[Lunar-commits] <moonbase> php5-suhosin: updated to 5.2.17-0.9.32.1 This release resolves a critical issue, reported as PHP bug #53632 and CVE-2010-4645, where conversions from string to double might cause the PHP interpreter to hang on systems using x87 FPU registers.

Zbigniew Luszpinski zbiggy at lunar-linux.org
Thu Jan 13 13:09:23 CET 2011 

commit c2716da433a9d5f22665dd80c1f485f5514336d6
Author: Zbigniew Luszpinski <zbiggy at lunar-linux.org>
Date:   Thu Jan 13 12:09:23 2011 +0000

    php5-suhosin: updated to 5.2.17-0.9.32.1
    This release resolves a critical issue,
    reported as PHP bug #53632 and CVE-2010-4645,
    where conversions from string to double might cause the PHP interpreter to hang on systems using x87 FPU registers.
    
    The problem is known to only affect x86 32-bit PHP processes,
    regardless of whether the system hosting PHP is 32-bit or 64-bit.
    All users of PHP are strongly advised to update to these versions immediately.
---
 compilers/php5-suhosin/DETAILS |   16 ++++++++--------
 1 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/compilers/php5-suhosin/DETAILS b/compilers/php5-suhosin/DETAILS
index bc270bc..25a1129 100644
--- a/compilers/php5-suhosin/DETAILS
+++ b/compilers/php5-suhosin/DETAILS
@@ -1,6 +1,6 @@
           MODULE=php5-suhosin
-     PHP_VERSION=5.2.14
-     SUHOSIN_VER=0.9.29
+     PHP_VERSION=5.2.17
+     SUHOSIN_VER=0.9.32.1
     SUHOSIN_PVER=0.9.7
          VERSION=$PHP_VERSION-$SUHOSIN_VER
 SOURCE_DIRECTORY=$BUILD_DIRECTORY/php-$PHP_VERSION
@@ -12,17 +12,17 @@ SOURCE_DIRECTORY=$BUILD_DIRECTORY/php-$PHP_VERSION
    SOURCE_URL[4]=http://nl.php.net/distributions
    SOURCE_URL[5]=http://de.php.net/distributions
    SOURCE_URL[6]=http://fr.php.net/distributions
-         SOURCE2=suhosin-$SUHOSIN_VER.tgz
-         SOURCE3=suhosin-patch-$PHP_VERSION-$SUHOSIN_PVER.patch.gz
+         SOURCE2=suhosin-$SUHOSIN_VER.tar.gz
+         SOURCE3=suhosin-patch-5.2.16-$SUHOSIN_PVER.patch.gz
      SOURCE2_URL=http://download.suhosin.org
      SOURCE3_URL=http://download.suhosin.org
-      SOURCE_VFY=sha1:311b44b2c0f2eea8ab8dab876d2a6b6e7a55632e
-     SOURCE2_VFY=sha1:2fa7c716a32e71fbb577fc3a9feaf46d783a501b
-     SOURCE3_VFY=sha1:0a12d3589f9c26dc7d6b6452ef7987b2e6527a30
+      SOURCE_VFY=sha1:d68f3b09f766990d815a3c4c63c157db8dab8095
+     SOURCE2_VFY=sha1:93fcb1d5f96691c4c50808a14dd3d6d4bbfea451
+     SOURCE3_VFY=sha1:fec10b2b81582d06bb0d0a96ea55c525afc8ab29
         WEB_SITE=http://www.hardened-php.net/suhosin/index.html
       MAINTAINER=striker at lunar-linux.org
          ENTERED=20061219
-         UPDATED=20100921
+         UPDATED=20110113
            SHORT="Suhosin is an advanced protection system for PHP"
 
 cat << EOF

More information about the Lunar-commits mailing list