taca
2247738610
Update php55 to 5.5.34, including security fix.
...
Add add an patch to fix memory leak noted from Zafer Aydo«»an via
private mail.
31 Mar 2016, PHP 5.5.34
- Fileinfo:
. Fixed bug #71527 (Buffer over-write in finfo_open with malformed magic
file). (Anatol)
- Mbstring:
. Fixed bug #71906 (AddressSanitizer: negative-size-param (-1) in
mbfl_strcut). (Stas)
- OBBC
. Fixed bug #71860 (Invalid memory write in phar on filename with \0 in
name). (Stas)
- SNMP:
. Fixed bug #71704 (php_snmp_error() Format String Vulnerability).
(andrew at jmpesp dot org)
- Standard
. Fixed bug #71798 (Integer Overflow in php_raw_url_encode).
(taoguangchen at icloud dot com, Stas)
2016-04-02 08:59:24 +00:00
jperkin
5e3a54b620
Ensure destination directory is precreated. Fixes some pax failures.
2016-04-02 08:22:03 +00:00
taca
1a61d5d242
Update php70 to 7.0.4 (PHP 7.0.4), including security fxies.
...
03 Mar 2016 PHP 7.0.4
- Core:
. Fixed bug (Low probability segfault in zend_arena). (Laruence)
. Fixed bug #71441 (Typehinted Generator with return in try/finally crashes).
(Bob)
. Fixed bug #71442 (forward_static_call crash). (Laruence)
. Fixed bug #71443 (Segfault using built-in webserver with intl using
symfony). (Laruence)
. Fixed bug #71449 (An integer overflow bug in php_implode()). (Stas)
. Fixed bug #71450 (An integer overflow bug in php_str_to_str_ex()). (Stas)
. Fixed bug #71474 (Crash because of VM stack corruption on Magento2).
(Dmitry)
. Fixed bug #71485 (Return typehint on internal func causes Fatal error
when it throws exception). (Laruence)
. Fixed bug #71529 (Variable references on array elements don't work when
using count). (Nikita)
. Fixed bug #71601 (finally block not executed after yield from). (Bob)
. Fixed bug #71637 (Multiple Heap Overflow due to integer overflows in
xml/filter_url/addcslashes). (Stas)
- CLI server:
. Fixed bug #71559 (Built-in HTTP server, we can download file in web by bug).
(Johannes, Anatol)
- CURL:
. Fixed bug #71523 (Copied handle with new option CURLOPT_HTTPHEADER crashes
while curl_multi_exec). (Laruence)
. Fixed memory leak in curl_getinfo(). (Leigh)
- Date:
. Fixed bug #71525 (Calls to date_modify will mutate timelib_rel_time,
causing date_date_set issues). (Sean DuBois)
- Fileinfo:
. Fixed bug #71434 (finfo throws notice for specific python file). (Laruence)
- FPM:
. Fixed bug #62172 (FPM not working with Apache httpd 2.4 balancer/fcgi
setup). (Matt Haught, Remi)
. Fixed bug #71269 (php-fpm dumped core). (Mickaël)
- Opcache:
. Fixed bug #71584 (Possible use-after-free of ZCG(cwd) in Zend Opcache).
(Yussuf Khalil)
- PCRE:
. Fixed bug #71537 (PCRE segfault from Opcache). (Laruence)
- phpdbg:
. Fixed inherited functions from unspecified files being included in
phpdbg_get_executable(). (Bob)
- SOAP:
. Fixed bug #71610 (Type Confusion Vulnerability - SOAP /
make_http_soap_request()). (Stas)
- Standard:
. Fixed bug #71603 (compact() maintains references in php7). (Laruence)
. Fixed bug #70720 (strip_tags improper php code parsing). (Julien)
- XMLRPC:
. Fixed bug #71501 (xmlrpc_encode_request ignores encoding option). (Hieu Le)
- Zip:
. Fixed bug #71561 (NULL pointer dereference in Zip::ExtractTo). (Laruence)
2016-03-05 05:20:17 +00:00
taca
4ef129bc0e
Update php56 to 5.6.19 (PHP 5.6.19), including security fixes.
...
03 Mar 2016, PHP 5.6.19
- CLI server:
. Fixed bug #71559 (Built-in HTTP server, we can download file in web by bug).
(Johannes, Anatol)
- CURL:
. Fixed bug #71523 (Copied handle with new option CURLOPT_HTTPHEADER crashes
while curl_multi_exec). (Laruence)
- Date:
. Fixed bug #68078 (Datetime comparisons ignore microseconds). (Willem-Jan
Zijderveld)
. Fixed bug #71525 (Calls to date_modify will mutate timelib_rel_time,
causing date_date_set issues). (Sean DuBois)
- Fileinfo:
. Fixed bug #71434 (finfo throws notice for specific python file). (Laruence)
- FPM:
. Fixed bug #62172 (FPM not working with Apache httpd 2.4 balancer/fcgi
setup). (Matt Haught, Remi)
- Opcache:
. Fixed bug #71584 (Possible use-after-free of ZCG(cwd) in Zend Opcache).
(Yussuf Khalil)
- PDO MySQL:
. Fixed bug #71569 (#70389 fix causes segmentation fault). (Nikita)
- Phar:
. Fixed bug #71498 (Out-of-Bound Read in phar_parse_zipfile()). (Stas)
- Standard:
. Fixed bug #70720 (strip_tags improper php code parsing). (Julien)
- WDDX:
. Fixed bug #71587 (Use-After-Free / Double-Free in WDDX Deserialize). (Stas)
- XSL:
. Fixed bug #71540 (NULL pointer dereference in xsl_ext_function_php()).
(Stas)
- Zip:
. Fixed bug #71561 (NULL pointer dereference in Zip::ExtractTo). (Laruence)
2016-03-05 05:18:51 +00:00
taca
1cc6d18032
Update php55 to 5.5.33, security fixes.
...
03 Mar 2016, PHP 5.5.33
- Phar:
. Fixed bug #71498 (Out-of-Bound Read in phar_parse_zipfile()). (Stas)
- WDDX:
. Fixed bug #71587 (Use-After-Free / Double-Free in WDDX Deserialize). (Stas)
2016-03-05 05:17:33 +00:00
jperkin
c22fd3770e
Remove PEAR_SKIP_FILES after the dynamic PLIST generation too, as
...
php is invoked to generate the PLIST and will re-create the files,
despite them already having been removed in post-install.
2016-02-29 19:26:53 +00:00
taca
86b6caa369
Update php70 to 7.0.3 (PHP 7.0.3).
...
04 Feb 2016 PHP 7.0.3
- Core:
. Added support for new HTTP 451 code. (Julien)
. Fixed bug #71039 (exec functions ignore length but look for NULL termination).
(Anatol)
. Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
. Fixed bug #71201 (round() segfault on 64-bit builds). (Anatol)
. Fixed bug #71221 (Null pointer deref (segfault) in get_defined_vars via
ob_start). (hugh at allthethings dot co dot nz)
. Fixed bug #71248 (Wrong interface is enforced). (Dmitry)
. Fixed bug #71273 (A wrong ext directory setup in php.ini leads to crash).
(Anatol)
. Fixed Bug #71275 (Bad method called on cloning an object having a trait).
(Bob)
. Fixed bug #71297 (Memory leak with consecutive yield from). (Bob)
. Fixed bug #71300 (Segfault in zend_fetch_string_offset). (Laruence)
. Fixed bug #71314 (var_export(INF) prints INF.0). (Andrea)
. Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its
input). (Leo Gaspard)
. Fixed bug #71336 (Wrong is_ref on properties as exposed via
get_object_vars()). (Laruence)
. Fixed bug #71459 (Integer overflow in iptcembed()). (Stas)
- Apache2handler:
. Fix >2G Content-Length headers in apache2handler. (Adam Harvey)
- CURL:
. Fixed bug #71227 (Can't compile php_curl statically). (Anatol)
. Fixed bug #71225 (curl_setopt() fails to set CURLOPT_POSTFIELDS with
reference to CURLFile). (Laruence)
- Interbase:
. Fixed Bug #71305 (Crash when optional resource is omitted).
(Laruence, Anatol)
- LDAP:
. Fixed bug #71249 (ldap_mod_replace/ldap_mod_add store value as string
"Array"). (Laruence)
- mbstring:
. Fixed bug #71397 (mb_send_mail segmentation fault). (Andrea, Yasuo)
- OpenSSL:
. Fixed bug #71475 (openssl_seal() uninitialized memory usage). (Stas)
- Phar:
. Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (Stas)
. Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
(Stas)
. Fixed bug #71488 (Stack overflow when decompressing tar archives). (Stas)
- SOAP:
. Fixed bug #70979 (crash with bad soap request). (Anatol)
- SPL:
. Fixed bug #71204 (segfault if clean spl_autoload_funcs while autoloading).
(Laruence)
. Fixed bug #71202 (Autoload function registered by another not activated
immediately). (Laruence)
. Fixed bug #71311 (Use-after-free vulnerability in SPL(ArrayObject,
unserialize)). (Sean Heelan)
. Fixed bug #71313 (Use-after-free vulnerability in SPL(SplObjectStorage,
unserialize)). (Sean Heelan)
- Standard:
. Fixed bug #71287 (Error message contains hexadecimal instead of decimal
number). (Laruence)
. Fixed bug #71264 (file_put_contents() returns unexpected value when
filesystem runs full). (Laruence)
. Fixed bug #71245 (file_get_contents() ignores "header" context option if
it's a reference). (Laruence)
. Fixed bug #71220 (Null pointer deref (segfault) in compact via ob_start).
(hugh at allthethings dot co dot nz)
. Fixed bug #71190 (substr_replace converts integers in original $search
array to strings). (Laruence)
. Fixed bug #71188 (str_replace converts integers in original $search array
to strings). (Laruence)
. Fixed bug #71132 , #71197 (range() segfaults). (Thomas Punt)
- WDDX:
. Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization). (Stas)
2016-02-06 07:14:44 +00:00
taca
be4cd69fa5
Update php56 to 5.6.18 (PHP 5.6.18).
...
04 Feb 2016, PHP 5.6.18
- Core:
. Fixed bug #71039 (exec functions ignore length but look for NULL termination).
(Anatol)
. Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
. Fixed bug #71201 (round() segfault on 64-bit builds). (Anatol)
. Added support for new HTTP 451 code. (Julien)
. Fixed bug #71273 (A wrong ext directory setup in php.ini leads to crash).
(Anatol)
. Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its
input). (Leo Gaspard)
. Fixed bug #71459 (Integer overflow in iptcembed()). (Stas)
- Apache2handler:
. Fix >2G Content-Length headers in apache2handler. (Adam Harvey)
- FTP:
. Implemented FR #55651 (Option to ignore the returned FTP PASV address).
(abrender at elitehosts dot com)
- Opcache:
. Fixed bug #71127 (Define in auto_prepend_file is overwrite). (Laruence)
. Fixed bug #71024 (Unable to use PHP 7.0 x64 side-by-side with PHP 5.6 x32
on the same server). (Anatol)
- Phar:
. Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (Stas)
. Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
(Stas)
. Fixed bug #71488 (Stack overflow when decompressing tar archives). (Stas)
- Session:
. Fixed bug #69111 (Crash in SessionHandler::read()). (Anatol)
- SOAP:
. Fixed bug #70979 (crash with bad soap request). (Anatol)
- SPL:
. Fixed bug #71204 (segfault if clean spl_autoload_funcs while autoloading).
(Laruence)
- WDDX:
. Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization). (Stas)
2016-02-06 07:13:02 +00:00
taca
8b492a062e
Update php55 to 5.5.32 (PHP 5.5.32).
...
04 Feb 2016, PHP 5.5.32
- Core:
. Fixed bug #71039 (exec functions ignore length but look for NULL termination).
(Anatol)
. Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its
input). (Leo Gaspard)
. Fixed bug #71459 (Integer overflow in iptcembed()). (Stas)
- GD:
. Improved the fix for bug #70976 . (Remi)
- PCRE:
. Upgraded pcrelib to 8.38.
- Phar:
. Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (Stas)
. Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
(Stas)
. Fixed bug #71488 (Stack overflow when decompressing tar archives). (Stas)
- WDDX:
. Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization). (Stas)
2016-02-06 07:11:06 +00:00
taca
e628fa8fc4
Update php70 to 7.0.2, including security fix.
...
07 Jan 2016 PHP 7.0.2
- Core:
. Fixed bug #71165 (-DGC_BENCH=1 doesn't work on PHP7).
(y dot uchiyama dot 1015 at gmail dot com)
. Fixed bug #71163 (Segmentation Fault: cleanup_unfinished_calls). (Laruence)
. Fixed bug #71109 (ZEND_MOD_CONFLICTS("xdebug") doesn't work). (Laruence)
. Fixed bug #71092 (Segmentation fault with return type hinting). (Laruence)
. Fixed bug memleak in header_register_callback. (Laruence)
. Fixed bug #71067 (Local object in class method stays in memory for each
call). (Laruence)
. Fixed bug #66909 (configure fails utf8_to_mutf7 test). (Michael Orlitzky)
. Fixed bug #70781 (Extension tests fail on dynamic ext dependency).
(Francois Laupretre)
. Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
. Fixed bug #71086 (Invalid numeric literal parse error within
highlight_string() function). (Nikita)
. Fixed bug #71154 (Incorrect HT iterator invalidation causes iterator reuse).
(Nikita)
. Fixed bug #52355 (Negating zero does not produce negative zero). (Andrea)
. Fixed bug #66179 (var_export() exports float as integer). (Andrea)
. Fixed bug #70804 (Unary add on negative zero produces positive zero).
(Andrea)
- CURL:
. Fixed bug #71144 (Sementation fault when using cURL with ZTS).
(Michael Maroszek, Laruence)
- DBA:
. Fixed key leak with invalid resource. (Laruence)
- Filter:
. Fixed bug #71063 (filter_input(INPUT_ENV, ..) does not work). (Reeze Xia)
- FTP:
. Implemented FR #55651 (Option to ignore the returned FTP PASV address).
(abrender at elitehosts dot com)
- FPM:
. Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). (Stas)
- GD:
. Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index
Out of Bounds). (emmanuel dot law at gmail dot com).
- Mbstring:
. Fixed bug #71066 (mb_send_mail: Program terminated with signal SIGSEGV,
Segmentation fault). (Laruence)
- Opcache:
. Fixed bug #71127 (Define in auto_prepend_file is overwrite). (Laruence)
- PCRE:
. Fixed bug #71178 (preg_replace with arrays creates [0] in replace array
if not already set). (Laruence)
- Readline:
. Fixed bug #71094 (readline_completion_function corrupts static array on
second TAB). (Nikita)
- Session:
. Fixed bug #71122 (Session GC may not remove obsolete session data). (Yasuo)
- SPL:
. Fixed bug #71077 (ReflectionMethod for ArrayObject constructor returns
wrong number of parameters). (Laruence)
. Fixed bug #71153 (Performance Degradation in ArrayIterator with large
arrays). (Nikita)
- Standard:
. Fixed bug #71270 (Heap BufferOver Flow in escapeshell functions).
(emmanuel dot law at gmail dot com)
- WDDX:
. Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).
(taoguangchen at icloud dot com)
. Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion
Vulnerability). (taoguangchen at icloud dot com)
- XMLRPC
. Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker).
(Julien)
2016-01-08 03:29:12 +00:00
taca
e91bd284dd
Update php55 to 5.6.17, including security fix.
...
07 Jan 2016, PHP 5.6.17
- Core:
. Fixed bug #66909 (configure fails utf8_to_mutf7 test). (Michael Orlitzky)
. Fixed bug #70958 (Invalid opcode while using ::class as trait method
paramater default value). (Laruence)
. Fixed bug #70957 (self::class can not be resolved with reflection for
abstract class). (Laruence)
. Fixed bug #70944 (try{ } finally{} can create infinite chains of
exceptions). (Laruence)
. Fixed bug #61751 (SAPI build problem on AIX: Undefined symbol:
php_register_internal_extensions). (Lior Kaplan)
- FPM:
. Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). (Stas)
- GD:
. Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index
Out of Bounds). (emmanuel dot law at gmail dot com).
- Mysqlnd:
. Fixed bug #68077 (LOAD DATA LOCAL INFILE / open_basedir restriction).
(Laruence)
- SOAP:
. Fixed bug #70900 (SoapClient systematic out of memory error). (Dmitry)
- Standard:
. Fixed bug #70960 (ReflectionFunction for array_unique returns wrong number
of parameters). (Laruence)
- PDO_Firebird:
. Fixed bug #60052 (Integer returned as a 64bit integer on X64_86). (Mariuz)
- WDDX:
. Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).
(taoguangchen at icloud dot com)
. Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion
Vulnerability). (taoguangchen at icloud dot com)
- XMLRPC:
. Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()).
(Julien)
2016-01-08 03:28:20 +00:00
taca
5137c6e69c
Update php55 to 5.5.31, security fix.
...
07 Jan 2015, PHP 5.5.31
- FPM:
. Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). (Stas)
- GD:
. Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index
Out of Bounds). (emmanuel dot law at gmail dot com).
- WDDX:
. Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).
(taoguangchen at icloud dot com)
. Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion
Vulnerability). (taoguangchen at icloud dot com)
- XMLRPC:
. Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()).
(Julien)
2016-01-08 03:27:23 +00:00
taca
ca6b920a81
Update php70 to 7.0.1, approved by gdt@.
...
17 Dec 2015, PHP 7.0.1
- Core:
. Fixed bug #71105 (Format String Vulnerability in Class Name Error Message).
(andrew at jmpesp dot org)
. Fixed bug #70831 (Compile fails on system with 160 CPUs).
(Daniel Axtens)
. Fixed bug #71006 (symbol referencing errors on Sparc/Solaris). (Dmitry)
. Fixed bug #70997 (When using parentClass:: instead of parent::, static
context changed). (Dmitry)
. Fixed bug #70970 (Segfault when combining error handler with output
buffering). (Laruence)
. Fixed bug #70967 (Weird error handling for __toString when Error is
thrown). (Laruence)
. Fixed bug #70958 (Invalid opcode while using ::class as trait method
paramater default value). (Laruence)
. Fixed bug #70944 (try{ } finally{} can create infinite chains of
exceptions). (Laruence)
. Fixed bug #70931 (Two errors messages are in conflict). (dams, Laruence)
. Fixed bug #70904 (yield from incorrectly marks valid generator as finished).
(Bob)
. Fixed bug #70899 (buildconf failure in extensions). (Bob, Reeze)
. Fixed bug #61751 (SAPI build problem on AIX: Undefined symbol:
php_register_internal_extensions). (Lior Kaplan)
. Fixed \int (or generally every scalar type name with leading backslash)
to not be accepted as type name. (Bob)
. Fixed exception not being thrown immediately into a generator yielding
from an array. (Bob)
. Fixed bug #70987 (static::class within Closure::call() causes segfault).
(Andrea)
. Fixed bug #71013 (Incorrect exception handler with yield from). (Bob)
. Fixed double free in error condition of format printer. (Bob)
- CLI server:
. Fixed bug #71005 (Segfault in php_cli_server_dispatch_router()). (Adam)
- Intl:
. Fixed bug #71020 (Use after free in Collator::sortWithSortKeys).
(emmanuel dot law at gmail dot com, Laruence)
- Mysqlnd:
. Fixed bug #68077 (LOAD DATA LOCAL INFILE / open_basedir restriction).
(Laruence)
. Fixed bug #68344 (MySQLi does not provide way to disable peer certificate
validation) by introducing MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT
connection flag. (Andrey)
- OCI8:
. Fixed LOB implementation size_t/zend_long mismatch reported
by gcov. (Senthil)
- Opcache:
. Fixed #71024 (Unable to use PHP 7.0 x64 side-by-side with PHP 5.6 x32 on
the same server). (Anatol)
. Fixed bug #70991 (zend_file_cache.c:710: error: array type has incomplete
element type). (Laruence)
. Fixed bug #70977 (Segmentation fault with opcache.huge_code_pages=1).
(Laruence)
- Phpdbg:
. Fixed stderr being written to stdout. (Bob)
- Reflection:
. Fixed bug #71018 (ReflectionProperty::setValue() behavior changed).
(Laruence)
. Fixed bug #70982 (setStaticPropertyValue behaviors inconsistently with
5.6). (Laruence)
- SPL:
. Fixed bug #71028 (Undefined index with ArrayIterator). (Laruence)
- SQLite3:
. Fixed bug #71049 (SQLite3Stmt::execute() releases bound parameter instead
of internal buffer). (Laruence)
- Standard:
. Fixed bug #70999 (php_random_bytes: called object is not a function).
(Scott)
. Fixed bug #70960 (ReflectionFunction for array_unique returns wrong number
of parameters). (Laruence)
- Streams/Socket:
. Add IPV6_V6ONLY constant / make it usable in stream contexts. (Bob)
- Soap:
. Fixed bug #70993 (Array key references break argument processing).
(Laruence)
- PDO_Firebird:
. Fixed bug #60052 (Integer returned as a 64bit integer on X64_86). (Mariuz)
2015-12-18 14:58:14 +00:00
taca
16a80d755a
Avoid to use deprecated syntax. Fix runtime problem with PHP 7.
2015-12-11 16:16:48 +00:00
taca
350fa0e556
Add php70 support.
2015-12-06 15:13:02 +00:00
taca
57352bf2c3
Remove php54 (PHP 5.4) support.
2015-12-05 05:50:33 +00:00
taca
5f3463070d
Update php56 to 5.6.16 (PHP 5.6.16).
...
26 Nov 2015, PHP 5.6.16
- Core:
. Fixed bug #70828 (php-fpm 5.6 with opcache crashes when referencing a
non-existent constant). (Laruence)
. Fixed bug #70748 (Segfault in ini_lex () at Zend/zend_ini_scanner.l).
(Laruence)
- Mysqlnd:
. Fixed bug #68344 (MySQLi does not provide way to disable peer certificate
validation) by introducing MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT
connection flag. (Andrey)
- OCI8:
. Fixed bug #68298 (OCI int overflow). (Senthil)
- PDO_DBlib:
. Fixed bug #69757 (Segmentation fault on nextRowset).
(miracle at rpz dot name)
- SOAP:
. Fixed bug #70875 (Segmentation fault if wsdl has no targetNamespace
attribute). (Matteo)
- SPL:
. Fixed bug #70852 (Segfault getting NULL offset of an ArrayObject).
(Reeze Xia)
2015-11-28 07:09:38 +00:00
taca
8c4d241fa6
Update php56 to 5.6.15.
...
29 Oct 2015, PHP 5.6.15
- Core:
. Fixed bug #70681 (Segfault when binding $this of internal instance method
to null). (Nikita)
. Fixed bug #70685 (Segfault for getClosure() internal method rebind with
invalid $this). (Nikita)
- Date:
. Fixed bug #70619 (DateTimeImmutable segfault). (Laruence)
- Mcrypt:
. Fixed bug #70625 (mcrypt_encrypt() won't return data when no IV was
specified under RC4). (Nikita)
- Mysqlnd:
. Fixed bug #70384 (mysqli_real_query():Unknown type 245 sent by the server).
(Andrey)
. Fixed bug #70572 segfault in mysqlnd_connect. (Andrey, Remi)
- Opcache:
. Fixed bug #70632 (Third one of segfault in gc_remove_from_buffer).
(Laruence)
. Fixed bug #70631 (Another Segfault in gc_remove_from_buffer()). (Laruence)
. Fixed bug #70601 (Segfault in gc_remove_from_buffer()). (Laruence)
. Fixed compatibility with Windows 10 (see also bug #70652 ). (Anatol)
2015-10-31 01:58:37 +00:00
taca
360ea761dc
Update php56 to 5.6.14.
...
01 Oct 2015, PHP 5.6.14
- Core:
. Fixed bug #70370 (Bundled libtool.m4 doesn't handle FreeBSD 10 when
building extensions). (Adam)
- CLI server:
. Fixed bug #68291 (404 on urls with '+'). (cmb)
- DOM:
. Fixed bug #70001 (Assigning to DOMNode::textContent does additional entity
encoding). (cmb)
- Mysqlnd:
. Fixed bug #70456 (mysqlnd doesn't activate TCP keep-alive when connecting to
a server). (Sergei Turchanov)
- OpenSSL:
. Fixed bug #55259 (openssl extension does not get the DH parameters from
DH key resource). (Jakub Zelenka)
. Fixed bug #70395 (Missing ARG_INFO for openssl_seal()). (cmb)
. Fixed bug #60632 (openssl_seal fails with AES). (Jakub Zelenka)
. Fixed bug #68312 (Lookup for openssl.cnf causes a message box). (Anatol)
- PDO:
. Fixed bug #70389 (PDO constructor changes unrelated variables). (Laruence)
- Phar:
. Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()). (Stas)
. FIxed bug #70433 (Uninitialized pointer in phar_make_dirstream when zip
entry filename is "/"). (Stas)
- Phpdbg:
. Fix phpdbg_break_next() sometimes not breaking. (Bob)
- Standard:
. Fixed bug #67131 (setcookie() conditional for empty values not met). (cmb)
- Streams:
. Fixed bug #70361 (HTTP stream wrapper doesn't close keep-alive connections).
(Niklas Keller)
- Zip:
. Fixed bug #70322 (ZipArchive::close() doesn't indicate errors). (cmb)
2015-10-02 14:37:39 +00:00
taca
844190e723
Update php55 to 5.5.30.
...
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
** PHP 5.5 is in security-only mode , please do not commit to this branch **
01 Oct 2015, PHP 5.5.30
- Phar:
. Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()). (Stas)
. FIxed bug #70433 (Uninitialized pointer in phar_make_dirstream when zip
entry filename is "/"). (Stas)
2015-10-02 14:36:35 +00:00
bouyer
1c31239e86
php54 is EOL, switch PHP_VERSION_DEFAULT to 55, as discussed some time ago.
2015-09-26 20:02:38 +00:00
taca
5bce200245
Update php55 to 5.6.13 including security fixes.
...
03 Sep 2015, PHP 5.6.13
- Core:
. Fixed bug #69900 (Too long timeout on pipes). (Anatol)
. Fixed bug #69487 (SAPI may truncate POST data). (cmb)
. Fixed bug #70198 (Checking liveness does not work as expected).
(Shafreeck Sea, Anatol Belski)
. Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (Stas)
. Fixed bug #70219 (Use after free vulnerability in session deserializer).
(taoguangchen at icloud dot com)
- CLI server:
. Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE).
(wusuopu, cmb)
. Fixed bug #70264 (CLI server directory traversal). (cmb)
- Date:
. Fixed bug #70266 (DateInterval::__construct.interval_spec is not supposed to
be optional). (cmb)
. Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after null byte).
(cmb)
- EXIF:
. Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte
value of 32 bytes). (Stas)
- hash:
. Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). (letsgolee
at naver dot com)
- MCrypt:
. Fixed bug #69833 (mcrypt fd caching not working). (Anatol)
- Opcache:
. Fixed bug #70237 (Empty while and do-while segmentation fault with opcode
on CLI enabled). (Dmitry, Laruence)
- PCRE:
. Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string
match). (cmb)
. Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).
(Anatol Belski)
- SOAP:
. Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE).
(Stas)
- SPL:
. Fixed bug #70290 (Null pointer deref (segfault) in spl_autoload via
ob_start). (hugh at allthethings dot co dot nz)
. Fixed bug #70303 (Incorrect constructor reflection for ArrayObject). (cmb)
. Fixed bug #70365 (Use-after-free vulnerability in unserialize() with
SplObjectStorage). (taoguangchen at icloud dot com)
. Fixed bug #70366 (Use-after-free vulnerability in unserialize() with
SplDoublyLinkedList). (taoguangchen at icloud dot com)
- Standard:
. Fixed bug #70052 (getimagesize() fails for very large and very small WBMP).
(cmb)
. Fixed bug #70157 (parse_ini_string() segmentation fault with
INI_SCANNER_TYPED). (Tjerk)
- XSLT:
. Fixed bug #69782 (NULL pointer dereference). (Stas)
- ZIP:
. Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when
creating directories). (neal at fb dot com)
2015-09-06 12:27:43 +00:00
taca
3c20765513
Update php55 to 5.5.29 including security fixes.
...
03 Sep 2015, PHP 5.5.29
- Core:
. Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (Stas)
. Fixed bug #70219 (Use after free vulnerability in session deserializer).
(taoguangchen at icloud dot com)
- EXIF:
. Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte
value of 32 bytes). (Stas)
- hash:
. Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). (letsgolee
at naver dot com)
- PCRE:
. Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).
(Anatol Belski)
- SOAP:
. Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE).
(Stas)
- SPL:
. Fixed bug #70365 (Use-after-free vulnerability in unserialize() with
SplObjectStorage). (taoguangchen at icloud dot com)
. Fixed bug #70366 (Use-after-free vulnerability in unserialize() with
SplDoublyLinkedList). (taoguangchen at icloud dot com)
- XSLT:
. Fixed bug #69782 (NULL pointer dereference). (Stas)
- ZIP:
. Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when
creating directories). (neal at fb dot com)
2015-09-06 12:26:37 +00:00
taca
639b0a5fbd
Update php54 to 5.4.45 including security fixes.
...
03 Sep 2015 PHP 5.4.45
- Core:
. Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (Stas)
. Fixed bug #70219 (Use after free vulnerability in session deserializer).
(taoguangchen at icloud dot com)
- EXIF:
. Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte
value of 32 bytes). (Stas)
- hash:
. Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). (letsgolee
at naver dot com)
- PCRE:
. Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).
(Anatol Belski)
- SOAP:
. Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE).
(Stas)
- SPL:
. Fixed bug #70365 (Use-after-free vulnerability in unserialize() with
SplObjectStorage). (taoguangchen at icloud dot com)
. Fixed bug #70366 (Use-after-free vulnerability in unserialize() with
SplDoublyLinkedList). (taoguangchen at icloud dot com)
- XSLT:
. Fixed bug #69782 (NULL pointer dereference). (Stas)
- ZIP:
. Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when
creating directories). (neal at fb dot com)
2015-09-06 12:25:11 +00:00
taca
565630e0bd
Add PEAR_PACKAGE_XML.
...
It specifies build package with pear command using package.xml or not.
Default is yes.
2015-08-23 15:31:17 +00:00
taca
dd40371269
Revert accidently commit.
2015-08-10 01:46:00 +00:00
taca
e61e5a8549
Update php56 to 5.6.12.
...
06 Aug 2015, PHP 5.6.12
- Core:
. Fixed bug #70012 (Exception lost with nested finally block). (Laruence)
. Fixed bug #70002 (TS issues with temporary dir handling). (Anatol)
. Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive
method calls). (Stas)
. Fixed bug #69892 (Different arrays compare indentical due to integer key
truncation). (Nikita)
. Fixed bug #70121 (unserialize() could lead to unexpected methods execution
/ NULL pointer deref). (Stas)
- CLI server:
. Fixed bug #69655 (php -S changes MKCALENDAR request method to MKCOL). (cmb)
. Fixed bug #64878 (304 responses return Content-Type header). (cmb)
- GD:
. Fixed bug #53156 (imagerectangle problem with point ordering). (cmb)
. Fixed bug #66387 (Stack overflow with imagefilltoborder). (cmb)
. Fixed bug #70102 (imagecreatefromwebm() shifts colors). (cmb)
. Fixed bug #66590 (imagewebp() doesn't pad to even length). (cmb)
. Fixed bug #66882 (imagerotate by -90 degrees truncates image by 1px). (cmb)
. Fixed bug #70064 (imagescale(..., IMG_BICUBIC) leaks memory). (cmb)
. Fixed bug #69024 (imagescale segfault with palette based image). (cmb)
. Fixed bug #53154 (Zero-height rectangle has whiskers). (cmb)
. Fixed bug #67447 (imagecrop() add a black line when cropping). (cmb)
. Fixed bug #68714 (copy 'n paste error). (cmb)
. Fixed bug #66339 (PHP segfaults in imagexbm). (cmb)
. Fixed bug #70047 (gd_info() doesn't report WebP support). (cmb)
- ODBC:
. Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined
columns). (cmb)
- OpenSSL:
. Fixed bug #69882 (OpenSSL error “key values mismatch” after
openssl_pkcs12_read with extra cert) (Tomasz Sawicki)
. Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
secure). (Stas)
- Phar:
. Improved fix for bug #69441 . (Anatol Belski)
. Fixed bug #70019 (Files extracted from archive may be placed outside of
destination directory). (Anatol Belski)
- SOAP:
. Fixed bug #70081 (SoapClient info leak / null pointer dereference via
multiple type confusions). (Stas)
- SPL:
. Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject
items). (sean.heelan)
. Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
SPLArrayObject). (taoguangchen at icloud dot com)
. Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
SplObjectStorage). (taoguangchen at icloud dot com)
. Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
SplDoublyLinkedList). (taoguangchen at icloud dot com)
- Standard:
. Fixed bug #70096 (Repeated iptcembed() adds superfluous FF bytes). (cmb)
2015-08-08 00:13:36 +00:00
taca
8814a3af89
Update php55 to 5.5.28.
...
06 Aug 2015, PHP 5.5.28
- Core:
. Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive
method calls). (Stas)
. Fixed bug #69892 (Different arrays compare indentical due to integer key
truncation). (Nikita)
. Fixed bug #70002 (TS issues with temporary dir handling). (Anatol)
. Fixed bug #70121 (unserialize() could lead to unexpected methods execution
/ NULL pointer deref). (Stas)
- OpenSSL:
. Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
secure). (Stas)
- Phar:
. Improved fix for bug #69441 . (Anatol Belski)
. Fixed bug #70019 (Files extracted from archive may be placed outside of
destination directory). (Anatol Belski)
- SOAP:
. Fixed bug #70081 (SoapClient info leak / null pointer dereference via
multiple type confusions). (Stas)
- SPL:
. Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject
items). (sean.heelan)
. Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
SPLArrayObject). (taoguangchen at icloud dot com)
. Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
SplObjectStorage). (taoguangchen at icloud dot com)
. Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
SplDoublyLinkedList). (taoguangchen at icloud dot com)
2015-08-08 00:12:22 +00:00
taca
21716201cf
Update phpt54 to 5.4.44.
...
06 Aug 2015 PHP 5.4.44
- Core:
. Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive
method calls). (Stas)
. Fixed bug #69892 (Different arrays compare indentical due to integer key
truncation). (Nikita)
. Fixed bug #70121 (unserialize() could lead to unexpected methods execution
/ NULL pointer deref). (Stas)
- OpenSSL:
. Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
secure). (Stas)
- Phar:
. Improved fix for bug #69441 . (Anatol Belski)
. Fixed bug #70019 (Files extracted from archive may be placed outside of
destination directory). (Anatol Belski)
- SOAP:
. Fixed bug #70081 (SoapClient info leak / null pointer dereference via
multiple type confusions). (Stas)
- SPL:
. Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject
items). (sean.heelan)
. Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
SPLArrayObject). (taoguangchen at icloud dot com)
. Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
SplObjectStorage). (taoguangchen at icloud dot com)
. Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
SplDoublyLinkedList). (taoguangchen at icloud dot com)
2015-08-08 00:11:29 +00:00
taca
b4a8fda3a6
Update php56 to 5.6.11.
...
10 Jul 2015, PHP 5.6.11
- Core:
. Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
. Fixed bug #69703 (Use __builtin_clzl on PowerPC).
(dja at axtens dot net, Kalle)
. Fixed bug #69732 (can induce segmentation fault with basic php code).
(Dmitry)
. Fixed bug #69642 (Windows 10 reported as Windows 8).
(Christian Wenz, Anatol Belski)
. Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation
fault). (Christoph M. Becker)
. Fixed bug #69781 (phpinfo() reports Professional Editions of Windows
7/8/8.1/10 as "Business"). (Christian Wenz)
. Fixed bug #69740 (finally in generator (yield) swallows exception in
iteration). (Nikita)
. Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
(Christian Wenz)
. Fixed bug #69892 (Different arrays compare indentical due to integer key
truncation). (Nikita)
. Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
from fix to bug #68776 . (Yasuo)
- GD:
. Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)
- GMP:
. Fixed bug #69803 (gmp_random_range() modifies second parameter if GMP
number). (Nikita)
- PCRE:
. Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the
string). (cmb)
. Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab)
- PDO_pgsql:
. Fixed bug #69752 (PDOStatement::execute() leaks memory with DML
Statements when closeCuror() is u). (Philip Hofstetter)
. Fixed bug #69362 (PDO-pgsql fails to connect if password contains a
leading single quote). (Matteo)
. Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps).
(Matteo)
- SimpleXML:
. Refactored the fix for bug #66084 (simplexml_load_string() mangles empty
node name). (Christoph Michael Becker)
- SPL:
. Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error).
(Stas)
. Fixed bug #67805 (SplFileObject setMaxLineLength). (Willian Gustavo Veiga).
. Fixed bug #69970 (Use-after-free vulnerability in
spl_recursive_it_move_forward_ex()). (Laruence)
- Sqlite3:
. Fixed bug #69972 (Use-after-free vulnerability in
sqlite3SafetyCheckSickOrOk()). (Laruence)
2015-07-11 00:31:01 +00:00
taca
4912543368
Update php55 to 5.5.27.
...
09 Jul 2015, PHP 5.5.27
- Core:
. Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
. Fixed bug #69703 (Use __builtin_clzl on PowerPC).
(dja at axtens dot net, Kalle)
. Fixed bug #69732 (can induce segmentation fault with basic php code).
(Dmitry)
. Fixed bug #69642 (Windows 10 reported as Windows 8).
(Christian Wenz, Anatol Belski)
. Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation
fault). (Christoph M. Becker)
. Fixed bug #69781 (phpinfo() reports Professional Editions of Windows
7/8/8.1/10 as "Business"). (Christian Wenz)
. Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
(Christian Wenz)
. Fixed bug #69892 (Different arrays compare indentical due to integer key
truncation). (Nikita)
. Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
from fix to bug #68776 . (Yasuo)
- GD:
. Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)
- Mysqlnd:
. Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM) (CVE-2015-3152).
(Andrey)
- PCRE:
. Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the
string). (cmb)
. Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab)
- PDO_pgsql:
. Fixed bug #69752 (PDOStatement::execute() leaks memory with DML
Statements when closeCuror() is u). (Philip Hofstetter)
. Fixed bug #69362 (PDO-pgsql fails to connect if password contains a
leading single quote). (Matteo)
. Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps).
(Matteo)
- Phar:
. Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (Stas)
. Fixed bug #69923 (Buffer overflow and stack smashing error in
phar_fix_filepath). (Stas)
- SimpleXML:
. Refactored the fix for bug #66084 (simplexml_load_string() mangles empty
node name). (Christoph Michael Becker)
- SPL:
. Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error).
(Stas)
. Fixed bug #67805 (SplFileObject setMaxLineLength). (Willian Gustavo Veiga).
2015-07-11 00:30:11 +00:00
taca
5c20395cab
Update php54 to 5.4.43.
...
09 Jul 2015 PHP 5.4.43
- Core:
. Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
. Fixed bug #69874 (Can't set empty additional_headers for mail()), regression
from fix to bug #68776 . (Yasuo)
- Mysqlnd:
. Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM) (CVE-2015-3152).
(Andrey)
- Phar:
. Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (Stas)
. Fixed bug #69923 (Buffer overflow and stack smashing error in
phar_fix_filepath). (Stas)
2015-07-11 00:29:17 +00:00
bsiegert
a5a3bafbb4
Pear occasionally leaves some internal state files lying around. Do not
...
only skip them in file checking but actively delete them at the end of the
install.
Fixes some OSX fallout that jperkin@ was seeing, plus PR pkg/49071.
2015-07-04 14:36:56 +00:00
taca
5cf1f27da0
Update php54 to 5.4.42.
...
11 Jun 2015 PHP 5.4.42
- Core:
. Imroved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in
heap overflow). (Max Spelsberg)
. Fixed bug #69646 (OS command injection vulnerability in escapeshellarg).
(Anatol Belski)
. Fixed bug #69719 (Incorrect handling of paths with NULs). (Stas)
- Litespeed SAPI:
. Fixed bug #68812 (Unchecked return value). (George Wang)
- Mail:
. Fixed bug #68776 (mail() does not have mail header injection prevention for
additional headers). (Yasuo)
- Postgres:
. Fixed bug #69667 (segfault in php_pgsql_meta_data). (Remi)
- Sqlite3:
. Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415,
CVE-2015-3416) (Kaplan)
2015-06-12 04:51:01 +00:00
taca
ea01694e1e
Update php56 to 5.6.10.
...
11 Jun 2015, PHP 5.6.10
- Core:
. Fixed bug #66048 (temp. directory is cached during multiple requests).
(Julien)
. Fixed bug #69566 (Conditional jump or move depends on uninitialised value
in extension trait). (jbboehr at gmail dot com)
. Fixed bug #69599 (Strange generator+exception+variadic crash). (Nikita)
. Fixed bug #69628 (complex GLOB_BRACE fails on Windows).
(Christoph M. Becker)
. Fixed POST data processing slowdown due to small input buffer size
on Windows. (Jorge Oliveira, Anatol)
. Fixed bug #69646 (OS command injection vulnerability in escapeshellarg).
(Anatol Belski)
. Fixed bug #69719 (Incorrect handling of paths with NULs). (Stas)
- FTP
. Improved fix for bug #69545 (Integer overflow in ftp_genlist()
resulting in heap overflow). (Max Spelsberg)
- GD:
. Fixed bug #69479 (GD fails to build with newer libvpx). (Remi)
- Iconv:
. Fixed bug #48147 (iconv with //IGNORE cuts the string). (Stas)
- Litespeed SAPI:
. Fixed bug #68812 (Unchecked return value). (George Wang)
- Mail:
. Fixed bug #68776 (mail() does not have mail header injection prevention for
additional headers). (Yasuo)
- MCrypt:
. Added file descriptor caching to mcrypt_create_iv() (Leigh)
- Opcache
. Fixed bug #69549 (Memory leak with opcache.optimization_level=0xFFFFFFFF).
(Laruence, Dmitry)
- Phar:
. Fixed bug #69680 (phar symlink in binary directory broken).
(Matteo Bernardini, Remi)
- Postgres:
. Fixed bug #69667 (segfault in php_pgsql_meta_data). (Remi)
- Sqlite3:
. Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415,
CVE-2015-3416) (Kaplan)
2015-06-12 00:47:03 +00:00
taca
a47144362f
Update php55 to 5.5.26.
...
11 Jun 2015, PHP 5.5.26
- Core:
. Fixed bug #69566 (Conditional jump or move depends on uninitialised value
in extension trait). (jbboehr at gmail dot com)
. Fixed bug #66048 (temp. directory is cached during multiple requests).
(Julien)
. Fixed bug #69628 (complex GLOB_BRACE fails on Windows).
(Christoph M. Becker)
. Fixed bug #69646 (OS command injection vulnerability in escapeshellarg).
(Anatol Belski)
. Fixed bug #69719 (Incorrect handling of paths with NULs). (Stas)
- FTP:
. Improved fix for bug #69545 (Integer overflow in ftp_genlist()
resulting in heap overflow). (Max Spelsberg)
- GD:
. Fixed bug #69479 (GD fails to build with newer libvpx). (Remi)
- Iconv:
. Fixed bug #48147 (iconv with //IGNORE cuts the string). (Stas)
- Litespeed SAPI:
. Fixed bug #68812 (Unchecked return value). (George Wang)
- Mail:
. Fixed bug #68776 (mail() does not have mail header injection prevention for
additional headers). (Yasuo)
- MCrypt:
. Added file descriptor caching to mcrypt_create_iv() (Leigh)
- Opcache
. Fixed bug #69549 (Memory leak with opcache.optimization_level=0xFFFFFFFF).
(Laruence, Dmitry)
- PCRE:
. Upgraded pcrelib to 8.37. (CVE-2015-2325, CVE-2015-2326)
- Phar:
. Fixed bug #69680 (phar symlink in binary directory broken).
(Matteo Bernardini, Remi)
- Postgres:
. Fixed bug #69667 (segfault in php_pgsql_meta_data). (Remi)
- Sqlite3:
. Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415,
CVE-2015-3416) (Kaplan)
2015-06-12 00:44:32 +00:00
taca
349e0141e7
Update php56 to 5.6.9.
...
14 May 2015, PHP 5.6.9
- Core:
. Fixed bug #69467 (Wrong checked for the interface by using Trait).
(Laruence)
. Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence)
. Fixed bug #60022 ("use statement [...] has no effect" depends on leading
backslash). (Nikita)
. Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer).
(Dmitry)
. Fixed bug #68652 (segmentation fault in destructor). (Dmitry)
. Fixed bug #69419 (Returning compatible sub generator produces a warning).
(Nikita)
. Fixed bug #69472 (php_sys_readlink ignores misc errors from
GetFinalPathNameByHandleA). (Jan Starke)
. Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
. Fixed bug #69403 (str_repeat() sign mismatch based memory corruption).
(Stas)
. Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
. Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)
- FTP:
. Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
overflow). (Stas)
- ODBC:
. Fixed bug #69354 (Incorrect use of SQLColAttributes with ODBC 3.0).
(Anatol)
. Fixed bug #69474 (ODBC: Query with same field name from two tables returns
incorrect result). (Anatol)
. Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall,
Anatol Belski)
- OpenSSL:
. Fixed bug #69402 (Reading empty SSL stream hangs until timeout).
(Daniel Lowrey)
- PCNTL:
. Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)
- PCRE
. Upgraded pcrelib to 8.37.
- Phar:
. Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry
filename starts with null). (Stas)
2015-05-16 11:18:57 +00:00
taca
9b1dbb2769
Update php55 to 5.5.25.
...
14 May 2015, PHP 5.5.25
- Core:
. Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
. Fixed bug #69403 (str_repeat() sign mismatch based memory corruption).
(Stas)
. Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
. Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)
. Fixed bug #69467 (Wrong checked for the interface by using Trait).
(Laruence)
. Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence)
. Fixed bug #60022 ("use statement [...] has no effect" depends on leading
backslash). (Nikita)
. Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer).
(Dmitry)
. Fixed bug #68652 (segmentation fault in destructor). (Dmitry)
. Fixed bug #69419 (Returning compatible sub generator produces a warning).
(Nikita)
. Fixed bug #69472 (php_sys_readlink ignores misc errors from
GetFinalPathNameByHandleA). (Jan Starke)
- FTP:
. Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
overflow). (Stas)
- ODBC:
. Fixed bug #69474 (ODBC: Query with same field name from two tables returns
incorrect result). (Anatol)
. Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall,
Anatol Belski)
- OpenSSL:
. Fixed bug #69402 (Reading empty SSL stream hangs until timeout).
(Daniel Lowrey)
- PCNTL:
. Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)
- Phar:
. Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename
starts with null). (Stas)
2015-05-16 11:17:45 +00:00
taca
9003cb7386
Update php54 to 5.4.41.
...
14 May 2015 PHP 5.4.41
- Core:
. Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
. Fixed bug #69403 (str_repeat() sign mismatch based memory corruption).
(Stas)
. Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
. Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)
- FTP:
. Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
overflow). (Stas)
- PCNTL:
. Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)
- PCRE
. Upgraded pcrelib to 8.37.
- Phar:
. Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry
filename starts with null). (Stas)
2015-05-16 11:16:40 +00:00
taca
ec6a486c31
Update php56 to 5.6.8.
...
16 Apr 2015, PHP 5.6.8
- Core:
. Fixed bug #66609 (php crashes with __get() and ++ operator in some cases).
(Dmitry, Laruence)
. Fixed bug #68021 (get_browser() browser_name_regex returns non-utf-8
characters). (Tjerk)
. Fixed bug #68917 (parse_url fails on some partial urls). (Wei Dai)
. Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM
configuration options). (Anatol Belski)
. Additional fix for bug #69152 (Type confusion vulnerability in
exception::getTraceAsString). (Stas)
. Fixed bug #69210 (serialize function return corrupted data when sleep has
non-string values). (Juan Basso)
. Fixed bug #69212 (Leaking VIA_HANDLER func when exception thrown in
__call/... arg passing). (Nikita)
. Fixed bug #69221 (Segmentation fault when using a generator in combination
with an Iterator). (Nikita)
. Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion
vulnerability). (Stas)
. Fixed bug #69353 (Missing null byte checks for paths in various PHP
extensions). (Stas)
- Apache2handler:
. Fixed bug #69218 (potential remote code execution with apache 2.4
apache2handler). (Gerrit Venema)
- cURL:
. Implemented FR#69278 (HTTP2 support). (Masaki Kagaya)
. Fixed bug #68739 (Missing break / control flow). (Laruence)
. Fixed bug #69316 (Use-after-free in php_curl related to
CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)
- Date:
. Fixed bug #69336 (Issues with "last day of <monthname>"). (Derick Rethans)
- Enchant:
. Fixed bug #65406 (Enchant broker plugins are in the wrong place in windows
builds). (Anatol)
- Ereg:
. Fixed bug #68740 (NULL Pointer Dereference). (Laruence)
- Fileinfo:
. Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or
segfault). (Anatol Belski)
- Filter:
. Fixed bug #69202 : (FILTER_FLAG_STRIP_BACKTICK ignored unless other
flags are used). (Jeff Welch)
. Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip ASCII 127). (Jeff
Welch)
- OPCache:
. Fixed bug #69297 (function_exists strange behavior with OPCache on
disabled function). (Laruence)
. Fixed bug #69281 (opcache_is_script_cached no longer works). (danack)
. Fixed bug #68677 (Use After Free). (CVE-2015-1351) (Laruence)
- OpenSSL
. Fixed bugs #68853 , #65137 (Buffered crypto stream data breaks IO polling
in stream_select() contexts) (Chris Wright)
. Fixed bug #69197 (openssl_pkcs7_sign handles default value incorrectly)
(Daniel Lowrey)
. Fixed bug #69215 (Crypto servers should send client CA list)
(Daniel Lowrey)
. Add a check for RAND_egd to allow compiling against LibreSSL (Leigh)
- Phar:
. Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar).
(Mike)
. Fixed bug #64931 (phar_add_file is too restrictive on filename). (Mike)
. Fixed bug #65467 (Call to undefined method cli_arg_typ_string). (Mike)
. Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing
".tar"). (Mike)
. Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (Stas)
. Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in
phar_set_inode). (Stas)
- Postgres:
. Fixed bug #68741 (Null pointer dereference). (CVE-2015-1352) (Laruence)
- SPL:
. Fixed bug #69227 (Use after free in zval_scan caused by
spl_object_storage_get_gc). (adam dot scarr at 99designs dot com)
- SOAP:
. Fixed bug #69293 (NEW segfault when using SoapClient::__setSoapHeader
(bisected, regression)). (Laruence)
- Sqlite3:
. Fixed bug #68760 (SQLITE segfaults if custom collator throws an exception).
(Dan Ackroyd)
. Fixed bug #69287 (Upgrade bundled libsqlite to 3.8.8.3). (Anatol)
. Fixed bug #66550 (SQLite prepared statement use-after-free). (Sean Heelan)
2015-04-17 16:42:43 +00:00
taca
7acc97f360
Update php55 to 5.5.24.
...
16 Apr 2015, PHP 5.5.24
- Apache2handler:
. Fixed bug #69218 (potential remote code execution with apache 2.4
apache2handler). (Gerrit Venema)
- Core:
. Fixed bug #66609 (php crashes with __get() and ++ operator in some cases).
(Dmitry, Laruence)
. Fixed bug #67626 (User exceptions not properly handled in streams).
(Julian)
. Fixed bug #68021 (get_browser() browser_name_regex returns non-utf-8
characters). (Tjerk)
. Fixed bug #68917 (parse_url fails on some partial urls). (Wei Dai)
. Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM
configuration options). (Anatol Belski)
. Additional fix for bug #69152 (Type confusion vulnerability in
exception::getTraceAsString). (Stas)
. Fixed bug #69212 (Leaking VIA_HANDLER func when exception thrown in
__call/... arg passing). (Nikita)
. Fixed bug #69221 (Segmentation fault when using a generator in combination
with an Iterator). (Nikita)
. Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion
vulnerability). (Stas)
. Fixed bug #69353 (Missing null byte checks for paths in various PHP
extensions). (Stas)
- Curl:
. Implemented FR#69278 (HTTP2 support). (Masaki Kagaya)
. Fixed bug #69316 (Use-after-free in php_curl related to
CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)
- Date:
. Export date_get_immutable_ce so that it can be used by extensions. (Derick
Rethans)
. Fixed bug #69336 (Issues with "last day of <monthname>"). (Derick Rethans)
- Enchant:
. Fixed bug #65406 (Enchant broker plugins are in the wrong place in windows
builds). (Anatol)
- Fileinfo:
. Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or
segfault). (Anatol Belski)
- Filter:
. Fixed bug #69202 (FILTER_FLAG_STRIP_BACKTICK ignored unless other
flags are used). (Jeff Welch)
. Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip ASCII 127). (Jeff
Welch)
- Mbstring:
. Fixed bug #68846 (False detection of CJK Unified Ideographs Extension E).
(Masaki Kagaya)
- OPCache
. Fixed bug #68677 (Use After Free). (CVE-2015-1351) (Laruence)
. Fixed bug #69281 (opcache_is_script_cached no longer works). (danack)
- OpenSSL:
. Fixed bug #67403 (Add signatureType to openssl_x509_parse).
. Add a check for RAND_egd to allow compiling against LibreSSL (Leigh)
- Phar:
. Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar).
(Mike)
. Fixed bug #64931 (phar_add_file is too restrictive on filename). (Mike)
. Fixed bug #65467 (Call to undefined method cli_arg_typ_string). (Mike)
. Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing
".tar"). (Mike)
. Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (Stas)
. Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in
phar_set_inode). (Stas)
- Postgres:
. Fixed bug #68741 (Null pointer dereference). (CVE-2015-1352) (Laruence)
- SPL:
. Fixed bug #69227 (Use after free in zval_scan caused by
spl_object_storage_get_gc). (adam dot scarr at 99designs dot com)
- SOAP:
. Fixed bug #69293 (NEW segfault when using SoapClient::__setSoapHeader
(bisected, regression)). (thomas at shadowweb dot org, Laruence)
- SQLITE:
. Fixed bug #68760 (SQLITE segfaults if custom collator throws an exception).
(Dan Ackroyd)
. Fixed bug #69287 (Upgrade bundled sqlite to 3.8.8.3). (Anatol)
2015-04-17 16:40:58 +00:00
taca
95f7c77dfe
Update php54 to 5.4.40.
...
16 Apr 2015 PHP 5.4.40
- Apache2handler:
. Fixed bug #69218 (potential remote code execution with apache 2.4
apache2handler). (Gerrit Venema)
- Core:
. Additional fix for bug #69152 (Type confusion vulnerability in
exception::getTraceAsString). (Stas)
. Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion
vulnerability). (Stas)
. Fixed bug #69353 (Missing null byte checks for paths in various PHP
extensions). (Stas)
- cURL:
. Fixed bug #69316 (Use-after-free in php_curl related to
CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence)
- Ereg:
. Fixed bug #68740 (NULL Pointer Dereference). (Laruence)
- Fileinfo:
. Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or
segfault). (Anatol Belski)
- GD:
. Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (Remi)
- Phar:
. Fixed bug #68901 (use after free). (bugreports at internot dot info)
. Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (Stas)
. Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in
phar_set_inode). (Stas)
- Postgres:
. Fixed bug #68741 (Null pointer deference) (CVE-2015-1352). (Xinchen Hui)
- SOAP:
. Fixed bug #69152 (Type Confusion Infoleak Vulnerability in unserialize()
with SoapFault). (Dmitry)
- Sqlite3:
. Fixed bug #66550 (SQLite prepared statement use-after-free). (Sean Heelan)
2015-04-17 16:39:56 +00:00
taca
034948e5a7
Update php56 to 5.6.7, including security fix.
...
19 Mar 2015, PHP 5.6.7
- Core:
. Fixed bug #69174 (leaks when unused inner class use traits precedence).
(Laruence)
. Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize).
(Laruence)
. Fixed bug #69121 (Segfault in get_current_user when script owner is not
in passwd with ZTS build). (dan at syneto dot net)
. Fixed bug #65593 (Segfault when calling ob_start from output buffering
callback). (Mike)
. Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file
not validated in memory.c). (nayana at ddproperty dot com)
. Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus)
. Fixed bug #69141 (Missing arguments in reflection info for some builtin
functions). (kostyantyn dot lysyy at oracle dot com)
. Fixed bug #68976 (Use After Free Vulnerability in unserialize()). (Stas)
. Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM
configuration options). (Anatol Belski)
. Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)
- CGI:
. Fixed bug #69015 (php-cgi's getopt does not see $argv). (Laruence)
- CLI:
. Fixed bug #67741 (auto_prepend_file messes up __LINE__). (Reeze Xia)
- cURL:
. Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on
Win32). (Grant Pannell)
. Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported
by libcurl. (Linus Unneback)
- Ereg:
. Fixed bug #69248 (heap overflow vulnerability in regcomp.c) (CVE-2015-2305).
(Stas)
- FPM:
. Fixed bug #68822 (request time is reset too early). (honghu069 at 163 dot com)
- ODBC:
. Fixed bug #68964 (Allowed memory size exhausted with odbc_exec). (Anatol)
- Opcache:
. Fixed bug #69159 (Opcache causes problem when passing a variable variable
to a function). (Dmitry, Laruence)
. Fixed bug #69125 (Array numeric string as key). (Laruence)
. Fixed bug #69038 (switch(SOMECONSTANT) misbehaves). (Laruence)
- OpenSSL:
. Fixed bug #68912 (Segmentation fault at openssl_spki_new). (Laruence)
. Fixed bug #61285 , #68329 , #68046 , #41631 (encrypted streams don't observe
socket timeouts). (Brad Broerman)
. Fixed bug #68920 (use strict peer_fingerprint input checks)
(Daniel Lowrey)
. Fixed bug #68879 (IP Address fields in subjectAltNames not used)
(Daniel Lowrey)
. Fixed bug #68265 (SAN match fails with trailing DNS dot) (Daniel Lowrey)
. Fixed bug #67403 (Add signatureType to openssl_x509_parse) (Daniel Lowrey)
. Fixed bug (#69195 Inconsistent stream crypto values across versions)
(Daniel Lowrey)
- pgsql:
. Fixed bug #68638 (pg_update() fails to store infinite values).
(william dot welter at 4linux dot com dot br, Laruence)
- Readline:
. Fixed bug #69054 (Null dereference in readline_(read|write)_history() without
parameters). (Laruence)
- SOAP:
. Fixed bug #69085 (SoapClient's __call() type confusion through
unserialize()). (andrea dot palazzo at truel dot it, Laruence)
- SPL:
. Fixed bug #69108 ("Segmentation fault" when (de)serializing
SplObjectStorage). (Laruence)
. Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after
calling getChildren()). (Julien)
- ZIP:
. Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap
boundary) (CVE-2015-2331). (Stas)
2015-03-20 16:31:47 +00:00
taca
72e144321e
Update php55 to 5.5.23, including security fix.
...
19 Mar 2015, PHP 5.5.23
- Core:
. Fixed bug #69174 (leaks when unused inner class use traits precedence).
(Laruence)
. Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize).
(Laruence)
. Fixed bug #69121 (Segfault in get_current_user when script owner is not
in passwd with ZTS build). (dan at syneto dot net)
. Fixed bug #65593 (Segfault when calling ob_start from output buffering
callback). (Mike)
. Fixed bug #69017 (Fail to push to the empty array with the constant value
defined in class scope). (Laruence)
. Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file
not validated in memory.c). (nayana at ddproperty dot com)
. Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus)
. Fixed bug #69141 (Missing arguments in reflection info for some builtin
functions). (kostyantyn dot lysyy at oracle dot com)
. Fixed bug #68976 (Use After Free Vulnerability in unserialize()). (Stas)
. Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM
configuration options). (Anatol Belski)
. Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)
- CGI:
. Fixed bug #69015 (php-cgi's getopt does not see $argv). (Laruence)
- CLI:
. Fixed bug #67741 (auto_prepend_file messes up __LINE__). (Reeze Xia)
- cURL:
. Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on
Win32). (Grant Pannell)
. Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported
by libcurl. (Linus Unneback)
- Ereg:
. Fixed bug #69248 (heap overflow vulnerability in regcomp.c). (Stas)
- FPM:
. Fixed bug #68822 (request time is reset too early). (honghu069 at 163 dot com)
- ODBC:
. Fixed bug #68964 (Allowed memory size exhausted with odbc_exec). (Anatol)
- Opcache:
. Fixed bug #69125 (Array numeric string as key). (Laruence)
. Fixed bug #69038 (switch(SOMECONSTANT) misbehaves). (Laruence)
- OpenSSL:
. Fixed bugs #61285 , #68329 , #68046 , #41631 (encrypted streams don't observe
socket timeouts). (Brad Broerman)
- pgsql:
. Fixed bug #68638 (pg_update() fails to store infinite values).
(william dot welter at 4linux dot com dot br, Laruence)
- Readline:
. Fixed bug #69054 (Null dereference in readline_(read|write)_history() without
parameters). (Laruence)
- SOAP:
. Fixed bug #69085 (SoapClient's __call() type confusion through
unserialize()). (andrea dot palazzo at truel dot it, Laruence)
- SPL:
. Fixed bug #69108 ("Segmentation fault" when (de)serializing
SplObjectStorage). (Laruence)
. Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after
calling getChildren()). (Julien)
- ZIP:
. Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap
boundary) (CVE-2015-2331). (Stas)
2015-03-20 16:30:37 +00:00
taca
7e868e355f
Update php54 to 5.4.39, including securitfy fix.
...
19 Mar 2015 PHP 5.4.39
- Core:
. Fixed bug #68976 (Use After Free Vulnerability in unserialize()). (Stas)
. Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM
configuration options). (Anatol Belski)
. Fixed bug #69207 (move_uploaded_file allows nulls in path). (Stas)
- Ereg:
. Fixed bug #69248 (heap overflow vulnerability in regcomp.c). (Stas)
- SOAP:
. Fixed bug #69085 (SoapClient's __call() type confusion through
unserialize()). (Dmitry)
- ZIP:
. Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap
boundary). (Stas)
2015-03-20 16:29:23 +00:00
taca
81a6c40285
One more PHP_BASE_VERS related correction.
2015-03-16 09:21:11 +00:00
taca
45b8146ccd
Fix problem by PHP_BASE_VERS related changes.
2015-03-16 00:26:31 +00:00
taca
8c791a3fc5
Drop php53 support.
2015-03-15 15:25:57 +00:00
taca
9bb0e53d89
Remove "used by lang/php53/Makefile.common" line.
2015-03-15 15:25:09 +00:00
taca
7f2a0a35e8
Make PHP_BASE_VERS to initial php{53,54,55,56} version imported.
...
So, update of php{53,54,55,56} dose not change minimum version of depending
php{53,54,55,56} any more.
Since it relax minimum version, no need to bump PKGREVISION of each pacakge
depending to php{53,54,55,56}. If a package requires specific (and later)
versino of PHP, it should already specify such a version in dependency.
2015-03-15 11:50:53 +00:00
taca
013d8ad12d
Update php56 to 5.6.6 (PHP 5.6.6).
...
19 Feb 2015, PHP 5.6.6
- Core:
. Removed support for multi-line headers, as the are deprecated by RFC 7230.
(Stas)
. Fixed bug #67068 (getClosure returns somethings that's not a closure).
(Danack at basereality dot com)
. Fixed bug #68942 (Use after free vulnerability in unserialize() with
DateTimeZone). (CVE-2015-0273) (Stas)
. Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname
buffer overflow). (Stas)
. Fixed Bug #67988 (htmlspecialchars() does not respect default_charset
specified by ini_set) (Yasuo)
. Added NULL byte protection to exec, system and passthru. (Yasuo)
- Dba:
. Fixed bug #68711 (useless comparisons). (bugreports at internot dot info)
- Enchant:
. Fixed bug #68552 (heap buffer overflow in enchant_broker_request_dict()).
(Antony)
- Fileinfo:
. Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers)
. Fixed bug #67647 (Bundled libmagic 5.17 does not detect quicktime files
correctly). (Anatol)
. Fixed bug #68731 (finfo_buffer doesn't extract the correct mime with some
gifs). (Anatol)
- FPM:
. Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle)
. Fixed bug #68571 (core dump when webserver close the socket).
(redfoxli069 at gmail dot com, Laruence)
- JSON:
. Fixed bug #50224 (json_encode() does not always encode a float as a float)
by adding JSON_PRESERVE_ZERO_FRACTION. (Juan Basso)
- LIBXML:
. Fixed bug #64938 (libxml_disable_entity_loader setting is shared
between threads). (Martin Jansen)
- Mysqli:
. Fixed bug #68114 (linker error on some OS X machines with fixed
width decimal support) (Keyur Govande)
. Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient
has rounding errors) (Keyur Govande)
- Opcache:
. Fixed bug with try blocks being removed when extended_info opcode
generation is turned on. (Laruence)
- PDO_mysql:
. Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of
named pipes). (steffenb198 at aol dot com)
- Phar:
. Fixed bug #68901 (use after free). (bugreports at internot dot info)
- Pgsql:
. Fixed Bug #65199 (pg_copy_from() modifies input array variable) (Yasuo)
- Session:
. Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo)
. Fixed Bug #66623 (no EINTR check on flock) (Yasuo)
. Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo)
- Sqlite3:
. Fixed bug #68260 (SQLite3Result::fetchArray declares wrong
required_num_args). (Julien)
- Standard:
. Fixed bug #65272 (flock() out parameter not set correctly in windows).
(Daniel Lowrey)
. Fixed bug #69033 (Request may get env. variables from previous requests
if PHP works as FastCGI). (Anatol)
- Streams:
. Fixed bug which caused call after final close on streams filter. (Bob)
2015-02-20 01:17:49 +00:00
taca
942d813e46
Update php55 to 5.5.22 (PHP 5.5.22).
...
19 Feb 2015, PHP 5.5.22
- Core:
. Fixed bug #67068 (getClosure returns somethings that's not a closure).
(Danack at basereality dot com)
. Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname
buffer overflow). (Stas)
. Fixed bug #68942 (Use after free vulnerability in unserialize() with
DateTimeZone). (CVE-2015-0273) (Stas)
. Added NULL byte protection to exec, system and passthru. (Yasuo)
. Removed support for multi-line headers, as the are deprecated by RFC 7230.
(Stas)
- Date:
. Fixed bug #45081 (strtotime incorrectly interprets SGT time zone). (Derick)
- Dba:
. Fixed bug #68711 (useless comparisons). (bugreports at internot dot info)
- Enchant:
. Fixed bug #6855 (heap buffer overflow in enchant_broker_request_dict()).
(Antony)
- Fileinfo:
. Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers)
- FPM:
. Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle)
. Fixed bug #68571 (core dump when webserver close the socket).
(redfoxli069 at gmail dot com, Laruence)
- Libxml:
. Fixed bug #64938 (libxml_disable_entity_loader setting is shared
between threads). (Martin Jansen)
- OpenSSL:
. Fixed bug #55618 (use case-insensitive cert name matching).
(Daniel Lowrey)
- PDO_mysql:
. Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of
named pipes). (steffenb198@aol.com )
- Phar:
. Fixed bug #68901 (use after free). (bugreports at internot dot info)
- Pgsql:
. Fixed Bug #65199 'pg_copy_from() modifies input array variable). (Yasuo)
- Sqlite3:
. Fixed bug #68260 (SQLite3Result::fetchArray declares wrong
required_num_args). (Julien)
- Mysqli:
. Fixed bug #68114 (linker error on some OS X machines with fixed
width decimal support) (Keyur Govande)
. Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient
has rounding errors) (Keyur Govande)
- Session:
. Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo)
. Fixed Bug #66623 (no EINTR check on flock) (Yasuo)
. Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo)
- Standard:
. Fixed bug #65272 (flock() out parameter not set correctly in windows).
(Daniel Lowrey)
. Fixed bug #69033 (Request may get env. variables from previous requests
if PHP works as FastCGI)
- Streams:
. Fixed bug which caused call after final close on streams filter. (Bob)
2015-02-19 13:35:24 +00:00
taca
22b8bc63a6
Forgot to commit with php54 update.
2015-02-19 13:14:59 +00:00
jperkin
06dffb4a91
Apologies for not noticing sooner, the previous commit was incorrect as
...
taca has already implemented different handling for zend_extension.
2015-02-16 10:30:15 +00:00
jperkin
3bc42ceea2
Put back custom PHP_ZEND_EXTENSION MESSAGE file.
2015-02-16 10:20:24 +00:00
taca
0694353002
Re-add part of revision 1.33 slighly different way; show "zend_extension"
...
instead of "extension".
2015-02-15 09:00:33 +00:00
obache
eee541e27a
Revert
...
Add support of zend modules.
proposed/discussed is required for such changes, and no package is using.
2015-02-02 12:26:20 +00:00
obache
5f2ef28387
Revert
...
Add experimental auto extension registory support with PHP_AUTO_REGISTER_EXT=yes
(=no by default).
proposed/discussed was happened, but remain inconclusive and not approved.
2015-02-02 12:14:56 +00:00
taca
42d22f7ab8
Update php56 to 5.6.5.
...
22 Jan 2015, PHP 5.6.5
- Core:
. Upgraded crypt_blowfish to version 1.3. (Leigh)
. Fixed bug #60704 (unlink() bug with some files path).
. Fixed bug #65419 (Inside trait, self::class != __CLASS__). (Julien)
. Fixed bug #68536 (pack for 64bits integer is broken on bigendian). (Remi)
. Fixed bug #55541 (errors spawn MessageBox, which blocks test automation).
(Anatol)
. Fixed bug #68297 (Application Popup provides too few information). (Anatol)
. Fixed bug #65769 (localeconv() broken in TS builds). (Anatol)
. Fixed bug #65230 (setting locale randomly broken). (Anatol)
. Fixed bug #66764 (configure doesn't define EXPANDED_DATADIR / PHP_DATADIR
correctly). (Ferenc)
. Fixed bug #68583 (Crash in timeout thread). (Anatol)
. Fixed bug #65576 (Constructor from trait conflicts with inherited
constructor). (dunglas at gmail dot com)
. Fixed bug #68676 (Explicit Double Free). (Kalle)
. Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize()).
(CVE-2015-0231) (Stefan Esser)
- CGI:
. Fixed bug #68618 (out of bounds read crashes php-cgi). (CVE-2014-9427)
(Stas)
- CLI server:
. Fixed bug #68745 (Invalid HTTP requests make web server segfault). (Adam)
- cURL:
. Fixed bug #67643 (curl_multi_getcontent returns '' when
CURLOPT_RETURNTRANSFER isn't set). (Jille Timmermans)
- Date:
. Implemented FR #68268 (DatePeriod: Getter for start date, end date and
interval). (Marc Bennewitz)
- EXIF:
. Fixed bug #68799 : Free called on unitialized pointer. (CVE-2015-0232)
(Stas)
- Fileinfo:
. Fixed bug #68398 (msooxml matches too many archives). (Anatol)
. Fixed bug #68665 (invalid free in libmagic). (Joshua Rogers, Anatol Belski)
. Fixed bug #68671 (incorrect expression in libmagic).
(Joshua Rogers, Anatol Belski)
. Removed readelf.c and related code from libmagic sources
(Remi, Anatol)
. Fixed bug #68735 (fileinfo out-of-bounds memory access).
(Anatol)
- FPM:
. Fixed request #68526 (Implement POSIX Access Control List for UDS). (Remi)
. Fixed bug #68751 (listen.allowed_clients is broken). (Remi)
- GD:
. Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (Jan Bee, Remi)
. Fixed request #68656 (Report gd library version). (Remi)
- mbstring:
. Fixed bug #68504 (--with-libmbfl configure option not present on Windows).
(Ashesh Vashi)
- Opcache:
. Fixed bug #68644 (strlen incorrect : mbstring + func_overload=2 +UTF-8
+ Opcache). (Laruence)
. Fixed bug #67111 (Memory leak when using "continue 2" inside two foreach
loops). (Nikita)
- OpenSSL:
. Improved handling of OPENSSL_KEYTYPE_EC keys. (Dominic Luechinger)
- pcntl:
. Fixed bug #60509 (pcntl_signal doesn't decrease ref-count of old handler
when setting SIG_DFL). (Julien)
- PCRE:
. Fixed bug #66679 (Alignment Bug in PCRE 8.34 upstream).
(Rainer Jung, Anatol Belski)
- pgsql:
. Fixed bug #68697 (lo_export return -1 on failure). (Ondřej Surý)
- PDO:
. Fixed bug #68371 (PDO#getAttribute() cannot be called with platform-specifi
attribute names). (Matteo)
- PDO_mysql:
. Fixed bug #68424 (Add new PDO mysql connection attr to control multi
statements option). (peter dot wolanin at acquia dot com)
- SPL:
. Fixed bug #66405 (RecursiveDirectoryIterator::CURRENT_AS_PATHNAME
breaks the RecursiveIterator). (Paul Garvin)
. Fixed bug #68479 (Added escape parameter to SplFileObject::fputcsv). (Salathe)
- SQLite:
. Fixed bug #68120 (Update bundled libsqlite to 3.8.7.2). (Anatol)
- Streams:
. Fixed bug #68532 (convert.base64-encode omits padding bytes).
(blaesius at krumedia dot de)
2015-01-23 16:11:38 +00:00
taca
b019ab3429
Update php55 to 5.5.21.
...
22 Jan 2014, PHP 5.5.21
- Core:
. Upgraded crypt_blowfish to version 1.3. (Leigh)
. Fixed bug #60704 (unlink() bug with some files path).
. Fixed bug #65419 (Inside trait, self::class != __CLASS__). (Julien)
. Fixed bug #65576 (Constructor from trait conflicts with inherited
constructor). (dunglas at gmail dot com)
. Fixed bug #55541 (errors spawn MessageBox, which blocks test automation).
(Anatol)
. Fixed bug #68297 (Application Popup provides too few information). (Anatol)
. Fixed bug #65769 (localeconv() broken in TS builds). (Anatol)
. Fixed bug #65230 (setting locale randomly broken). (Anatol)
. Fixed bug #66764 (configure doesn't define EXPANDED_DATADIR / PHP_DATADIR
correctly). (Ferenc)
. Fixed bug #68583 (Crash in timeout thread). (Anatol)
. Fixed bug #68594 (Use after free vulnerability in unserialize()).
(CVE-2014-8142) (Stefan Esser)
. Fixed bug #68676 (Explicit Double Free). (Kalle)
. Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize()).
(CVE-2015-0231) (Stefan Esser)
- CGI:
. Fixed bug #68618 (out of bounds read crashes php-cgi).(CVE-2014-9427)
(Stas)
- CLI server:
. Fixed bug #68745 (Invalid HTTP requests make web server segfault). (Adam)
- cURL:
. Fixed bug #67643 (curl_multi_getcontent returns '' when
CURLOPT_RETURNTRANSFER isn't set). (Jille Timmermans)
- EXIF:
. Fixed bug #68799 : Free called on unitialized pointer. (CVE-2015-0232)
(Stas)
- Fileinfo:
. Fixed bug #68671 (incorrect expression in libmagic).
(Joshua Rogers, Anatol Belski)
. Removed readelf.c and related code from libmagic sources
(Remi, Anatol)
. Fixed bug #68735 (fileinfo out-of-bounds memory access).
(Anatol)
- FPM:
. Fixed bug #68751 (listen.allowed_clients is broken). (Remi)
- GD:
. Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (Jan Bee, Remi)
- Mbstring:
. Fixed bug #68504 (--with-libmbfl configure option not present on Windows).
(Ashesh Vashi)
- Mcrypt:
. Fixed possible read after end of buffer and use after free. (Dmitry)
- Opcache:
. Fixed bug #67111 (Memory leak when using "continue 2" inside two foreach
loops). (Nikita)
- OpenSSL:
. Fixed bug #55618 (use case-insensitive cert name matching). (Daniel Lowrey)
- Pcntl:
. Fixed bug #60509 (pcntl_signal doesn't decrease ref-count of old handler
when setting SIG_DFL). (Julien)
- PCRE:
. Fixed bug #66679 (Alignment Bug in PCRE 8.34 upstream).
(Rainer Jung, Anatol Belski)
- pgsql:
. Fixed bug #68697 (lo_export return -1 on failure). (Ondřej Surý)
- PDO:
. Fixed bug #68371 (PDO#getAttribute() cannot be called with platform-specific
attribute names). (Matteo)
- PDO_mysql:
. Fixed bug #68424 (Add new PDO mysql connection attr to control multi
statements option). (peter dot wolanin at acquia dot com)
- SPL:
. Fixed bug #66405 (RecursiveDirectoryIterator::CURRENT_AS_PATHNAME
breaks the RecursiveIterator). (Paul Garvin)
. Fixed bug #65213 (cannot cast SplFileInfo to boolean) (Tjerk)
. Fixed bug #68479 (Added escape parameter to SplFileObject::fputcsv). (Salathe)
- SQLite:
. Fixed bug #68120 (Update bundled libsqlite to 3.8.7.2). (Anatol)
- Streams:
. Fixed bug #68532 (convert.base64-encode omits padding bytes).
(blaesius at krumedia dot de)
2015-01-23 16:10:34 +00:00
taca
f02c689193
Update to php54 to 5.4.37.
...
22 Jan 2015 PHP 5.4.37
- Core:
. Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize()).
(CVE-2015-0231) (Stefan Esser)
- CGI:
. Fixed bug #68618 (out of bounds read crashes php-cgi). (CVE-2014-9427)
(Stas)
- EXIF:
. Fixed bug #68799 : Free called on unitialized pointer. (CVE-2015-0232) (Stas)
- Fileinfo:
. Removed readelf.c and related code from libmagic sources
(Remi, Anatol)
. Fixed bug #68735 (fileinfo out-of-bounds memory access).
(Anatol)
- OpenSSL:
. Fixed bug #55618 (use case-insensitive cert name matching).
(Daniel Lowrey)
2015-01-23 16:09:26 +00:00
dholland
c66776756c
Use PKG_FAIL_REASON for errors.
2015-01-01 11:51:41 +00:00
taca
af65cf60a1
Update php56 to 5.6.4, including security fix.
...
18 Dec 2014, PHP 5.6.4
- Core:
. Fixed bug #68091 (Some Zend headers lack appropriate extern "C" blocks).
(Adam)
. Fixed bug #68104 (Segfault while pre-evaluating a disabled function).
(Laruence)
. Fixed bug #68185 ("Inconsistent insteadof definition."- incorrectly
triggered). (Julien)
. Fixed bug #68355 (Inconsistency in example php.ini comments).
(Chris McCafferty)
. Fixed bug #68370 ("unset($this)" can make the program crash). (Laruence)
. Fixed bug #68422 (Incorrect argument reflection info for array_multisort()).
(Alexander Lisachenko)
. Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
. Fixed bug #68446 (Array constant not accepted for array parameter default).
(Bob, Dmitry)
. Fixed bug #68594 (Use after free vulnerability in unserialize()).
(CVE-2014-8142) (Stefan Esser)
- Date:
. Fixed day_of_week function as it could sometimes return negative values
internally. (Derick)
- FPM:
. Fixed bug #68381 (fpm_unix_init_main ignores log_level).
(David Zuelke, Remi)
. Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all
addresses). (Remi)
. Fixed bug #68421 (access.format='%R' doesn't log ipv6 address). (Remi)
. Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi)
. Fixed bug #68428 (listen.allowed_clients is IPv4 only). (Remi)
. Fixed bug #68452 (php-fpm man page is oudated). (Remi)
. Fixed request #68458 (Change pm.start_servers default warning to
notice). (David Zuelke, Remi)
. Fixed bug #68463 (listen.allowed_clients can silently result
in no allowed access). (Remi)
. Fixed request #68391 (php-fpm conf files loading order).
(Florian Margaine, Remi)
. Fixed bug #68478 (access.log don't use prefix). (Remi)
- Mcrypt:
. Fixed possible read after end of buffer and use after free. (Dmitry)
- GMP:
. Fixed bug #68419 (build error with gmp 4.1). (Remi)
- PDO_pgsql:
. Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception
when not in transaction) (Matteo)
. Fixed bug #68351 (PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving)
(Matteo)
- Session:
. Fixed bug #68331 (Session custom storage callable functions not being called)
(Yasuo Ohgaki)
- SOAP:
. Fixed bug #68361 (Segmentation fault on SoapClient::__getTypes).
(Laruence)
- zlib:
. Fixed bug #53829 (Compiling PHP with large file support will replace
function gzopen by gzopen64) (Sascha Kettler, Matteo)
2014-12-19 16:12:48 +00:00
taca
d88e5badbc
Update php55 to 5.5.20, including security fix.
...
17 Dec 2014, PHP 5.5.20
- Core:
. Fixed bug #68091 (Some Zend headers lack appropriate extern "C" blocks).
(Adam)
. Fixed bug #68185 ("Inconsistent insteadof definition."- incorrectly
triggered). (Julien)
. Fixed bug #68370 ("unset($this)" can make the program crash). (Laruence)
. Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
. Fixed bug #68594 (Use after free vulnerability in unserialize()).
(CVE-2014-8142) (Stefan Esser)
- Date:
. Fixed day_of_week function as it could sometimes return negative values
internally. (Derick)
- FPM:
. Fixed bug #68381 (fpm_unix_init_main ignores log_level).
(David Zuelke, Remi)
. Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all
addresses). (Remi)
. Fixed bug #68421 (access.format='%R' doesn't log ipv6 address). (Remi)
. Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi)
. Fixed bug #68428 (listen.allowed_clients is IPv4 only). (Remi)
. Fixed bug #68452 (php-fpm man page is oudated). (Remi)
. Fixed request #68458 (Change pm.start_servers default warning to
notice). (David Zuelke, Remi)
. Fixed bug #68463 (listen.allowed_clients can silently result
in no allowed access). (Remi)
. Fixed request #68391 (php-fpm conf files loading order).
(Florian Margaine, Remi)
. Fixed bug #68478 (access.log don't use prefix). (Remi)
- Mcrypt:
. Fixed possible read after end of buffer and use after free. (Dmitry)
- PDO_pgsql:
. Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)
. Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception
when not in transaction) (Matteo)
. Fixed bug #68351 (PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving)
(Matteo)
- zlib:
. Fixed bug #53829 (Compiling PHP with large file support will replace
function gzopen by gzopen64) (Sascha Kettler, Matteo)
2014-12-19 16:10:38 +00:00
taca
1b2d155c66
Update php54 to 5.4.36, including security fix.
...
18 Dec 2014 PHP 5.4.36
- Core:
. Upgraded crypt_blowfish to version 1.3. (Leigh)
. Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)
. Fixed bug #68594 (Use after free vulnerability in unserialize()).
(CVE-2014-8142) (Stefan Esser)
13 Nov 2014 PHP 5.4.35
- Core:
. Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in
zend_hash_copy). (Dmitry)
- Fileinfo:
. Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers).
(CVE-2014-3710) (Remi)
- GMP:
. Fixed bug #63595 (GMP memory management conflicts with other libraries
using GMP). (Remi)
- PDO_pgsql:
. Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)
2014-12-19 16:08:35 +00:00
taca
3aa2158e8d
Add support for php56 (PHP 5.6.x).
2014-11-24 15:36:05 +00:00
taca
9d371b6e26
Update php55 to 5.5.19.
...
13 Nov 2014, PHP 5.5.19
- Core:
. Fixed bug #68095 (AddressSanitizer reports a heap buffer overflow in
php_getopt()). (Stas)
. Fixed bug #68118 ($a->foo .= 'test'; can leave $a->foo undefined). (Nikita)
. Fixed bug #68129 (parse_url() - incomplete support for empty usernames
and passwords) (Tjerk)
Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in
zend_hash_copy). (Dmitry)
- Fileinfo:
. Fixed bug #66242 (libmagic: don't assume char is signed). (ArdB)
. Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers).
(CVE-2014-3710) (Remi)
- FPM:
. Implemented FR #55508 (listen and listen.allowed_clients should take IPv6
addresses). (Robin Gloster)
- GD:
. Fixed bug #65171 (imagescale() fails without height param). (Remi)
- GMP:
. Fixed bug #63595 (GMP memory management conflicts with other libraries
using GMP). (Remi)
- Mysqli:
. Fixed bug #68114 (linker error on some OS X machines with fixed width
decimal support) (Keyur Govande)
- ODBC:
. Fixed bug #68087 (ODBC not correctly reading DATE column when preceded by
a VARCHAR column) (Keyur Govande)
- SPL:
. Fixed bug #68128 (Regression in RecursiveRegexIterator) (Tjerk)
- CURL:
. Add CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1, and
CURL_SSLVERSION_TLSv1_2 constants if supported by libcurl (Rasmus)
2014-11-15 14:53:12 +00:00
taca
8add7f0b9f
Update php54 to 5.4.35 (PHP 5.4.35).
...
13 Nov 2014 PHP 5.4.35
- Core:
. Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in
zend_hash_copy). (Dmitry)
- Fileinfo:
. Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers).
(CVE-2014-3710) (Remi)
- GMP:
. Fixed bug #63595 (GMP memory management conflicts with other libraries
using GMP). (Remi)
- PDO_pgsql:
. Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)
2014-11-15 14:49:45 +00:00
obache
1cc49decde
Add experimental auto extension registory support with PHP_AUTO_REGISTER_EXT=yes
...
(=no by default).
2014-11-02 08:51:41 +00:00
obache
af5589fce8
Add support of zend modules.
2014-11-02 06:49:28 +00:00
taca
d163a3afe7
Update to php54 5.4.34.
...
16 Oct 2014, PHP 5.4.34
- Fileinfo:
. Fixed bug #66242 (libmagic: don't assume char is signed). (ArdB)
- Core:
. Fixed bug #67985 (Incorrect last used array index copied to new array after
unset). (Tjerk)
. Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)).
(CVE-2014-3669) (Stas)
- cURL:
. Fixed bug #68089 (NULL byte injection - cURL lib). (Stas)
- EXIF:
. Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
(Stas)
- OpenSSL:
. Reverted fixes for bug #41631 , due to regressions. (Stas)
- XMLRPC:
. Fixed bug #68027 (Global buffer overflow in mkgmtime() function).
(CVE-2014-3668) (Stas)
2014-10-18 14:29:04 +00:00
taca
374708f6d7
Update php55 to 5.5.18.
...
16 Oct 2014, PHP 5.5.18
- Core:
. Fixed bug #67985 (Incorrect last used array index copied to new array after
unset). (Tjerk)
. Fixed bug #67739 (Windows 8.1/Server 2012 R2 OS build number reported
as 6.2 (instead of 6.3)). (Christian Wenz)
. Fixed bug #67633 (A foreach on an array returned from a function not doing
copy-on-write). (Nikita)
. Fixed bug #51800 (proc_open on Windows hangs forever). (Anatol)
. Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)).
(CVE-2014-3669) (Stas)
- cURL:
. Fixed bug #68089 (NULL byte injection - cURL lib). (Stas)
- EXIF:
. Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
(Stas)
- FPM:
. Fixed bug #65641 (PHP-FPM incorrectly defines the SCRIPT_NAME variable
when using Apache, mod_proxy-fcgi and ProxyPass). (Remi)
- OpenSSL:
. Revert regression introduced by fix of bug #41631
- Reflection:
. Fixed bug #68103 (Duplicate entry in Reflection for class alias). (Remi)
- Session:
. Fixed bug #67972 (SessionHandler Invalid memory read create_sid()). (Adam)
- XMLRPC:
. Fixed bug #68027 (Global buffer overflow in mkgmtime() function).
(CVE-2014-3668) (Stas)
2014-10-18 14:27:30 +00:00
taca
1c9a0fda95
Update to php54 to 5.4.33, aprroved by wiz@.
...
18 Sep 2014, PHP 5.4.33
- Core:
. Fixed bug #47358 (glob returns error, should be empty array()). (Pierre)
. Fixed bug #65463 (SIGSEGV during zend_shutdown()). (Keyur Govande)
. Fixed bug #66036 (Crash on SIGTERM in apache process). (Keyur Govande)
- OpenSSL:
. Fixed bug #41631 (socket timeouts not honored in blocking SSL reads).
(Daniel Lowrey)
- Date:
. Fixed bug #66091 (memory leaks in DateTime constructor). (Tjerk)
- FPM:
. Fixed #67606 (FPM with mod_fastcgi/apache2.4 is broken). (David Zuelke)
- GD:
. Made fontFetch's path parser thread-safe. (Sara)
- Wddx:
. Fixed bug #67873 (Segfaults in php_wddx_serialize_var). (Anatol, Remi)
- Zlib:
. Fixed bug #67724 (chained zlib filters silently fail with large amounts of
data). (Mike)
. Fixed bug #67865 (internal corruption phar error). (Mike)
2014-09-30 08:16:10 +00:00
taca
47421e2dcc
Update php55 to 5.5.17, approved by wiz@.
...
18 Sep 2014, PHP 5.5.17
- Core:
. Fixed bug #47358 (glob returns error, should be empty array()). (Pierre)
. Fixed bug #65463 (SIGSEGV during zend_shutdown()). (Keyur Govande)
. Fixed bug #66036 (Crash on SIGTERM in apache process). (Keyur Govande)
. Fixed bug #67878 (program_prefix not honoured in man pages). (Remi)
- COM:
. Fixed bug #41577 (DOTNET is successful once per server run)
(Aidas Kasparas)
- FPM:
. Fixed #67606 (FPM with mod_fastcgi/apache2.4 is broken). (David Zuelke)
- OpenSSL:
. Fixed bug #41631 (socket timeouts not honored in blocking SSL reads).
(Daniel Lowrey)
. Fixed bug #67850 (extension won't build if openssl compiled without SSLv3)
(Daniel Lowrey)
- SPL:
. Fixed bug #67813 (CachingIterator::__construct InvalidArgumentException
wrong message). (tim_siebels_aurich at yahoo dot de)
- Date:
. Fixed bug #66091 (memory leaks in DateTime constructor). (Tjerk)
. Fixed bug #66985 (Some timezones are no longer valid in PHP 5.5.10).
(Derick)
. Fixed bug #67109 (First uppercase letter breaks date string parsing).
(Derick)
- GD
. Made fontFetch's path parser thread-safe. (Sara).
- MySQLi:
. Fixed bug #67839 (mysqli does not handle 4-byte floats correctly). (Keyur)
- Zlib:
. Fixed bug #67724 (chained zlib filters silently fail with large amounts of
data). (Mike)
. Fixed bug #67865 (internal corruption phar error). Mike
2014-09-30 08:14:25 +00:00
taca
7a5ac569e9
Update php55 to 5.5.16 (PHP 5.5.16).
...
21 Aug 2014, PHP 5.5.16
- COM:
. Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas).
- Fileinfo:
. Fixed bug #67705 (extensive backtracking in rule regular expression).
(CVE-2014-3538) (Remi)
. Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587) (Remi)
- FPM:
. Fixed bug #67635 (php links to systemd libraries without using pkg-config).
(pacho@gentoo.org , Remi)
- GD:
. Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference).
(CVE-2014-2497) (Remi)
. Fixed bug #67730 (Null byte injection possible with imagexxx functions).
(CVE-2014-5120) (Ryan Mauger)
- Milter:
. Fixed bug #67715 (php-milter does not build and crashes randomly). (Mike)
- OpenSSL:
. Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).
- readline:
. Fixed bug #55496 (Interactive mode doesn't force a newline before the
prompt). (Bob, Johannes)
. Fixed bug #67496 (Save command history when exiting interactive shell
with control-c). (Dmitry Saprykin, Johannes)
- Sessions:
. Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).
- Core:
. Fixed bug #67693 (incorrect push to the empty array) (Tjerk)
. Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597) (Remi)
- ODBC:
. Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte
char fields). (Keyur)
2014-08-23 16:09:21 +00:00
taca
e997573e72
Update php54 to 5.4.32 (PHP 5.4.32).
...
07 Aug 2014, PHP 5.4.32
- Core:
. Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597) (Remi)
- COM:
. Fixed missing type checks in com_event_sink. (Yussuf Khalil, Stas)
- Fileinfo:
. Fixed bug #67705 (extensive backtracking in rule regular expression).
(CVE-2014-3538) (Remi)
. Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587) (Remi)
- GD:
. Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference).
(CVE-2014-2497) (Remi)
. Fixed bug #67730 (Null byte injection possible with imagexxx functions).
(CVE-2014-5120) (Ryan Mauger)
- Milter:
. Fixed bug #67715 (php-milter does not build and crashes randomly). (Mike)
- OpenSSL:
. Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).
- Readline:
. Fixed bug #55496 (Interactive mode doesn't force a newline before the
prompt). (Bob, Johannes)
. Fixed bug #67496 (Save command history when exiting interactive shell
with control-c). (Dmitry Saprykin, Johannes)
- Sessions:
. Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).
- SPL:
. Fixed bug #67539 (ArrayIterator use-after-free due to object change during
sorting). (research at insighti dot org, Laruence)
. Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670) (Laruence)
- Core:
. Fixed bug #67693 (incorrect push to the empty array) (Tjerk)
- ODBC:
. Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte
char fields). (Keyur)
- Zlib:
. Fixed bug #67724 (chained zlib filters silently fail with large amounts of
data). (Mike)
2014-08-23 16:07:24 +00:00
taca
ab2c273478
Update php53 to 5.3.29, final PHP 5.3 release.
...
14 Aug 2014, PHP 5.3.29
- Core:
. Fixed bug #66127 (Segmentation fault with ArrayObject unset). (Stas)
. Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas)
. Fixed bug #67249 (printf out-of-bounds read). (Stas)
. Fixed bug #67250 (iptcparse out-of-bounds read). (Stas)
. Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas)
. Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence)
. Fixed bug #67390 (insecure temporary file use in the configure script).
(Remi) (CVE-2014-3981)
. Fixed bug #67399 (putenv with empty variable may lead to crash). (Stas)
. Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type
Confusion) (CVE-2014-3515). (Stefan Esser)
. Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability).
(Stefan Esser)
- COM:
. Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas).
- Date:
. Fixed bug #66060 (Heap buffer over-read in DateInterval). (CVE-2013-6712)
(Remi)
. Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas)
. Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). (Stas)
- Exif:
. Fixed bug #65873 (Integer overflow in exif_read_data()). (Stas)
- Fileinfo:
. Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol)
. Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary
check). (CVE-2014-0207)
. Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS).
(CVE-2014-0238)
. Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting
in performance degradation). (CVE-2014-0237)
. Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal
string size). (Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary
check). (Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check).
(Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary
check). (Francisco Alonso, Jan Kaluza, Remi)
- Intl:
. Fixed bug #67349 (Locale::parseLocale Double Free). (Stas)
. Fixed bug #67397 (Buffer overflow in locale_get_display_name and
uloc_getDisplayName (libicu 4.8.1)). (Stas)
- Network:
. Fixed bug #67432 (Fix potential segfault in dns_check_record()).
(CVE-2014-4049). (Sara)
- OpenSSL:
. Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).
- Session:
. Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).
2014-08-15 16:09:16 +00:00
taca
60facf7055
Update php54 to 5.4.31.
...
24 Jul 2014, PHP 5.4.31
- Core:
. Fixed bug #67428 (header('Location: foo') will override a 308-399 response
code). (Adam)
. Fixed bug #67436 (Autoloader isn't called if two method definitions don't
match). (Bob)
. Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 10.0).
(Ferenc)
. Fixed bug #67151 (strtr with empty array crashes). (Nikita)
. Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server
2012). (Christian Wenz)
- CLI server:
. Implemented FR #67429 (CLI server is missing some new HTTP response codes).
(Adam)
. Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
(Adam)
- FPM:
. Fixed bug #67530 (error_log=syslog ignored). (Remi)
. Fixed bug #67531 (syslog cannot be set in pool configuration). (Remi)
- Intl:
. Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).
(Stas)
- pgsql:
. Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756),
which affected builds against libpq < 7.3. (Adam)
- Phar:
. Fixed bug #67587 (Redirection loop on nginx with FPM). (Christian Weiske)
- Streams:
. Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects). (Adam)
2014-07-26 00:12:53 +00:00
taca
82753fd9d3
Update php55 to 5.5.15.
...
24 Jul 2014, PHP 5.5.15
- Core:
. Fixed bug #67428 (header('Location: foo') will override a 308-399 response
code). (Adam)
. Fixed bug #67436 (Autoloader isn't called if two method definitions don't
match). (Bob)
. Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 10.0).
(Ferenc)
. Fixed bug #67497 (eval with parse error causes segmentation fault in
generator). (Nikita)
. Fixed bug #67151 (strtr with empty array crashes). (Nikita)
. Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server
2012). (Christian Wenz)
- CLI server:
. Implemented FR #67429 (CLI server is missing some new HTTP response codes).
(Adam)
. Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
(Adam)
- FPM:
. Fixed bug #67530 (error_log=syslog ignored). (Remi)
. Fixed bug #67531 (syslog cannot be set in pool configuration). (Remi)
- Intl:
. Fixed bug #66921 (Wrong argument type hint for function
intltz_from_date_time_zone). (Stas)
. Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).
(Stas)
- OPCache:
. Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault
happen) (Dmitry, Laruence)
- pgsql:
. Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756),
which affected builds against libpq < 7.3. (Adam)
- Phar:
. Fixed bug #67587 (Redirection loop on nginx with FPM). (Christian Weiske)
- SPL:
. Fixed bug #67539 (ArrayIterator use-after-free due to object change during
sorting). (research at insighti dot org, Laruence)
. Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670) (Laruence)
- Streams:
. Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects). (Adam)
2014-07-26 00:11:55 +00:00
taca
f94488369d
Update php55 to 5.5.14 which includes several security fixes.
...
26 Jun 2014, PHP 5.5.14
- Core:
. Fixed BC break introduced by patch for bug #67072 . (Anatol, Stas)
. Fixed bug #66622 (Closures do not correctly capture the late bound class
(static::) in some cases). (Levi Morrison)
. Fixed bug #67390 (insecure temporary file use in the configure script).
(CVE-2014-3981) (Remi)
. Fixed bug #67399 (putenv with empty variable may lead to crash). (Stas)
. Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability).
(Stefan Esser)
- CLI server:
. Fixed Bug #67406 (built-in web-server segfaults on startup). (Remi)
- Date:
. Fixed bug #67308 (Serialize of DateTime truncates fractions of second).
(Adam)
. Fixed regression in fix for bug #67118 (constructor can't be called twice).
(Remi)
- Fileinfo:
. Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary check).
(CVE-2014-0207)
. Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal
string size). (CVE-2014-3478) (Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary
check). (CVE-2014-3479) (Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check).
(CVE-2014-3480) (Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary
check). (CVE-2014-3487) (Francisco Alonso, Jan Kaluza, Remi)
- Intl:
. Fixed bug #67349 (Locale::parseLocale Double Free). (Stas)
. Fixed bug #67397 (Buffer overflow in locale_get_display_name and
uloc_getDisplayName (libicu 4.8.1)). (Stas)
- Network:
. Fixed bug #67432 (Fix potential segfault in dns_get_record()).
(CVE-2014-4049). (Sara)
- OPCache:
. Fixed issue #183 (TMP_VAR is not only used once). (Dmitry, Laruence)
- OpenSSL:
. Fixed bug #65698 (certificates validity parsing does not work past 2050).
(Paul Oehler)
. Fixed bug #66636 (openssl_x509_parse warning with V_ASN1_GENERALIZEDTIME).
(Paul Oehler)
- PDO-ODBC:
. Fixed bug #50444 (PDO-ODBC changes for 64-bit).
- SOAP:
. Implemented FR #49898 (Add SoapClient::__getCookies()). (Boro Sitnikovski)
- SPL:
. Fixed bug #66127 (Segmentation fault with ArrayObject unset). (Stas)
. Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence)
. Fixed bug #67360 (Missing element after ArrayObject::getIterator). (Adam)
. Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type
Confusion). (CVE-2014-3515) (Stefan Esser)
. Fixed bug #67118 (DateTime constructor crash with invalid data). (Anatol)
. Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas)
. Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). (Stas)
- DOM:
. Fixed bug #67081 (DOMDocumentType->internalSubset returns entire DOCTYPE tag,
not only the subset). (Anatol)
- Fileinfo:
. Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol)
. Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS) (CVE-2014-0238).
. Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in
performance degradation) (CVE-2014-0237).
- FPM:
. Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor).
(Julio Pintos)
- GD:
. Fixed bug #67248 (imageaffinematrixget missing check of parameters). (Stas)
- PCRE:
. Fixed bug #67238 (Ungreedy and min/max quantifier bug, applied patch
from the upstream). (Anatol)
- Phar:
. Fix bug #64498 ($phar->buildFromDirectory can't compress file with an accent
in its name). (PR #588 )
2014-06-27 11:34:19 +00:00
taca
b00909cbca
Update php54 to 5.4.30 which includes several security fixes.
...
26 Jun 2014, PHP 5.4.30
- Core:
. Fixed BC break introduced by patch for bug #67072 . (Anatol, Stas)
. Fixed bug #66622 (Closures do not correctly capture the late bound class
(static::) in some cases). (Levi Morrison)
. Fixed bug #67390 (insecure temporary file use in the configure script).
(CVE-2014-3981) (Remi)
. Fixed bug #67399 (putenv with empty variable may lead to crash). (Stas)
. Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability).
(Stefan Esser)
- CLI server:
. Fixed Bug #67406 (built-in web-server segfaults on startup). (Remi)
- Date:
. Fixed bug #67308 (Serialize of DateTime truncates fractions of second).
(Adam)
. Fixed regression in fix for bug #67118 (constructor can't be called twice).
(Remi)
- Fileinfo:
. Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary
check). (CVE-2014-0207)
. Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal
string size). (CVE-2014-3478) (Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary
check). (CVE-2014-3479) (Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check).
(CVE-2014-3480) (Francisco Alonso, Jan Kaluza, Remi)
. Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary
check). (CVE-2014-3487) (Francisco Alonso, Jan Kaluza, Remi)
- Intl:
. Fixed bug #67349 (Locale::parseLocale Double Free). (Stas)
. Fixed bug #67397 (Buffer overflow in locale_get_display_name and
uloc_getDisplayName (libicu 4.8.1)). (Stas)
- Network:
. Fixed bug #67432 (Fix potential segfault in dns_get_record()).
(CVE-2014-4049). (Sara)
- OpenSSL:
. Fixed bug #65698 (certificates validity parsing does not work past 2050).
(Paul Oehler)
. Fixed bug #66636 (openssl_x509_parse warning with V_ASN1_GENERALIZEDTIME).
(Paul Oehler)
- SOAP:
. Implemented FR #49898 (Add SoapClient::__getCookies()). (Boro Sitnikovski)
- SPL:
. Fixed bug #66127 (Segmentation fault with ArrayObject unset). (Stas)
. Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence)
. Fixed bug #67360 (Missing element after ArrayObject::getIterator). (Adam)
. Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type
Confusion) (CVE-2014-3515). (Stefan Esser)
2014-06-27 11:31:20 +00:00
obache
3d08f7ea68
used by lang/php55/Makefile.common
2014-06-13 02:58:19 +00:00
taca
bbde72a409
Update php54 to 5.4.29, contains fix for CVE-2014-0237 and CVE-2014-0238.
...
29 May 2014, PHP 5.4.29
- COM:
. Fixed bug #66431 (Special Character via COM Interface (CP_UTF8)). (Anatol)
- Core:
. Fixed bug #65701 (copy() doesn't work when destination filename is created
by tempnam()). (Boro Sitnikovski)
. Fixed bug #67072 (Echoing unserialized "SplFileObject" crash). (Anatol)
. Fixed bug #67245 (usage of memcpy() with overlapping src and dst in
zend_exceptions.c). (Bob)
. Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas)
. Fixed bug #67249 (printf out-of-bounds read). (Stas)
. Fixed bug #67250 (iptcparse out-of-bounds read). (Stas)
. Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas)
- Date:
. Fixed bug #67118 (DateTime constructor crash with invalid data). (Anatol)
. Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas)
. Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). (Stas)
- DOM:
. Fixed bug #67081 (DOMDocumentType->internalSubset returns entire DOCTYPE tag,
not only the subset). (Anatol)
- Fileinfo:
. Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol)
. Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS).
(CVE-2014-0238)
. Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in
performance degradation). (CVE-2014-0237)
- FPM:
. Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor).
(Julio Pintos)
- Phar:
. Fix bug #64498 ($phar->buildFromDirectory can't compress file with an accent
in its name). (PR #588 )
2014-05-31 04:28:56 +00:00
taca
0c63929ad5
Update php55 to 5.5.13, contains fix for CVE-2014-0237 and CVE-2014-0238.
...
29 May 2014, PHP 5.5.13
- CLI server:
. Fixed bug #67079 (Missing MIME types for XML/XSL files). (Anatol)
- COM:
. Fixed bug #66431 (Special Character via COM Interface (CP_UTF8)). (Anatol)
- Core:
. Fixed bug #65701 (copy() doesn't work when destination filename is created
by tempnam()). (Boro Sitnikovski)
. Fixed bug #67072 (Echoing unserialized "SplFileObject" crash). (Anatol)
. Fixed bug #67245 (usage of memcpy() with overlapping src and dst in
zend_exceptions.c). (Bob)
. Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas)
. Fixed bug #67249 (printf out-of-bounds read). (Stas)
. Fixed bug #67250 (iptcparse out-of-bounds read). (Stas)
. Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas)
- Curl:
. Fixed bug #64247 (CURLOPT_INFILE doesn't allow reset). (Mike)
- Date:
. Fixed bug #67118 (DateTime constructor crash with invalid data). (Anatol)
. Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas)
. Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). (Stas)
- DOM:
. Fixed bug #67081 (DOMDocumentType->internalSubset returns entire DOCTYPE tag,
not only the subset). (Anatol)
- Fileinfo:
. Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol)
. Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS) (CVE-2014-0238).
. Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in
performance degradation) (CVE-2014-0237).
- FPM:
. Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor).
(Julio Pintos)
- GD:
. Fixed bug #67248 (imageaffinematrixget missing check of parameters). (Stas)
- PCRE:
. Fixed bug #67238 (Ungreedy and min/max quantifier bug, applied patch
from the upstream). (Anatol)
- Phar:
. Fix bug #64498 ($phar->buildFromDirectory can't compress file with an accent
in its name). (PR #588 )
2014-05-31 04:26:39 +00:00
taca
c148e7126f
Update php54 to 5.4.28.
...
01 May 2014, PHP 5.4.28
- Core:
. Fixed bug #61019 (Out of memory on command stream_get_contents). (Mike)
. Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace
UNIX sockets). (Mike)
. Fixed bug #66171 (Symlinks and session handler allow open_basedir bypass).
(Jann Horn, Stas)
. Fixed bug #66182 (exit in stream filter produces segfault). (Mike)
. Fixed bug #66736 (fpassthru broken). (Mike)
. Fixed bug #67024 (getimagesize should recognize BMP files with negative
height). (Gabor Buella)
- cURL:
. Fixed bug #66562 (curl_exec returns differently than curl_multi_getcontent).
(Freek Lijten)
- Date:
. Fixed bug #66721 (__wakeup of DateTime segfaults when invalid object data is
supplied). (Boro Sitnikovski)
- Embed:
. Fixed bug #65715 (php5embed.lib isn't provided anymore). (Anatol)
- Fileinfo:
. Fixed bug #66987 (Memory corruption in fileinfo ext / bigendian).
(Remi)
- FPM:
. Fixed bug #66482 (unknown entry 'priority' in php-fpm.conf).
. Fixed bug #67060 (sapi/fpm: possible privilege escalation due to insecure
default configuration) (CVE-2014-0185). (Stas)
- JSON:
. Fixed bug #66021 (Blank line inside empty array/object when
JSON_PRETTY_PRINT is set). (Kevin Israel)
- LDAP:
. Fixed issue with null bytes in LDAP bindings. (Matthew Daley)
- OpenSSL:
. Fix bug #66942 (memory leak in openssl_seal()). (Chuan Ma)
. Fix bug #66952 (memory leak in openssl_open()). (Chuan Ma)
- SimpleXML:
. Fixed bug #66084 (simplexml_load_string() mangles empty node name)
(Anatol)
- XSL:
. Fixed bug #53965 (<xsl:include> cannot find files with relative paths
when loaded with "file://"). (Anatol)
- Apache2 Handler SAPI:
. Fixed Apache log issue caused by APR's lack of support for %zu
(APR issue https://issues.apache.org/bugzilla/show_bug.cgi?id=56120 ).
(Jeff Trawick)
2014-05-02 13:04:12 +00:00
taca
2aee748e8b
Update php55 to 5.5.12.
...
01 May 2014, PHP 5.5.12
- Core:
. Fixed bug #61019 (Out of memory on command stream_get_contents). (Mike)
. Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace
UNIX sockets). (Mike)
. Fixed bug #66182 (exit in stream filter produces segfault). (Mike)
. Fixed bug #66736 (fpassthru broken). (Mike)
. Fixed bug #67024 (getimagesize should recognize BMP files with negative
height). (Gabor Buella)
. Fixed bug #67043 (substr_compare broke by previous change) (Tjerk)
- cURL:
. Fixed bug #66562 (curl_exec returns differently than curl_multi_getcontent).
(Freek Lijten)
- Date:
. Fixed bug #66721 (__wakeup of DateTime segfaults when invalid object data is
supplied). (Boro Sitnikovski)
- Embed:
. Fixed bug #65715 (php5embed.lib isn't provided anymore). (Anatol).
- Fileinfo:
. Fixed bug #66987 (Memory corruption in fileinfo ext / bigendian).
(Remi)
- FPM:
. Fixed bug #66482 (unknown entry 'priority' in php-fpm.conf).
. Fixed bug #67060 (possible privilege escalation due to insecure default configuration). (CVE-2014-0185) (christian at hoffie dot info)
- JSON:
. Fixed bug #66021 (Blank line inside empty array/object when
JSON_PRETTY_PRINT is set). (Kevin Israel)
- LDAP:
. Fixed issue with null bytes in LDAP bindings. (Matthew Daley)
- mysqli:
. Fixed problem in mysqli_commit()/mysqli_rollback() with second parameter
(extra comma) and third parameters (lack of escaping). (Andrey)
- OpenSSL:
. Fix bug #66942 (memory leak in openssl_seal()). (Chuan Ma)
. Fix bug #66952 (memory leak in openssl_open()). (Chuan Ma)
- SimpleXML:
. Fixed bug #66084 (simplexml_load_string() mangles empty node name)
(Anatol)
- SQLite:
. Fixed bug #66967 (Updated bundled libsqlite to 3.8.4.3). (Anatol)
- XSL:
. Fixed bug #53965 (<xsl:include> cannot find files with relative paths
when loaded with "file://"). (Anatol)
- Apache2 Handler SAPI:
. Fixed Apache log issue caused by APR's lack of support for %zu
(APR issue https://issues.apache.org/bugzilla/show_bug.cgi?id=56120 ).
(Jeff Trawick)
2014-05-01 15:52:33 +00:00
taca
5680449532
Update php54 to 5.4.27. CVE-2013-7345 is already fixed in 5.4.26nb2.
...
03 Apr 2014, PHP 5.4.27
- Core:
. Fixed bug #60602 (proc_open() changes environment array) (Tjerk)
- Fileinfo:
. Fixed bug #66946 (fileinfo: extensive backtracking in awk rule regular
expression). (CVE-2013-7345) (Remi)
- FPM:
. Added clear_env configuration directive to disable clearenv() call.
(Github PR# 598, Paul Annesley)
- GMP
. fixed bug#66872 (invalid argument crashes gmp_testbit) (Pierre)
- Mail:
. Fixed bug #66535 (Don't add newline after X-PHP-Originating-Script) (Tjerk)
- MySQLi:
. Fixed bug #66762 (Segfault in mysqli_stmt::bind_result() when link closed)
(Remi)
- Openssl:
. Fixed bug #66833 (Default disgest algo is still MD5, switch to SHA1). (Remi)
2014-04-05 03:43:40 +00:00
taca
04453350ed
Update php55 to 5.5.11.
...
CVE-2013-7345 is already fixed in 5.5.10nb2.
03 Apr 2014, PHP 5.5.11
- Core:
. Allow zero length comparison in substr_compare() (Tjerk)
. Fixed bug #60602 (proc_open() changes environment array) (Tjerk)
- SPL:
. Added feature #65545 (SplFileObject::fread()) (Tjerk)
- cURL:
. Fixed bug #66109 (Can't reset CURLOPT_CUSTOMREQUEST to default behaviour) (Tjerk)
. Fix compilation on libcurl versions between 7.10.5 and 7.12.2, inclusive.
(Adam)
- FPM:
. Added clear_env configuration directive to disable clearenv() call.
(Github PR# 598, Paul Annesley)
- Fileinfo:
. Fixed bug #66946 (fileinfo: extensive backtracking in awk rule regular
expression). (CVE-2013-7345) (Remi)
- GD:
. Fixed bug #66714 (imageconvolution breakage). (Brad Daily)
. Fixed bug #66869 (Invalid 2nd argument crashes imageaffinematrixget) (Pierre)
. Fixed bug #66887 (imagescale - poor quality of scaled image). (Remi)
. Fixed bug #66890 (imagescale segfault). (Remi)
. Fixed bug #66893 (imagescale ignore method argument). (Remi)
- Hash:
. hash_pbkdf2() now works correctly if the $length argument is not specified.
(Nikita)
- Intl:
. Fixed bug #66873 (A reproductible crash in UConverter when given invalid
encoding) (Stas)
- Mail:
. Fixed bug #66535 (Don't add newline after X-PHP-Originating-Script) (Tjerk)
- MySQLi:
. Fixed bug #66762 (Segfault in mysqli_stmt::bind_result() when link closed)
(Remi)
- OPCache
. Added function opcache_is_script_cached(). (Danack)
. Added information about interned strings usage. (Terry, Julien, Dmitry)
- Openssl:
. Fixed bug #66833 (Default disgest algo is still MD5, switch to SHA1). (Remi)
- GMP
. Fixed bug #66872 (invalid argument crashes gmp_testbit) (Pierre)
- SQLite:
. Updated bundled libsqlite to 3.8.3.1 (Anatol)
2014-04-04 03:04:59 +00:00
taca
d26b5634a3
Update php55 to 5.5.10 (PHP 5.5.10).
...
Version 5.5.10
6-Mar-2014
* Core:
- Fixed bug #66574 (Allow multiple paths in php_ini_scanned_path).
* Date:
- Fixed bug #45528 (Allow the DateTimeZone constructor to accept timezones
per offset too).
* Fileinfo:
- Fixed bug #66731 (file: infinite recursion (CVE-2014-1943)).
- Fixed bug #66820 (out-of-bounds memory access in fileinfo (CVE-2014-2270)).
* GD:
- Fixed bug #66815 (imagecrop(): insufficient fix for NULL defer
(CVE-2013-7327)).
* JSON:
- Fixed bug #65753 (JsonSerializeable couldn't implement on module extension).
* LDAP:
- Implemented ldap_modify_batch (https://wiki.php.net/rfc/ldap_modify_batch ).
* Openssl:
- Fixed bug #66501 (Add EC key support to php_openssl_is_private_key).
* PCRE:
- Upgraded to PCRE 8.34.
* Pgsql:
- Added warning for dangerous client encoding and remove possible injections
for pg_insert()/pg_update()/pg_delete()/pg_select().
2014-03-09 14:09:20 +00:00
taca
d7d3bfe734
Update php54 to 5.4.26 (PHP 5.4.26).
...
Version 5.4.26
06-Mar-2014
* JSON:
- Fixed bug #65753 (JsonSerializeable couldn't implement on module extension)
* Fileinfo:
- Fixed bug #66731 (file: infinite recursion) (CVE-2014-1943).
- Fixed bug #66820 (out-of-bounds memory access in fileinfo) (CVE-2014-2270).
* LDAP:
- Implemented ldap_modify_batch (https://wiki.php.net/rfc/ldap_modify_batch ).
* Openssl:
- Fixed bug #66501 (Add EC key support to php_openssl_is_private_key).
* Pgsql:
- Added warning for dangerous client encoding and remove possible injections
for pg_insert()/pg_update()/pg_delete()/pg_select().
2014-03-09 14:08:16 +00:00
taca
0dc8fb7b7b
Update php54 to 5.4.25.
...
06 Feb 2014, PHP 5.4.25
- Core:
. Fixed bug #66286 (Incorrect object comparison with inheritance). (Nikita)
. Fixed bug #66509 (copy() arginfo has changed starting from 5.4).
(Will Fitch)
- mysqlnd
. Fixed bug #66283 (Segmentation fault after memory_limit). (Johannes)
- PDO_pgsql:
. Fixed bug #62479 (PDO-psql cannot connect if password contains spaces).
(Will Fitch, Ilia)
- Session:
. Fixed bug #66481 (Calls to session_name() segfault when session.name is
null). (Laruence)
2014-02-07 15:36:07 +00:00
taca
17212df85f
Update php55 to 5.5.9 (PHP 5.5.9).
...
06 Feb 2014, PHP 5.5.9
- Core:
. Fixed bug #66509 (copy() arginfo has changed starting from 5.4). (willfitch)
- GD:
. Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop()).
(Laruence, Remi)
- OPCache:
. Fixed bug #66474 (Optimizer bug in constant string to boolean conversion).
(Dmitry)
. Fixed bug #66461 (PHP crashes if opcache.interned_strings_buffer=0).
(Dmitry)
. Fixed bug #66298 (ext/opcache/Optimizer/zend_optimizer.c has dos-style
^M as lineend). (Laruence)
- PDO_pgsql:
. Fixed bug #62479 (PDO-psql cannot connect if password contains
spaces) (willfitch, iliaa)
- Readline
. Fixed Bug #66412 (readline_clear_history() with libedit causes segfault after
#65714 ). (Remi)
- Session
. Fixed bug #66469 (Session module is sending multiple set-cookie headers when
session.use_strict_mode=1) (Yasuo)
. Fixed bug #66481 (Segfaults on session_name()).
(cmcdermottroe at engineyard dot com, Yasuo)
- Standard
. Fixed bug #66395 (basename function doesn't remove drive letter). (Anatol)
- Sockets:
. Fixed bug #66381 (__ss_family was changed on AIX 5.3). (Felipe)
- Zend Engine
. Fixed bug #66009 (Failed compilation of PHP extension with C++ std
library using VS 2012). (Anatol)
2014-02-07 15:35:05 +00:00
taca
7c3bc3ee18
Update php55 to 5.5.8.
...
9 Jan 2014, PHP 5.5.8
- Core:
. Disallowed JMP into a finally block. (Laruence)
. Added validation of class names in the autoload process. (Dmitry)
. Fixed invalid C code in zend_strtod.c. (Lior Kaplan)
. Fixed bug #66041 (list() fails to unpack yielded ArrayAccess object).
(Nikita)
. Fixed bug #65764 (generators/throw_rethrow FAIL with
ZEND_COMPILE_EXTENDED_INFO). (Nikita)
. Fixed bug #61645 (fopen and O_NONBLOCK). (Mike)
. Fixed bug #66218 (zend_register_functions breaks reflection). (Remi)
- Date:
. Fixed bug #66060 (Heap buffer over-read in DateInterval). (Remi)
. Fixed bug #65768 (DateTimeImmutable::diff does not work). (Nikita Nefedov)
- DOM:
. Fixed bug #65196 (Passing DOMDocumentFragment to DOMDocument::saveHTML()
Produces invalid Markup). (Mike)
- Exif:
. Fixed bug #65873 (Integer overflow in exif_read_data()). (Stas)
- Filter:
. Fixed bug #66229 (128.0.0.0/16 isn't reserved any longer). (Adam)
- GD:
. Fixed bug #64405 (Use freetype-config for determining freetype2 dir(s)).
(Adam)
- PDO_odbc:
. Fixed bug #66311 (Stack smashing protection kills PDO/ODBC queries).
(michael at orlitzky dot com)
- MySQLi:
. Fixed bug #65486 (mysqli_poll() is broken on win x64). (Anatol)
- OPCache:
. Fixed reavlidate_path=1 behavior to avoid caching of symlinks values.
(Dmitry)
. Fixed Issue #140 : "opcache.enable_file_override" doesn't respect
"opcache.revalidate_freq". (Dmitry).
- SNMP:
. Fixed SNMP_ERR_TOOBIG handling for bulk walk operations. (Boris Lytochkin)
- SOAP
. Fixed bug #66112 (Use after free condition in SOAP extension).
(martin dot koegler at brz dot gv dot at)
- Sockets:
. Fixed bug #65923 (ext/socket assumes AI_V4MAPPED is defined). (Felipe)
- XSL
. Fixed bug #49634 (Segfault throwing an exception in a XSL registered
function). (Mike)
- ZIP:
. Fixed Bug #66321 (ZipArchive::open() ze_obj->filename_len not real). (Remi)
2014-01-11 17:05:09 +00:00
taca
030f48774f
Update php to 5.4.24.
...
09 Jan 2014, PHP 5.4.24
- Core:
. Added validation of class names in the autoload process. (Dmitry)
. Fixed invalid C code in zend_strtod.c. (Lior Kaplan)
. Fixed bug #61645 (fopen and O_NONBLOCK). (Mike)
- Date:
. Fixed bug #66060 (Heap buffer over-read in DateInterval). (Remi)
. Fixed bug #63391 (Incorrect/inconsistent day of week prior to the year
1600). (Derick, T. Carter)
. Fixed bug #61599 (Wrong Day of Week). (Derick, T. Carter)
- DOM:
. Fixed bug #65196 (Passing DOMDocumentFragment to DOMDocument::saveHTML()
Produces invalid Markup). (Mike)
- Exif:
. Fixed bug #65873 (Integer overflow in exif_read_data()). (Stas)
- Filter:
. Fixed bug #66229 (128.0.0.0/16 isn't reserved any longer). (Adam)
- GD:
. Fixed bug #64405 (Use freetype-config for determining freetype2 dir(s)).
(Adam)
- PDO_odbc:
. Fixed bug #66311 (Stack smashing protection kills PDO/ODBC queries).
(michael at orlitzky dot com)
- SNMP:
. Fixed SNMP_ERR_TOOBIG handling for bulk walk operations. (Boris Lytochkin)
- XSL
. Fixed bug #49634 (Segfault throwing an exception in a XSL registered
function). (Mike)
- ZIP:
. Fixed Bug #66321 (ZipArchive::open() ze_obj->filename_len not real). (Remi)
2014-01-11 17:03:57 +00:00
taca
1fbdeb047a
Update php55 to 5.5.7 (PHP 5.5.7).
...
12 Dec 2013, PHP 5.5.7
- CLI server:
. Added some MIME types to the CLI web server (Chris Jones)
. Implemented FR #65917 (getallheaders() is not supported by the built-in web
server) - also implements apache_response_headers() (Andrea Faulds)
- Core:
. Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a
string). (Laruence)
- OPCache
. Fixed bug #66176 (Invalid constant substitution). (Dmitry)
. Fixed bug #65915 (Inconsistent results with require return value). (Dmitry)
. Fixed bug #65559 (Opcache: cache not cleared if changes occur while
running). (Dmitry)
- OpenSSL:
. Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420).
(Stefan Esser).
- readline
. Fixed Bug #65714 (PHP cli forces the tty to cooked mode). (Remi)
2013-12-13 15:33:22 +00:00
taca
c93eaad499
Update php54 to 5.4.23 (PHP 5.4.23).
...
28 Nov 2013, PHP 5.4.23
- Core:
. Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a
string). (Laruence)
. Fixed bug #65947 (basename is no more working after fgetcsv in certain
situation). (Laruence)
- JSON
. Fixed whitespace part of bug #64874 ("json_decode handles whitespace and
case-sensitivity incorrectly"). (Andrea Faulds)
- MySQLi:
. Fixed bug #66043 (Segfault calling bind_param() on mysqli). (Laruence)
- mysqlnd:
. Fixed bug #66124 (mysqli under mysqlnd loses precision when bind_param
with 'i'). (Andrey)
. Fixed bug #66141 (mysqlnd quote function is wrong with NO_BACKSLASH_ESCAPES
after failed query). (Andrey)
- OpenSSL:
. Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420).
(Stefan Esser).
- PDO
. Fixed bug 65946 (sql_parser permanently converts values bound to strings)
2013-12-13 15:32:21 +00:00
taca
aafaa1a039
Update php53 to 5.3.28 (PHP 5.3.28).
...
12 Dec 2013, PHP 5.3.28
- Openssl:
. Fixed handling null bytes in subjectAltName (CVE-2013-4073).
(Christian Heimes)
. Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420).
(Stefan Esser).
2013-12-13 15:30:35 +00:00
taca
2be87cd2b3
Update php54 to 5.4.22.
...
Version 5.4.22
14-Nov-2013
* Core:
- Fixed bug #65911 (scope resolution operator - strange behavior with
$this).
CLI server:
- Fixed bug #65818 (Segfault with built-in webserver and chunked transfer
encoding).
* Exif:
- Fixed crash on unknown encoding.
* FTP:
- Fixed bug #65667 (ftp_nb_continue produces segfault).
* ODBC:
- Fixed bug #65950 (Field name truncation if the field name is bigger than
32 characters).
* Sockets:
- Fixed bug #65808 (the socket_connect() won't work with IPv6 address).
* Standard:
- Fixed bug #64760 (var_export() does not use full precision for
floating-point numbers).
* XMLReader:
- Fixed bug #51936 (Crash with clone XMLReader).
- Fixed bug #64230 (XMLReader does not suppress errors).
2013-11-16 09:45:26 +00:00
taca
3d3ac75faf
Update php55 package to 5.5.6.
...
14 Nov 2013, PHP 5.5.6
- Core:
. Fixed bug #65947 (basename is no more working after fgetcsv in certain
situation). (Laruence)
. Improved performance of array_merge() and func_get_args() by eliminating
useless copying. (Dmitry)
. Fixed bug #65939 (Space before ";" breaks php.ini parsing).
(brainstorm at nopcode dot org)
. Fixed bug #65911 (scope resolution operator - strange behavior with $this).
(Bob Weinand)
. Fixed bug #65936 (dangling context pointer causes crash). (Tony)
- FPM:
. Changed default listen() backlog to 65535. (Tony)
- MySQLi:
. Fixed bug #66043 (Segfault calling bind_param() on mysqli). (Laruence)
- OPcache
. Increased limit for opcache.max_accelerated_files to 1,000,000. (Chris)
. Fixed issue #115 (path issue when using phar). (Dmitry)
. Fixed issue #149 (Phar mount points not working with OPcache enabled).
(Dmitry)
- ODBC
. Fixed bug #65950 (Field name truncation if the field name is bigger than
32 characters). (patch submitted by: michael dot y at zend dot com, Yasuo)
- PDO:
. Fixed bug #66033 (Segmentation Fault when constructor of PDO statement
throws an exception). (Laruence)
. Fixed bug 65946 (sql_parser permanently converts values bound to strings)
- Standard:
. Fixed bug #64760 (var_export() does not use full precision for floating-point
numbers) (Yasuo)
2013-11-15 16:33:14 +00:00
taca
a8f12bfe2c
Update php55 to 5.5.5.
...
17 Oct 2013, PHP 5.5.5
- Core:
. Fixed bug #64979 (Wrong behavior of static variables in closure generators).
(Nikita)
. Fixed bug #65322 (compile time errors won't trigger auto loading). (Nikita)
. Fixed bug #65821 (By-ref foreach on property access of string offset
segfaults). (Nikita)
- CLI server:
. Fixed bug #65633 (built-in server treat some http headers as
case-sensitive). (Adam)
. Fixed bug #65818 (Segfault with built-in webserver and chunked transfer
encoding). (Felipe)
. Added application/pdf to PHP CLI Web Server mime types (Chris Jones)
- Datetime:
. Fixed bug #64157 (DateTime::createFromFormat() reports confusing error
message). (Boro Sitnikovski)
. Fixed bug #65502 (DateTimeImmutable::createFromFormat returns DateTime).
(Boro Sitnikovski)
. Fixed bug #65548 (Comparison for DateTimeImmutable doesn't work).
(Boro Sitnikovski)
- DBA extension:
. Fixed bug #65708 (dba functions cast $key param to string in-place,
bypassing copy on write). (Adam)
- Filter:
. Add RFC 6598 IPs to reserved addresses. (Sebastian Nohn)
. Fixed bug #64441 (FILTER_VALIDATE_URL rejects fully qualified domain names).
(Syra)
- FTP:
. Fixed bug #65667 (ftp_nb_continue produces segfault). (Philip Hofstetter)
- GD
. Ensure that the defined interpolation method is used with the generic
scaling methods. (Pierre)
- IMAP:
. Fixed bug #65721 (configure script broken in 5.5.4 and 5.4.20 when enabling
imap). (ryotakatsuki at gmail dot com)
- OPcache:
. Added support for GNU Hurd. (Svante Signell)
. Added function opcache_compile_file() to load PHP scripts into cache
without execution. (Julien)
. Fixed bug #65845 (Error when Zend Opcache Optimizer is fully enabled).
(Dmitry)
. Fixed bug #65665 (Exception not properly caught when opcache enabled).
(Laruence)
. Fixed bug #65510 (5.5.2 crashes in _get_zval_ptr_ptr_var). (Dmitry)
. Fixed issue #135 (segfault in interned strings if initial memory is too
low). (Julien)
- Sockets:
. Fixed bug #65808 (the socket_connect() won't work with IPv6 address).
(Mike)
- SPL:
. Fix bug #64782 (SplFileObject constructor make $context optional / give it
a default value). (Nikita)
- Standard:
. Fixed bug #61548 (content-type must appear at the end of headers for 201
Location to work in http). (Mike)
- XMLReader:
. Fixed bug #51936 (Crash with clone XMLReader). (Mike)
. Fixed bug #64230 (XMLReader does not suppress errors). (Mike)
- Build system:
. Fixed bug #51076 (race condition in shtool's mkdir -p implementation).
(Mike, Raphael Geissert)
. Fixed bug #62396 ('make test' crashes starting with 5.3.14 (missing
gzencode())). (Mike)
2013-10-18 15:49:07 +00:00
taca
c75f2f0e40
Update php54 to 5.4.21 (PHP 5.4.21).
...
17 Oct 2013, PHP 5.4.21
- Core:
. Fixed bug #65322 (compile time errors won't trigger auto loading). (Nikita)
- CLI server:
. Fixed bug #65633 (built-in server treat some http headers as
case-sensitive). (Adam)
- Datetime:
. Fixed bug #64157 (DateTime::createFromFormat() reports confusing error
message). (Boro Sitnikovski)
- DBA extension:
. Fixed bug #65708 (dba functions cast $key param to string in-place,
bypassing copy on write). (Adam)
- Filter:
. Add RFC 6598 IPs to reserved addresses. (Sebastian Nohn)
. Fixed bug #64441 (FILTER_VALIDATE_URL rejects fully qualified domain names).
(Syra)
- IMAP:
. Fixed bug #65721 (configure script broken in 5.5.4 and 5.4.20 when enabling
imap). (ryotakatsuki at gmail dot com)
- Standard:
. Fixed bug #61548 (content-type must appear at the end of headers for 201
Location to work in http). (Mike)
- Build system:
. Fixed bug #62396 ('make test' crashes starting with 5.3.14 (missing
gzencode())). (Mike)
2013-10-18 12:25:12 +00:00
taca
af211b350d
Update php55 to 5.5.4, approved by wiz@.
...
18 Sep 2013, PHP 5.5.4
- Core:
. Fixed bug #60598 (cli/apache sapi segfault on objects manipulation).
(Laruence)
. Improved fputcsv() to allow specifying escape character.
. Fixed bug #65490 (Duplicate calls to get lineno & filename for
DTRACE_FUNCTION_*). (Chris Jones)
. Fixed bug #65483 (quoted-printable encode stream filter incorrectly encoding
spaces). (Michael M Slusarz)
. Fixed bug #65470 (Segmentation fault in zend_error() with
--enable-dtrace). (Chris Jones, Kris Van Hees)
. Fixed bug #65225 (PHP_BINARY incorrectly set). (Patrick Allaert)
. Fixed bug #62692 (PHP fails to build with DTrace). (Chris Jones, Kris Van Hees)
. Fixed bug #61759 (class_alias() should accept classes with leading
backslashes). (Julien)
. Fixed bug #46311 (Pointer aliasing issue results in miscompile on gcc4.4).
(Nikita Popov)
- cURL:
. Fixed bug #65458 (curl memory leak). (Adam)
- Datetime:
. Fixed bug #65554 (createFromFormat broken when weekday name is followed
by some delimiters). (Valentin Logvinskiy, Stas).
. Fixed bug #65564 (stack-buffer-overflow in DateTimeZone stuff caught
by AddressSanitizer). (Remi).
- OPCache:
. Fixed bug #65561 (Zend Opcache on Solaris 11 x86 needs ZEND_MM_ALIGNMENT=4).
(Terry Ellison)
- Openssl:
. Fixed bug #64802 (openssl_x509_parse fails to parse subject properly in
some cases). (Mark Jones)
- Session:
. Fixed bug #65475 (Session ID is not initialized properly when strict session
is enabled). (Yasuo)
. Fixed bug #51127/#65359 Request #25630/#43980/#54383 (Added php_serialize
session serialize handler that uses plain serialize()). (Yasuo)
- Standard:
. Fix issue with return types of password API helper functions. Found via
static analysis by cjones. (Anthony Ferrara)
2013-09-21 16:08:37 +00:00
taca
b04633b3e7
Update php54 to 5.4.20, approved by wiz@.
...
19 Sep 2013, PHP 5.4.20
- Core:
. Fixed bug #60598 (cli/apache sapi segfault on objects manipulation).
(Laruence)
. Fixed bug #65579 (Using traits with get_class_methods causes segfault).
(Adam)
. Fixed bug #65490 (Duplicate calls to get lineno & filename for
DTRACE_FUNCTION_*). (Chris Jones)
. Fixed bug #65483 (quoted-printable encode stream filter incorrectly encoding
spaces). (Michael M Slusarz)
. Fixed bug #65481 (shutdown segfault due to serialize) (Mike)
. Fixed bug #65470 (Segmentation fault in zend_error() with
--enable-dtrace). (Chris Jones, Kris Van Hees)
. Fixed bug #65372 (Segfault in gc_zval_possible_root when return reference
fails). (Laruence)
. Fixed bug #65304 (Use of max int in array_sum). (Laruence)
. Fixed bug #65291 (get_defined_constants() causes PHP to crash in a very
limited case). (Arpad)
. Fixed bug #65225 (PHP_BINARY incorrectly set). (Patrick Allaert)
. Improved fix for bug #63186 (compile failure on netbsd). (Matteo)
. Fixed bug #62692 (PHP fails to build with DTrace). (Chris Jones, Kris Van Hees)
. Fixed bug #61759 (class_alias() should accept classes with leading
backslashes). (Julien)
. Fixed bug #61345 (CGI mode - make install don't work). (Michael Heimpold)
. Cherry-picked some DTrace build commits (allowing builds on Linux,
bug #62691 , and bug #63706 ) from PHP 5.5 branch
. Fixed bug #61268 (--enable-dtrace leads make to clobber
Zend/zend_dtrace.d) (Chris Jones)
- cURL:
. Fixed bug #65458 (curl memory leak). (Adam)
- Datetime:
. Fixed bug #65554 (createFromFormat broken when weekday name is followed
by some delimiters). (Valentin Logvinskiy, Stas).
. Fixed bug #65564 (stack-buffer-overflow in DateTimeZone stuff caught
by AddressSanitizer). (Remi).
- Openssl:
. Fixed bug #64802 (openssl_x509_parse fails to parse subject properly in
some cases). (Mark Jones)
- Session:
. Fixed bug #62129 (rfc1867 crashes php even though turned off). (gxd305 at
gmail dot com)
. Fixed bug #50308 (session id not appended properly for empty anchor tags).
(Arpad)
. Fixed possible buffer overflow under Windows. Note: Not a security fix.
(Yasuo)
. Changed session.auto_start to PHP_INI_PERDIR. (Yasuo)
- SOAP:
. Fixed bug #65018 (SoapHeader problems with SoapServer). (Dmitry)
- SPL:
. Fixed bug #65328 (Segfault when getting SplStack object Value). (Laruence)
- PDO:
. Fixed bug #64953 (Postgres prepared statement positional parameter
casting). (Mike)
- Phar:
. Fixed bug #65028 (Phar::buildFromDirectory creates corrupt archives for
some specific contents). (Stas)
- Pgsql:
. Fixed bug #65336 (pg_escape_literal/identifier() silently returns false).
(Yasuo)
. Fixed bug #62978 (Disallow possible SQL injections with pg_select()/pg_update()
/pg_delete()/pg_insert()). (Yasuo)
- Zlib:
. Fixed bug #65391 (Unable to send vary header user-agent when
ob_start('ob_gzhandler') is called) (Mike)
2013-09-21 16:06:07 +00:00
taca
558212ae2d
Update php55 to 5.5.3.
...
22 Aug 2013, PHP 5.5.3
- Openssl:
. Fixed UMR in fix for CVE-2013-4248.
2013-08-23 03:12:49 +00:00
taca
0ee7ff105d
Update php54 to 5.4.19.
...
22 Aug 2013, PHP 5.4.19
- Core:
. Fixed bug #64503 (Compilation fails with error: conflicting types for
'zendparse'). (Laruence)
- Openssl:
. Fixed UMR in fix for CVE-2013-4248.
2013-08-23 03:11:55 +00:00
taca
bea2b7500c
Need to update PHP55_VERSION. Thanks to joerg@ who noted to me.
2013-08-18 20:56:32 +00:00
taca
4dd9976760
Update php54 to 5.4.18.
...
15 Aug 2013, PHP 5.4.18
- Core:
. Fixed value of FILTER_SANITIZE_FULL_SPECIAL_CHARS constant (previously was
erroneously set to FILTER_SANITIZE_SPECIAL_CHARS value). (Andrey
avp200681 gmail com).
. Fixed bug #65254 (Exception not catchable when exception thrown in autoload
with a namespace). (Laruence)
. Fixed bug #65108 (is_callable() triggers Fatal Error).
(David Soria Parra, Laruence)
. Fixed bug #65088 (Generated configure script is malformed on OpenBSD).
(Adam)
. Fixed bug #62964 (Possible XSS on "Registered stream filters" info).
(david at nnucomputerwhiz dot com)
. Fixed bug #62672 (Error on serialize of ArrayObject). (Lior Kaplan)
. Fixed bug #62475 (variant_* functions causes crash when null given as an
argument). (Felipe)
. Fixed bug #60732 (php_error_docref links to invalid pages). (Jakub Vrana)
. Fixed bug #65226 (chroot() does not get enabled). (Anatol)
- CGI:
. Fixed Bug #65143 (Missing php-cgi man page). (Remi)
- CLI server:
. Fixed bug #65066 (Cli server not responsive when responding with 422 http
status code). (Adam)
- CURL:
. Fixed bug #62665 (curl.cainfo doesn't appear in php.ini). (Lior Kaplan)
- FPM:
. Fixed bug #63983 (enabling FPM borks compile on FreeBSD).
(chibisuke at web dot de, Felipe)
- FTP:
. Fixed bug #65228 (FTPs memory leak with SSL).
(marco dot beierer at mbsecurity dot ch)
- GMP:
. Fixed bug #65227 (Memory leak in gmp_cmp second parameter). (Felipe)
- Imap:
. Fixed bug #64467 (Segmentation fault after imap_reopen failure).
(askalski at gmail dot com)
- Intl:
. Fixed bug #62759 (Buggy grapheme_substr() on edge case). (Stas)
. Fixed bug #61860 (Offsets may be wrong for grapheme_stri* functions).
(Stas)
- mysqlnd:
. Fixed segfault in mysqlnd when doing long prepare. (Andrey)
- ODBC:
. Fixed bug #61387 (NULL valued anonymous column causes segfault in
odbc_fetch_array). (Brandon Kirsch)
- Openssl:
. Fixed handling null bytes in subjectAltName (CVE-2013-4073).
(Christian Heimes)
- PDO:
. Allowed PDO_OCI to compile with Oracle Database 12c client libraries.
(Chris Jones)
- PDO_dblib:
. Fixed bug #65219 (PDO/dblib not working anymore ("use dbName" not sent)).
(Stanley Sufficool)
- PDO_pgsql:
. Fixed meta data retrieve when OID is larger than 2^31. (Yasuo)
- Phar:
. Fixed Bug #65142 (Missing phar man page). (Remi)
- Session
. Fixed bug #62535 ($_SESSION[$key]["cancel_upload"] doesn't work as
documented). (Arpad)
. Fixed bug #35703 (when session_name("123") consist only digits,
should warning). (Yasuo)
. Fixed bug #49175 (mod_files.sh does not support hash bits). Patch by
oorza2k5 at gmail dot com (Yasuo)
- Sockets:
. Implemented FR #63472 (Setting SO_BINDTODEVICE with socket_set_option).
(Damjan Cvetko)
- SPL:
. Fixed bug #65136 (RecursiveDirectoryIterator segfault). (Laruence)
. Fixed bug #61828 (Memleak when calling Directory(Recursive)Iterator
/Spl(Temp)FileObject ctor twice). (Laruence)
. Fixed bug #60560 (SplFixedArray un-/serialize, getSize(), count() return 0,
keys are strings). (Adam)
- XML:
. Fixed bug #65236 (heap corruption in xml parser, CVE-2013-4113). (Rob)
2013-08-16 15:28:23 +00:00
taca
ef1cbc9e4c
Correct checking condition of PHP_CHECK_INSTALLED.
2013-08-14 14:53:03 +00:00
taca
06eeb89332
* Add php55 support.
...
* Make PKG_PHP's value as description in comment.
2013-07-29 16:38:12 +00:00
taca
45492d07f0
Clean up php's framework.
...
* Define PHP's version at one place.
* Remove obsolete description in comments.
* Add "used by www/php-fpm/Makefile" in php5[34]/Makefile.php.
* Remove commented out support for suhosin extension from php54.
* Add PHP_CHECK_INSTALLED and PHP_EXTENSION_DIR to php/phpversion.mk.
No functional should be made.
2013-07-21 17:29:47 +00:00
taca
0e7b42e829
Update PHP53_VERSION to 5.3.27.
2013-07-12 00:09:14 +00:00
taca
d378e8ba37
Make PHP54_VERSION to 5.4.17.
2013-07-07 16:22:21 +00:00
taca
7015c34b75
Update PHP53_VERSION and PHP54_VERSION.
2013-06-07 13:56:25 +00:00
taca
c4e7d4a4ee
Update PHP53_VERSION and PHP54_VERSION. It should be updated with
...
last update of php53/php54.
2013-06-03 15:23:14 +00:00
taca
cc160d4233
Update PHP53_VERSION and PHP54_VERSION.
2013-04-12 17:01:46 +00:00
taca
bc92f55652
* Make default version of PHP to 5.4: PHP_VERSION_DEFAULT's default is 54.
...
* Update PHP53_VERSION and PHP54_VERSION.
2013-03-16 02:02:13 +00:00
taca
4f0e2257cc
Update PHP53_VERSION and PHP54_VERSION.
2013-02-22 03:08:22 +00:00
taca
5e0eb25a21
Switch php53 to t.3.21.
2013-01-17 16:19:33 +00:00
taca
85c09a581c
Switch php54 to 5.4.11.
2013-01-17 15:49:11 +00:00
taca
54af9d7921
Update PHP53_VERSION and PHP54_VERSION to make match to php53 and php54.
2013-01-07 14:26:14 +00:00
taca
5289ca26ba
Update versions of php53 and php54 for PHP extensions.
...
Reset PKGREVISION of database/php-ldap.
2012-11-23 13:22:51 +00:00
taca
4179122553
Update definition of PHP version for php53 and php54.
2012-10-19 14:59:15 +00:00
cheusov
98a0ec4f42
Move documentation for *_REQD variables to "Infrastructure variables"
...
as suggested by obache@
2012-10-03 23:48:00 +00:00
cheusov
d9d49610f9
Update documentation for {PYTHON,RUBY,PHP}_VERSION_REQD variables, move them
...
to "user variables" section. pkglint is now aware of them. Bump pkglint
version. Oked by wiz@
2012-09-16 20:03:50 +00:00
taca
ac59301e61
Update PHP53_VERSION and PHP54_VERSION.
2012-09-14 15:54:22 +00:00
taca
a98fe022a1
Remove remained codes for PHP 5.2.x.
2012-08-17 15:38:19 +00:00
taca
608d4e1e9b
Update PHP53_VERSION and PHP54_VERSION.
2012-08-17 15:37:30 +00:00
taca
421d7a3d65
Update PHP53_VERSION and PHP54_VERSION noted by Uwe Klaus.
2012-07-25 10:50:12 +00:00
taca
e84e46bef8
Remove support for php5 (PHP 5.2.x).
2012-06-16 15:18:13 +00:00
taca
176439945e
Update of frame work for PHP and support for PHP 5.4.x.
...
* PHP_VERSION_DEFAULT, PHP_VERSIONS_ACCEPTED, PKG_PHP_VERSION now
don't accept 5 any more but 52, 53, 54.
Each value corresponding to PHP 5.2.x, 5.3.x, 5.4.x.
* PHP_PKG_PREFIX might be "php54".
* phpversion.mk defines PHP_BASE_VERS.
* phpversion.mk defines each PHP's exact version for now.
TODO:
php{5,53,54}/Makefile.{common,php} could be arranged to some
redundant codes.
2012-06-16 02:47:51 +00:00
obache
d74bd35143
PKG_PHP_VERSION may be 52 for some situation.
2012-05-12 11:27:46 +00:00
obache
edbcee2144
* allow to specify phpize sub directory with PHPSETUPSUBDIR.
...
* allow to override DIST_SUBDIR
2012-05-12 08:23:34 +00:00
taca
02eb740d5d
Correct default value in description of PHP_VERSION_DEFAULT.
2012-05-04 16:07:51 +00:00
obache
7e5c33ea25
Note warning about PECL_LEGACY_VERSION_SCHEME.
2012-01-27 01:55:27 +00:00
joerg
2bb5313796
Catch up with PHP 5.3 base.
2012-01-12 18:25:50 +00:00
obache
bdaf2325dc
Change default PKGNAME scheme for PECL packages.
...
Drop ${PHP_BASE_VARS} from PKGVERSION by default.
It used to be required to support multiple php version.
But after PHP version based ${PHP_PKG_PREFIX} was introduced,
such trick is not required anymore.
In addition to this, such version name schme invokes unwanted version bump
when base php version is bumped, plus, such version scheme is hard to
use for DEPENDS pattern.
To avoid downgrading of package using such legacy version scheme,
PECL_LEGACY_VERSION_SCHEME is introduced.
If it is defined, current version scheme is still used for currently
supported PHP version (5 and 53), but instead of ${PHP_BASE_VARS},
current fixed PHP base version in pkgsrc is used to avoid unwanted version bump
from update of PHP base package.
With newer PHP (54, or so on), new version scheme will be used if
it is defined.
This trick will not be required and should be removed after php5 and php53 will
be gone away from pkgsrc.
2011-12-17 13:46:27 +00:00
cheusov
6b8153bb6c
Do not change PHP_VERSIONS_ACCEPTED in phpversion.mk.
...
It is not necessary anymore. No objections in tech-pkg@.
2011-10-29 13:47:03 +00:00
taca
43e909a9b7
Make PHP's default version to 5.3.x.
2011-09-14 16:44:26 +00:00
adam
a93be2d228
Install module correctly
2011-04-13 13:23:39 +00:00
wiz
a2163548a9
Add MULTI variable, and add it to BUILD_DEFS, to more easily find
...
variable settings affecting binary packages.
From Aleksey Cheusov in PR 44695.
2011-03-12 14:07:13 +00:00
obache
8ddddf9348
set TZ=UTC to generate PLIST, same as do-install.
2011-01-12 08:15:45 +00:00
obache
2007a8d867
prevent php errors/warnings from being recorded as part of generated PLIST.
2011-01-12 08:11:49 +00:00
taca
5398315daa
A little improvement of a sentence.
2010-09-23 07:38:05 +00:00
obache
cc125a1b73
Improve pear package handling
...
* support packages from other than default channels
* replace deprecated function usage in pear_plist.php
* generate filelist from installed registry, to support "install as" files.
tested with all pear pacakgs in pkgsrc.
2010-08-29 06:08:07 +00:00
obache
c1a91941e4
Always install pear with `-n', or failed to install if extension is required
...
but not loaded in php.ini.
2010-08-25 06:37:20 +00:00
jdolecek
3ae1602b29
add support for PHP 5.2.*-only packages
2010-03-21 11:07:37 +00:00
jdolecek
bd2f9ccca0
set LIBTOOL_OVERRIDE (force pkgsrc libtool) for PHP extensions
2010-03-21 11:06:05 +00:00
taca
d3f4c4ac08
Explicitly setenv TZ=UTC when installing with pear since pear of PHP 5.3.2
...
check system's timezone and produce useless warnings.
2010-03-16 15:34:01 +00:00
taca
d08cf9a998
Prepair for importing PHP 5.3.2.
...
* Add "53" as PHP 5.3.x for several PHP_VERSION_* and its frends.
* Add PKG_PHP_MAJOR_VERS which currently only takes "5".
* Add "php53" to PHP_PKG_PREFIX.
* Add checking installed PHP's version against required version.
2010-03-16 15:25:36 +00:00
joerg
90b19de9ab
Remove PHP 4 from the list of supported versions.
2010-02-10 17:46:10 +00:00
obache
96731b7eb3
Use -P (--packagingroot) instead of -R (--installroot).
...
packaging fake root should be set with -P.
(-R is for really using there and package will be registerd as there).
2010-02-03 12:22:18 +00:00
obache
57d63a3b12
Add -n option for DESTDIR to skip dependency check,
...
and also move -f option here.
2010-02-03 11:44:35 +00:00
obache
a737ab1043
Add "-f" flag for install to prevent installed package from installation
...
when "make replace" or using DESTDIR.
2009-10-31 04:51:28 +00:00
obache
958f7e7b23
two more skip files.
2009-10-31 04:46:34 +00:00
joerg
76039544d1
Remove @dirrm related logic.
2009-06-14 22:57:58 +00:00
abs
3b173ae359
Allow a directory to be excluded from PEAR_DIRRM by specifying PEAR_DIRRM_EXCLUDE
2009-01-19 19:55:02 +00:00
joerg
5437d6597e
Add basic DESTDIR support for PEAR packages. The skip list is a band aid
...
and the PEAR package itself must be reviewed to not include those files.
The patch doesn't work for dependencies right now.
2008-06-12 00:20:10 +00:00
rillig
cfd60c15ff
Clarified the comment that no dependency is added by this file.
2007-10-11 08:51:43 +00:00
rillig
8a4225b4af
+ USE_PHP_EXT_PATCHES
2007-10-11 08:51:11 +00:00
martti
bd986edbc7
Remove trailing spaces.
2007-10-09 19:19:08 +00:00
rillig
d2f1965b99
Added variable descriptions for PHP extensions.
2007-09-20 09:32:15 +00:00
rillig
e0c07e8ed7
Added variables for "bmake show-all".
2007-09-20 09:11:07 +00:00
tnn
87d6a8dd42
Fix installation of php extensions on HPUX.
2007-09-07 13:26:20 +00:00
ghen
13ea59af42
Adjust the documented default PHP version to the actual default.
2007-08-13 14:46:30 +00:00
rillig
68d8260f82
Added the usual documentation.
2007-06-18 07:21:09 +00:00
heinz
1043001008
Added support for installation of extensions to DESTDIR.
2007-06-11 17:59:23 +00:00
adrianp
989ca1e011
Including pear.mk will now pull in lang/pear as a dependency
...
Fix the PHP call to include the default include path for PEAR
2007-05-05 21:32:12 +00:00
adrianp
d9a1374854
* Support v2 of the pear-* package format that is being used by some
...
newer pear packages.
* Fix the case where an extra slash would be appended to the file path in the
PLIST.
* Both fixes from from Loic Hoguin and tested by Loic and myself.
2007-04-15 13:46:42 +00:00
sketch
7d90eb7639
Make sure the do-patch target returns true, as some shells will return the
...
egrep exit status (which will be false if there are no patches for the module)
and stop the build.
2006-07-10 20:53:43 +00:00
joerg
337c6b1297
Rename all PHP 4 packages to php4-*, all PHP 5 packages to php5-*,
...
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or
ap2-* respectively. Add new variables to simplify the Makefile
handling. Add CONFLICTS on the old names. Reset revisions of bumped
packages. ap-php will now depend on the default Apache and PHP version.
All programs using it have an implicit option of the Apache version
as well.
OK from jlam@ and adrianp@.
2006-06-02 18:27:54 +00:00
jlam
d5e3a83249
Allow a PECL PHP extension package to specify its own DISTNAME by setting
...
PECL_DISTNAME.
2006-06-01 17:44:21 +00:00
tron
c27ecb6fa8
Make PHP version 5.x the default. Security updates for PHP 4.x are
...
simply releasted much too slow these days.
2006-05-09 10:06:34 +00:00
jdolecek
4b122787b2
automatically include extension-specific MESSAGE if it exists
2005-12-03 18:52:54 +00:00
jdolecek
7023a17405
add missing backslash for previous
2005-12-03 13:32:42 +00:00
jdolecek
0705382d0c
use ${PATH_ARGS} in do-patch target, and use _PKG_SILENT/_PKG_DEBUG
...
to reduce output for normal runs
2005-12-03 13:16:36 +00:00
tv
8a957173eb
PECL modules have a real homepage. Set the default for PECL modules to
...
the PECL distro site rather than PHP's default.
Bump PKGREVISION, as the HOMEPAGE is included in the binary package's +DESC.
2005-10-04 16:50:50 +00:00
rillig
7c07d9b2cb
Fixed pkglint warnings.
2005-09-28 21:46:24 +00:00
abs
df25641458
revert last - thanks to wiz for poking me to find the real cause of the
...
breakage.
2005-09-20 10:56:38 +00:00
abs
c98b0a6e37
Set PKGNAME= rather than PKGNAME?=
...
Previously php-gettext would end up with a PKGNAME of php-{ver}, with
obviously breakage.
2005-09-19 23:07:10 +00:00
jschauma
5b87a82011
Not all OS have a ln(1) that only accepts one argument, so let's use two.
2005-06-14 01:35:09 +00:00
jdolecek
485342b9d6
allow PECL-like extensions with different MASTER_SITES or EXTRACT_SUFX
2005-06-12 15:29:48 +00:00
jlam
fcb7da800b
Remove mk/autoconf.mk and mk/automake.mk and replace their usage with
...
USE_TOOLS and any of "autoconf", "autoconf213", "automake" or
"automake14". Also, we don't need to call the auto* tools via
${ACLOCAL}, ${AUTOCONF}, etc., since the tools framework takes care
to symlink the correct tool to the correct name, so we can just use
aclocal, autoconf, etc.
2005-06-01 20:07:59 +00:00
jdolecek
0d0d9c7d88
once PHP version is selected, set PHP_VERSION_REQD appropriately, so that
...
the selected version is forced for any sub-builds; this should fix
the bulk build problems for php5-extensions
use := to avoid variable recursion
2005-05-09 19:24:46 +00:00
jmmv
a416d14965
No need to set USE_BUILDLINK3=yes; this is now the default.
2005-03-25 12:45:09 +00:00
jdolecek
9b81fff133
completely ignore system php.ini for all pear-related operations; this
...
is necessary to avoid being subject to e.g. open_basedir or safe_mode settings
2004-12-12 11:03:33 +00:00
jdolecek
97ce3c35fb
abort do-install if pear install fails
2004-12-12 09:41:14 +00:00
jdolecek
f4596f73a2
use PLIST_SRC+= so that setting PLIST_SRC setting in extension Makefile
...
would have an effect; fixes php4-apc
2004-12-12 09:13:56 +00:00
jdolecek
54df23c26d
use DIST_SUBDIR=pear to avoid potential conflicts with non-pear
...
programs
2004-11-27 12:55:25 +00:00
jdolecek
8337b0b87d
don't use += for DIST_SUBDIR
2004-11-27 12:36:35 +00:00
jdolecek
60492bd3cf
Standardize Pear package HOMEPAGE, most have same format.
2004-11-27 09:52:42 +00:00
tron
2bf59febe3
Properly define "DISTINFO" when building a bundled PHP extension.
2004-11-16 15:33:12 +00:00
jdolecek
030aad031a
merge extension module handling for PHP4 and PHP5 into lang/php/ext.mk,
...
g/c no longer needed Makefile.module
add support for building extensions off PECL; version for PECL packages
is built as ${PHP_BASE_VERS}.${PECL_VERSION}, i.e. PECL pkg version 1.0
would become php-pkg-4.3.9.1.0 or php-pkg-5.0.2.1.0 respectively
2004-11-06 18:24:40 +00:00
jdolecek
b1a4119af0
use ${PKG_PHP} instead of PHP${PKG_PHP_VERSION}
2004-11-05 21:50:11 +00:00
jdolecek
cc35f4ca5e
share MESSAGE.module and PLIST.module between php4 and php5 packages, moving
...
them to lang/php/
2004-11-05 21:40:25 +00:00
jdolecek
f7d2170d80
export the information about selected version via PKG_PHP_VERSION
...
and the base name of program as PKG_PHP
2004-11-04 18:40:39 +00:00
jdolecek
da05b47ca8
'data' items must be handled same way as 'test' and 'doc' - they are installed
...
into BASE/data/<pkgname>/*
2004-11-01 20:31:13 +00:00
jdolecek
4f4ebf540b
Deal with backslashes in the file names, translate them to forward
...
slashes. This is necessary e.g. for pear-DIME, which uses backslashes.
2004-11-01 20:17:20 +00:00
jdolecek
7b5228a60f
use shared pear package support framework for both php4 & php5; based on
...
the former php4 version
2004-11-01 19:55:57 +00:00
jdolecek
52c1980501
new PHP extension module framework, which makes it possible to build
...
individual PHP extension packages with either PHP 4.x or PHP 5.x
convert existing php4-* packages to this framework and import as php-*
2004-10-31 19:30:29 +00:00
