From 0fbb33a3e3517ef22b188270cd90bf3624d99714 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Wed, 6 Jul 2022 09:55:58 +0200 Subject: [PATCH] update to 8.1.8 Related: #2070040 --- .gitignore | 2 + php-mbstring.patch | 33 ----- php-openssl.patch | 317 --------------------------------------------- php.spec | 11 +- sources | 4 +- 5 files changed, 9 insertions(+), 358 deletions(-) delete mode 100644 php-mbstring.patch delete mode 100644 php-openssl.patch diff --git a/.gitignore b/.gitignore index 1b792cd..df0ad4d 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,5 @@ /php-8.1.6.tar.xz.asc /php-8.1.7.tar.xz /php-8.1.7.tar.xz.asc +/php-8.1.8.tar.xz +/php-8.1.8.tar.xz.asc diff --git a/php-mbstring.patch b/php-mbstring.patch deleted file mode 100644 index 7da512b..0000000 --- a/php-mbstring.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 2eb2f9d74f22bf35a4915ec95afc53a47ebf1af9 Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Thu, 2 Jun 2022 08:05:22 +0200 -Subject: [PATCH] Fix GH-8685 mbstring requires pcre - ---- - ext/mbstring/mbstring.c | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - -diff --git a/ext/mbstring/mbstring.c b/ext/mbstring/mbstring.c -index 48f22a682a19..4a4088aed3fb 100644 ---- a/ext/mbstring/mbstring.c -+++ b/ext/mbstring/mbstring.c -@@ -161,9 +161,18 @@ static const php_mb_nls_ident_list php_mb_default_identify_list[] = { - - /* }}} */ - -+/* {{{ mbstring_deps[] */ -+static const zend_module_dep mbstring_deps[] = { -+ ZEND_MOD_REQUIRED("pcre") -+ ZEND_MOD_END -+}; -+/* }}} */ -+ - /* {{{ zend_module_entry mbstring_module_entry */ - zend_module_entry mbstring_module_entry = { -- STANDARD_MODULE_HEADER, -+ STANDARD_MODULE_HEADER_EX, -+ NULL, -+ mbstring_deps, - "mbstring", - ext_functions, - PHP_MINIT(mbstring), diff --git a/php-openssl.patch b/php-openssl.patch deleted file mode 100644 index 403f979..0000000 --- a/php-openssl.patch +++ /dev/null @@ -1,317 +0,0 @@ -From 03a4ccd9120e5816e5f9f134f63b76e89558658f Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Tue, 31 May 2022 09:59:58 +0200 -Subject: [PATCH] use sha256 in openssl test suite - ---- - ext/openssl/tests/bug41033.phpt | 4 ++-- - ext/openssl/tests/bug61930.phpt | 11 ++++++----- - ext/openssl/tests/bug66501.phpt | 2 +- - ext/openssl/tests/ecc.phpt | 2 +- - ext/openssl/tests/openssl.cnf | 1 + - ext/openssl/tests/openssl_csr_export_basic.phpt | 2 +- - .../tests/openssl_csr_export_to_file_basic.phpt | 14 +++++++------- - .../tests/openssl_csr_get_public_key_basic.phpt | 2 +- - .../tests/openssl_csr_get_subject_basic.phpt | 2 +- - ext/openssl/tests/openssl_csr_sign_basic.phpt | 2 +- - ext/openssl/tests/openssl_sign_basic.phpt | 2 +- - .../tests/openssl_spki_export_challenge_basic.phpt | 14 -------------- - ext/openssl/tests/openssl_spki_new_basic.phpt | 8 -------- - ext/openssl/tests/openssl_spki_verify_basic.phpt | 14 -------------- - ext/openssl/tests/openssl_verify_basic.phpt | 12 ++++++------ - 15 files changed, 29 insertions(+), 63 deletions(-) - -diff --git a/ext/openssl/tests/bug41033.phpt b/ext/openssl/tests/bug41033.phpt -index ff30d8b266d0..73cca19506af 100644 ---- a/ext/openssl/tests/bug41033.phpt -+++ b/ext/openssl/tests/bug41033.phpt -@@ -10,11 +10,11 @@ $pub = 'file://' . __DIR__ . '/' . 'bug41033pub.pem'; - - $prkeyid = openssl_get_privatekey($prv, "1234"); - $ct = "Hello I am some text!"; --openssl_sign($ct, $signature, $prkeyid, OPENSSL_ALGO_SHA1); -+openssl_sign($ct, $signature, $prkeyid, OPENSSL_ALGO_SHA256); - echo "Signature: ".base64_encode($signature) . "\n"; - - $pukeyid = openssl_get_publickey($pub); --$valid = openssl_verify($ct, $signature, $pukeyid, OPENSSL_ALGO_SHA1); -+$valid = openssl_verify($ct, $signature, $pukeyid, OPENSSL_ALGO_SHA256); - echo "Signature validity: " . $valid . "\n"; - - -diff --git a/ext/openssl/tests/bug61930.phpt b/ext/openssl/tests/bug61930.phpt -index 862c6a07bfd0..d97f4990173a 100644 ---- a/ext/openssl/tests/bug61930.phpt -+++ b/ext/openssl/tests/bug61930.phpt -@@ -4,19 +4,20 @@ Bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey() - openssl - --FILE-- - - --EXPECTF-- - object(OpenSSLAsymmetricKey)#%d (0) { -diff --git a/ext/openssl/tests/bug66501.phpt b/ext/openssl/tests/bug66501.phpt -index 4a7bfbf1361b..56d391032f7e 100644 ---- a/ext/openssl/tests/bug66501.phpt -+++ b/ext/openssl/tests/bug66501.phpt -@@ -18,7 +18,7 @@ AwEHoUQDQgAEPq4hbIWHvB51rdWr8ejrjWo4qVNWVugYFtPg/xLQw0mHkIPZ4DvK - sqOTOnMoezkbSmVVMuwz9flvnqHGmQvmug== - -----END EC PRIVATE KEY-----'; - $key = openssl_pkey_get_private($pkey); --$res = openssl_sign($data ='alpha', $sign, $key, 'SHA1'); -+$res = openssl_sign($data ='alpha', $sign, $key, 'SHA256'); - var_dump($res); - ?> - --EXPECT-- -diff --git a/ext/openssl/tests/ecc.phpt b/ext/openssl/tests/ecc.phpt -index a18651dc5e4b..297af1dccd0c 100644 ---- a/ext/openssl/tests/ecc.phpt -+++ b/ext/openssl/tests/ecc.phpt -@@ -64,7 +64,7 @@ $csr = openssl_csr_new($dn, $keyGenerate, $args); - - var_dump($keyGenerate); - --$args["digest_alg"] = "sha1"; -+$args["digest_alg"] = "sha256"; - echo "Testing openssl_csr_new with existing ecc key\n"; - $csr = openssl_csr_new($dn, $key1, $args); - var_dump($csr); -diff --git a/ext/openssl/tests/openssl.cnf b/ext/openssl/tests/openssl.cnf -index f3025aeb5caa..6146b93142cc 100644 ---- a/ext/openssl/tests/openssl.cnf -+++ b/ext/openssl/tests/openssl.cnf -@@ -7,6 +7,7 @@ tsa_policy2 = 1.2.3.4.5.6 - - [ req ] - default_bits = 1024 -+default_md = sha256 - default_keyfile = privkey.pem - distinguished_name = req_distinguished_name - attributes = req_attributes -diff --git a/ext/openssl/tests/openssl_csr_export_basic.phpt b/ext/openssl/tests/openssl_csr_export_basic.phpt -index 559befe23c92..95bf741e9ec1 100644 ---- a/ext/openssl/tests/openssl_csr_export_basic.phpt -+++ b/ext/openssl/tests/openssl_csr_export_basic.phpt -@@ -17,7 +17,7 @@ $dn = array( - ); - - $args = array( -- "digest_alg" => "sha1", -+ "digest_alg" => "sha256", - "private_key_bits" => 2048, - "private_key_type" => OPENSSL_KEYTYPE_DSA, - "encrypt_key" => true, -diff --git a/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt b/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt -index dfa533b729cb..5b0920888163 100644 ---- a/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt -+++ b/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt -@@ -25,7 +25,7 @@ $dn = array( - ); - - $args = array( -- "digest_alg" => "sha1", -+ "digest_alg" => "sha256", - "private_key_bits" => 2048, - "private_key_type" => OPENSSL_KEYTYPE_DSA, - "encrypt_key" => true, -@@ -66,12 +66,12 @@ BggTncBh9ozkVQGS/P1m0zn/SKSgDO+6DdeLHLMjpUASaoYfsay4PJLAdnTqLOeM - g6qNE6u0ebZXVfmpSmV1pSZ6kQnxbsb6rX1iOZxkwHnVWYb40Hy0EILo31x6BVqB - m159m7s38ChiRHqlj20DmRfxXjiT5YDgYYQ29wQBTVQrTN5O9UW5Y+eKTXd8r6te - dsbIBXdKN7NeX7ksGYHq1I3hLsP8EyvZO78qfjKyEB0Jj3UCAwEAAaAAMA0GCSqG --SIb3DQEBBQUAA4IBAQCamzVmIbElkiDQKzQpkfU5tHjrWPrHDSB186NI0sQ8i6GQ --1YT6yPAXBPTQ1aER/6uAZJL5HfWEX8V1rKbe8GkPAPCHHQzmHyWlaO2EHS57zJhk --sRrhqkhhkSNiDg4OrsguhRtbB2VMGeDbqHGI89uGqqGHUiZc/Bh8N7WFXZkUU/A0 --sfBgVeqg0P4SWez5fHXqBNcjMdMI5f0bikcDZSIfTHS8FX+PMurLBC8UPB0YNIOl --1r2Lvo+6YUHOziG1OwQd3K0xxu/JzzOE+lMB73ynz4V6DY5Qv3qVno1GpupvgmQA --JViHkCA9x6m8RJXAFvqmgLlWlUzbDv/cRrDfjWjR -+SIb3DQEBCwUAA4IBAQCNtCIfMHBDRvNqHmrDfR/+A7ZJ+n/XzA2uQhvjEq91DeT8 -+IE7gjUtmj2sqKmHGIDO4uN4F9ZHYzcNk23n6CMljYqJLbB2dHC0V6vkDB7qod1TH -+/SK39Yj0ji2AT45LD5rLH3vd1bjxdwwhyPyGhshKOIdnmBv4mwTRANIsiISMQV4Y -+ZPAXJ5DTKkgdsY14hqhyWct1bWMPpj2MCLQGjKxK8vmbiKaNL1XxAS7chTXoy7un -+NvBKc82Wy3XEuC9AkNFEytD6kA9gu8nFydvYTOvvhaQrf9RzwSitgi9Vj3mbujsN -+f1JMPX0/eHrKvG9wBZu28FdS54xoWGeD1NGraW24 - -----END CERTIFICATE REQUEST----- - " - -diff --git a/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt b/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt -index 7faaf2f23454..9f128c200bea 100644 ---- a/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt -+++ b/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt -@@ -23,7 +23,7 @@ $dn = array( - ); - - $args = array( -- "digest_alg" => "sha1", -+ "digest_alg" => "sha256", - "private_key_bits" => 2048, - "private_key_type" => OPENSSL_KEYTYPE_DSA, - "encrypt_key" => true, -diff --git a/ext/openssl/tests/openssl_csr_get_subject_basic.phpt b/ext/openssl/tests/openssl_csr_get_subject_basic.phpt -index 6fe63e971775..79baeb65b8a5 100644 ---- a/ext/openssl/tests/openssl_csr_get_subject_basic.phpt -+++ b/ext/openssl/tests/openssl_csr_get_subject_basic.phpt -@@ -23,7 +23,7 @@ $dn = array( - ); - - $args = array( -- "digest_alg" => "sha1", -+ "digest_alg" => "sha256", - "private_key_bits" => 2048, - "private_key_type" => OPENSSL_KEYTYPE_DSA, - "encrypt_key" => true, -diff --git a/ext/openssl/tests/openssl_csr_sign_basic.phpt b/ext/openssl/tests/openssl_csr_sign_basic.phpt -index a7030b392145..0cf678cc2944 100644 ---- a/ext/openssl/tests/openssl_csr_sign_basic.phpt -+++ b/ext/openssl/tests/openssl_csr_sign_basic.phpt -@@ -20,7 +20,7 @@ $dn = array( - ); - - $args = array( -- "digest_alg" => "sha1", -+ "digest_alg" => "sha256", - "private_key_bits" => 2048, - "private_key_type" => OPENSSL_KEYTYPE_DSA, - "encrypt_key" => true, -diff --git a/ext/openssl/tests/openssl_sign_basic.phpt b/ext/openssl/tests/openssl_sign_basic.phpt -index 48deac9337c1..047028101893 100644 ---- a/ext/openssl/tests/openssl_sign_basic.phpt -+++ b/ext/openssl/tests/openssl_sign_basic.phpt -@@ -8,7 +8,7 @@ $data = "Testing openssl_sign()"; - $privkey = "file://" . __DIR__ . "/private_rsa_1024.key"; - $wrong = "wrong"; - --var_dump(openssl_sign($data, $sign, $privkey)); // no output -+var_dump(openssl_sign($data, $sign, $privkey, OPENSSL_ALGO_SHA256)); // no output - var_dump(openssl_sign($data, $sign, $wrong)); - ?> - --EXPECTF-- -diff --git a/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt b/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt -index ab9076791be4..2fadc30e6810 100644 ---- a/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt -+++ b/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt -@@ -22,8 +22,6 @@ foreach ($key_sizes as $key_size) { - - /* array of available hashings to test */ - $algo = array( -- OPENSSL_ALGO_MD5, -- OPENSSL_ALGO_SHA1, - OPENSSL_ALGO_SHA224, - OPENSSL_ALGO_SHA256, - OPENSSL_ALGO_SHA384, -@@ -76,15 +74,3 @@ string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\" - bool\(false\) - string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\" - bool\(false\) --string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\" --bool\(false\) --string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\" --bool\(false\) --string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\" --bool\(false\) --string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\" --bool\(false\) --string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\" --bool\(false\) --string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\" --bool\(false\) -diff --git a/ext/openssl/tests/openssl_spki_new_basic.phpt b/ext/openssl/tests/openssl_spki_new_basic.phpt -index 1d29fe05bd81..6b661afde36f 100644 ---- a/ext/openssl/tests/openssl_spki_new_basic.phpt -+++ b/ext/openssl/tests/openssl_spki_new_basic.phpt -@@ -16,8 +16,6 @@ foreach ($key_sizes as $key_size) { - - /* array of available hashings to test */ - $algo = array( -- OPENSSL_ALGO_MD5, -- OPENSSL_ALGO_SHA1, - OPENSSL_ALGO_SHA224, - OPENSSL_ALGO_SHA256, - OPENSSL_ALGO_SHA384, -@@ -47,16 +45,10 @@ string(478) "%s" - string(478) "%s" - string(478) "%s" - string(478) "%s" --string(478) "%s" --string(478) "%s" --string(830) "%s" - string(830) "%s" - string(830) "%s" - string(830) "%s" - string(830) "%s" --string(830) "%s" --string(1510) "%s" --string(1510) "%s" - string(1510) "%s" - string(1510) "%s" - string(1510) "%s" -diff --git a/ext/openssl/tests/openssl_spki_verify_basic.phpt b/ext/openssl/tests/openssl_spki_verify_basic.phpt -index 9b624a7a5f72..19704b4a4fa8 100644 ---- a/ext/openssl/tests/openssl_spki_verify_basic.phpt -+++ b/ext/openssl/tests/openssl_spki_verify_basic.phpt -@@ -18,8 +18,6 @@ foreach ($key_sizes as $key_size) { - - /* array of available hashings to test */ - $algo = array( -- OPENSSL_ALGO_SHA1, -- OPENSSL_ALGO_SHA224, - OPENSSL_ALGO_SHA256, - OPENSSL_ALGO_SHA384, - OPENSSL_ALGO_SHA512, -@@ -65,15 +63,3 @@ bool(true) - bool(false) - bool(true) - bool(false) --bool(true) --bool(false) --bool(true) --bool(false) --bool(true) --bool(false) --bool(true) --bool(false) --bool(true) --bool(false) --bool(true) --bool(false) -diff --git a/ext/openssl/tests/openssl_verify_basic.phpt b/ext/openssl/tests/openssl_verify_basic.phpt -index 0e93a21319d9..674a3c58a9ea 100644 ---- a/ext/openssl/tests/openssl_verify_basic.phpt -+++ b/ext/openssl/tests/openssl_verify_basic.phpt -@@ -9,12 +9,12 @@ $privkey = "file://" . __DIR__ . "/private_rsa_1024.key"; - $pubkey = "file://" . __DIR__ . "/public.key"; - $wrong = "wrong"; - --openssl_sign($data, $sign, $privkey); --var_dump(openssl_verify($data, $sign, $pubkey)); --var_dump(openssl_verify($data, $sign, $privkey)); --var_dump(openssl_verify($data, $sign, $wrong)); --var_dump(openssl_verify($data, $wrong, $pubkey)); --var_dump(openssl_verify($wrong, $sign, $pubkey)); -+openssl_sign($data, $sign, $privkey, OPENSSL_ALGO_SHA256); -+var_dump(openssl_verify($data, $sign, $pubkey, OPENSSL_ALGO_SHA256)); -+var_dump(openssl_verify($data, $sign, $privkey, OPENSSL_ALGO_SHA256)); -+var_dump(openssl_verify($data, $sign, $wrong, OPENSSL_ALGO_SHA256)); -+var_dump(openssl_verify($data, $wrong, $pubkey, OPENSSL_ALGO_SHA256)); -+var_dump(openssl_verify($wrong, $sign, $pubkey, OPENSSL_ALGO_SHA256)); - ?> - --EXPECTF-- - int(1) diff --git a/php.spec b/php.spec index c172331..4c531dd 100644 --- a/php.spec +++ b/php.spec @@ -64,13 +64,13 @@ %bcond_with imap %bcond_without lmdb -%global upver 8.1.7 +%global upver 8.1.8 #global rcver RC1 Summary: PHP scripting language for creating dynamic web sites Name: php Version: %{upver}%{?rcver:~%{rcver}} -Release: 2%{?dist} +Release: 1%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -121,8 +121,6 @@ Patch45: php-7.4.0-ldap_r.patch Patch47: php-8.1.0-phpinfo.patch # Upstream fixes (100+) -Patch100: php-mbstring.patch -Patch101: php-openssl.patch # Security fixes (200+) @@ -723,8 +721,6 @@ in pure PHP. %patch47 -p1 -b .phpinfo # upstream patches -%patch100 -p1 -b .pcre -%patch101 -p1 -b .sha1 # security patches @@ -1543,6 +1539,9 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || : %changelog +* Wed Jul 6 2022 Remi Collet - 8.1.8-1 +- update to 8.1.8 #2070040 + * Mon Jun 13 2022 Remi Collet - 8.1.7-2 - clean unneeded dependency on useradd command diff --git a/sources b/sources index bc783e3..a20511b 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (php-8.1.7.tar.xz) = 1d72db220f3485310e02b67c41dd6434c26b7118f673ba7f425ff6b79cc96c86fc45bfe9c90b302d719eb9b7a5334f363a92ac309c367aacc93ab31a72a63c45 -SHA512 (php-8.1.7.tar.xz.asc) = 9c34d74718261ed2a3375bb06a1e4d68b71d091c12558868bd0ab0325a5046e88af0b8a09fc4035169d681f98b14e108c04ea24053d7d80ca4a0cee5510054fa +SHA512 (php-8.1.8.tar.xz) = 4ef03b4c412bdbcdf6c3dc4784b3218a0519e6b91a0682e796270d4426c05c62309b4835ea31271857a5f2535d00f20a9f9b4a79703a49c3e40f16fafa948dd4 +SHA512 (php-8.1.8.tar.xz.asc) = 2ae20e61537ee720567a21dde7488e471d3cf24ed80f1b70218f8f35efeaeadc1570ac5e957ecbb0a0aec6c13e6b6d968fb6db7e6ff50269c1a2f053970e15de