2010-03-20 16:25:50 by Joerg Sonnenberger | Files touched by this commit (1) |
Log message:
Limit packages to PHP80xa before 5.3
|
2010-03-16 17:03:22 by Takahiro Kambe | Files touched by this commit (1) |
Log message:
Update description in comments.
|
2010-03-04 16:36:04 by Takahiro Kambe | Files touched by this commit (3) |
Log message:
Update suhosin patch for PHP 5.2.13.
Bump PKGREVISION.
|
2010-03-03 11:51:35 by Takahiro Kambe | Files touched by this commit (1) |
Log message:
Re-enable suhosin option since there is no need to disable it.
Noted by Volkmar Seifert and I misunderstood something.
|
2010-03-03 03:15:16 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Oops, previous patch's path was wrong and corrected now.
|
2010-03-03 03:01:40 by Takahiro Kambe | Files touched by this commit (2) |
Log message:
Fix php-gmp build problem with gmp-5.0.1 and later refering
http://svn.php.net/viewvc?view=revision&revision=295402.
No PKGREVISION bump since it is only build problem fix.
|
2010-02-27 04:25:17 by Takahiro Kambe | Files touched by this commit (4) |
Log message:
Update php5 package to 5.2.13.
25 Feb 2010, PHP 5.2.13
- Updated timezone database to version 2010.2. (Derick)
- Upgraded bundled PCRE to version 7.9. (Ilia)
- Removed automatic file descriptor unlocking happening on shutdown and/or
stream close (on all OSes excluding Windows). (Tony, Ilia)
- Changed tidyNode class to disallow manual node creation. (Pierrick)
- Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL.
(Ilia)
- Improved LCG entropy. (Rasmus, Samy Kamkar)
- Fixed safe_mode validation inside tempnam() when the directory path does
not end with a /). (Martin Jansen)
- Fixed a possible open_basedir/safe_mode bypass in session extension
identified by Grzegorz Stachowiak. (Ilia)
- Fixed bug in bundled libgd causing spurious horizontal lines drawn by
gdImageFilledPolygon (libgd #100). (Takeshi Abe)
- Fixed build of mysqli with MySQL 5.5.0-m2. (Andrey)
- Fixed bug #50940 Custom content-length set incorrectly in Apache sapis.
(Brian France, Rasmus)
- Fixed bug #50930 (Wrong date by php_date.c patch with ancient gcc/glibc
versions). (Derick)
- Fixed bug #50859 (build fails with openssl 1.0 due to md2 deprecation).
(Ilia, hanno at hboeck dot de)
- Fixed bug #50847 (strip_tags() removes all tags greater then 1023 bytes
long). (Ilia)
- Fixed bug #50832 (HTTP fopen wrapper does not support passwordless HTTP
authentication). (Jani)
- Fixed bug #50823 (ReflectionFunction::isDeprecated producing "cannot be called
statically" error). (Jani, Felipe)
- Fixed bug #50791 (Compile failure: Bad logic in defining fopencookie
emulation). (Jani)
- Fixed bug #50787 (stream_set_write_buffer() has no effect on socket
streams). (vnegrier at optilian dot com, Ilia)
- Fixed bug #50772 (mysqli constructor without parameters does not return a
working mysqli object). (Andrey)
- Fixed bug #50761 (system.multiCall crashes in xmlrpc extension). (hiroaki
dot kawai at gmail dot com, Ilia)
- Fixed bug #50732 (exec() adds single byte twice to $output array). (Ilia)
- Fixed bug #50728 (All PDOExceptions hardcode 'code' property to 0). (Joey,
Ilia)
- Fixed bug #50727 (Accessing mysqli->affected_rows on no connection causes
segfault). (Andrey, Johannes)
- Fixed bug #50680 (strtotime() does not support eighth ordinal number).
(Ilia)
- Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob)
- Fixed bug #50657 (copy() with an empty (zero-byte) HTTP source succeeds but
returns false). (Ilia)
- Fixed bug #50636 (MySQLi_Result sets values before calling constructor).
(Pierrick)
- Fixed bug #50632 (filter_input() does not return default value if the
variable does not exist). (Ilia)
- Fixed bug #50576 (XML_OPTION_SKIP_TAGSTART option has no effect). (Pierrick)
- Fixed bug #50575 (PDO_PGSQL LOBs are not compatible with PostgreSQL 8.5).
(Matteo)
- Fixed bug #50558 (Broken object model when extending tidy). (Pierrick)
- Fixed bug #50540 (Crash while running ldap_next_reference test cases).
(Sriram)
- Fixed bug #50508 (compile failure: Conflicting HEADER type declarations).
(Jani)
- Fixed bug #50394 (Reference argument converted to value in __call). (Stas)
- Fixed bug #49851 (http wrapper breaks on 1024 char long headers). (Ilia)
- Fixed bug #49600 (imageTTFText text shifted right). (Takeshi Abe)
- Fixed bug #49585 (date_format buffer not long enough for >4 digit years).
(Derick, Adam)
- Fixed bug #49463 (setAttributeNS fails setting default namespace). (Rob)
- Fixed bug #48667 (Implementing Iterator and IteratorAggregate). (Etienne)
- Fixed bug #48590 (SoapClient does not honor max_redirects). (Sriram)
- Fixed bug #48190 (Content-type parameter "boundary" is not \
case-insensitive
in HTTP uploads). (Ilia)
- Fixed bug #47601 (defined() requires class to exist when testing for class
constants). (Ilia)
- Fixed bug #47409 (extract() problem with array containing word "this").
(Ilia, chrisstocktonaz at gmail dot com)
- Fixed bug #47002 (Field truncation when reading from dbase dbs with more
then 1024 fields). (Ilia, sjoerd-php at linuxonly dot nl)
- Fixed bug #45599 (strip_tags() truncates rest of string with invalid
attribute). (Ilia, hradtke)
- Fixed bug #44827 (define() allows :: in constant names). (Ilia)
|
2010-02-05 13:15:47 by OBATA Akio | Files touched by this commit (2) |
Log message:
Suhosin patch for php-5.2.12 is available now.
Noticed by Volkmar Seifert via PR#42749.
|
2010-01-17 13:02:58 by Thomas Klausner | Files touched by this commit (724) | |
Log message:
Recursive PKGREVISION bump for jpeg update to 8.
|
2009-12-23 08:07:35 by Takahiro Kambe | Files touched by this commit (12) | |
Log message:
Update lang/php5 to 5.2.12, security update.
Security Enhancements and Fixes in PHP 5.2.12:
* Fixed a safe_mode bypass in tempnam() identified by Grzegorz
Stachowiak. (CVE-2009-3557, Rasmus)
* Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
Stachowiak. (CVE-2009-3558, Rasmus)
* Added "max_file_uploads" INI directive, which can be set to limit the
number of file uploads per-request to 20 by default, to prevent possible
DOS via temporary file exhaustion, identified by Bogdan
Calin. (CVE-2009-4017, Ilia)
* Added protection for $_SESSION from interrupt corruption and improved
"session.save_path" check, identified by Stefan Esser. (CVE-2009-4143,
Stas)
* Fixed bug #49785 (insufficient input string validation of
htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)
Key enhancements in PHP 5.2.12 include:
* Fixed unnecessary invocation of setitimer when timeouts have been
disabled. (Arvind Srinivasan)
* Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
* Fixed crash in SQLiteDatabase::ArrayQuery() and
SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe)
* Fixed crash when instantiating PDORow and PDOStatement through
Reflection. (Felipe)
* Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe)
* Fixed bug #50207 (segmentation fault when concatenating very large strings
on 64bit linux). (Ilia)
* Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle
database). (Felipe)
* Fixed bug #50006 (Segfault caused by uksort()). (Felipe)
* Fixed bug #50005 (Throwing through Reflection modified Exception object
makes segmentation fault). (Felipe)
* Fixed bug #49174 (crash when extending PDOStatement and trying to set
queryString property). (Felipe)
* Fixed bug #49098 (mysqli segfault on error). (Rasmus)
* Over 50 other bug fixes.
|