1.1.1 except for python2 and
modules, and vsftpd. I think nobody cares about trying to force python2 to use
openssl3... it's EOL but still a zombie, unfortunately. I have seen some
patches for vsftpd and intend to take a look at them. We've bumped PHP to 8.2
and just gone ahead and killed 8.0 and 8.1. Like 7.4, 8.0 is not compatible
with openssl3 and it doesn't seem worthwhile to try to patch it. And with 8.2
already out for several revisions, 8.1 does not seem particularly valuable.
If you make use of PHP you should be used to it being a moving target by now.
Enjoy, and let me know if anything isn't working right. Cheers!
a/aaa_libraries-15.1-x86_64-19.txz: Rebuilt.
Recompiled against openssl-3.0.8: libcups.so.2, libcurl.so.4.8.0,
libldap.so.2.0.200, libssh2.so.1.0.1.
a/cryptsetup-2.6.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
a/kmod-30-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
a/openssl-solibs-3.0.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
a/openssl11-solibs-1.1.1t-x86_64-1.txz: Added.
ap/cups-2.4.2-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/hplip-3.20.5-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/lxc-4.0.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/mariadb-10.6.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/qpdf-11.3.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/sudo-1.9.13p3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/cargo-vendor-filterer-0.5.7-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/cvs-1.11.23-x86_64-9.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/git-2.39.2-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/perl-5.36.0-x86_64-5.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/python3-3.9.16-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/ruby-3.2.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/rust-1.66.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/scons-4.5.1-x86_64-1.txz: Upgraded.
kde/falkon-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
kde/kitinerary-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/M2Crypto-0.38.0-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/SDL2-2.26.4-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.22.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libarchive-3.6.2-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libevent-2.1.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libimobiledevice-20211124_2c6121d-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libssh2-1.10.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libvncserver-0.9.14-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/mlt-7.14.0-x86_64-1.txz: Upgraded.
l/neon-0.32.5-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/nodejs-19.7.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/opusfile-0.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pipewire-0.3.66-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pulseaudio-16.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pycurl-7.44.1-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/qca-2.3.5-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/qt5-5.15.8_20230304_d8b881f0-x86_64-1.txz: Upgraded.
Compiled against openssl-3.0.8.
l/serf-1.3.9-x86_64-8.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/alpine-2.26-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/bind-9.18.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/curl-7.88.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/cyrus-sasl-2.1.28-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/dovecot-2.3.20-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/epic5-2.1.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/fetchmail-6.4.37-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/htdig-3.2.0b6-x86_64-9.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/httpd-2.4.56-x86_64-1.txz: Upgraded.
This update fixes two security issues:
HTTP Response Smuggling vulnerability via mod_proxy_uwsgi.
HTTP Request Smuggling attack via mod_rewrite and mod_proxy.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.56
https://www.cve.org/CVERecord?id=CVE-2023-27522
https://www.cve.org/CVERecord?id=CVE-2023-25690
(* Security fix *)
NOTE: This package is compiled against openssl-3.0.8.
n/irssi-1.4.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/krb5-1.20.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/lftp-4.9.2-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/links-2.28-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/lynx-2.9.0dev.10-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/mutt-2.2.9-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/net-snmp-5.9.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/netatalk-3.1.14-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/nmap-7.93-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/ntp-4.2.8p15-x86_64-12.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openldap-2.6.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openssh-9.2p1-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openssl-3.0.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/openssl11-1.1.1t-x86_64-1.txz: Added.
n/openvpn-2.6.0-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/php-8.2.3-x86_64-1.txz: Upgraded.
Compiled against openssl-3.0.8.
n/pidentd-3.0.19-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/popa3d-1.0.3-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/postfix-3.7.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/ppp-2.4.9-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/proftpd-1.3.8-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/rsync-3.2.7-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/s-nail-14.9.24-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/samba-4.18.0-x86_64-1.txz: Upgraded.
Build with the bundled Heimdal instead of the system MIT Kerberos.
Thanks again to rpenny.
n/slrn-1.0.3a-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/snownews-1.9-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/socat-1.7.4.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/stunnel-5.69-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/tcpdump-4.99.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/wget-1.21.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/wpa_supplicant-2.10-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/freerdp-2.10.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/gftp-2.9.1b-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/gkrellm-2.3.11-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/hexchat-2.16.1-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/sane-1.0.32-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/x3270-4.0ga14-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/xine-lib-1.2.13-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
y/bsd-games-2.17-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/php80/php80-8.0.28-x86_64-1.txz: Removed.
extra/php81/php81-8.1.16-x86_64-1.txz: Removed.
extra/rust-for-mozilla/rust-1.60.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/sendmail/sendmail-8.17.1-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/sendmail/sendmail-cf-8.17.1-noarch-7.txz: Rebuilt.
testing/packages/rust-1.67.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
testing/packages/samba-4.17.5-x86_64-2.txz: Removed.
Diffstat (limited to 'source/n/php')
| -rw-r--r-- | source/n/php/CVE-2022-31631.patch | 50 | ||||
| -rw-r--r-- | source/n/php/CVE-2023-0567.patch | 142 | ||||
| -rw-r--r-- | source/n/php/CVE-2023-0568.patch | 62 | ||||
| -rw-r--r-- | source/n/php/CVE-2023-0662.patch | 411 | ||||
| -rwxr-xr-x | source/n/php/fetch-php.sh | 4 | ||||
| -rw-r--r-- | source/n/php/mod_php.conf.example | 2 | ||||
| -rwxr-xr-x | source/n/php/php.SlackBuild | 15 | ||||
| -rw-r--r-- | source/n/php/php.enchant-2.patch | 76 | ||||
| -rw-r--r-- | source/n/php/php.ini-development.diff | 10 |
9 files changed, 10 insertions, 762 deletions
diff --git a/source/n/php/CVE-2022-31631.patch b/source/n/php/CVE-2022-31631.patch deleted file mode 100644 index 6aa309549..000000000 --- a/source/n/php/CVE-2022-31631.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 921b6813da3237a83e908998483f46ae3d8bacba Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" <cmbecker69@gmx.de> -Date: Mon, 31 Oct 2022 17:20:23 +0100 -Subject: [PATCH] Fix #81740: PDO::quote() may return unquoted string - -`sqlite3_snprintf()` expects its first parameter to be `int`; we need -to avoid overflow. ---- - ext/pdo_sqlite/sqlite_driver.c | 3 +++ - ext/pdo_sqlite/tests/bug81740.phpt | 17 +++++++++++++++++ - 2 files changed, 20 insertions(+) - create mode 100644 ext/pdo_sqlite/tests/bug81740.phpt - -diff --git a/ext/pdo_sqlite/sqlite_driver.c b/ext/pdo_sqlite/sqlite_driver.c -index 4233ff10ff2e..5a72a1eda23f 100644 ---- a/ext/pdo_sqlite/sqlite_driver.c -+++ b/ext/pdo_sqlite/sqlite_driver.c -@@ -232,6 +232,9 @@ static char *pdo_sqlite_last_insert_id(pdo_dbh_t *dbh, const char *name, size_t - /* NB: doesn't handle binary strings... use prepared stmts for that */ - static int sqlite_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, size_t unquotedlen, char **quoted, size_t *quotedlen, enum pdo_param_type paramtype ) - { -+ if (unquotedlen > (INT_MAX - 3) / 2) { -+ return 0; -+ } - *quoted = safe_emalloc(2, unquotedlen, 3); - sqlite3_snprintf(2*unquotedlen + 3, *quoted, "'%q'", unquoted); - *quotedlen = strlen(*quoted); -diff --git a/ext/pdo_sqlite/tests/bug81740.phpt b/ext/pdo_sqlite/tests/bug81740.phpt -new file mode 100644 -index 000000000000..99fb07c3048b ---- /dev/null -+++ b/ext/pdo_sqlite/tests/bug81740.phpt -@@ -0,0 +1,17 @@ -+--TEST-- -+Bug #81740 (PDO::quote() may return unquoted string) -+--SKIPIF-- -+<?php -+if (!extension_loaded('pdo_sqlite')) print 'skip not loaded'; -+if (getenv("SKIP_SLOW_TESTS")) die("skip slow test"); -+?> -+--INI-- -+memory_limit=-1 -+--FILE-- -+<?php -+$pdo = new PDO("sqlite::memory:"); -+$string = str_repeat("a", 0x80000000); -+var_dump($pdo->quote($string)); -+?> -+--EXPECT-- -+bool(false) diff --git a/source/n/php/CVE-2023-0567.patch b/source/n/php/CVE-2023-0567.patch deleted file mode 100644 index 78defd92b..000000000 --- a/source/n/php/CVE-2023-0567.patch +++ /dev/null @@ -1,142 +0,0 @@ -From 7882d12ff2d8d8c5a4af821464e0a5ac2cde2002 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= <tim@bastelstu.be> -Date: Mon, 23 Jan 2023 21:15:24 +0100 -Subject: [PATCH] crypt: Fix validation of malformed BCrypt hashes -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -PHP’s implementation of crypt_blowfish differs from the upstream Openwall -version by adding a “PHP Hack”, which allows one to cut short the BCrypt salt -by including a `$` character within the characters that represent the salt. - -Hashes that are affected by the “PHP Hack” may erroneously validate any -password as valid when used with `password_verify` and when comparing the -return value of `crypt()` against the input. - -The PHP Hack exists since the first version of PHP’s own crypt_blowfish -implementation that was added in 1e820eca02dcf322b41fd2fe4ed2a6b8309f8ab5. - -No clear reason is given for the PHP Hack’s existence. This commit removes it, -because BCrypt hashes containing a `$` character in their salt are not valid -BCrypt hashes. ---- - ext/standard/crypt_blowfish.c | 8 -- - .../tests/crypt/bcrypt_salt_dollar.phpt | 82 +++++++++++++++++++ - 2 files changed, 82 insertions(+), 8 deletions(-) - create mode 100644 ext/standard/tests/crypt/bcrypt_salt_dollar.phpt - -diff --git a/ext/standard/crypt_blowfish.c b/ext/standard/crypt_blowfish.c -index 3806a290aee4..351d40308089 100644 ---- a/ext/standard/crypt_blowfish.c -+++ b/ext/standard/crypt_blowfish.c -@@ -371,7 +371,6 @@ static const unsigned char BF_atoi64[0x60] = { - #define BF_safe_atoi64(dst, src) \ - { \ - tmp = (unsigned char)(src); \ -- if (tmp == '$') break; /* PHP hack */ \ - if ((unsigned int)(tmp -= 0x20) >= 0x60) return -1; \ - tmp = BF_atoi64[tmp]; \ - if (tmp > 63) return -1; \ -@@ -399,13 +398,6 @@ static int BF_decode(BF_word *dst, const char *src, int size) - *dptr++ = ((c3 & 0x03) << 6) | c4; - } while (dptr < end); - -- if (end - dptr == size) { -- return -1; -- } -- -- while (dptr < end) /* PHP hack */ -- *dptr++ = 0; -- - return 0; - } - -diff --git a/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt b/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt -new file mode 100644 -index 000000000000..32e335f4b087 ---- /dev/null -+++ b/ext/standard/tests/crypt/bcrypt_salt_dollar.phpt -@@ -0,0 +1,82 @@ -+--TEST-- -+bcrypt correctly rejects salts containing $ -+--FILE-- -+<?php -+for ($i = 0; $i < 23; $i++) { -+ $salt = '$2y$04$' . str_repeat('0', $i) . '$'; -+ $result = crypt("foo", $salt); -+ var_dump($salt); -+ var_dump($result); -+ var_dump($result === $salt); -+} -+?> -+--EXPECT-- -+string(8) "$2y$04$$" -+string(2) "*0" -+bool(false) -+string(9) "$2y$04$0$" -+string(2) "*0" -+bool(false) -+string(10) "$2y$04$00$" -+string(2) "*0" -+bool(false) -+string(11) "$2y$04$000$" -+string(2) "*0" -+bool(false) -+string(12) "$2y$04$0000$" -+string(2) "*0" -+bool(false) -+string(13) "$2y$04$00000$" -+string(2) "*0" -+bool(false) -+string(14) "$2y$04$000000$" -+string(2) "*0" -+bool(false) -+string(15) "$2y$04$0000000$" -+string(2) "*0" -+bool(false) -+string(16) "$2y$04$00000000$" -+string(2) "*0" -+bool(false) -+string(17) "$2y$04$000000000$" -+string(2) "*0" -+bool(false) -+string(18) "$2y$04$0000000000$" -+string(2) "*0" -+bool(false) -+string(19) "$2y$04$00000000000$" -+string(2) "*0" -+bool(false) -+string(20) "$2y$04$000000000000$" -+string(2) "*0" -+bool(false) -+string(21) "$2y$04$0000000000000$" -+string(2) "*0" -+bool(false) -+string(22) "$2y$04$00000000000000$" -+string(2) "*0" -+bool(false) -+string(23) "$2y$04$000000000000000$" -+string(2) "*0" -+bool(false) -+string(24) "$2y$04$0000000000000000$" -+string(2) "*0" -+bool(false) -+string(25) "$2y$04$00000000000000000$" -+string(2) "*0" -+bool(false) -+string(26) "$2y$04$000000000000000000$" -+string(2) "*0" -+bool(false) -+string(27) "$2y$04$0000000000000000000$" -+string(2) "*0" -+bool(false) -+string(28) "$2y$04$00000000000000000000$" -+string(2) "*0" -+bool(false) -+string(29) "$2y$04$000000000000000000000$" -+string(2) "*0" -+bool(false) -+string(30) "$2y$04$0000000000000000000000$" -+string(60) "$2y$04$000000000000000000000u2a2UpVexIt9k3FMJeAVr3c04F5tcI8K" -+bool(false) diff --git a/source/n/php/CVE-2023-0568.patch b/source/n/php/CVE-2023-0568.patch deleted file mode 100644 index 3b8440926..000000000 --- a/source/n/php/CVE-2023-0568.patch +++ /dev/null @@ -1,62 +0,0 @@ -From c0fceebfa195b8e56a7108cb731b5ea7afbef70c Mon Sep 17 00:00:00 2001 -From: Niels Dossche <7771979+nielsdos@users.noreply.github.com> -Date: Fri, 27 Jan 2023 19:28:27 +0100 -Subject: [PATCH] Fix array overrun when appending slash to paths - -Fix it by extending the array sizes by one character. As the input is -limited to the maximum path length, there will always be place to append -the slash. As the php_check_specific_open_basedir() simply uses the -strings to compare against each other, no new failures related to too -long paths are introduced. -We'll let the DOM and XML case handle a potentially too long path in the -library code. ---- - ext/dom/document.c | 2 +- - ext/xmlreader/php_xmlreader.c | 2 +- - main/fopen_wrappers.c | 6 +++--- - 3 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/ext/dom/document.c b/ext/dom/document.c -index 4dee5548f188..c60198a3be11 100644 ---- a/ext/dom/document.c -+++ b/ext/dom/document.c -@@ -1182,7 +1182,7 @@ static xmlDocPtr dom_document_parser(zval *id, int mode, char *source, size_t so - int validate, recover, resolve_externals, keep_blanks, substitute_ent; - int resolved_path_len; - int old_error_reporting = 0; -- char *directory=NULL, resolved_path[MAXPATHLEN]; -+ char *directory=NULL, resolved_path[MAXPATHLEN + 1]; - - if (id != NULL) { - intern = Z_DOMOBJ_P(id); -diff --git a/ext/xmlreader/php_xmlreader.c b/ext/xmlreader/php_xmlreader.c -index c17884d960cb..39141c8c1223 100644 ---- a/ext/xmlreader/php_xmlreader.c -+++ b/ext/xmlreader/php_xmlreader.c -@@ -1017,7 +1017,7 @@ PHP_METHOD(XMLReader, XML) - xmlreader_object *intern = NULL; - char *source, *uri = NULL, *encoding = NULL; - int resolved_path_len, ret = 0; -- char *directory=NULL, resolved_path[MAXPATHLEN]; -+ char *directory=NULL, resolved_path[MAXPATHLEN + 1]; - xmlParserInputBufferPtr inputbfr; - xmlTextReaderPtr reader; - -diff --git a/main/fopen_wrappers.c b/main/fopen_wrappers.c -index f6ce26e104be..12cc9c8b10c0 100644 ---- a/main/fopen_wrappers.c -+++ b/main/fopen_wrappers.c -@@ -129,10 +129,10 @@ PHPAPI ZEND_INI_MH(OnUpdateBaseDir) - */ - PHPAPI int php_check_specific_open_basedir(const char *basedir, const char *path) - { -- char resolved_name[MAXPATHLEN]; -- char resolved_basedir[MAXPATHLEN]; -+ char resolved_name[MAXPATHLEN + 1]; -+ char resolved_basedir[MAXPATHLEN + 1]; - char local_open_basedir[MAXPATHLEN]; -- char path_tmp[MAXPATHLEN]; -+ char path_tmp[MAXPATHLEN + 1]; - char *path_file; - size_t resolved_basedir_len; - size_t resolved_name_len; diff --git a/source/n/php/CVE-2023-0662.patch b/source/n/php/CVE-2023-0662.patch deleted file mode 100644 index e9cada2c9..000000000 --- a/source/n/php/CVE-2023-0662.patch +++ /dev/null @@ -1,411 +0,0 @@ -From 716de0cff539f46294ef70fe75d548cd66766370 Mon Sep 17 00:00:00 2001 -From: Jakub Zelenka <bukka@php.net> -Date: Thu, 19 Jan 2023 14:31:25 +0000 -Subject: [PATCH] Introduce max_multipart_body_parts INI - -This fixes GHSA-54hq-v5wp-fqgv DOS vulnerabality by limitting number of -parsed multipart body parts as currently all parts were always parsed. ---- - main/main.c | 1 + - main/rfc1867.c | 11 ++ - ...-54hq-v5wp-fqgv-max-body-parts-custom.phpt | 53 +++++++++ - ...54hq-v5wp-fqgv-max-body-parts-default.phpt | 54 +++++++++ - .../ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt | 52 +++++++++ - sapi/fpm/tests/tester.inc | 106 +++++++++++++++--- - 6 files changed, 262 insertions(+), 15 deletions(-) - create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt - create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt - create mode 100644 sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt - -diff --git a/main/main.c b/main/main.c -index 40684f32dc14..c58ea58bf5ac 100644 ---- a/main/main.c -+++ b/main/main.c -@@ -751,6 +751,7 @@ PHP_INI_BEGIN() - PHP_INI_ENTRY("disable_functions", "", PHP_INI_SYSTEM, NULL) - PHP_INI_ENTRY("disable_classes", "", PHP_INI_SYSTEM, NULL) - PHP_INI_ENTRY("max_file_uploads", "20", PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL) -+ PHP_INI_ENTRY("max_multipart_body_parts", "-1", PHP_INI_SYSTEM|PHP_INI_PERDIR, NULL) - - STD_PHP_INI_BOOLEAN("allow_url_fopen", "1", PHP_INI_SYSTEM, OnUpdateBool, allow_url_fopen, php_core_globals, core_globals) - STD_PHP_INI_BOOLEAN("allow_url_include", "0", PHP_INI_SYSTEM, OnUpdateBool, allow_url_include, php_core_globals, core_globals) -diff --git a/main/rfc1867.c b/main/rfc1867.c -index b43cfae5a1e2..3086e8da3dbe 100644 ---- a/main/rfc1867.c -+++ b/main/rfc1867.c -@@ -687,6 +687,7 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ - void *event_extra_data = NULL; - unsigned int llen = 0; - int upload_cnt = INI_INT("max_file_uploads"); -+ int body_parts_cnt = INI_INT("max_multipart_body_parts"); - const zend_encoding *internal_encoding = zend_multibyte_get_internal_encoding(); - php_rfc1867_getword_t getword; - php_rfc1867_getword_conf_t getword_conf; -@@ -708,6 +709,11 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ - return; - } - -+ if (body_parts_cnt < 0) { -+ body_parts_cnt = PG(max_input_vars) + upload_cnt; -+ } -+ int body_parts_limit = body_parts_cnt; -+ - /* Get the boundary */ - boundary = strstr(content_type_dup, "boundary"); - if (!boundary) { -@@ -792,6 +798,11 @@ SAPI_API SAPI_POST_HANDLER_FUNC(rfc1867_post_handler) /* {{{ */ - char *pair = NULL; - int end = 0; - -+ if (--body_parts_cnt < 0) { -+ php_error_docref(NULL, E_WARNING, "Multipart body parts limit exceeded %d. To increase the limit change max_multipart_body_parts in php.ini.", body_parts_limit); -+ goto fileupload_done; -+ } -+ - while (isspace(*cd)) { - ++cd; - } -#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt -#new file mode 100644 -#index 000000000000..d2239ac3c410 -#--- /dev/null -#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-custom.phpt -#@@ -0,0 +1,53 @@ -#+--TEST-- -#+FPM: GHSA-54hq-v5wp-fqgv - max_multipart_body_parts ini custom value -#+--SKIPIF-- -#+<?php include "skipif.inc"; ?> -#+--FILE-- -#+<?php -#+ -#+require_once "tester.inc"; -#+ -#+$cfg = <<<EOT -#+[global] -#+error_log = {{FILE:LOG}} -#+[unconfined] -#+listen = {{ADDR}} -#+pm = dynamic -#+pm.max_children = 5 -#+pm.start_servers = 1 -#+pm.min_spare_servers = 1 -#+pm.max_spare_servers = 3 -#+php_admin_value[html_errors] = false -#+php_admin_value[max_input_vars] = 20 -#+php_admin_value[max_file_uploads] = 5 -#+php_admin_value[max_multipart_body_parts] = 10 -#+php_flag[display_errors] = On -#+EOT; -#+ -#+$code = <<<EOT -#+<?php -#+var_dump(count(\$_POST)); -#+EOT; -#+ -#+$tester = new FPM\Tester($cfg, $code); -#+$tester->start(); -#+$tester->expectLogStartNotices(); -#+echo $tester -#+ ->request(stdin: [ -#+ 'parts' => [ -#+ 'count' => 30, -#+ ] -#+ ]) -#+ ->getBody(); -#+$tester->terminate(); -#+$tester->close(); -#+ -#+?> -#+--EXPECT-- -#+Warning: Unknown: Multipart body parts limit exceeded 10. To increase the limit change max_multipart_body_parts in php.ini. in Unknown on line 0 -#+int(10) -#+--CLEAN-- -#+<?php -#+require_once "tester.inc"; -#+FPM\Tester::clean(); -#+?> -#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt -#new file mode 100644 -#index 000000000000..42b5afbf9ee7 -#--- /dev/null -#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-body-parts-default.phpt -#@@ -0,0 +1,54 @@ -#+--TEST-- -#+FPM: GHSA-54hq-v5wp-fqgv - max_multipart_body_parts ini default -#+--SKIPIF-- -#+<?php include "skipif.inc"; ?> -#+--FILE-- -#+<?php -#+ -#+require_once "tester.inc"; -#+ -#+$cfg = <<<EOT -#+[global] -#+error_log = {{FILE:LOG}} -#+[unconfined] -#+listen = {{ADDR}} -#+pm = dynamic -#+pm.max_children = 5 -#+pm.start_servers = 1 -#+pm.min_spare_servers = 1 -#+pm.max_spare_servers = 3 -#+php_admin_value[html_errors] = false -#+php_admin_value[max_input_vars] = 20 -#+php_admin_value[max_file_uploads] = 5 -#+php_flag[display_errors] = On -#+EOT; -#+ -#+$code = <<<EOT -#+<?php -#+var_dump(count(\$_POST)); -#+EOT; -#+ -#+$tester = new FPM\Tester($cfg, $code); -#+$tester->start(); -#+$tester->expectLogStartNotices(); -#+echo $tester -#+ ->request(stdin: [ -#+ 'parts' => [ -#+ 'count' => 30, -#+ ] -#+ ]) -#+ ->getBody(); -#+$tester->terminate(); -#+$tester->close(); -#+ -#+?> -#+--EXPECT-- -#+Warning: Unknown: Input variables exceeded 20. To increase the limit change max_input_vars in php.ini. in Unknown on line 0 -#+ -#+Warning: Unknown: Multipart body parts limit exceeded 25. To increase the limit change max_multipart_body_parts in php.ini. in Unknown on line 0 -#+int(20) -#+--CLEAN-- -#+<?php -#+require_once "tester.inc"; -#+FPM\Tester::clean(); -#+?> -#diff --git a/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt -#new file mode 100644 -#index 000000000000..da81174c7280 -#--- /dev/null -#+++ b/sapi/fpm/tests/ghsa-54hq-v5wp-fqgv-max-file-uploads.phpt -#@@ -0,0 +1,52 @@ -#+--TEST-- -#+FPM: GHSA-54hq-v5wp-fqgv - exceeding max_file_uploads -#+--SKIPIF-- -#+<?php include "skipif.inc"; ?> -#+--FILE-- -#+<?php -#+ -#+require_once "tester.inc"; -#+ -#+$cfg = <<<EOT -#+[global] -#+error_log = {{FILE:LOG}} -#+[unconfined] -#+listen = {{ADDR}} -#+pm = dynamic -#+pm.max_children = 5 -#+pm.start_servers = 1 -#+pm.min_spare_servers = 1 -#+pm.max_spare_servers = 3 -#+php_admin_value[html_errors] = false -#+php_admin_value[max_file_uploads] = 5 -#+php_flag[display_errors] = On -#+EOT; -#+ -#+$code = <<<EOT -#+<?php -#+var_dump(count(\$_FILES)); -#+EOT; -#+ -#+$tester = new FPM\Tester($cfg, $code); -#+$tester->start(); -#+$tester->expectLogStartNotices(); -#+echo $tester -#+ ->request(stdin: [ -#+ 'parts' => [ -#+ 'count' => 10, -#+ 'param' => 'filename' -#+ ] -#+ ]) -#+ ->getBody(); -#+$tester->terminate(); -#+$tester->close(); -#+ -#+?> -#+--EXPECT-- -#+Warning: Maximum number of allowable file uploads has been exceeded in Unknown on line 0 -#+int(5) -#+--CLEAN-- -#+<?php -#+require_once "tester.inc"; -#+FPM\Tester::clean(); -#+?> -##diff --git a/sapi/fpm/tests/tester.inc b/sapi/fpm/tests/tester.inc -##index 6197cdba53f5..e51aa0f69143 100644 -##--- a/sapi/fpm/tests/tester.inc -##+++ b/sapi/fpm/tests/tester.inc -#@@ -567,13 +567,17 @@ class Tester -# * @param string $query -# * @param array $headers -# * @param string|null $uri -#+ * @param string|null $scriptFilename -#+ * @param string|null $stdin -# * -# * @return array -# */ -# private function getRequestParams( -# string $query = '', -# array $headers = [], -#- string $uri = null -#+ string $uri = null, -#+ string $scriptFilename = null, -#+ ?string $stdin = null -# ): array { -# if (is_null($uri)) { -# $uri = $this->makeSourceFile(); -3@@ -582,8 +586,8 @@ class Tester -# $params = array_merge( -# [ -# 'GATEWAY_INTERFACE' => 'FastCGI/1.0', -#- 'REQUEST_METHOD' => 'GET', -#- 'SCRIPT_FILENAME' => $uri, -#+ 'REQUEST_METHOD' => is_null($stdin) ? 'GET' : 'POST', -#+ 'SCRIPT_FILENAME' => $scriptFilename ?: $uri, -# 'SCRIPT_NAME' => $uri, -# 'QUERY_STRING' => $query, -# 'REQUEST_URI' => $uri . ($query ? '?' . $query : ""), -#@@ -597,7 +601,7 @@ class Tester -# 'SERVER_PROTOCOL' => 'HTTP/1.1', -# 'DOCUMENT_ROOT' => __DIR__, -# 'CONTENT_TYPE' => '', -#- 'CONTENT_LENGTH' => 0 -#+ 'CONTENT_LENGTH' => strlen($stdin ?? "") // Default to 0 -# ], -# $headers -# ); -#@@ -607,20 +611,86 @@ class Tester -# }); -# } -# -#+ /** -#+ * Parse stdin and generate data for multipart config. -#+ * -#+ * @param array $stdin -#+ * @param array $headers -#+ * -#+ * @return void -#+ * @throws \Exception -#+ */ -#+ private function parseStdin(array $stdin, array &$headers) -#+ { -#+ $parts = $stdin['parts'] ?? null; -#+ if (empty($parts)) { -#+ throw new \Exception('The stdin array needs to contain parts'); -#+ } -#+ $boundary = $stdin['boundary'] ?? 'AaB03x'; -#+ if ( ! isset($headers['CONTENT_TYPE'])) { -#+ $headers['CONTENT_TYPE'] = 'multipart/form-data; boundary=' . $boundary; -#+ } -#+ $count = $parts['count'] ?? null; -#+ if ( ! is_null($count)) { -#+ $dispositionType = $parts['disposition'] ?? 'form-data'; -#+ $dispositionParam = $parts['param'] ?? 'name'; -#+ $namePrefix = $parts['prefix'] ?? 'f'; -#+ $nameSuffix = $parts['suffix'] ?? ''; -#+ $value = $parts['value'] ?? 'test'; -#+ $parts = []; -#+ for ($i = 0; $i < $count; $i++) { -#+ $parts[] = [ -#+ 'disposition' => $dispositionType, -#+ 'param' => $dispositionParam, -#+ 'name' => "$namePrefix$i$nameSuffix", -#+ 'value' => $value -#+ ]; -#+ } -#+ } -#+ $out = ''; -#+ $nl = "\r\n"; -#+ foreach ($parts as $part) { -#+ if (!is_array($part)) { -#+ $part = ['name' => $part]; -#+ } elseif ( ! isset($part['name'])) { -#+ throw new \Exception('Each part has to have a name'); -#+ } -#+ $name = $part['name']; -#+ $dispositionType = $part['disposition'] ?? 'form-data'; -#+ $dispositionParam = $part['param'] ?? 'name'; -#+ $value = $part['value'] ?? 'test'; -#+ $partHeaders = $part['headers'] ?? []; -#+ -#+ $out .= "--$boundary$nl"; -#+ $out .= "Content-disposition: $dispositionType; $dispositionParam=\"$name\"$nl"; -#+ foreach ($partHeaders as $headerName => $headerValue) { -#+ $out .= "$headerName: $headerValue$nl"; -#+ } -#+ $out .= $nl; -#+ $out .= "$value$nl"; -#+ } -#+ $out .= "--$boundary--$nl"; -#+ -#+ return $out; -#+ } -#+ -# /** -# * Execute request. -# * -#- * @param string $query -#- * @param array $headers -#- * @param string|null $uri -#- * @param string|null $address -#- * @param string|null $successMessage -#- * @param string|null $errorMessage -#- * @param bool $connKeepAlive -#- * @param bool $expectError -#- * @param int $readLimit -#+ * @param string $query -#+ * @param array $headers -#+ * @param string|null $uri -#+ * @param string|null $address -#+ * @param string|null $successMessage -#+ * @param string|null $errorMessage -#+ * @param bool $connKeepAlive -#+ * @param string|null $scriptFilename = null -#+ * @param string|array|null $stdin = null -#+ * @param bool $expectError -#+ * @param int $readLimit -# * -# * @return Response -#+ * @throws \Exception -# */ -# public function request( -# string $query = '', -#@@ -630,6 +700,8 @@ class Tester -# string $successMessage = null, -# string $errorMessage = null, -# bool $connKeepAlive = false, -#+ string $scriptFilename = null, -#+ string|array $stdin = null, -# bool $expectError = false, -# int $readLimit = -1, -# ): Response { -#@@ -637,12 +709,16 @@ class Tester -# return new Response(null, true); -# } -# -#- $params = $this->getRequestParams($query, $headers, $uri); -#+ if (is_array($stdin)) { -#+ $stdin = $this->parseStdin($stdin, $headers); -#+ } -#+ -#+ $params = $this->getRequestParams($query, $headers, $uri, $scriptFilename, $stdin); -# $this->trace('Request params', $params); -# -# try { -# $this->response = new Response( -#- $this->getClient($address, $connKeepAlive)->request_data($params, false, $readLimit) -#+ $this->getClient($address, $connKeepAlive)->request_data($params, $stdin, $readLimit) -# ); -# if ($expectError) { -# $this->error('Expected request error but the request was successful'); diff --git a/source/n/php/fetch-php.sh b/source/n/php/fetch-php.sh index e44524800..14eb1c5c3 100755 --- a/source/n/php/fetch-php.sh +++ b/source/n/php/fetch-php.sh @@ -1,2 +1,2 @@ -lftpget http://us.php.net/distributions/php-7.4.33.tar.xz.asc -lftpget http://us.php.net/distributions/php-7.4.33.tar.xz +lftpget http://us.php.net/distributions/php-8.2.3.tar.xz.asc +lftpget http://us.php.net/distributions/php-8.2.3.tar.xz diff --git a/source/n/php/mod_php.conf.example b/source/n/php/mod_php.conf.example index d8f96eb09..6ca1d3a87 100644 --- a/source/n/php/mod_php.conf.example +++ b/source/n/php/mod_php.conf.example @@ -3,7 +3,7 @@ # # Load the PHP module: -LoadModule php7_module lib/httpd/modules/libphp7.so +LoadModule php_module lib/httpd/modules/libphp.so # Tell Apache to feed all *.php files through PHP. If you'd like to # parse PHP embedded in files with different extensions, comment out diff --git a/source/n/php/php.SlackBuild b/source/n/php/php.SlackBuild index c54694b16..00f49b4d7 100755 --- a/source/n/php/php.SlackBuild +++ b/source/n/php/php.SlackBuild @@ -3,7 +3,7 @@ # Build and package mod_php on Slackware. # by: David Cantrell <david@slackware.com> # Modified for PHP 4-5 by volkerdi@slackware.com -# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2019, 2020, 2021, 2023 Patrick Volkerding, Sebeka, MN, USA +# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2019, 2020, 2021 Patrick Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -28,7 +28,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=php VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} ALPINE=2.26 -BUILD=${BUILD:-3} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -127,11 +127,6 @@ rm -rf php-$VERSION tar xvf $CWD/php-$VERSION.tar.xz || exit 1 cd php-$VERSION || exit 1 -zcat $CWD/CVE-2022-31631.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/CVE-2023-0567.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/CVE-2023-0568.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/CVE-2023-0662.patch.gz | patch -p1 --verbose || exit 1 - # cleanup: find . -name "*.orig" -delete @@ -160,11 +155,6 @@ zcat $CWD/php-fpm.conf.diff.gz | patch -p1 --verbose || exit 1 # Fix for imap API change: zcat $CWD/php.imap.api.diff.gz | patch -p1 --verbose || exit 1 -# Use enchant-2: -zcat $CWD/php.enchant-2.patch.gz | patch -p1 --verbose || exit 1 -export ENCHANT_CFLAGS="-I/usr/include/enchant-2" -export ENCHANT_LIBS="-lenchant-2" - # Install the build folder into /usr/lib$LIBDIRSUFFIX/php/build # and adapt phpize accordingly: sed -i "s|build$|php/build|" scripts/Makefile.frag @@ -348,4 +338,3 @@ cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG /sbin/makepkg -l y -c n $TMP/php-$VERSION-$ARCH-$BUILD.txz - diff --git a/source/n/php/php.enchant-2.patch b/source/n/php/php.enchant-2.patch deleted file mode 100644 index 9d421c3bf..000000000 --- a/source/n/php/php.enchant-2.patch +++ /dev/null @@ -1,76 +0,0 @@ ---- php-7.4.4/ext/enchant/config.m4 2020-03-17 10:40:22.000000000 +0000 -+++ php-7.4.4/ext/enchant/config.m4 2020-03-27 21:25:27.754470703 +0000 -@@ -4,21 +4,21 @@ PHP_ARG_WITH([enchant], - [Include Enchant support])]) - - if test "$PHP_ENCHANT" != "no"; then -- PKG_CHECK_MODULES([ENCHANT], [enchant]) -+ PKG_CHECK_MODULES([ENCHANT], [enchant-2]) - - PHP_EVAL_INCLINE($ENCHANT_CFLAGS) - PHP_EVAL_LIBLINE($ENCHANT_LIBS, ENCHANT_SHARED_LIBADD) - - AC_DEFINE(HAVE_ENCHANT, 1, [ ]) - -- PHP_CHECK_LIBRARY(enchant, enchant_get_version, -+ PHP_CHECK_LIBRARY(enchant-2, enchant_get_version, - [ - AC_DEFINE(HAVE_ENCHANT_GET_VERSION, 1, [ ]) - ], [ ], [ - $ENCHANT_LIBS - ]) - -- PHP_CHECK_LIBRARY(enchant, enchant_broker_set_param, -+ PHP_CHECK_LIBRARY(enchant-2, enchant_broker_set_param, - [ - AC_DEFINE(HAVE_ENCHANT_BROKER_SET_PARAM, 1, [ ]) - ], [ ], [ ---- a/ext/enchant/enchant.c.orig -+++ b/ext/enchant/enchant.c -@@ -738,7 +738,7 @@ - for (i = 0; i < n_sugg; i++) { - add_next_index_string(sugg, suggs[i]); - } -- enchant_dict_free_suggestions(pdict->pdict, suggs); -+ enchant_dict_free_string_list(pdict->pdict, suggs); - } - - -@@ -793,7 +793,7 @@ - add_next_index_string(return_value, suggs[i]); - } - -- enchant_dict_free_suggestions(pdict->pdict, suggs); -+ enchant_dict_free_string_list(pdict->pdict, suggs); - } - } - /* }}} */ -@@ -813,7 +813,7 @@ - - PHP_ENCHANT_GET_DICT; - -- enchant_dict_add_to_personal(pdict->pdict, word, wordlen); -+ enchant_dict_add(pdict->pdict, word, wordlen); - } - /* }}} */ - -@@ -851,7 +851,7 @@ - - PHP_ENCHANT_GET_DICT; - -- RETURN_BOOL(enchant_dict_is_in_session(pdict->pdict, word, wordlen)); -+ RETURN_BOOL(enchant_dict_is_added(pdict->pdict, word, wordlen)); - } - /* }}} */ - ---- php-7.4.4/build/php.m4 2020-03-17 06:40:21.000000000 -0400 -+++ php-7.4.4/build/php.m4 2020-04-05 09:27:14.634620646 -0400 -@@ -1541,7 +1541,7 @@ AC_DEFUN([PHP_CHECK_LIBRARY], [ - ],[ - LDFLAGS=$save_old_LDFLAGS - ext_shared=$save_ext_shared -- unset ac_cv_lib_$1[]_$2 -+ unset ac_cv_lib_[]translit($1, -, _)_$2 - $4 - ])dnl - ]) diff --git a/source/n/php/php.ini-development.diff b/source/n/php/php.ini-development.diff index ce12f5a4b..4240941e0 100644 --- a/source/n/php/php.ini-development.diff +++ b/source/n/php/php.ini-development.diff @@ -1,6 +1,6 @@ ---- ./php.ini-development.orig 2020-05-12 03:09:16.000000000 -0500 -+++ ./php.ini-development 2020-05-12 14:14:32.901530776 -0500 -@@ -899,7 +899,50 @@ +--- ./php.ini-development.orig 2021-11-23 12:56:11.000000000 -0600 ++++ ./php.ini-development 2021-11-29 13:08:24.467109377 -0600 +@@ -905,7 +905,50 @@ ; 'extension='php_<ext>.dll') is supported for legacy reasons and may be ; deprecated in a future PHP major version. So, when it is possible, please ; move to the new ('extension=<ext>) syntax. @@ -51,10 +51,10 @@ ; Notes for Windows environments : ; ; - Many DLL files are located in the extensions/ (PHP 4) or ext/ (PHP 5+) -@@ -1335,7 +1378,7 @@ +@@ -1350,7 +1393,7 @@ ; where MODE is the octal representation of the mode. Note that this ; does not overwrite the process's umask. - ; http://php.net/session.save-path + ; https://php.net/session.save-path -;session.save_path = "/tmp" +session.save_path = "/var/lib/php" |