php5 5.3.3 update

[ryandesign (Ryan Carsten Schmidt)]

Here's a patch to updated php5 and all the bundled extension ports to 5.3.3. I'm not committing it yet because php5-mysql fails to build both ​with mysqlnd and ​with the mysql5 libraries. We also probably need an updated ​suhosin patch.

[ryandesign (Ryan Carsten Schmidt)]

initial attempt

[ryandesign (Ryan Carsten Schmidt)]

updated diff including suhosin variant

[wsiegrist@…]

Is there a problem with running v5.3.2 of the mysql extension with v5.3.3 of PHP? I need 5.3.3 to fix CVE-2010-2225, and php5-mysql 5.3.2 appears to work. Assuming the version mismatch is okay, could you update the port to fix the security problems and save php5-mysql for later when your php.net ticket is fixed?

[ryandesign (Ryan Carsten Schmidt)]

The php5extension portgroup will actively prevent you from attempting to install a bundled extension port unless that port's version number matches the version number reported by php-config. This was added to the portgroup in r61501 / #22808 because it seemed inadvisable to allow mixing version numbers.

Potentially I could see about adding an exemption for just this case for now.

[wsiegrist@…]

But it does not prevent you from upgrading php and some extensions, but not others, thus leaving you with mismatched versions. I agree that mixing versions is not a good practice, but if it works in this one case and allows for a security fix, it might be worth some sort of exception. Either way, I solved my problem by using a local port tree until all of php5 catches up, so I'm okay with waiting.

[ryandesign (Ryan Carsten Schmidt)]

My main concern was that people using the php52 port should not be able to install the php5 extension ports, which are for PHP 5.3. Relaxed the version check in r70327 to only match the PHP branch, not the specific version.

[ryandesign (Ryan Carsten Schmidt)]

Updated all except php5-mysql in r70353.

[spam@…]

Ok, this seems to be the reason for this problem: #26000 Is there a solution. Or should we go back to php5.3.2?

[ryandesign (Ryan Carsten Schmidt)]

Replying to spam@…:

Ok, this seems to be the reason for this problem: #26000

Fantastic. :(

Is there a solution.

I will ask upstream, in the bug reports mentioned in the description of this ticket.

Or should we go back to php5.3.2?

If upstream has no solution that's what we'll do.

[Garfield-fr (Bertrand Zuchuat)]

Cc Me!

[sean@…]

Cc Me!

[ryandesign (Ryan Carsten Schmidt)]

Upstream has fixed the ​problem building mysqli with external mysql libraries but not the ​problem building mysqli with mysqlnd. I updated php5-mysql to 5.3.3 in r70568 incorporating the upstream fix for using external mysql libraries and disabling mysqlnd entirely until upstream fixes that as well.

[ryandesign (Ryan Carsten Schmidt)]

Replying to ryandesign@…:

Relaxed the version check in r70327 to only match the PHP branch, not the specific version.

Reverted this in r70652 since the php5 @5.3.3 + php5-mysql @5.3.2 combo exemplified the problems that can occur.

[ryandesign (Ryan Carsten Schmidt)]

Replying to ryandesign@…:

Upstream has fixed the ​problem building mysqli with external mysql libraries but not the ​problem building mysqli with mysqlnd.

The mysqlnd problem is now fixed too. Applied upstream's patch to php5 in r70653 and reverted the removal of mysqlnd from php5-mysql in r70654.