These are very very welcome I think.
www/mod_php5 and www/mod_php55.
http://svnweb.freebsd.org/ports?view=revision&revision=349342
www/mod_php5 and www/mod_php55.
http://svnweb.freebsd.org/ports?view=revision&revision=349342
root@c1:/usr/ports/www/mod_php5# make install
/!\ WARNING /!\
!!! If you have a threaded Apache, you must build lang/php5 with ZTS support to enable thread-safety in extensions !!!
===> mod_php5-5.4.26 has known vulnerabilities:
mod_php5-5.4.26 is vulnerable:
php -- strip_tags cross-site scripting vulnerability
CVE: CVE-2004-0595
WWW: http://portaudit.FreeBSD.org/edf61c61-0f07-11d9-8393-000103ccf9d6.html
mod_php5-5.4.26 is vulnerable:
php -- multiple vulnerabilities
CVE: CVE-2004-1065
CVE: CVE-2004-1019
WWW: http://portaudit.FreeBSD.org/d47e9d19-5016-11d9-9b5f-0050569f0001.html
mod_php5-5.4.26 is vulnerable:
php -- memory_limit related vulnerability
CVE: CVE-2004-0594
WWW: http://portaudit.FreeBSD.org/dd7aa4f1-102f-11d9-8a8a-000c41e2cdad.html
mod_php5-5.4.26 is vulnerable:
php -- _ecalloc Integer Overflow Vulnerability
CVE: CVE-2006-4812
WWW: http://portaudit.FreeBSD.org/e329550b-54f7-11db-a5ae-00508d6a62df.html
mod_php5-5.4.26 is vulnerable:
php -- php_variables memory disclosure
WWW: http://portaudit.FreeBSD.org/ad74a1bd-16d2-11d9-bc4a-000c41e2cdad.html
mod_php5-5.4.26 is vulnerable:
php -- vulnerability in RFC 1867 file upload processing
WWW: http://portaudit.FreeBSD.org/562a3fdf-16d6-11d9-bc4a-000c41e2cdad.html
mod_php5-5.4.26 is vulnerable:
php -- open_basedir Race Condition Vulnerability
CVE: CVE-2006-5178
WWW: http://portaudit.FreeBSD.org/edabe438-542f-11db-a5ae-00508d6a62df.html
=> Please update your ports tree and try again.
*** [check-vulnerable] Error code 1
Stop in /usr/ports/www/mod_php5.
*** [install] Error code 1
Stop in /usr/ports/www/mod_php5.
root@c1:/usr/ports/www/mod_php5#
make -DDISABLE_VULNERABILITIES install clean
. You will still get reports from periodic(8) though.Great! Thanks for info!SirDice said:You can get it to build if you ignore the security warnings (they're incorrect anyway),make -DDISABLE_VULNERABILITIES install clean
. You will still get reports from periodic(8) though.
# cd /usr/ports/www/mod_php5
# make install
Installing mod_php5-5.4.27,1...pkg-static: mod_php5-5.4.27,1 conflicts with php5-5.4.25 (installs files into the same place). Problematic file: /usr/local/libexec/apache22/libphp5.so
# cd /usr/ports/lang/php5 ; make deinstall ; make reinstall