php <5.6.38 is vulnerable https://bugs.gentoo.org/666256 # emerge --info Portage 2.3.50 (python 3.6.6-final-0, default/linux/amd64/17.0/systemd, gcc-7.3.0, glibc-2.27-r6, 4.18.8-gentoo x86_64) ================================================================= System uname: Linux-4.18.8-gentoo-x86_64-Intel-R-_Xeon-R-_CPU_E3-1245_V2_@_3.40GHz-with-gentoo-2.6 KiB Mem: 32791656 total, 21923668 free KiB Swap: 31457276 total, 31457276 free Timestamp of repository gentoo: Sun, 07 Oct 2018 19:45:01 +0000 Head commit of repository gentoo: 68d838966e51132cce3f9fc08caf139730c54386 sh bash 4.4_p23 ld GNU ld (Gentoo 2.28 p1.2) 2.28 app-shells/bash: 4.4_p23::gentoo dev-java/java-config: 2.2.0-r4::gentoo dev-lang/perl: 5.26.2::gentoo dev-lang/python: 2.7.15::gentoo, 3.4.8-r1::gentoo, 3.6.6::gentoo dev-util/cmake: 3.12.2::gentoo dev-util/pkgconfig: 0.29.2::gentoo sys-apps/baselayout: 2.6-r1::gentoo sys-apps/openrc: 0.34.11::gentoo sys-apps/sandbox: 2.13::gentoo sys-devel/autoconf: 2.13::gentoo, 2.69-r4::gentoo sys-devel/automake: 1.13.4-r1::gentoo, 1.14.1-r1::gentoo, 1.15.1-r2::gentoo, 1.16.1-r1::gentoo sys-devel/binutils: 2.25.1-r1::gentoo, 2.26.1::gentoo, 2.27::gentoo, 2.28-r2::gentoo, 2.28.1::gentoo, 2.29::gentoo, 2.29.1-r1::gentoo, 2.30-r3::gentoo, 2.31.1-r1::gentoo sys-devel/gcc: 7.3.0-r3::gentoo, 8.2.0-r2::gentoo sys-devel/gcc-config: 2.0::gentoo sys-devel/libtool: 2.4.6-r5::gentoo sys-devel/make: 4.2.1-r4::gentoo sys-kernel/linux-headers: 4.17::gentoo (virtual/os-headers) sys-libs/glibc: 2.27-r6::gentoo Repositories: gentoo location: /usr/portage sync-type: rsync sync-uri: rsync://rsync.de.gentoo.org/gentoo-portage/ priority: -1000 sync-rsync-verify-max-age: 24 sync-rsync-extra-opts: --exclude-from=/etc/portage/rsync_excludes sync-rsync-verify-jobs: 1 sync-rsync-verify-metamanifest: no dalu location: /usr/local/portage masters: gentoo priority: 0 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=native" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /usr/share/maven-bin-3.3/conf /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.6/ext-active/ /etc/php/apache2-php7.1/ext-active/ /etc/php/cgi-php5.6/ext-active/ /etc/php/cgi-php7.1/ext-active/ /etc/php/cli-php5.6/ext-active/ /etc/php/cli-php7.1/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -pipe -march=native" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--quiet-build=y --jobs=3 --buildpkg-exclude 'virtual/* sys-kernel/*-sources'" ENV_UNSET="DBUS_SESSION_BUS_ADDRESS DISPLAY PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync multilib-strict news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="ftp://mirror.hetzner.de/gentoo/" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j8 -l8" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from=/etc/portage/rsync_excludes" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" USE="X509 acl aes amd64 audit avx berkdb bzip2 caps cli crypt cxx dri fortran gdbm http2 iconv icu ipv6 libtirpc mdadm mmx mmxext modern-top modules multilib ncurses nls nptl openmp pam pcre popcnt readline seccomp sse sse2 sse3 sse4_1 sse4_2 ssl ssse3 systemd tcpd threads udev unicode xattr zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon plan sheets stage words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog cgroups conntrack cpu cpufreq cpusleep curl curl_json curl_xml disk email ethstat filecount fscache hddtemp iptables logfile match_regex md mysql nginx notify_email ntpd postgresql processes protocols rrdcached sensors smart snmp tcpconns thermal unixsock uptime users uuid virt vmem write_graphite write_http write_kafka write_log write_redis" CPU_FLAGS_X86="aes avx mmx mmxext popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="pc" INPUT_DEVICES="libinput keyboard mouse" KERNEL="linux" L10N="af be bg br ca cs cy da de de-1901 el en eo es et fi fo fr ga gl he hr hu hy ia id is it km ku la lt lv mi mk ms nb nl nn no pl pt pt-BR ro ru sk sl sq sr sv sw tn uk vi zu" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" NGINX_MODULES_HTTP="access auth_basic autoindex browser charset empty_gif geo gzip map proxy referer rewrite userid addition auth_pam auth_request cache_purge echo geoip gunzip gzip_static headers_more metrics push_stream realip secure_link slowfs_cache spdy sticky stub_status sub upload_progress upstream_check fastcgi dav dav_ext degradation fancyindex flv image_filter limit_conn limit_req memc mp4 slice split_clients ssi upstream_hash upstream_ip_hash upstream_keepalive upstream_least_conn upstream_zone xslt" NGINX_MODULES_MAIL="imap pop3 smtp" NGINX_MODULES_STREAM="access geo geoip limit_conn map realip return split_clients ssl_preread upstream_hash upstream_least_conn upstream_zone" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-1 php5-6" POSTGRES_TARGETS="postgres10" PYTHON_SINGLE_TARGET="python3_6" PYTHON_TARGETS="python2_7 python3_6" QEMU_SOFTMMU_TARGETS="x86_64 arm i386 mips mips64 mips64el mipsel ppc ppc64 ppcemb sh4 sh4eb sparc sparc64" RUBY_TARGETS="ruby23" USERLAND="GNU" VIDEO_CARDS="intel" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS !!! existing preserved libs: >>> package: dev-libs/icu-62.1 * - /usr/lib64/libicudata.so.60 * - /usr/lib64/libicudata.so.60.2 * - /usr/lib64/libicui18n.so.60 * - /usr/lib64/libicui18n.so.60.2 * used by /usr/lib64/php5.6/bin/php (dev-lang/php-5.6.38) * used by /usr/lib64/php5.6/bin/php-fpm (dev-lang/php-5.6.38) * - /usr/lib64/libicuio.so.60 * - /usr/lib64/libicuio.so.60.2 * used by /usr/lib64/php5.6/bin/php (dev-lang/php-5.6.38) * used by /usr/lib64/php5.6/bin/php-fpm (dev-lang/php-5.6.38) * - /usr/lib64/libicuuc.so.60 * - /usr/lib64/libicuuc.so.60.2 * used by /usr/lib64/php5.6/bin/php (dev-lang/php-5.6.38) * used by /usr/lib64/php5.6/bin/php-fpm (dev-lang/php-5.6.38) >>> package: dev-libs/libffi-3.3_rc0 * - /usr/lib64/libffi.so.6 * - /usr/lib64/libffi.so.6.0.4 * used by /usr/bin/g-ir-compiler (dev-libs/gobject-introspection-1.56.1) * used by /usr/lib/llvm/4/lib64/libLLVMInterpreter.so.4.0.0 (sys-devel/llvm-4.0.0-r2) * used by /usr/lib/llvm/6/lib64/libLLVMInterpreter.so.6.0.0 (sys-devel/llvm-6.0.0) * used by 12 other files >>> package: sys-libs/binutils-libs-2.31.1-r1 * - /usr/lib64/libbfd-2.31.1.so * used by /usr/lib64/cairo/libcairo-trace.so.0.0.0 (x11-libs/cairo-1.14.12) also somewhere in `emerge -avuD @world` [ebuild UD ] dev-lang/php-5.6.36:5.6::gentoo [5.6.38:5.6::gentoo] USE="acl bcmath berkdb bzip2 calendar cli crypt ctype curl enchant exif fileinfo filter flatfile fpm ftp gd gdbm gmp hash iconv imap inifile intl ipv6 json kerberos ldap ldap-sasl mhash mysql mysqli nls odbc opcache pcntl pdo phar posix postgres readline session simplexml snmp soap sockets sqlite ssl systemd sysvipc threads tokenizer truetype unicode wddx xml xmlreader xmlrpc xmlwriter xpm xslt zip zlib -apache2 -cdb -cgi -cjk -coverage -debug -embed -firebird -iodbc -libedit -libmysqlclient -libressl -mssql -oci8-instant-client -qdbm -recode (-selinux) -sharedmem -spell -sybase-ct -tidy -vpx" 0 KiB I have PHP5 and PHP7 because of an old project that runs with php5 and can't be upgraded to 7.
What happens when you try to $(emerge -av1 =dev-lang/php-5.6.38)?
Oh now it's obvious. Php 5.6.36: intl? ( dev-libs/icu:= ) Php 5.6.38: intl? ( <dev-libs/icu-61.1:= ) But, icu 61.1 isn't stable yet. Please add =dev-libs/icu-61.1 to your package.accept_keywords and you'll be able to install php 5.6.38.
> intl? ( <dev-libs/icu-61.1:= ) That's a strictly-less-than constraint =) It should match dev-libs/icu-60.2. We need to know this: > What happens when you try to $(emerge -av1 =dev-lang/php-5.6.38)?
Comment #0 already shows that reporter of this bug has dev-libs/icu-62.1 installed. Portage chooses to downgrade dev-lang/php (from 5.6.38 to 5.6.36), but, most likely, rebuild of dev-lang/php-5.6.36 with dev-libs/icu-62.1 would fail. In order for Portage to make better suggestions, dependencies in older versions of dev-lang/php 5.6.* and 7.0.* should be synchronized with newer versions of dev-lang/php 5.6.* and 7.0.*: $ grep dev-libs/icu php-*.ebuild php-5.6.36.ebuild: intl? ( dev-libs/icu:= ) php-5.6.38.ebuild: intl? ( <dev-libs/icu-61.1:= ) php-7.0.30.ebuild: intl? ( dev-libs/icu:= ) php-7.0.32.ebuild: intl? ( <dev-libs/icu-61.1:= ) php-7.1.18.ebuild: intl? ( dev-libs/icu:= ) php-7.1.22.ebuild: intl? ( dev-libs/icu:= ) php-7.2.10.ebuild: intl? ( dev-libs/icu:= ) php-7.3.0_rc2.ebuild: intl? ( dev-libs/icu:= )
(In reply to Arfrever Frehtes Taifersar Arahesis from comment #4) > Comment #0 already shows that reporter of this bug has dev-libs/icu-62.1 > installed. > > Portage chooses to downgrade dev-lang/php (from 5.6.38 to 5.6.36), but, most > likely, rebuild of dev-lang/php-5.6.36 with dev-libs/icu-62.1 would fail. Thanks, I see the problem. > In order for Portage to make better suggestions, dependencies in older > versions of dev-lang/php 5.6.* and 7.0.* should be synchronized with newer > versions of dev-lang/php 5.6.* and 7.0.*: But we can't add an upper bound on the dependency in the older stable ebuilds without a revision bump... That could probably still go straight-to-stable, but in any case, I'd rather just delete the old versions. It looks like we're only waiting on alpha stabilizations for 5.6.38 and 7.0.32. Afterwards the older ebuilds without the version bound can be removed. @alpha team, please help =) There are already stabilization bugs open for php-5.6.38 and php-7.0.32 for security reasons.
(In reply to Michael Orlitzky from comment #3) > > intl? ( <dev-libs/icu-61.1:= ) > > That's a strictly-less-than constraint =) Sorry, totally missed the less-than part :( Blind me.
Hi, sorry for late reply. I'm sick and I went to bed after I posted this bug. To answer your question: ``` # emerge -av1 =dev-lang/php-5.6.38 These are the packages that would be merged, in order: Calculating dependencies... done! [ebuild UD ] dev-libs/icu-60.2:0/60.2::gentoo [62.1:0/62.1::gentoo] USE="-debug -doc -examples -static-libs" ABI_X86="(64) -32 (-x32)" 0 KiB [ebuild R ] dev-lang/php-5.6.38:5.6::gentoo USE="acl bcmath berkdb bzip2 calendar cli crypt ctype curl enchant exif fileinfo filter flatfile fpm ftp gd gdbm gmp hash iconv imap inifile intl ipv6 json kerberos ldap ldap-sasl mhash mysql mysqli nls odbc opcache pcntl pdo phar posix postgres readline session simplexml snmp soap sockets sqlite ssl systemd sysvipc threads tokenizer truetype unicode wddx xml xmlreader xmlrpc xmlwriter xpm xslt zip zlib -apache2 -cdb -cgi -cjk -coverage -debug -embed -firebird -iodbc -libedit -libmysqlclient -libressl -mssql -oci8-instant-client -qdbm -recode (-selinux) -sharedmem -spell -sybase-ct -tidy -vpx" 0 KiB Total: 2 packages (1 downgrade, 1 reinstall), Size of downloads: 0 KiB !!! Multiple package instances within a single package slot have been pulled !!! into the dependency graph, resulting in a slot conflict: dev-libs/icu:0 (dev-libs/icu-60.2:0/60.2::gentoo, ebuild scheduled for merge) pulled in by <dev-libs/icu-61.1:= required by (dev-lang/php-5.6.38:5.6/5.6::gentoo, ebuild scheduled for merge) ^ ^^^^ ^ (dev-libs/icu-62.1:0/62.1::gentoo, installed) pulled in by >=dev-libs/icu-61.1:0/62.1= required by (net-libs/nodejs-9.11.2:0/0::gentoo, installed) ^^ ^^^^^^^^^^^^ >=dev-libs/icu-51.2-r1:0/62.1=[abi_x86_64(-)] required by (media-libs/harfbuzz-1.9.0:0/0.9.18::gentoo, installed) ^^^^^^^^ (and 10 more with the same problems) NOTE: Use the '--verbose-conflicts' option to display parents omitted above It may be possible to solve this problem by using package.mask to prevent one of those packages from being selected. However, it is also possible that conflicting dependencies exist such that they are impossible to satisfy simultaneously. If such a conflict exists in the dependencies of two different packages, then those packages can not be installed simultaneously. You may want to try a larger value of the --backtrack option, such as --backtrack=30, in order to see if that will solve this conflict automatically. For more information, see MASKED PACKAGES section in the emerge man page or refer to the Gentoo Handbook. !!! The following installed packages are masked: - app-eselect/eselect-mesa-0.0.10-r1::gentoo (masked by: package.mask) /usr/portage/profiles/package.mask: # Matt Turner <mattst88@gentoo.org> (29 Sep 2018) # Removal in 30 days, bug #576334 - media-libs/celt-0.11.3::gentoo (masked by: package.mask) /usr/portage/profiles/package.mask: # Andreas Sturmlechner <asturm@gentoo.org> (16 Sep 2018) # was merged into the IETF Opus codec and is now obsolete # Removal in 30 days, bug #664154 For more information, see the MASKED PACKAGES section in the emerge man page or refer to the Gentoo Handbook. ```
dev-lang/php maintainers: Could you backport the following fix to dev-lang/php-{5.6.36,7.0.30} and re-allow newer versions of dev-libs/icu?: https://git.php.net/?p=php-src.git;a=commit;h=710284cbc4a54cac0a9ec4ea29a7486e0d99a33b It would be better than forcing users to use older, potentially vulnerable versions of dev-libs/icu.
(In reply to Arfrever Frehtes Taifersar Arahesis from comment #8) > dev-lang/php maintainers: Could you backport the following fix to > dev-lang/php-{5.6.36,7.0.30} and re-allow newer versions of dev-libs/icu?: > https://git.php.net/?p=php-src.git;a=commit; > h=710284cbc4a54cac0a9ec4ea29a7486e0d99a33b > > It would be better than forcing users to use older, potentially vulnerable > versions of dev-libs/icu. PHP slots 5.6 and 7.0 will go end-of-life in 84 and 56 days, respectively, with removal procedures starting shortly after. This is fixed in 7.1.17 and greater which users should start migrating to the new versions. While the fix is likely to be trivial with that commit, I will consider it if PHP releases a new version before expiration.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c9b41d63fc172ef8fa87fb99b6a283926f82cf80 commit c9b41d63fc172ef8fa87fb99b6a283926f82cf80 Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2018-10-11 14:38:47 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2018-10-11 14:41:39 +0000 dev-lang/php: Drop security vulnerable versions Bug: https://bugs.gentoo.org/666256 Bug: https://bugs.gentoo.org/668000 Signed-off-by: Brian Evans <grknight@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 dev-lang/php/Manifest | 3 - dev-lang/php/php-5.6.36.ebuild | 777 ----------------------------------------- dev-lang/php/php-7.0.30.ebuild | 751 --------------------------------------- dev-lang/php/php-7.1.18.ebuild | 731 -------------------------------------- 4 files changed, 2262 deletions(-)
(In reply to Brian Evans from comment #9) > (In reply to Arfrever Frehtes Taifersar Arahesis from comment #8) > > dev-lang/php maintainers: Could you backport the following fix to > > dev-lang/php-{5.6.36,7.0.30} and re-allow newer versions of dev-libs/icu?: > > https://git.php.net/?p=php-src.git;a=commit; > > h=710284cbc4a54cac0a9ec4ea29a7486e0d99a33b > > > > It would be better than forcing users to use older, potentially vulnerable > > versions of dev-libs/icu. > > PHP slots 5.6 and 7.0 will go end-of-life in 84 and 56 days, respectively, > with removal procedures starting shortly after. > > This is fixed in 7.1.17 and greater which users should start migrating to > the new versions. > > While the fix is likely to be trivial with that commit, I will consider it > if PHP releases a new version before expiration. Well upgrading the php5 only symfony app isn't an option. php5.6 needs to remain up to date eol or no eol, since it's the last php5 version there is.
(In reply to Darko Luketic from comment #11) > (In reply to Brian Evans from comment #9) > > (In reply to Arfrever Frehtes Taifersar Arahesis from comment #8) > > > dev-lang/php maintainers: Could you backport the following fix to > > > dev-lang/php-{5.6.36,7.0.30} and re-allow newer versions of dev-libs/icu?: > > > https://git.php.net/?p=php-src.git;a=commit; > > > h=710284cbc4a54cac0a9ec4ea29a7486e0d99a33b > > > > > > It would be better than forcing users to use older, potentially vulnerable > > > versions of dev-libs/icu. > > > > PHP slots 5.6 and 7.0 will go end-of-life in 84 and 56 days, respectively, > > with removal procedures starting shortly after. > > > > This is fixed in 7.1.17 and greater which users should start migrating to > > the new versions. > > > > While the fix is likely to be trivial with that commit, I will consider it > > if PHP releases a new version before expiration. > > Well upgrading the php5 only symfony app isn't an option. > > php5.6 needs to remain up to date eol or no eol, since it's the last php5 > version there is. This is not going to happen for very long. If there is enough interest, we are willing to take a snapshot overlay of everything non-script related (pecl packages and php itself) albeit masked with warnings. There has been more than enough time to get PHP 7 compliant.
And that is exactly the reason why Gentoo is not an option for a professional OS. Armchair professionals without a clue for real life demands. Fix the damned package!
Also it has NOTHING to do with code but it's all in the fucking dependencies. Do your fucking job or GTFO
Just disabled the account above on my own, for pretty clear reason
Created attachment 554570 [details, diff] PHP-7.0.32 ICU>=61.1 Patch I've been using this patch locally to build PHP 7.0.32 on my system. Not sure if this is the acceptable way to propose a patch or anything, this isn't usually something I do. I edit the ebuild and remove the version restriction for icu and run ebuild manifest after edit.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=84aad4ad45480f8e32471abb446c72f72e5b50fe commit 84aad4ad45480f8e32471abb446c72f72e5b50fe Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2018-12-06 23:19:44 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2018-12-06 23:19:59 +0000 dev-lang/php: bump to v5.6.39 - EAPI bump to EAPI=7 - Add compatibility with ICU >= 61 Bug: https://bugs.gentoo.org/668000 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> dev-lang/php/Manifest | 1 + .../php-5.6-intl-detect-icu-via-pkg-config.patch | 154 ++++ .../files/php-5.6-intl-icu-memory-corruption.patch | 88 +++ .../php/files/php-5.6-intl-use-icu-namespace.patch | 365 ++++++++++ dev-lang/php/php-5.6.39.ebuild | 785 +++++++++++++++++++++ 5 files changed, 1393 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=44841df440d27a047fb34a5ebd1db9862a5bf6a4 commit 44841df440d27a047fb34a5ebd1db9862a5bf6a4 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2018-12-07 00:01:09 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2018-12-07 00:01:33 +0000 dev-lang/php: bump to v7.0.33 - EAPI bump to EAPI=7 - Add compatibility with ICU >= 61 Bug: https://bugs.gentoo.org/668000 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> dev-lang/php/Manifest | 1 + ...php-7.0.33-intl-detect-icu-via-pkg-config.patch | 159 +++++ .../php-7.0.33-intl-icu-memory-corruption.patch | 91 +++ .../files/php-7.0.33-intl-use-icu-namespace.patch | 369 ++++++++++ dev-lang/php/php-7.0.33.ebuild | 754 +++++++++++++++++++++ 5 files changed, 1374 insertions(+)
