← Back to branch summary

~ubuntu-branches/ubuntu/gutsy/php5/gutsy

« back to all changes in this revision

Viewing changes to debian/patches/034-apache2_umask_fix.patch

  • Committer: Bazaar Package Importer
  • Author(s): Martin Pitt, CVE-2007-0905, CVE-2007-0906, CVE-2007-0909, CVE-2007-0910
  • Date: 2007-02-20 17:54:46 UTC
  • mfrom: (1.1.6 upstream)
  • Revision ID: james.westby@ubuntu.com-20070220175446-nudqyuv0dfowel3r
Tags: 5.2.1-0ubuntu1
* New upstream security/bugfix release:
  - safe_mode & open_basedir bypasses inside the session extension
    [CVE-2007-0905]
  - multiple buffer overflows in various extensions and functions
    [CVE-2007-0906]
  - underflow in the internal sapi_header_op() function [CVE-2007-0907]
  - information disclosure in the wddx extension [CVE-2007-0908]
  - string format vulnerability in *print() functions on 64 bit systems
    [CVE-2007-0909]
  - possible clobbering of super-globals in several code paths
    [CVE-2007-0910]
* Adapted patches to new upstream release:
  - 006-debian_quirks.patch
  - 034-apache2_umask_fix.patch
  - 044-strtod_arm_fix.patch
* Drop 109-libdb4.4.patch: Obsolete, upstream now checks for db 4.5 and 4.4.
* Drop 114-zend_alloc.c_m68k_alignment.patch and
  115-zend_alloc.c_memleak.patch: Applied upstream.
* Add debian/patches/000upstream-str_ireplace_offbyone.patch:
  - Fix off-by-one in str_ireplace(), a regression introduced in 5.2.1.
  - Patch taken from upstream CVS:
    http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.630&r2=1.631
  - CVE-2007-0911
* debian/control: Set Ubuntu maintainer.

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/034-apache2_umask_fix.patch
1
 
 
2
 
Save and restore umask across requests correctly.
3
 
 
4
 
--- php-4.3.10/sapi/apache2handler/sapi_apache2.c.umask
5
 
+++ php-4.3.10/sapi/apache2handler/sapi_apache2.c
6
 
@@ -401,6 +401,19 @@
 
1
diff -Nurp orig/sapi/apache2handler/sapi_apache2.c new/sapi/apache2handler/sapi_apache2.c
 
2
--- orig/sapi/apache2handler/sapi_apache2.c     2007-02-20 14:44:28.000000000 +0100
 
3
+++ new/sapi/apache2handler/sapi_apache2.c      2007-02-20 14:46:43.000000000 +0100
 
4
@@ -426,6 +426,19 @@ static apr_status_t php_server_context_c
7
5
        return APR_SUCCESS;
8
6
 }
9
7
 
22
20
+
23
21
 static int php_apache_request_ctor(request_rec *r, php_struct *ctx TSRMLS_DC)
24
22
 {
25
 
        char *content_type;
26
 
@@ -575,6 +588,8 @@
 
23
        char *content_length;
 
24
@@ -614,6 +627,8 @@ zend_first_try {
27
25
        } else {
28
26
                zend_file_handle zfd;
29
27
 
32
30
                zfd.type = ZEND_HANDLE_FILENAME;
33
31
                zfd.filename = (char *) r->filename;
34
32
                zfd.free_filename = 0;
35
 
@@ -585,6 +600,9 @@
36
 
                } else {
 
33
@@ -625,6 +640,8 @@ zend_first_try {
37
34
                        zend_execute_scripts(ZEND_INCLUDE TSRMLS_CC, NULL, 1, &zfd);
38
35
                }
39
 
+
 
36
 
40
37
+               php_restore_umask();
41
38
+
42
 
 #if MEMORY_LIMIT
43
 
                {
44
 
                        char *mem_usage;
 
39
                apr_table_set(r->notes, "mod_php_memory_usage",
 
40
                        apr_psprintf(ctx->r->pool, "%u", zend_memory_peak_usage(1 TSRMLS_CC)));
 
41
        }