Merge pull request #113 from brefphp/document-zlib-install

mnapoli · web-flow · commit fcd306b4f6f3 · 2023-09-01T09:38:41.000+02:00
Document zlib install
diff --git a/php-80/Dockerfile b/php-80/Dockerfile
@@ -71,35 +71,25 @@ RUN mkdir -p ${BUILD_DIR}  \
 
 ###############################################################################
 # ZLIB Build
+# We compile a newer version because Lambda uses an old version (1.2.7) that
+# has a security vulnerability (CVE-2022-37434).
+# See https://github.com/brefphp/aws-lambda-layers/pull/110
+# Can be removed once Lambda updates their version.
 # https://github.com/madler/zlib/releases
-# Needed for:
-#   - openssl
-#   - curl
-#   - php
-# Used By:
-#   - xml2
 ENV VERSION_ZLIB=1.3
-ENV ZLIB_BUILD_DIR=${BUILD_DIR}/xml2
-
+ENV ZLIB_BUILD_DIR=${BUILD_DIR}/zlib
 RUN set -xe; \
     mkdir -p ${ZLIB_BUILD_DIR}; \
-# Download and upack the source code
-    curl -Ls http://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
-  | tar xJC ${ZLIB_BUILD_DIR} --strip-components=1
-
-# Move into the unpackaged code directory
+    curl -Ls https://github.com/madler/zlib/releases/download/v${VERSION_ZLIB}/zlib-${VERSION_ZLIB}.tar.gz \
+  | tar xzC ${ZLIB_BUILD_DIR} --strip-components=1
 WORKDIR ${ZLIB_BUILD_DIR}/
-
-# Configure the build
 RUN set -xe; \
     make distclean \
  && CFLAGS="" \
     CPPFLAGS="-I${INSTALL_DIR}/include  -I/usr/include" \
     LDFLAGS="-L${INSTALL_DIR}/lib64 -L${INSTALL_DIR}/lib" \
     ./configure \
-    --prefix=${INSTALL_DIR} \
-    --64
-
+    --prefix=${INSTALL_DIR}
 RUN set -xe; \
     make install \
  && rm ${INSTALL_DIR}/lib/libz.a
diff --git a/php-81/Dockerfile b/php-81/Dockerfile
@@ -71,35 +71,25 @@ RUN mkdir -p ${BUILD_DIR}  \
 
 ###############################################################################
 # ZLIB Build
+# We compile a newer version because Lambda uses an old version (1.2.7) that
+# has a security vulnerability (CVE-2022-37434).
+# See https://github.com/brefphp/aws-lambda-layers/pull/110
+# Can be removed once Lambda updates their version.
 # https://github.com/madler/zlib/releases
-# Needed for:
-#   - openssl
-#   - curl
-#   - php
-# Used By:
-#   - xml2
 ENV VERSION_ZLIB=1.3
-ENV ZLIB_BUILD_DIR=${BUILD_DIR}/xml2
-
+ENV ZLIB_BUILD_DIR=${BUILD_DIR}/zlib
 RUN set -xe; \
     mkdir -p ${ZLIB_BUILD_DIR}; \
-# Download and upack the source code
-    curl -Ls http://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
-  | tar xJC ${ZLIB_BUILD_DIR} --strip-components=1
-
-# Move into the unpackaged code directory
+    curl -Ls https://github.com/madler/zlib/releases/download/v${VERSION_ZLIB}/zlib-${VERSION_ZLIB}.tar.gz \
+  | tar xzC ${ZLIB_BUILD_DIR} --strip-components=1
 WORKDIR ${ZLIB_BUILD_DIR}/
-
-# Configure the build
 RUN set -xe; \
     make distclean \
  && CFLAGS="" \
     CPPFLAGS="-I${INSTALL_DIR}/include  -I/usr/include" \
     LDFLAGS="-L${INSTALL_DIR}/lib64 -L${INSTALL_DIR}/lib" \
     ./configure \
-    --prefix=${INSTALL_DIR} \
-    --64
-
+    --prefix=${INSTALL_DIR}
 RUN set -xe; \
     make install \
  && rm ${INSTALL_DIR}/lib/libz.a
diff --git a/php-82/Dockerfile b/php-82/Dockerfile
@@ -71,35 +71,25 @@ RUN mkdir -p ${BUILD_DIR}  \
 
 ###############################################################################
 # ZLIB Build
+# We compile a newer version because Lambda uses an old version (1.2.7) that
+# has a security vulnerability (CVE-2022-37434).
+# See https://github.com/brefphp/aws-lambda-layers/pull/110
+# Can be removed once Lambda updates their version.
 # https://github.com/madler/zlib/releases
-# Needed for:
-#   - openssl
-#   - curl
-#   - php
-# Used By:
-#   - xml2
 ENV VERSION_ZLIB=1.3
-ENV ZLIB_BUILD_DIR=${BUILD_DIR}/xml2
-
+ENV ZLIB_BUILD_DIR=${BUILD_DIR}/zlib
 RUN set -xe; \
     mkdir -p ${ZLIB_BUILD_DIR}; \
-# Download and upack the source code
-    curl -Ls http://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
-  | tar xJC ${ZLIB_BUILD_DIR} --strip-components=1
-
-# Move into the unpackaged code directory
+    curl -Ls https://github.com/madler/zlib/releases/download/v${VERSION_ZLIB}/zlib-${VERSION_ZLIB}.tar.gz \
+  | tar xzC ${ZLIB_BUILD_DIR} --strip-components=1
 WORKDIR ${ZLIB_BUILD_DIR}/
-
-# Configure the build
 RUN set -xe; \
     make distclean \
  && CFLAGS="" \
     CPPFLAGS="-I${INSTALL_DIR}/include  -I/usr/include" \
     LDFLAGS="-L${INSTALL_DIR}/lib64 -L${INSTALL_DIR}/lib" \
     ./configure \
-    --prefix=${INSTALL_DIR} \
-    --64
-
+    --prefix=${INSTALL_DIR}
 RUN set -xe; \
     make install \
  && rm ${INSTALL_DIR}/lib/libz.a
diff --git a/php-83/Dockerfile b/php-83/Dockerfile
@@ -72,35 +72,25 @@ RUN mkdir -p ${BUILD_DIR}  \
 
 ###############################################################################
 # ZLIB Build
+# We compile a newer version because Lambda uses an old version (1.2.7) that
+# has a security vulnerability (CVE-2022-37434).
+# See https://github.com/brefphp/aws-lambda-layers/pull/110
+# Can be removed once Lambda updates their version.
 # https://github.com/madler/zlib/releases
-# Needed for:
-#   - openssl
-#   - curl
-#   - php
-# Used By:
-#   - xml2
 ENV VERSION_ZLIB=1.3
-ENV ZLIB_BUILD_DIR=${BUILD_DIR}/xml2
-
+ENV ZLIB_BUILD_DIR=${BUILD_DIR}/zlib
 RUN set -xe; \
     mkdir -p ${ZLIB_BUILD_DIR}; \
-# Download and upack the source code
-    curl -Ls http://zlib.net/zlib-${VERSION_ZLIB}.tar.xz \
-  | tar xJC ${ZLIB_BUILD_DIR} --strip-components=1
-
-# Move into the unpackaged code directory
+    curl -Ls https://github.com/madler/zlib/releases/download/v${VERSION_ZLIB}/zlib-${VERSION_ZLIB}.tar.gz \
+  | tar xzC ${ZLIB_BUILD_DIR} --strip-components=1
 WORKDIR ${ZLIB_BUILD_DIR}/
-
-# Configure the build
 RUN set -xe; \
     make distclean \
  && CFLAGS="" \
     CPPFLAGS="-I${INSTALL_DIR}/include  -I/usr/include" \
     LDFLAGS="-L${INSTALL_DIR}/lib64 -L${INSTALL_DIR}/lib" \
     ./configure \
-    --prefix=${INSTALL_DIR} \
-    --64
-
+    --prefix=${INSTALL_DIR}
 RUN set -xe; \
     make install \
  && rm ${INSTALL_DIR}/lib/libz.a
