Comment 1 Hanno Böck 2004-12-15 14:06:58 UTC

After a quick test, it seems that just copying the php-5.0.2-r1.ebuild and mod_php-5.0.2.ebuild to 5.0.3 works.

Comment 2 Rajiv Aaron Manglani (RETIRED) 2004-12-15 15:26:16 UTC

*** This bug has been marked as a duplicate of 72735 ***

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) 2004-12-15 22:55:17 UTC

Reopening to handle stable marking. 

Comment 4 Sune Kloppenborg Jeppesen (RETIRED) 2004-12-15 22:58:55 UTC

Arches please mark 4.3.10 stable.

Comment 5 Jochen Maes (RETIRED) 2004-12-16 00:24:17 UTC

stable on ppc

Comment 6 Sune Kloppenborg Jeppesen (RETIRED) 2004-12-16 01:28:42 UTC

*** Bug 74600 has been marked as a duplicate of this bug. ***

Comment 7 Markus Rothe (RETIRED) 2004-12-16 02:19:17 UTC

stable on ppc64

Comment 8 Dylan Carlson (RETIRED) 2004-12-16 02:40:10 UTC

stable on amd64.

Comment 9 Stuart Herbert (RETIRED) 2004-12-16 02:46:16 UTC

Please make sure that you test & mark the following packages:

* dev-php/php-4.3.10
* dev-php/mod_php-4.3.10
* dev-php/php-cgi-4.3.10

PHP 5.0.2 wasn't marked stable, so we don't need (and shouldn't be!) marking PHP-5.0.3 as stable.

Best regards,
Stu

Comment 10 Thierry Carrez (RETIRED) 2004-12-16 03:23:36 UTC

There are more fixed than just what was reported in Stefan's advisory :
See http://www.php.net/release_4_3_10.php

---------------------
CAN-2004-1018 - shmop_write() out of bounds memory write access.
CAN-2004-1018 - integer overflow/underflow in pack() and unpack() functions.
CAN-2004-1019 - possible information disclosure, double free and negative reference index array underflow in deserialization code.
CAN-2004-1020 - addslashes() not escaping \0 correctly.
CAN-2004-1063 - safe_mode execution directory bypass.
CAN-2004-1064 - arbitrary file access through path truncation.
CAN-2004-1065 - exif_read_data() overflow on long sectionname.
magic_quotes_gpc could lead to one level directory traversal with file uploads.
---------------------

Comment 11 Christian Birchinger (RETIRED) 2004-12-16 04:32:17 UTC

Created attachment 46114 [details]
build log

4.3.10 doesn't build on my sparc

Comment 12 Gustavo Zacarias (RETIRED) 2004-12-16 05:53:22 UTC

I'm getting the same (broken) results as Joker for my ultra.

Comment 13 Robin Johnson 2004-12-16 06:11:17 UTC

Could you please trace the errors in the zend .c file that is referenced in your errors there.

(php|php-cgi)-4.3.10 built on two i386 machines FYI

Just had to fiddle with java and LDPATHs

Comment 15 Robin Johnson 2004-12-16 10:31:15 UTC

Sparc: please see bug #74627 
I don't know why it didn't catch PPC.

Comment 16 Gustavo Zacarias (RETIRED) 2004-12-16 10:41:48 UTC

Probably because ppc is including stdint.h, linux/types.h or bits/types.h somewhere else which sparc isn't.
I'm currently building fixed ebuilds for sparc, be back soon.

Comment 17 Gustavo Zacarias (RETIRED) 2004-12-16 18:36:30 UTC

php-4.3.10, mod_php-4.3.10 & php-cgi-4.3.10 sparc stable with the fix. It's just applied for sparc since i won't have access to a ppc box until tomorrow and it seems it's required and/or could break them.
BTW, ppc forgot about php-cgi.

Comment 18 Bryan Østergaard (RETIRED) 2004-12-17 02:47:56 UTC

Alpha stable.

Comment 19 Sune Kloppenborg Jeppesen (RETIRED) 2004-12-18 03:13:14 UTC

SeJo you forget to mark mod_php stable. See comment #9

Comment 20 Michael Hanselmann (hansmi) (RETIRED) 2004-12-18 04:23:12 UTC

ppc done.

Comment 21 Sune Kloppenborg Jeppesen (RETIRED) 2004-12-18 04:46:50 UTC

Thx Micheal, please remember to remove CC:-)

Comment 22 Thierry Carrez (RETIRED) 2004-12-19 06:01:23 UTC

GLSA 200412-14
hppa, ia64, mips, s390 : please mark stable to benefit from GLSA.

Comment 23 Hardave Riar (RETIRED) 2005-02-21 13:37:26 UTC

Mips Stable.

Comment 24 René Nussbaumer (RETIRED) 2005-06-26 05:12:58 UTC

Already stable on hppa