| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: php5 | Distribution: openSUSE 11.2 |
| Version: 5.3.3 | Vendor: openSUSE |
| Release: 0.17.1 | Build date: Wed Mar 9 17:39:07 2011 |
| Group: Development/Languages/Other | Build host: build36 |
| Size: 3251590 | Source RPM: php5-5.3.3-0.17.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: http://www.php.net | |
| Summary: PHP5 Core Files | |
This package contains the PHP5 core files, including PHP binary (CLI)
and PHP configuration (php.ini). This package must be installed in
order to use PHP. Additionally, extension modules and server modules
(e.g. for Apache) may be installed.
Additional documentation is available in package php-doc.
Authors:
--------
The PHP Group
See http://www.php.net/credits.php for more details
The PHP License, version 3.01
* Tue Mar 08 2011 pgajdos@suse.cz
- security fixes
* CVE-2011-0420 [bnc#672933]
* CVE-2011-0708 [bnc#671710]
* Fri Feb 25 2011 chris@computersalat.de
- fix for macros.php
o devel pkg must have Obsoletes/Provides: php-macros
* Thu Feb 10 2011 chris@computersalat.de
- extend macros.php
o __php, __phpize, __php_config, php_version
o __pear, php_peardir, php_pearxmldir
o php_pear_gen_filelist
- add README.macros
* Wed Feb 09 2011 pgajdos@suse.cz
- security fixes
* CVE-2011-0755 [bnc#669189]
* CVE-2011-0752 [bnc#669162]
* CVE-2011-0753 [bnc#669188]
* Tue Feb 01 2011 pgajdos@suse.cz
- security fixes [bnc#666512]
* CVE-2010-4697
* CVE-2010-4698
* CVE-2010-4699
* CVE-2010-4700
* Thu Jan 13 2011 pgajdos@suse.cz
- security fixes
* CVE-2010-4645 [bnc#662932]
* CVE-2010-3709 [bnc#660102]
* CVE-2010-4150 [bnc#655968]
* fopen_https_proxy_auth_fix.patch [bnc#656523]
* Mon Nov 08 2010 pgajdos@suse.cz
- security fix of oob read in mb_strcut() [bnc#651990]
* CVE-2010-4156.patch
* Thu Nov 04 2010 pgajdos@suse.cz
- security fix in utf8_decode() [bnc#650700]
* CVE-2010-3870.patch
* Tue Oct 26 2010 pgajdos@suse.cz
- fix "Segfault in filter_var with FILTER_VALIDATE_EMAIL with
large amount of data" [bnc#649210]
* CVE-2010-3710.patch
* Tue Aug 03 2010 cristian.rodriguez@opensuse.org
- Clarify changelog this update fixed:
* VUL-0: php5 new unserialize() flaw CVE-2010-2225 [bnc#616232]
* VUL-0: php5: MOPS-2010-021: fnmatch() Stack Exhaustion Vulnerability [bnc#605097]
* VUL-0: php5: MOPS-2010-017: preg_quote() Interruption Information Leak [bnc#605100]
* VUL-0: php5: MOPS-2010-022 use after free [bnc#609763]
* VUL-0: php5-phar: MOPS-2010-0{24,25,26,27,28} format string bugs [bnc#609766]
* VUL-0: php5: MOPS-2010-0{32,33,34} use space interruption in iconv functions [bnc#609768]
* VUL-0: php5: MOPS-2010-0{36,37,38,39,40} userspace interruptions [bnc#609769]
* VUL-0: php5: MOPS-2010-0{36..46} userspace interruptions [bnc#609769]
* VUL-0: php5: MOPS-2010-047/048 information leak [bnc#612555]
* VUL-0: php5: MOPS-2010-049/50/51/52/53/54/55 memory corruption and/or info leak [bnc#612556]
* VUL-0: PHP5: Session Data Injection Vulnerability [bnc#619483]
* VUL-0: PHP5: multiple heap based buffer overflows [bnc#619486]
* bugzilla numbers 619487,619489,619469,609766..
* Tue Jul 20 2010 cristian.rodriguez@opensuse.org
- Update to PHP 5.3.3 RC3
- Massive lot of security fixes see list
here http://www.php-security.org/category/vulnerabilities/index.html
* Tue Jun 01 2010 cristian.rodriguez@opensuse.org
- possible fix for [bnc#610633]
* Wed May 05 2010 mseben@novell.com
- added CVE-2010-0397.patch to fix CVE-2010-0397 (bnc#588975)
* Fri Apr 16 2010 crrodriguez@opensuse.org
- use FD_CLOEXEC flag to avoid annoying races.
* Sun Apr 04 2010 crrodriguez@opensuse.org
- remove obsolete buildRequires
* Fri Apr 02 2010 crrodriguez@opensuse.org
- remove build date from binaries so they dont get
republished every time
- fix invalid path
* Thu Apr 01 2010 crrodriguez@opensuse.org
- add missing patch, refresh patches with -p0
* Thu Apr 01 2010 crrodriguez@opensuse.org
- Update to PHP 5.3.2, see NEWS for details
* Sat Mar 06 2010 dimstar@opensuse.org
- Add php5-autoconf-2.65.patch to fix build with autoconf 2.65; it's
a backported combination of svn commits 291283, 291284 and
291332.
- Workaround old php bug http://bugs.php.net/bug.php?id=21153 by
replacing -ledit with -ledit -lncurses in the resulting configure
scripts. This became apparent problem due to libedit being built
with as-needed now.
- Add php5-bug51224.patch to fix buffer overflows happening in
strcpy. It;s a combination of upstream svn revs 284097 and 284099
* Mon Feb 15 2010 mseben@novell.com
- fix build : spurious-executable-perm
* Sun Jan 17 2010 vuntz@opensuse.org
- Remove unneeded gtk-devel BuildRequires.
* Mon Jan 11 2010 aj@suse.de
- Remove obsolete build requires of orbit-devel.
* Tue Dec 22 2009 jengelh@medozas.de
- avoid alignment crash on alignment-sensitive CPUs
(bugs.php.net#46074)
* Wed Dec 02 2009 coolo@novell.com
- update patch to fix build
* Fri Nov 27 2009 crrodriguez@opensuse.org
- VUL-0: php5: official version 5.3.1 fixes security bugs [bnc#557157]
- php.ini bug, session.save_path is empty [bnc#552690]
* Tue Oct 06 2009 crrodriguez@opensuse.org
- Fixed wrong harcoded mysql socket [bnc#544516]
- Fixed wrong default include_path
* Tue Sep 08 2009 crrodriguez@suse.de
- make php5-pear noarch in Factory
* Wed Aug 26 2009 crrodriguez@suse.de
- remove obsolete patches
- apply ini patch
- enable mhash compatibility in the hash extension and obsolete php5-mhash
- add macros.php to the source list
* Mon Aug 24 2009 crrodriguez@suse.de
- PHP read_exif_data() only returns the first letter of UTF-16 strings [bnc#518300]
* Sun Aug 23 2009 crrodriguez@suse.de
- fix missing return values of suhosin extension
* Wed Aug 19 2009 crrodriguez@novell.com
- fix build on CODE10 products
* Wed Aug 19 2009 crrodriguez@novell.com
- fix horrible broken open_basedir functionality
* Sun Aug 16 2009 crrodriguez@suse.de
- update suhosin extension to version 0.9.29
- mysql extensions now use mysqlnd instead of libmysqlclient.
- enable sqlite3 extension, part of the php5-sqlite package
- enable enchant extension
- enable fileinfo extension
- enable intl extension
* Fri Aug 14 2009 crrodriguez@suse.de
- add suhosin patch and newer suhosin extension for compatibility
reasons
* Thu Aug 13 2009 crrodriguez@suse.de
- Upgrade to PHP 5.3, see http://www.php.net/ChangeLog-5.php
for the huge list of changes
- remove dbase and ncurses extension
* Thu Jul 16 2009 coolo@novell.com
- disable as-needed to fix build
* Fri Jun 19 2009 crrodriguez@suse.de
- update to PHP 5.2.10
* Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files)
* Added "ignore_errors" option to http fopen wrapper. (David Zulke, Sara)
* Fixed memory corruptions while reading properties of zip files. (Ilia)
* Fixed memory leak in ob_get_clean/ob_get_flush. (Christian)
* Fixed segfault on invalid session.save_path. (Hannes)
* Fixed leaks in imap when a mail_criteria is used. (Pierre)
* Changed default value of array_unique()'s optional sorting type parameter back to SORT_STRING to fix backwards compatibility breakage introduced in PHP 5.2.9. (Moriyoshi)
* Fixed bug #47940 (memory leaks in imap_body). (Pierre, Jake Levitt)
* Fixed bug #47903 ("@" operator does not work with string offsets). (Felipe)
* Fixed bug #47644 (Valid integers are truncated with json_decode()). (Scott)
* Fixed bug #47564 (unpacking unsigned long 32bit big endian returns wrong result). (Ilia)
* Fixed bug #47365 (ip2long() may allow some invalid values on certain 64bit systems).
* Over 100 bug fixes.
* Thu May 21 2009 crrodriguez@suse.de
- add temporary backport of openssl prng function
* Sat Mar 14 2009 crrodriguez@suse.de
- Update to version 5.2.9, security and bugfix release
* VUL-0: php5: memory disclosure by imagerotate() [bnc#480850]
* VUL-0: php5: mbstring.func_overload set in .htaccess becomes global [bnc#471419]
* Fixed a segfault when malformed string is passed to json_decode()
* Fixed explode() behavior with empty string to respect negative limit.
* Sun Dec 14 2008 crrodriguez@suse.de
- remove ming extension, moved to server:php:extensions later
* Tue Dec 09 2008 crrodriguez@suse.de
- Update to PHP 5.2.8
* Mon Dec 08 2008 crrodriguez@suse.de
- fix BLOCKER magic_quotes breakage, if your code
relies on this feature, it is broken,time to press the panic button.
* Fri Dec 05 2008 crrodriguez@suse.de
- update to PHP 5.2.7 final, no mayor changes since RC5
* Fri Nov 28 2008 crrodriguez@suse.de
- update to PHP 5.2.7RC5 see news for details
* Fri Nov 21 2008 crrodriguez@suse.de
- update to PHP 5.2.7RC4, see news for details
* Sun Nov 16 2008 crrodriguez@suse.de
- update to PHP 5.2.7RC3, see NEWS for details
* Mon Sep 08 2008 crrodriguez@suse.de
- update suhosin to version 0.9.27
* Fixed problem with suhosin.perdir
Thanks to Hosteurope for tracking this down
* Fixed problems with ext/uploadprogress
Reported by: Christian Stocker
* Added suhosin.srand.ignore and suhosin.mt_srand.ignore (default: on)
* Modified rand()/srand() to use the Mersenne Twister algorithm with separate state
* Added better internal seeding of rand() and mt_rand()
* Sun Jul 13 2008 crrodriguez@suse.de
- merge patches from schwab
* Fri May 02 2008 crrodriguez@suse.de
- update to PHP 5.2.6
* Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
* Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
* Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
* Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
* Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
* Fixed two possible crashes inside the posix extension.
* Fixed bug #44069 (Huge memory usage with concatenation using . instead of .=)
* Fixed bug #44141 (private parent constructor callable through static function).
* Fixed bug #43589 (a possible infinite loop in bz2_filter.c).
* Fixed bug #43450 (Memory leak on some functions with implicit object __toString() call).
* Fixed bug #43201 (Crash on using uninitialized vals and __get/__set).
* Fixed bug #42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql).
* Fixed bug #42937 (__call() method not invoked when methods are called on parent from child class).
* Fixed bug #42736 (xmlrpc_server_call_method() crashes).
* Fixed bug #42369 (Implicit conversion to string leaks memory).
* Fixed bug #41562 (SimpleXML memory issue).
* Fixed bug #43606 (define missing depencies of the exif extension). (crrodriguez at suse dot de)
* Fixed bug #43498 (file_exists() on a proftpd server got SIZE not allowed in ASCII mode). (Ilia, crrodriguez at suse dot de)
* Over 120 bug fixes.
* Wed Feb 06 2008 crrodriguez@suse.de
- update suhosin extension to version 0.9.23
- Fixed suhosin extension now compiles with snapshots of PHP 5.3
- Fixed crypt() behaves like normal again when there is no salt supplied
- wrong Obsoletes causes upgrade trouble [bnc #355618]
* Fri Feb 01 2008 mmarek@suse.cz
- use %%_with_ming and %%_with_qdbm instead of %%opensuse_bs,
enables building in the bs in other projects than server:php
(bnc#357917)
* Fri Jan 11 2008 crrodriguez@suse.de
- Try patch recently published by Redhat that allows PHP to
use the system timezone database instead of the bundled one.
* Mon Jan 07 2008 crrodriguez@suse.de
- Do not hard require php5-timezonedb, instead provide a capability
php(tzdatabase) = builtin_tz_ver so it gets installed via rpm
Supplements only when needed.
* Thu Dec 27 2007 crrodriguez@suse.de
- PHP is leaking file descriptors badly on relative includes
(php-5.2.5-fdleak.patch)
* Thu Dec 13 2007 crrodriguez@suse.de
- suhosin 0.9.22
- Fixed function_exists() now checks the Suhosin permissions
- Fixed crypt() salt no longer uses Blowfish by default
- Fixed .htaccess/perdir support
- Fixed compilation problem on OS/X
- Added protection against some attacks through _SERVER variables
- Added suhosin.server.strip and suhosin.server.encode
* Tue Dec 11 2007 crrodriguez@suse.de
- use /dev/urandom for generating session-IDs [#337005]
- L3: PHP: Venezuela Time Zone Update starting date changed to December 9 [#345548]
* Mon Nov 12 2007 crrodriguez@suse.de
- update to PHP 5.2.5
* Fixed dl() to only accept filenames. reported by Laurent Gaffie.
* Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
* Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences.
* Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie.
* Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications reported by SecurityReason.
* Fixed bug #42869 (automatic session id insertion adds sessions id to non-local forms).
* Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()).
* Upgraded PCRE to version 7.3 (Nuno)
* Added optional parameter $provide_object to debug_backtrace(). (Sebastian)
* Added alpha support for imagefilter() IMG_FILTER_COLORIZE. (Pierre)
* Added ability to control memory consumption between request using ZEND_MM_COMPACT environment variable. (Dmitry)
* Improved speed of array_intersect_key(), array_intersect_assoc(), array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and array_udiff_assoc(). (Dmitry)
* Fixed move_uploaded_file() to always set file permissions of resulting file according to UMASK. (Andrew Sitnikov)
* Fixed possible crash in ext/soap because of uninitialized value. (Zdash Urf)
* Fixed regression in glob() when enforcing safe_mode/open_basedir checks on paths containing '*'. (Ilia)
* Fixed PDO crash when driver returns empty LOB stream. (Stas)
* Fixed iconv_*() functions to limit argument sizes as workaround to libc bug (CVE-2007-4783, CVE-2007-4840 by Laurent Gaffie). (Christian Hoffmann, Stas)
* Fixed missing brackets leading to build warning and error in the log. Win32 code. (Andrey)
* Fixed leaks with multiple connects on one mysqli object. (Andrey)
* Fixed imagerectangle regression with 1x1 rectangle (libgd #106). (Pierre)
* Fixed bug #43196 (array_intersect_assoc() crashes with non-array input). (Jani)
* Fixed bug #43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with fetchAll()). (Ilia)
* Fixed bug #43137 (rmdir() and rename() do not clear statcache). (Jani)
* Fixed bug #43130 (Bound parameters cannot have - in their name). (Ilia)
* Fixed bug #43099 (XMLWriter::endElement() does not check # of params). (Ilia)
* Fixed bug #43020 (Warning message is missing with shuffle() and more than one argument). (Scott)
* Fixed bug #42976 (Crash when constructor for newInstance() or newInstanceArgs() fails) (Ilia)
* Fixed bug #42917 (PDO::FETCH_KEY_PAIR doesn't work with setFetchMode). (Ilia)
* Fixed bug #42890 (Constant "LIST" defined by mysqlclient and c-client). (Andrey)
* Fixed bug #42818 ($foo = clone(array()); leaks memory). (Dmitry)
* Fixed bug #42817 (clone() on a non-object does not result in a fatal error). (Ilia)
* Fixed bug #42785 (json_encode() formats doubles according to locale rather then following standard syntax). (Ilia)
* Fixed bug #42783 (pg_insert() does not accept an empty list for insertion). (Ilia)
* Fixed bug #42773 (WSDL error causes HTTP 500 Response). (Dmitry)
* Fixed bug #42772 (Storing $this in a static var fails while handling a cast to string). (Dmitry)
* Fixed bug #42767 (highlight_string() truncates trailing comment). (Ilia)
* Fixed bug #42739 (mkdir() doesn't like a trailing slash when safe_mode is enabled). (Ilia)
* Fixed bug #42703 (Exception raised in an iterator::current() causes segfault in FilterIterator) (Marcus)
* Fixed bug #42699 (PHP_SELF duplicates path). (Dmitry)
* Fixed bug #42654 (RecursiveIteratorIterator modifies only part of leaves) (Marcus)
* Fixed bug #42643 (CLI segfaults if using ATTR_PERSISTENT). (Ilia)
* Fixed bug #42637 (SoapFault : Only http and https are allowed). (Bill Moran)
* Fixed bug #42627 (bz2 extension fails to build with -fno-common). (dolecek at netbsd dot org)
* Fixed bug #42596 (session.save_path MODE option does not work). (Ilia)
* Fixed bug #42590 (Make the engine recognize \v and \f escape sequences). (Ilia)
* Fixed bug #42587 (behavior change regarding symlinked .php files). (Dmitry)
* Fixed bug #42579 (apache_reset_timeout() does not exist). (Jani)
* Fixed bug #42549 (ext/mysql failed to compile with libmysql 3.23). (Scott)
* Fixed bug #42523 (PHP_SELF duplicates path). (Dmitry)
* Fixed bug #42512 (ip2long('255.255.255.255') should return 4294967295 on 64-bit PHP). (Derick)
* Fixed bug #42506 (php_pgsql_convert() timezone parse bug) (nonunnet at gmail dot com, Ilia)
* Fixed bug #42462 (Segmentation when trying to set an attribute in a DOMElement). (Rob)
* Fixed bug #42453 (CGI SAPI does not shut down cleanly with -i/-m/-v cmdline options). (Dmitry)
* Fixed bug #42452 (PDO classes do not expose Reflection API information). (Hannes)
* Fixed bug #42468 (Write lock on file_get_contents fails when using a compression stream). (Ilia)
* Fixed bug #42488 (SoapServer reports an encoding error and the error itself breaks). (Dmitry)
* Fixed bug #42378 (mysqli_stmt_bind_result memory exhaustion). (Andrey)
* Fixed bug #42359 (xsd:list type not parsed). (Dmitry)
* Fixed bug #42326 (SoapServer crash). (Dmitry)
* Fixed bug #42214 (SoapServer sends clients internal PHP errors). (Dmitry)
* Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime values). (Ilia)
* Fixed bug #42139 (XMLReader option constants are broken using XML()). (Rob)
* Fixed bug #42086 (SoapServer return Procedure '' not present for WSIBasic compliant wsdl). (Dmitry)
* Fixed bug #41822 (Relative includes broken when getcwd() fails). (Ab5602, Jani)
* Fixed bug #39651 (proc_open() append mode doesn't work on windows). (Nuno)
* Thu Aug 30 2007 crrodriguez@suse.de
- update to PHP 5.2.4, no relevant changes since RC3.
* Fri Aug 24 2007 crrodriguez@suse.de
- PHP 5.2.4RC3
- Fixed version_compare() to support "rc" as well as "RC" for release
candidate version numbers.
- Fixed bug #42368 (Incorrect error message displayed by pg_escape_string).
(Ilia)
- Fixed phpbug #42365 and Novell bugzilla #292998 (glob() crashes and/or accepts way too many flags). (Jani)
- Fixed bug #42183 (classmap causes crash in non-wsdl mode). (Dmitry)
- Fixed bug #42009 (is_a() and is_subclass_of() should NOT call autoload,
in the same way as "instanceof" operator). (Dmitry)
- Fixed bug #41904 (proc_open(): empty env array should cause empty
environment to be passed to process). (Jani)
- Fixed bug #37273 (Symlinks and mod_files session handler allow open_basedir
bypass). (Ilia)
- remove wrong hardcoded requirement on libedit
- devel package at least does not need libtool the php build enviroment uses a private copy.
- drop no longer needed patches already in upstream
* Fri Aug 17 2007 anosek@suse.cz
- updated to version 5.2.4RC2
- Fixed oci8 and PDO_OCI extensions to allow configuring with Oracle 11g client
libraries. (Chris Jones)
- Fixed bug #42292 ($PHP_CONFIG not set for phpized builds). (Jani)
- Fixed bug #42261 (header wrong for date field). (roberto at spadim dot com
dot br, Ilia)
- Fixed bug #42259 (SimpleXMLIterator loses ancestry). (Rob)
- Fixed bug #42247 (ldap_parse_result() not defined under win32). (Jani)
- Fixed bug #42243 (copy() does not output an error when the first arg is a
dir). (Ilia)
- Fixed bug #42242 (sybase_connect() crashes). (Ilia)
- Fixed bug #42237 (stream_copy_to_stream returns invalid values for mmaped
streams). (andrew dot minerd at sellingsource dot com, Ilia)
- Fixed bug #42222 (possible buffer overflow in php_openssl_make_REQ). (Pierre)
- Fixed bug #42211 (property_exists() fails to find protected properties from
a parent class). (Dmitry)
- Fixed bug #42208 (substr_replace() crashes when the same array is passed
more than once). (crrodriguez at suse dot de, Ilia)
- Fixed bug #42198 (SCRIPT_NAME and PHP_SELF truncated when inside a userdir
and using PATH_INFO). (Dmitry)
- Fixed bug #42195 (C++ compiler required always). (Jani)
- Fixed bug #42117 (bzip2.compress loses data in internal buffer). (Philip,
Ilia)
- Fixed bug #42082 (NodeList length zero should be empty). (Hannes)
- Fixed bug #36492 (Userfilters can leak buckets). (Sara)
- Fixed bug #31892 (PHP_SELF incorrect without cgi.fix_pathinfo, but turning
on screws up PATH_INFO). (Dmitry)
* Mon Aug 06 2007 anosek@suse.cz
- updated to version 5.2.4RC1
- dropped obsoleted PHP_5_2-CVS-2007-07-30.patch.bz2
* Mon Jul 30 2007 mmarek@suse.cz
- updated to latest state of PHP_5_2 branch; highlights from the
NEWS file:
- Upgraded PCRE to version 7.2 (Nuno)
- Updated timezone database to version 2007.6. (Derick)
- Improved openssl_x509_parse() to return extensions in readable
form. (Dmitry)
- Changed "display_errors" php.ini option to accept "stderr" as
value which makes the error messages to be outputted to STDERR
instead of STDOUT with CGI and CLI SAPIs (FR #22839). (Jani)
- Changed error handler to send HTTP 500 instead of blank page on
PHP errors. (Dmitry, Andrei Nigmatulin)
- Added check for unknown options passed to configure. (Jani)
- Added persistent connection status checker to pdo_pgsql.
(Elvis Pranskevichus, Ilia)
- Added support for ATTR_TIMEOUT inside pdo_pgsql driver. (Ilia)
- Added php_ini_loaded_file() function which returns the path to
the actual php.ini in use. (Jani)
- Added GD version constants GD_MAJOR_VERSION, GD_MINOR_VERSION
GD_RELEASE_VERSION, GD_EXTRA_VERSION and GD_VERSION_STRING.
(Pierre)
- Added missing open_basedir checks to CGI. (anight at
eyelinkmedia dot com, Tony)
- Added missing format validator to unpack() function. (Ilia)
- Added missing error check inside bcpowmod(). (Ilia)
- Added CURLOPT_PRIVATE & CURLINFO_PRIVATE constants. (Andrey A.
Belashkov, Tony)
- Added missing MSG_EOR and MSG_EOF constants to sockets
extension. (Jani)
- Added PCRE_VERSION constant. (Tony)
- Added ReflectionExtension::info() function to print the
phpinfo() block for an extension. (Johannes)
- Implemented FR #41884 (ReflectionClass::getDefaultProperties()
does not handle static attributes). (Tony)
- plus lots of bugfixes
- fixed the pear phar archive to run with 5.2.4
[http://bugs.php.net/bug.php?id=42146]
* Wed Jul 25 2007 mmarek@suse.cz
- added /var/lib/pear to php5-pear.rpm
* Tue Jul 24 2007 judas_iscariote@shorewall.net
- fix nasty deadlock in pear
- update php5-ze2-fixes.patch and actually apply it.
* Tue Jul 17 2007 anosek@suse.cz
- fixed YOU honors Recommends, breaks php update [#291551]
(moved php-suhosin from Recommends to Suggests)
* Mon Jun 25 2007 mmarek@suse.cz
- provide /srv/www/cgi-bin/php5 compat symlink instead of patching
config files
* Sat Jun 23 2007 judas_iscariote@shorewall.net
- fixed a mess with update-alternatives PreReq uncovered by newer build versions.
actually every subpackage that uses update-alternatives should PreReq it.
- fix some ZE2 bugs.
* Tue Jun 12 2007 mmarek@suse.cz
- drop php5.xpm and the Icon: line from the specfile (the icon is
not used at all and it breaks rpm -q --specfile php5.spec)
* Fri Jun 01 2007 judas_iscariote@shorewall.net
- PHP version 5.2.3 see http://www.php.net/releases/5_2_3.php
- important: PHP-cgi now lives in /usr, package attempts to fix both
lighttpd and apache2 fastcgi config files.
* Wed May 30 2007 judas_iscariote@shorewall.net
- use system re2c in factory.
- enable support for qbdm in the dba extension (build service only)
- enable the ming extension (build service only)
* Mon May 21 2007 mmarek@suse.cz
- fixed the dba extension adding -ldb-4.x to global LDFLAGS,
causing unnecessary dependency in /usr/bin/php5
[http://bugs.php.net/bug.php?id=41455]
* Sat May 19 2007 judas_iscariote@shorewall.net
- updated suhosin to version 0.9.20, security fix + bugfixes
see http://www.hardened-php.net/suhosin/changelog.html for more detail.
* Mon May 14 2007 judas_iscariote@shorewall.net
- fix devel package, in the reality PHP does not currenly require expat.
headers provides a expat compatibility layer but it is no longer in use
by our packages as libxml2 is always prefered, (and HAVE_LIBEXPAT is not defined)
* Fri May 11 2007 judas_iscariote@shorewall.net
- update php5-test-fixes fixing another bug in zend_compile.c
- use rpm macros in the spec file
- when removing apache2-mod_php5, unload it from apache first.
- when updating apache2-mod_php5 restart apache with restart on update macro.
* Sun May 06 2007 judas_iscariote@shorewall.net
- HTTP_RAW_POST_DATA superglobal broken (php5-phpbug-41293.patch)
- better fix for MOPB 41.
* Sat May 05 2007 judas_iscariote@shorewall.net
- remove --enable-memory-limit configure flag, it disappeared in 5.2.1,
nowdays memory_limit is always enabled.
* Fri May 04 2007 prusnak@suse.cz
- changed expat to libexpat-devel in Requires of devel subpackage
* Fri May 04 2007 judas_iscariote@shorewall.net
- add php5-test-fixes.patch fixing a test case that wont pass on i586
as well a real fix for Zend/tests/bug41117_1.phpt problem, that was commited
after the release was done. there is another test case that fails in 10.2
ext/pcre/tests/bug40195.phpt but this is not a PHP problem but a bug in PCRE.
- added missing fix for PMOPB-45-2007 PHP ext/filter Email Validation Vulnerability (minor)
* Fri May 04 2007 judas_iscariote@shorewall.net
- php5-devel package now requires pcre-devel for > 10.1 as 5.2.2 installs
php_pcre.h header that needs it.
* Thu May 03 2007 mmarek@suse.cz
- fixed some new compiler warnings
* Thu May 03 2007 judas_iscariote@shorewall.net
- upgrade to PHP 5.2.2, fixed hundreds of bugs including MOPB ones
if you need the complete changes see http://www.php.net/ChangeLog-5.php#5.2.2
* Thu May 03 2007 judas_iscariote@shorewall.net
- Upgrade suhosin extension to version 0.9.19 see
http://www.hardened-php.net/suhosin/changelog.html for details
* Fri Mar 30 2007 mmarek@suse.de
- added bison to BuildRequires, removed update-desktop-files
* Thu Mar 22 2007 mmarek@suse.de
- fixed unpack() on big-endian 64bit (revert-phpbug38770.patch)
- blacklist more env variables when safe_mode is on
(php5-config.patch)
* Sat Mar 17 2007 judas_iscariote@shorewall.net
- fix Requires of -devel package to include only what is really
needed for operation of the pecl tool as well the neccesary
headers to compile php extensions.
- Fix MOPB 24 "PHP array_user_key_compare() Double DTOR
Vulnerability"
- note that fix for MOPB 23 was included in the previous patchset.
* Wed Mar 14 2007 judas_iscariote@shorewall.net
- add security fixes for MOPB 20, 21 and 22.
- RPM_BUILD_ROOT is never defined in %post.
* Sun Mar 11 2007 judas_iscariote@shorewall.net
- fix/workaround for php5-gd problem with typo3 [#236680]
- add fix for MOPB-14-2007 PHP substr_compare() Information Leak
Vulnerability.
- add secfix for import_request_variables() ancient problem, users
of suhosin extension are not affected.
- Run the test suite here
* Tue Mar 06 2007 judas_iscariote@shorewall.net
- Update suhosin extension to version 0.9.18 fixing a session
problem.
* Mon Mar 05 2007 judas_iscariote@shorewall.net
- Update suhosin extension to version 0.9.17. see
http://www.hardened-php.net/suhosin/changelog.html for details.
* Thu Feb 15 2007 judas_iscariote@shorewall.net
- add t1lib support in php5-gd (10.3 and up only)
- an off-by-one in str_replace may cause a crash.
* Thu Feb 08 2007 judas_iscariote@shorewall.net
- PHP 5.2.1. for a full list of changes see
http://www.php.net/ChangeLog-5.php#5.2.1
- add Obsoletes for extensions we dont ship anymore
* Fri Feb 02 2007 judas_iscariote@shorewall.net
- fix getenv() modifing $_POST, breaks suhosin badly when
register_* is On and variables orde is "GPCS" (default).
- change/remove obsoleted patches
* Tue Jan 30 2007 anosek@suse.cz
- synced with BuildService
* file "session_mm_apache2handler0.sem" written at boot
[#229200] (php5-config.patch)
* for certain functionality php5-exif requires php5-mbstring
* php5-ldap requires php5-openssl
* remove LDAP_DEPRECATED from CFLAGS, module already
takes care of this.
* patch potential HTTP_SESSION_VARS et all hijack when
register_globals is On users from suhosin extension are
not affected.(php5-session-rgon-hijack.patch)
* on 10.2 and up php5-devel should require pcre-devel
sqlite-devel sqlite2-devel
* php5-devel is mostly useless without autoconf automake libtool
bison make gcc.
* added patches: phpbug-39350.patch
oldhat-phpinputdata-secfix.patch
ze2-fixes.patch
filter.patch
ext-lib64again.patch
* Fri Jan 26 2007 mmarek@suse.cz
- fixed string comparison in xmlrpc module (strcmp.patch)
- allways apply %%patch9
* Fri Jan 26 2007 mmarek@suse.cz
- updated the curl module from cvs to fix build with curl-7.16
(curl-cvs-fix.patch, dropped gcc.patch)
* Tue Dec 19 2006 anosek@suse.cz
- fixed VUL-0: php session.save_path open_basedir bypass
[#227569] (save_path-secfix.patch)
* Wed Dec 06 2006 anosek@suse.cz
- synced with BuildService
* updated Suhosin patch to 0.9.6.2
* updated Suhosin extension to 0.9.16
* fixed php5-devel should provide PECL tool [#204006]
* use bundled sqlite in suse versions =< 10.1
(pdo_sqlite stopped working properly with older sqlite3 libs)
* do not use zend-multibyte anymore, please refer
to phpbug #36711 and associated links, no applications uses
this feature in the real world since it is disabled
in all other distributions/OS.seems to cause more problems
than solutions.
* change php.ini, back to short_open_tag =off (the default)
the package that depended on this setting no longer does.
Also explicitely set the upload_tmp_dir in php.ini to deal
with open_basedir recent changes (please refer
to phpbug #39123) for the details.
* suhosin.ini uses just the default recommended settings
* Wed Nov 08 2006 anosek@suse.cz
- created symlinks /usr/bin/php and /usr/bin/pear [#216166]
* Tue Nov 07 2006 mmarek@suse.cz
- fixed implicit function decls in suhosin patch (keep the original
patch intact and put fixes into separate patch)
* Mon Nov 06 2006 mmarek@suse.cz
- updated to 5.2.0 final
- merged changes from buildservice (by soporte@onfocus.cl):
- updated suhosin to 0.9.10
- added suhosin patch
- build with system PCRE if suse_release > 10.1 only [#215610]
- suhosin extension does not require PDO
- suhosin added to the reccommended list
- php5-pspell to require at least aspell-en otherwise is useless
[#217272]
* Thu Oct 26 2006 anosek@suse.cz
- php5-sqlite now uses our sqlite and sqlite2 packages to build
and not bundled ones [#201440]
- updated suhosin to 0.9.9
* Fri Oct 20 2006 nadvornik@suse.cz
- update to 5.2.0RC6
* Thu Oct 19 2006 postadal@suse.cz
- reset right path in extension_dir (php5-php-config.patch)
* Mon Oct 09 2006 postadal@suse.cz
- update to version 5.2.0RC5
- added suhosin extension (the hardened php replacement) [#210886]
* Sun Oct 08 2006 postadal@suse.cz
- update to version 5.2.0RC4
* added DSA key generation support to openssl_pkey_new()
* updated PCRE to version 6.7
* increased default memory limit to 16 megabytes to accommodate for a more
accurate memory utilization measurement
* added support for httpOnly flag for session extension and cookie setting
functions
* added version specific registry keys to allow different configurations for
different php version
* added "PHPINIDir" Apache directive to apache and apache_hooks SAPIs
* added an optional boolean parameter to memory_get_usage() and
memory_get_peak_usage() to get memory size allocated by emalloc() or real
size of memory allocated from system
* moved extensions to PECL (filepro and hwapi)
* improved SNMP, OpenSSL extension
* improved the Zend memory manager, FastCGI SAPI, CURL, PCRE, PDO, SPL,
xmlReader
- merged changes from openSUSE build service
* build without --enable-sigchild [#206533, php#28294, php#38342]
* build CLI with libedit support (really-with-libedit.patch)
* tweaked the default config a bit, to make it more secure
* removed ini entries related to extensions we don't ship
* t1lib is not currently needed for build, we need t1lib5 to do
something useful
* removeed --enable-ucd-snmp-hack (needed for ucd-snmp, but we use net-snmp)
* pdo_odbc provided by php-odbc
* php-suse-addons :
o PHP5 is unlikely to parse php3 code, remove the file association
o corrected apache directive is AddHandler not AddType
* dropped extensions:
o mysql, mysqli and pdo_mysql provided by php-mysql (reduce package count)
o php-pdo_sqlite provided by php-sqlite
o php-pdo_pgsql provided by php-pgsql
o filepro dropped by upstream
* new extension:
o filter (kept static and cannot be unloaded, due security reasons)
o json (added as Recommended)
o zip (it uses a bundled library)
- fixed gcc issues (gcc.patch)
- droped obsoleted patches: include_path.patch, bug-37720.patch,
bug-37306.patch, cgi_bugs.patch, bug-37587.patch, gd-fixes.patch,
bug-37416.patch, main_bugs.patch, soap.patch, standard.patch,
mbstring_bugs.patch, ze2_bugs.patch, xsl_bugs.patch, curl.patch
* Wed Aug 16 2006 postadal@suse.cz
- fixed build with X11R7
* Wed Jul 26 2006 postadal@suse.cz
- updated to version 5.1.4
* FastCGI interface was completely reimplemented
* multitude of improvements to the SPL, SimpleXML, GD, CURL and
Reflection extensions
* support for many additional date formats added to the strtotime()
* a performance improvements added to the engine and core extensions
* added imap_savebody() that allows message body to be written to a file
* added lchown() and lchgrp() to change user/group ownership of symlinks
* upgraded bundled PCRE library to version 6.6
- merged changes from openSUSE build service
* removed unneeded sablot-devel,sqlite-devel,pcre-devel,fam-devel
and libmcal from BuildRequires
* added php-ctype,php-dom,php-iconv,php-pdo,php-pdo_sqlite,php-sqlite,
php-tokenizer,php-xmlreader,php-xmlwriter to Recommends
* added php-mbstring php-gd php-pear php-gettext php-mysqli to Suggests
* added support for optional readline(libedit) for CLI
(disabled by default)
* patches for zendengine (ze2_bugs.patch), xsl (xsl_bugs.patch),
curl (curl.patch) and mbstring bugs (mbstring_bugs.patch),
big soap patch (soap.patch)
* removed obsoleted patches
* fixed Safe Mode Bypass [#188243] (standard.patch)
* upstream patches
[php#37306, php#37416, php#37587, php#37720]
[php#37576, php#37496, php#37341, php#37313, php#37256] (cgi_bugs.patch)
[php#37346, php#37360] (gd-fixes.patch)
* fixed build inconsistences, added php-hash module [#173023]
* added pdo_odbc.so to php-odbc module [#190614]
* build without explicit safe_mode and magic_quotes (unneeded)
* removed useless GD --with-ttf configure option, only suitable
for freetype 1
/etc/php5 /etc/php5/cli /etc/php5/cli/php.ini /etc/php5/conf.d /usr/bin/php5 /usr/lib/php5 /usr/lib/php5/extensions /usr/share/doc/packages/php5 /usr/share/doc/packages/php5/CODING_STANDARDS /usr/share/doc/packages/php5/CREDITS /usr/share/doc/packages/php5/EXTENSIONS /usr/share/doc/packages/php5/LICENSE /usr/share/doc/packages/php5/NEWS /usr/share/doc/packages/php5/README.CLI /usr/share/doc/packages/php5/README.EXTENSIONS /usr/share/doc/packages/php5/README.EXT_SKEL /usr/share/doc/packages/php5/README.FastCGI /usr/share/doc/packages/php5/README.MAILINGLIST_RULES /usr/share/doc/packages/php5/README.PARAMETER_PARSING_API /usr/share/doc/packages/php5/README.PHP4-TO-PHP5-THIN-CHANGES /usr/share/doc/packages/php5/README.REDIST.BINS /usr/share/doc/packages/php5/README.RELEASE_PROCESS /usr/share/doc/packages/php5/README.SELF-CONTAINED-EXTENSIONS /usr/share/doc/packages/php5/README.STREAMS /usr/share/doc/packages/php5/README.SUBMITTING_PATCH /usr/share/doc/packages/php5/README.SUSE /usr/share/doc/packages/php5/README.SVN-RULES /usr/share/doc/packages/php5/README.TESTING /usr/share/doc/packages/php5/README.TESTING2 /usr/share/doc/packages/php5/README.UNIX-BUILD-SYSTEM /usr/share/doc/packages/php5/README.WIN32-BUILD-SYSTEM /usr/share/doc/packages/php5/README.Zeus /usr/share/doc/packages/php5/README.input_filter /usr/share/doc/packages/php5/README.macros /usr/share/doc/packages/php5/README.namespaces /usr/share/doc/packages/php5/TODO /usr/share/doc/packages/php5/TODO-5.1 /usr/share/doc/packages/php5/TODO-PHP5 /usr/share/doc/packages/php5/test.php5 /usr/share/man/man1/php-config5.1.gz /usr/share/man/man1/php5.1.gz /usr/share/man/man1/phpize5.1.gz /usr/share/php5 /var/lib/php5
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon Jun 10 05:29:09 2013