|
[-]
[+]
|
Deleted |
php5.changes
|
| @@ -1,1911 +0,0 @@
--------------------------------------------------------------------
-Fri May 2 10:12:59 CEST 2008 - crrodriguez@suse.de
-
-- update to PHP 5.2.6
- * Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
- * Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
- * Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
- * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
- * Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
- * Fixed two possible crashes inside the posix extension.
- * Fixed bug #44069 (Huge memory usage with concatenation using . instead of .=)
- * Fixed bug #44141 (private parent constructor callable through static function).
- * Fixed bug #43589 (a possible infinite loop in bz2_filter.c).
- * Fixed bug #43450 (Memory leak on some functions with implicit object __toString() call).
- * Fixed bug #43201 (Crash on using uninitialized vals and __get/__set).
- * Fixed bug #42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql).
- * Fixed bug #42937 (__call() method not invoked when methods are called on parent from child class).
- * Fixed bug #42736 (xmlrpc_server_call_method() crashes).
- * Fixed bug #42369 (Implicit conversion to string leaks memory).
- * Fixed bug #41562 (SimpleXML memory issue).
- * Fixed bug #43606 (define missing depencies of the exif extension). (crrodriguez at suse dot de)
- * Fixed bug #43498 (file_exists() on a proftpd server got SIZE not allowed in ASCII mode). (Ilia, crrodriguez at suse dot de)
- * Over 120 bug fixes.
-
--------------------------------------------------------------------
-Wed Feb 6 00:37:17 CET 2008 - crrodriguez@suse.de
-
-- update suhosin extension to version 0.9.23
-- Fixed suhosin extension now compiles with snapshots of PHP 5.3
-- Fixed crypt() behaves like normal again when there is no salt supplied
-- wrong Obsoletes causes upgrade trouble [bnc #355618]
-
--------------------------------------------------------------------
-Fri Feb 1 10:47:45 CET 2008 - mmarek@suse.cz
-
-- use %%_with_ming and %%_with_qdbm instead of %%opensuse_bs,
- enables building in the bs in other projects than server:php
- (bnc#357917)
-
--------------------------------------------------------------------
-Fri Jan 11 08:06:38 CET 2008 - crrodriguez@suse.de
-
-- Try patch recently published by Redhat that allows PHP to
- use the system timezone database instead of the bundled one.
-
--------------------------------------------------------------------
-Mon Jan 7 07:07:53 CET 2008 - crrodriguez@suse.de
-
-- Do not hard require php5-timezonedb, instead provide a capability
- php(tzdatabase) = builtin_tz_ver so it gets installed via rpm
- Supplements only when needed.
-
--------------------------------------------------------------------
-Thu Dec 27 08:10:15 CET 2007 - crrodriguez@suse.de
-
-- PHP is leaking file descriptors badly on relative includes
- (php-5.2.5-fdleak.patch)
-
-
--------------------------------------------------------------------
-Thu Dec 13 05:35:08 CET 2007 - crrodriguez@suse.de
-
-- suhosin 0.9.22
- - Fixed function_exists() now checks the Suhosin permissions
- - Fixed crypt() salt no longer uses Blowfish by default
- - Fixed .htaccess/perdir support
- - Fixed compilation problem on OS/X
- - Added protection against some attacks through _SERVER variables
- - Added suhosin.server.strip and suhosin.server.encode
-
-
--------------------------------------------------------------------
-Tue Dec 11 06:37:03 CET 2007 - crrodriguez@suse.de
-
-- use /dev/urandom for generating session-IDs [#337005]
-- L3: PHP: Venezuela Time Zone Update starting date changed to December 9 [#345548]
-
--------------------------------------------------------------------
-Mon Nov 12 06:40:39 CET 2007 - crrodriguez@suse.de
-
-- update to PHP 5.2.5
- * Fixed dl() to only accept filenames. reported by Laurent Gaffie.
- * Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
- * Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences.
- * Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie.
- * Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications reported by SecurityReason.
- * Fixed bug #42869 (automatic session id insertion adds sessions id to non-local forms).
- * Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()).
- * Upgraded PCRE to version 7.3 (Nuno)
- * Added optional parameter $provide_object to debug_backtrace(). (Sebastian)
- * Added alpha support for imagefilter() IMG_FILTER_COLORIZE. (Pierre)
- * Added ability to control memory consumption between request using ZEND_MM_COMPACT environment variable. (Dmitry)
- * Improved speed of array_intersect_key(), array_intersect_assoc(), array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and array_udiff_assoc(). (Dmitry)
- * Fixed move_uploaded_file() to always set file permissions of resulting file according to UMASK. (Andrew Sitnikov)
- * Fixed possible crash in ext/soap because of uninitialized value. (Zdash Urf)
- * Fixed regression in glob() when enforcing safe_mode/open_basedir checks on paths containing '*'. (Ilia)
- * Fixed PDO crash when driver returns empty LOB stream. (Stas)
- * Fixed iconv_*() functions to limit argument sizes as workaround to libc bug (CVE-2007-4783, CVE-2007-4840 by Laurent Gaffie). (Christian Hoffmann, Stas)
- * Fixed missing brackets leading to build warning and error in the log. Win32 code. (Andrey)
- * Fixed leaks with multiple connects on one mysqli object. (Andrey)
- * Fixed imagerectangle regression with 1x1 rectangle (libgd #106). (Pierre)
- * Fixed bug #43196 (array_intersect_assoc() crashes with non-array input). (Jani)
- * Fixed bug #43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with fetchAll()). (Ilia)
- * Fixed bug #43137 (rmdir() and rename() do not clear statcache). (Jani)
- * Fixed bug #43130 (Bound parameters cannot have - in their name). (Ilia)
- * Fixed bug #43099 (XMLWriter::endElement() does not check # of params). (Ilia)
- * Fixed bug #43020 (Warning message is missing with shuffle() and more than one argument). (Scott)
- * Fixed bug #42976 (Crash when constructor for newInstance() or newInstanceArgs() fails) (Ilia)
- * Fixed bug #42917 (PDO::FETCH_KEY_PAIR doesn't work with setFetchMode). (Ilia)
- * Fixed bug #42890 (Constant "LIST" defined by mysqlclient and c-client). (Andrey)
- * Fixed bug #42818 ($foo = clone(array()); leaks memory). (Dmitry)
- * Fixed bug #42817 (clone() on a non-object does not result in a fatal error). (Ilia)
- * Fixed bug #42785 (json_encode() formats doubles according to locale rather then following standard syntax). (Ilia)
- * Fixed bug #42783 (pg_insert() does not accept an empty list for insertion). (Ilia)
- * Fixed bug #42773 (WSDL error causes HTTP 500 Response). (Dmitry)
- * Fixed bug #42772 (Storing $this in a static var fails while handling a cast to string). (Dmitry)
- * Fixed bug #42767 (highlight_string() truncates trailing comment). (Ilia)
- * Fixed bug #42739 (mkdir() doesn't like a trailing slash when safe_mode is enabled). (Ilia)
- * Fixed bug #42703 (Exception raised in an iterator::current() causes segfault in FilterIterator) (Marcus)
- * Fixed bug #42699 (PHP_SELF duplicates path). (Dmitry)
- * Fixed bug #42654 (RecursiveIteratorIterator modifies only part of leaves) (Marcus)
- * Fixed bug #42643 (CLI segfaults if using ATTR_PERSISTENT). (Ilia)
- * Fixed bug #42637 (SoapFault : Only http and https are allowed). (Bill Moran)
- * Fixed bug #42627 (bz2 extension fails to build with -fno-common). (dolecek at netbsd dot org)
- * Fixed bug #42596 (session.save_path MODE option does not work). (Ilia)
- * Fixed bug #42590 (Make the engine recognize \v and \f escape sequences). (Ilia)
- * Fixed bug #42587 (behavior change regarding symlinked .php files). (Dmitry)
- * Fixed bug #42579 (apache_reset_timeout() does not exist). (Jani)
- * Fixed bug #42549 (ext/mysql failed to compile with libmysql 3.23). (Scott)
- * Fixed bug #42523 (PHP_SELF duplicates path). (Dmitry)
- * Fixed bug #42512 (ip2long('255.255.255.255') should return 4294967295 on 64-bit PHP). (Derick)
- * Fixed bug #42506 (php_pgsql_convert() timezone parse bug) (nonunnet at gmail dot com, Ilia)
- * Fixed bug #42462 (Segmentation when trying to set an attribute in a DOMElement). (Rob)
- * Fixed bug #42453 (CGI SAPI does not shut down cleanly with -i/-m/-v cmdline options). (Dmitry)
- * Fixed bug #42452 (PDO classes do not expose Reflection API information). (Hannes)
- * Fixed bug #42468 (Write lock on file_get_contents fails when using a compression stream). (Ilia)
- * Fixed bug #42488 (SoapServer reports an encoding error and the error itself breaks). (Dmitry)
- * Fixed bug #42378 (mysqli_stmt_bind_result memory exhaustion). (Andrey)
- * Fixed bug #42359 (xsd:list type not parsed). (Dmitry)
- * Fixed bug #42326 (SoapServer crash). (Dmitry)
- * Fixed bug #42214 (SoapServer sends clients internal PHP errors). (Dmitry)
- * Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime values). (Ilia)
- * Fixed bug #42139 (XMLReader option constants are broken using XML()). (Rob)
- * Fixed bug #42086 (SoapServer return Procedure '' not present for WSIBasic compliant wsdl). (Dmitry)
- * Fixed bug #41822 (Relative includes broken when getcwd() fails). (Ab5602, Jani)
- * Fixed bug #39651 (proc_open() append mode doesn't work on windows). (Nuno)
-
--------------------------------------------------------------------
-Thu Aug 30 03:52:35 CEST 2007 - crrodriguez@suse.de
-
-- update to PHP 5.2.4, no relevant changes since RC3.
-
--------------------------------------------------------------------
-Fri Aug 24 11:11:41 CEST 2007 - crrodriguez@suse.de
-
-- PHP 5.2.4RC3
-- Fixed version_compare() to support "rc" as well as "RC" for release
- candidate version numbers.
-- Fixed bug #42368 (Incorrect error message displayed by pg_escape_string).
- (Ilia)
-- Fixed phpbug #42365 and Novell bugzilla #292998 (glob() crashes and/or accepts way too many flags). (Jani)
-- Fixed bug #42183 (classmap causes crash in non-wsdl mode). (Dmitry)
-- Fixed bug #42009 (is_a() and is_subclass_of() should NOT call autoload,
- in the same way as "instanceof" operator). (Dmitry)
-- Fixed bug #41904 (proc_open(): empty env array should cause empty
- environment to be passed to process). (Jani)
-- Fixed bug #37273 (Symlinks and mod_files session handler allow open_basedir
- bypass). (Ilia)
-- remove wrong hardcoded requirement on libedit
-- devel package at least does not need libtool the php build enviroment uses a private copy.
-- drop no longer needed patches already in upstream
-
--------------------------------------------------------------------
-Fri Aug 17 14:46:08 CEST 2007 - anosek@suse.cz
-
-- updated to version 5.2.4RC2
- - Fixed oci8 and PDO_OCI extensions to allow configuring with Oracle 11g client
- libraries. (Chris Jones)
- - Fixed bug #42292 ($PHP_CONFIG not set for phpized builds). (Jani)
- - Fixed bug #42261 (header wrong for date field). (roberto at spadim dot com
- dot br, Ilia)
- - Fixed bug #42259 (SimpleXMLIterator loses ancestry). (Rob)
- - Fixed bug #42247 (ldap_parse_result() not defined under win32). (Jani)
- - Fixed bug #42243 (copy() does not output an error when the first arg is a
- dir). (Ilia)
- - Fixed bug #42242 (sybase_connect() crashes). (Ilia)
- - Fixed bug #42237 (stream_copy_to_stream returns invalid values for mmaped
- streams). (andrew dot minerd at sellingsource dot com, Ilia)
- - Fixed bug #42222 (possible buffer overflow in php_openssl_make_REQ). (Pierre)
- - Fixed bug #42211 (property_exists() fails to find protected properties from
- a parent class). (Dmitry)
- - Fixed bug #42208 (substr_replace() crashes when the same array is passed
- more than once). (crrodriguez at suse dot de, Ilia)
- - Fixed bug #42198 (SCRIPT_NAME and PHP_SELF truncated when inside a userdir
- and using PATH_INFO). (Dmitry)
- - Fixed bug #42195 (C++ compiler required always). (Jani)
- - Fixed bug #42117 (bzip2.compress loses data in internal buffer). (Philip,
- Ilia)
- - Fixed bug #42082 (NodeList length zero should be empty). (Hannes)
|
|
[-]
[+]
|
Changed |
php5.spec
^
|
|
|
|
[-]
[+]
|
Deleted |
php-5.2.11-session.patch
^
|
| @@ -1,11 +0,0 @@
---- ext/session/config.m4.orig 2009-10-05 17:39:02.000000000 +0200
-+++ ext/session/config.m4 2009-10-05 17:39:25.000000000 +0200
-@@ -12,7 +12,7 @@
- PHP_PWRITE_TEST
- PHP_PREAD_TEST
- PHP_NEW_EXTENSION(session, session.c mod_files.c mod_mm.c mod_user.c, $ext_shared)
-- PHP_ADD_EXTENSION_DEP(session, hash, true)
-+dnl PHP_ADD_EXTENSION_DEP(session, hash, true)
- PHP_SUBST(SESSION_SHARED_LIBADD)
- PHP_INSTALL_HEADERS(ext/session, [php_session.h mod_files.h mod_user.h])
- AC_DEFINE(HAVE_PHP_SESSION,1,[ ])
|
|
[-]
[+]
|
Deleted |
php-5.2.5-fdleak.patch
^
|
| @@ -1,25 +0,0 @@
-Index: main/fopen_wrappers.c
-===================================================================
-RCS file: /repository/php-src/main/fopen_wrappers.c,v
-retrieving revision 1.175.2.3.2.16
-retrieving revision 1.175.2.3.2.17
-diff -u -r1.175.2.3.2.16 -r1.175.2.3.2.17
---- main/fopen_wrappers.c 9 Oct 2007 10:06:34 -0000 1.175.2.3.2.16
-+++ main/fopen_wrappers.c 27 Dec 2007 02:10:26 -0000 1.175.2.3.2.17
-@@ -17,7 +17,7 @@
- +----------------------------------------------------------------------+
- */
-
--/* $Id: fopen_wrappers.c,v 1.175.2.3.2.16 2007/10/09 10:06:34 scottmac Exp $ */
-+/* $Id: fopen_wrappers.c,v 1.175.2.3.2.17 2007/12/27 02:10:26 bjori Exp $ */
-
- /* {{{ includes
- */
-@@ -620,6 +620,7 @@
- * relatively referenced file is accessible */
- copy_len = strlen(filepath) > MAXPATHLEN - 1 ? MAXPATHLEN - 1 : strlen(filepath);
- real_path = estrndup(filepath, copy_len);
-+ close(fdtest);
- return real_path;
- } else {
- cwd[0] = '\0';
|
|
[-]
[+]
|
Deleted |
php-5.2.5-system-tzdb.patch
^
|
| @@ -1,265 +0,0 @@
-Index: ext/date/lib/parse_tz.c
-===================================================================
-RCS file: /repository/php-src/ext/date/lib/parse_tz.c,v
-retrieving revision 1.35
-diff -u -r1.35 parse_tz.c
---- ext/date/lib/parse_tz.c 31 Dec 2007 07:12:08 -0000 1.35
-+++ ext/date/lib/parse_tz.c 10 Jan 2008 11:42:15 -0000
-@@ -20,6 +20,16 @@
-
- #include "timelib.h"
-
-+#ifdef HAVE_SYSTEM_TZDATA
-+#include <sys/mman.h>
-+#include <sys/stat.h>
-+#include <limits.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+
-+#include "php_scandir.h"
-+#endif
-+
- #include <stdio.h>
-
- #ifdef HAVE_STRING_H
-@@ -27,7 +37,10 @@
- #else
- #include <strings.h>
- #endif
-+
-+#ifndef HAVE_SYSTEM_TZDATA
- #include "timezonedb.h"
-+#endif
-
- #if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__))
- # if defined(__LITTLE_ENDIAN__)
-@@ -202,6 +215,195 @@
- }
- }
-
-+#ifdef HAVE_SYSTEM_TZDATA
-+
-+#ifdef HAVE_SYSTEM_TZDATA_PREFIX
-+#define ZONEINFO_PREFIX HAVE_SYSTEM_TZDATA_PREFIX
-+#else
-+#define ZONEINFO_PREFIX "/usr/share/zoneinfo"
-+#endif
-+
-+static const timelib_tzdb *timezonedb_system = NULL;
-+
-+/* Filter out some non-tzdata files and the posix/right databases, if
-+ * present. */
-+static int index_filter(const struct dirent *ent)
-+{
-+ return strcmp(ent->d_name, ".") != 0
-+ && strcmp(ent->d_name, "..") != 0
-+ && strcmp(ent->d_name, "posix") != 0
-+ && strcmp(ent->d_name, "posixrules") != 0
-+ && strcmp(ent->d_name, "right") != 0
-+ && strstr(ent->d_name, ".tab") == NULL;
-+}
-+
-+/* Create the zone identifier index by trawling the filesystem. */
-+static void create_zone_index(timelib_tzdb *db)
-+{
-+ size_t dirstack_size, dirstack_top;
-+ size_t index_size, index_next;
-+ timelib_tzdb_index_entry *db_index;
-+ char **dirstack;
-+
-+ /* LIFO stack to hold directory entres to scan; each slot is a
-+ * directory name relative to the zoneinfo prefix. */
-+ dirstack_size = 32;
-+ dirstack = malloc(dirstack_size * sizeof *dirstack);
-+ dirstack_top = 1;
-+ dirstack[0] = strdup("");
-+
-+ /* Index array. */
-+ index_size = 64;
-+ db_index = malloc(index_size * sizeof *db_index);
-+ index_next = 0;
-+
-+ do {
-+ struct dirent **ents;
-+ char name[PATH_MAX], *top;
-+ int count;
-+
-+ /* Pop the top stack entry, and iterate through its contents. */
-+ top = dirstack[--dirstack_top];
-+ snprintf(name, sizeof name, ZONEINFO_PREFIX "/%s", top);
-+
-+ count = php_scandir(name, &ents, index_filter, php_alphasort);
-+
-+ while (count > 0) {
-+ struct stat st;
-+ const char *leaf = ents[count - 1]->d_name;
-+
-+ snprintf(name, sizeof name, ZONEINFO_PREFIX "/%s/%s",
-+ top, leaf);
-+
-+ if (strlen(name) && stat(name, &st) == 0) {
-+ /* Name, relative to the zoneinfo prefix. */
-+ const char *root = top;
-+
-+ if (root[0] == '/') root++;
-+
-+ snprintf(name, sizeof name, "%s%s%s", root,
-+ *root ? "/": "", leaf);
-+
-+ if (S_ISDIR(st.st_mode)) {
-+ if (dirstack_top == dirstack_size) {
-+ dirstack_size *= 2;
-+ dirstack = realloc(dirstack,
-+ dirstack_size * sizeof *dirstack);
-+ }
-+ dirstack[dirstack_top++] = strdup(name);
-+ }
-+ else {
-+ if (index_next == index_size) {
-+ index_size *= 2;
-+ db_index = realloc(db_index,
-+ index_size * sizeof *db_index);
-+ }
-+
-+ db_index[index_next].id = strdup(name);
-+ db_index[index_next++].pos = 0;
-+ }
-+ }
-+
-+ free(ents[--count]);
-+ }
-+
-+ free(ents);
-+ free(top);
-+ } while (dirstack_top);
-+
-+ db->index = db_index;
-+ db->index_size = index_next;
-+
-+ free(dirstack);
-+}
-+
-+/* Return the mmap()ed tzfile if found, else NULL. On success, the
-+ * length of the mapped data is placed in *length. */
-+static char *map_tzfile(const char *timezone, size_t *length)
-+{
-+ char fname[PATH_MAX];
-+ struct stat st;
-+ char *p;
-+ int fd;
-+
-+ if (strstr(timezone, "..") != NULL) {
-+ return NULL;
-+ }
-+
-+ snprintf(fname, sizeof fname, ZONEINFO_PREFIX "/%s", timezone);
-+
-+ fd = open(fname, O_RDONLY);
-+ if (fd == -1) {
-+ return NULL;
-+ } else if (fstat(fd, &st) != 0 || st.st_size < 21) {
-+ close(fd);
-+ return NULL;
-+ }
-+
-+ *length = st.st_size;
-+ p = mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
-+ close(fd);
-+
-+ return p != MAP_FAILED ? p : NULL;
-+}
-+
-+const timelib_tzdb *timelib_builtin_db(void)
-+{
-+ if (timezonedb_system == NULL) {
-+ timelib_tzdb *tmp = malloc(sizeof *tmp);
-+
-+ tmp->version = "0.system";
-+ tmp->data = NULL;
-+ create_zone_index(tmp);
-+ timezonedb_system = tmp;
-+ }
-+
-+ return timezonedb_system;
-+}
-+
-+const timelib_tzdb_index_entry *timelib_timezone_builtin_identifiers_list(int *count)
-+{
-+ *count = timezonedb_system->index_size;
-+ return timezonedb_system->index;
-+}
-+
-+int timelib_timezone_id_is_valid(char *timezone, const timelib_tzdb *tzdb)
-+{
-+ char fname[PATH_MAX];
-+
-+ if (strstr(timezone, "..") != NULL) {
-+ return 0;
-+ }
-+
|
|
[-]
[+]
|
Added |
php5-5.2.12-rpmlintrc
^
|
| @@ -0,0 +1,4 @@
+addFilter(".* 64bit-portability-issue rpmlint ")
+addFilter(".* implicit-fortify-decl")
+setBadness('64bit-portability-issue rpmlint', 0)
+setBadness('implicit-fortify-decl', 0)
|
