* PHP_VERSION_DEFAULT, PHP_VERSIONS_ACCEPTED, PKG_PHP_VERSION now
don't accept 5 any more but 52, 53, 54.
Each value corresponding to PHP 5.2.x, 5.3.x, 5.4.x.
* PHP_PKG_PREFIX might be "php54".
* phpversion.mk defines PHP_BASE_VERS.
* phpversion.mk defines each PHP's exact version for now.
TODO:
php{5,53,54}/Makefile.{common,php} could be arranged to some
redundant codes.
Version 5.3.14
06-June-2012
* CLI SAPI
- Fixed bug #61546 (functions related to current script failed when
chdir() in cli sapi)
* Core
- Fixed CVE-2012-2143
- Fixed bug #62005 (unexpected behavior when incrementally assigning to a
member of a null object)
- Fixed bug #61730 (Segfault from array_walk modifying an array passed by
reference)
- Fixed missing bound check in iptcparse()
- Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64)
- Fixed bug #54197 ([PATH=] sections incompatibility with
user_ini.filename set to null)
- Fixed bug #61713 (Logic error in charset detection for htmlentities)
- Fixed bug #61991 (long overflow in realpath_cache_get())
- Changed php://fd to be available only for CLI.
* CURL
- Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
* COM
- Fixed bug #62146 com_dotnet cannot be built shared
* Fileinfo
- Fixed bug #61812 (Uninitialised value used in libmagic)
* Iconv
- Fixed a bug that iconv extension fails to link to the correct library
when another extension makes use of a library that links to the iconv
library. See https://bugs.gentoo.org/show_bug.cgi?id=364139 for detail
* Intl
- Fixed bug #62082 (Memory corruption in internal function
get_icu_disp_value_src_php()
* JSON
- Fixed bug #61537 (json_encode() incorrectly truncates/discards
information)
* PDO
- Fixed bug #61755 (A parsing bug in the prepared statements can lead to
access violations)
* Phar
- Fixed bug #61065 (Secunia SA44335)
* Streams
- Fixed bug #61961 (file_get_contents leaks when access empty file with
maxlen set)
Thu Jun 14 14:03:22 2012 Aaron Patterson <aaron@tenderlovemaking.com>
* lib/journey/formatter.rb: when generating routes, skip route
literals (routes that do not have replacement values like
"/:controller") when matching unnamed routes.
https://github.com/rails/rails/issues/6459
* test/test_router.rb: corresponding test
0.138 "Der Geraet"
* Hotkey for showing/hiding signatures in the article body. (Heinrich Müller,
#350496)
* Keep position on selected item on re-order. (Heinrich Müller, #443702)
* Remember last read post. (Heinrich Müller, #448416)
* Open url in browser. (Heinrich Müller, #464335)
* Signature printed double when line needs to be wrapped. (Heinrich Müller,
#533178)
* Tasks marked "Stopped" should also remain stopped when pan restarted.
(Heinrich Müller, #543319)
* "Save at" options other then %g and %G. (Heinrich Müller, #550007)
* Filter Cross-posters. (Heinrich Müller, #587585)
* 136 using secure ssl and get continuous popups for certs but no connection.
(Heinrich Müller, #673927)
* PO message very difficult to translate. (Heinrich Müller, #675953)
* Pan crashes while fetching new headers. (Heinrich Müller, #677741)
* Updated translations: Spanish (Daniel Mustieles), French (Bruno Brouard),
Czech (Petr Kovar), Slovenian (Martin Srebotnjak, Andrej Žnidaršič, Matej
Urbančič).
Mysql2
Mysql2 is a modern, simple and very fast Mysql library for Ruby - binding to
libmysql.
The Mysql2 gem is meant to serve the extremely common use-case of connecting,
querying and iterating on results. Some database libraries out there serve as
direct 1:1 mappings of the already complex C API's available. This one is
not.
It also forces the use of UTF-8 (or binary) for the connection (and all
strings in 1.9, unless Encoding.default_internal is set then it'll convert
from UTF-8 to that encoding) and uses encoding-aware MySQL API calls where it
can.
The Asterisk Development Team has announced a security release for
Asterisk 10. This security release is released as version 10.5.1.
The release is available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The release of Asterisk 10.5.1 resolves the following issue:
* A remotely exploitable crash vulnerability was found in the Skinny
(SCCP) Channel driver. When an SCCP client sends an Off Hook
message, followed by a Key Pad Button Message, a structure that
was previously set to NULL is dereferenced. This allows remote
authenticated connections the ability to cause a crash in the
server, denying services to legitimate users.
This issue and its resolution is described in the security advisory.
For more information about the details of this vulnerability, please
read security advisory AST-2012-009, which was released at the same
time as this announcement.
For a full list of changes in the current releases, please see the
ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.5.1
The security advisory is available at:
* http://downloads.asterisk.org/pub/security/AST-2012-009.pdf
Thank you for your continued support of Asterisk!
