Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi,
Drupal 5.3 has just been released, fixing various security vulnerabilities. The latest dev version fails to patch (the block_cache.patch fails at all) or patches the Drupal core with a few lines offset.
I suppose an updated development version (or maybe a stable one) that applies cleanly on 5.3 would be nice. 5.3 is a recommended release.
A question is: Is it safe to patch 5.3 by hand?
Thanks.
Comment | File | Size | Author |
---|---|---|---|
#23 | block_cache.patch | 3.78 KB | GoofyX |
#23 | comment_cache.patch | 5.51 KB | GoofyX |
#23 | forum_cache.patch | 1.05 KB | GoofyX |
#23 | node_cache.patch | 2.31 KB | GoofyX |
#23 | path_cache.patch | 6.32 KB | GoofyX |
Comments
Comment #1
robertDouglass CreditAttribution: robertDouglass commentedIf you patch 5.3 by hand and reroll the patches and upload them to this issue it will speed the process of getting a stable advcache release for 5.3. Otherwise you are somewhat tied to my schedule (in lieu of another volunteer) and I won't be able to get to it before next week. Thanks for helping!
Comment #2
GoofyX CreditAttribution: GoofyX commentedOK, I will do that in the next few days to help. I asked mainly to check if there will be any problems in case the core has changes that will invalidate the patches by the module.
Thanks!
Comment #3
Wim LeersIf there would be a Drupal 5.2 -> 5.3 patch, then module updates like this one would become trivial:
1) apply advcache patch on D5.2
2) apply 5.2 -> 5.3 patch
3) generate new patch for advcache
Maybe something worth considering?
Comment #4
GoofyX CreditAttribution: GoofyX commentedOK, this is a first try with comment_cache.patch. I applied manually (by hand) the patch on modules/comment/comment.module and modules/node/node.module and created a new patch for those files. Please check and yell if I did something stupid... :-)
Comment #5
GoofyX CreditAttribution: GoofyX commentedHere's the node_cache.patch.
Comment #6
robertDouglass CreditAttribution: robertDouglass commentedThanks, keep them coming.
Comment #7
tomchuk CreditAttribution: tomchuk commentedHere's all the patches for 5.3. All but block applied with a little fuzz. These apply cleanly to 5.3 and Drupal still works after applying them, other than that, not a lot of testing.
Comment #8
GoofyX CreditAttribution: GoofyX commentedI think block_cache.patch needs attention, because the existing patch not only fails because of different line offset, but it fails because of different PHP code. The maintainer should probably test these carefully.
Anyway, tomchuk a big thanks for your help. I tried to deal with the other files too, but did not have the time to finish them.
Comment #9
tomchuk CreditAttribution: tomchuk commentedYeah, looking back at the revision for the changes in block.module between 5.2 and 5.3 it appears that they were important.
The block patch in my previous post reverted the changes to that query to the version in 5.2, if anyone applied that patch they should reverse it out from the root directory of your Drupal install with
patch -p0 -R < /path/to/block_cache.patch
Here are updated patches that use the updated query from 5.3 (only block_cache.patch and all_patches.patch) changed, but posting all for completeness. Again, they apply cleanly, and Drupal seems to work afterwards, but use at your own risk.
Comment #10
GoofyX CreditAttribution: GoofyX commentedSo, maintainer(s), what's the status of the patches provided by tomchuk for Drupal 5.3, can we safely apply them in a production site?
Comment #11
ilmaestro CreditAttribution: ilmaestro commentedTom, all of your patches worked for me. This is my first time using this module, but I'll report back if anything seems to not be working.
Comment #12
ilmaestro CreditAttribution: ilmaestro commentedOk, I encoutered a problem today. I don't know if it is a problem with Tom's 5.3 patch or a bug in general. Regarding the comment caching, I noticed that for nodes that don't have any comments, cache_set is called *every* time the node page is loaded, even though no comments exist and a cache record already exists anyways.
I'm not sure it makes sense to cache an empty value, or if so, we probably shouldn't be caching some value that's the same as what we retrieved from the cache, even if that value is empty.
Comment #13
firebus CreditAttribution: firebus commentedthis is a minor bug, unrelated to the 5.3 patches. it also existed in 5.2. imo it's pretty harmless.
Comment #14
robertDouglass CreditAttribution: robertDouglass commented@ilmaestro: if you haven't already, could you please file a separate issue for the comment cache patch? Good catch!
@tomchuck: Thanks *very* much for the patches. Sorry I haven't had time to review them. Your help is appreciated.
Comment #15
GoofyX CreditAttribution: GoofyX commentedSo, Robert, any rough estimate about when we are going to have a stable release for v.5.3?
Comment #16
robertDouglass CreditAttribution: robertDouglass commented@firebus feel free to commit these when you deem them ready.
Comment #17
GoofyX CreditAttribution: GoofyX commentedWe must also make checks against version 5.5 that just came out.
Comment #18
tomchuk CreditAttribution: tomchuk commentedThe 5.3 patches apply with some offsets to 5.4 and 5.5. Attached are patches that apply cleanly against 5.5. I haven't had a chance to test these at all, but will in the next day or two.
Comment #19
firebus CreditAttribution: firebus commentedi just committed this to the dev branch, so a new tarball should be available once the cron runs.
it tests out fine for me, but i'd like to get confirmation from at least one other person before i create a new release for this.
thanks for your work on this, tomchuk!
Comment #20
Christefano-oldaccount CreditAttribution: Christefano-oldaccount commentedRight now I'm only using the path patch but I can report that it's working for me an a D5.5 installation with 1000+ nodes. Thanks for all of your work, guys.
Comment #21
firebus CreditAttribution: firebus commentedsetting to fixed. i'll roll a new release once i've tested sufficiently.
Comment #22
(not verified) CreditAttribution: commentedAutomatically closed -- issue fixed for two weeks with no activity.
Comment #23
GoofyX CreditAttribution: GoofyX commentedDrupal 5.6 is out, fixing security vulnerabilities.
Attached are all patches (except the big thing, all_patches.patch) that apply cleanly on 5.6. All patches needed a few line offset changes, other than that, they should be fine.
Comment #24
firebus CreditAttribution: firebus commentedopened http://drupal.org/node/208941 for this (new :) issue.
don't worry about reposting the patches there.
i'll have time to review and hopefully commit this weekend.
thank you!!!