Search
j0ke.net Open Build Service
>
Projects
>
internetx
:
php5
>
php-5.2.6
> Changes
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
Changes of Revision 12
[-]
[+]
Added
php5.changes
@@ -0,0 +1,1835 @@ +------------------------------------------------------------------- +Mon Nov 12 04:38:22 UTC 2007 - crrodriguez@suse.de + +- update to PHP 5.2.5 + * Fixed dl() to only accept filenames. reported by Laurent Gaffie. + * Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887). + * Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences. + * Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie. + * Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications reported by SecurityReason. + * Fixed bug #42869 (automatic session id insertion adds sessions id to non-local forms). + * Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()). + * Upgraded PCRE to version 7.3 (Nuno) + * Added optional parameter $provide_object to debug_backtrace(). (Sebastian) + * Added alpha support for imagefilter() IMG_FILTER_COLORIZE. (Pierre) + * Added ability to control memory consumption between request using ZEND_MM_COMPACT environment variable. (Dmitry) + * Improved speed of array_intersect_key(), array_intersect_assoc(), array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and array_udiff_assoc(). (Dmitry) + * Fixed move_uploaded_file() to always set file permissions of resulting file according to UMASK. (Andrew Sitnikov) + * Fixed possible crash in ext/soap because of uninitialized value. (Zdash Urf) + * Fixed regression in glob() when enforcing safe_mode/open_basedir checks on paths containing '*'. (Ilia) + * Fixed PDO crash when driver returns empty LOB stream. (Stas) + * Fixed iconv_*() functions to limit argument sizes as workaround to libc bug (CVE-2007-4783, CVE-2007-4840 by Laurent Gaffie). (Christian Hoffmann, Stas) + * Fixed missing brackets leading to build warning and error in the log. Win32 code. (Andrey) + * Fixed leaks with multiple connects on one mysqli object. (Andrey) + * Fixed imagerectangle regression with 1x1 rectangle (libgd #106). (Pierre) + * Fixed bug #43196 (array_intersect_assoc() crashes with non-array input). (Jani) + * Fixed bug #43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with fetchAll()). (Ilia) + * Fixed bug #43137 (rmdir() and rename() do not clear statcache). (Jani) + * Fixed bug #43130 (Bound parameters cannot have - in their name). (Ilia) + * Fixed bug #43099 (XMLWriter::endElement() does not check # of params). (Ilia) + * Fixed bug #43020 (Warning message is missing with shuffle() and more than one argument). (Scott) + * Fixed bug #42976 (Crash when constructor for newInstance() or newInstanceArgs() fails) (Ilia) + * Fixed bug #42917 (PDO::FETCH_KEY_PAIR doesn't work with setFetchMode). (Ilia) + * Fixed bug #42890 (Constant "LIST" defined by mysqlclient and c-client). (Andrey) + * Fixed bug #42818 ($foo = clone(array()); leaks memory). (Dmitry) + * Fixed bug #42817 (clone() on a non-object does not result in a fatal error). (Ilia) + * Fixed bug #42785 (json_encode() formats doubles according to locale rather then following standard syntax). (Ilia) + * Fixed bug #42783 (pg_insert() does not accept an empty list for insertion). (Ilia) + * Fixed bug #42773 (WSDL error causes HTTP 500 Response). (Dmitry) + * Fixed bug #42772 (Storing $this in a static var fails while handling a cast to string). (Dmitry) + * Fixed bug #42767 (highlight_string() truncates trailing comment). (Ilia) + * Fixed bug #42739 (mkdir() doesn't like a trailing slash when safe_mode is enabled). (Ilia) + * Fixed bug #42703 (Exception raised in an iterator::current() causes segfault in FilterIterator) (Marcus) + * Fixed bug #42699 (PHP_SELF duplicates path). (Dmitry) + * Fixed bug #42654 (RecursiveIteratorIterator modifies only part of leaves) (Marcus) + * Fixed bug #42643 (CLI segfaults if using ATTR_PERSISTENT). (Ilia) + * Fixed bug #42637 (SoapFault : Only http and https are allowed). (Bill Moran) + * Fixed bug #42627 (bz2 extension fails to build with -fno-common). (dolecek at netbsd dot org) + * Fixed bug #42596 (session.save_path MODE option does not work). (Ilia) + * Fixed bug #42590 (Make the engine recognize \v and \f escape sequences). (Ilia) + * Fixed bug #42587 (behavior change regarding symlinked .php files). (Dmitry) + * Fixed bug #42579 (apache_reset_timeout() does not exist). (Jani) + * Fixed bug #42549 (ext/mysql failed to compile with libmysql 3.23). (Scott) + * Fixed bug #42523 (PHP_SELF duplicates path). (Dmitry) + * Fixed bug #42512 (ip2long('255.255.255.255') should return 4294967295 on 64-bit PHP). (Derick) + * Fixed bug #42506 (php_pgsql_convert() timezone parse bug) (nonunnet at gmail dot com, Ilia) + * Fixed bug #42462 (Segmentation when trying to set an attribute in a DOMElement). (Rob) + * Fixed bug #42453 (CGI SAPI does not shut down cleanly with -i/-m/-v cmdline options). (Dmitry) + * Fixed bug #42452 (PDO classes do not expose Reflection API information). (Hannes) + * Fixed bug #42468 (Write lock on file_get_contents fails when using a compression stream). (Ilia) + * Fixed bug #42488 (SoapServer reports an encoding error and the error itself breaks). (Dmitry) + * Fixed bug #42378 (mysqli_stmt_bind_result memory exhaustion). (Andrey) + * Fixed bug #42359 (xsd:list type not parsed). (Dmitry) + * Fixed bug #42326 (SoapServer crash). (Dmitry) + * Fixed bug #42214 (SoapServer sends clients internal PHP errors). (Dmitry) + * Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime values). (Ilia) + * Fixed bug #42139 (XMLReader option constants are broken using XML()). (Rob) + * Fixed bug #42086 (SoapServer return Procedure '' not present for WSIBasic compliant wsdl). (Dmitry) + * Fixed bug #41822 (Relative includes broken when getcwd() fails). (Ab5602, Jani) + * Fixed bug #39651 (proc_open() append mode doesn't work on windows). (Nuno) + + +------------------------------------------------------------------- +Thu Aug 30 03:52:35 CEST 2007 - crrodriguez@suse.de + +- update to PHP 5.2.4, no relevant changes since RC3. + +------------------------------------------------------------------- +Fri Aug 24 11:11:41 CEST 2007 - crrodriguez@suse.de + +- PHP 5.2.4RC3 +- Fixed version_compare() to support "rc" as well as "RC" for release + candidate version numbers. +- Fixed bug #42368 (Incorrect error message displayed by pg_escape_string). + (Ilia) +- Fixed phpbug #42365 and Novell bugzilla #292998 (glob() crashes and/or accepts way too many flags). (Jani) +- Fixed bug #42183 (classmap causes crash in non-wsdl mode). (Dmitry) +- Fixed bug #42009 (is_a() and is_subclass_of() should NOT call autoload, + in the same way as "instanceof" operator). (Dmitry) +- Fixed bug #41904 (proc_open(): empty env array should cause empty + environment to be passed to process). (Jani) +- Fixed bug #37273 (Symlinks and mod_files session handler allow open_basedir + bypass). (Ilia) +- remove wrong hardcoded requirement on libedit +- devel package at least does not need libtool the php build enviroment uses a private copy. +- drop no longer needed patches already in upstream + +------------------------------------------------------------------- +Fri Aug 17 14:46:08 CEST 2007 - anosek@suse.cz + +- updated to version 5.2.4RC2 + - Fixed oci8 and PDO_OCI extensions to allow configuring with Oracle 11g client + libraries. (Chris Jones) + - Fixed bug #42292 ($PHP_CONFIG not set for phpized builds). (Jani) + - Fixed bug #42261 (header wrong for date field). (roberto at spadim dot com + dot br, Ilia) + - Fixed bug #42259 (SimpleXMLIterator loses ancestry). (Rob) + - Fixed bug #42247 (ldap_parse_result() not defined under win32). (Jani) + - Fixed bug #42243 (copy() does not output an error when the first arg is a + dir). (Ilia) + - Fixed bug #42242 (sybase_connect() crashes). (Ilia) + - Fixed bug #42237 (stream_copy_to_stream returns invalid values for mmaped + streams). (andrew dot minerd at sellingsource dot com, Ilia) + - Fixed bug #42222 (possible buffer overflow in php_openssl_make_REQ). (Pierre) + - Fixed bug #42211 (property_exists() fails to find protected properties from + a parent class). (Dmitry) + - Fixed bug #42208 (substr_replace() crashes when the same array is passed + more than once). (crrodriguez at suse dot de, Ilia) + - Fixed bug #42198 (SCRIPT_NAME and PHP_SELF truncated when inside a userdir + and using PATH_INFO). (Dmitry) + - Fixed bug #42195 (C++ compiler required always). (Jani) + - Fixed bug #42117 (bzip2.compress loses data in internal buffer). (Philip, + Ilia) + - Fixed bug #42082 (NodeList length zero should be empty). (Hannes) + - Fixed bug #36492 (Userfilters can leak buckets). (Sara) + - Fixed bug #31892 (PHP_SELF incorrect without cgi.fix_pathinfo, but turning + on screws up PATH_INFO). (Dmitry) + +------------------------------------------------------------------- +Mon Aug 6 19:28:46 CEST 2007 - anosek@suse.cz + +- updated to version 5.2.4RC1 +- dropped obsoleted PHP_5_2-CVS-2007-07-30.patch.bz2 + +------------------------------------------------------------------- +Mon Jul 30 15:31:19 CEST 2007 - mmarek@suse.cz + +- updated to latest state of PHP_5_2 branch; highlights from the + NEWS file: + - Upgraded PCRE to version 7.2 (Nuno) + - Updated timezone database to version 2007.6. (Derick) + - Improved openssl_x509_parse() to return extensions in readable + form. (Dmitry) + - Changed "display_errors" php.ini option to accept "stderr" as + value which makes the error messages to be outputted to STDERR + instead of STDOUT with CGI and CLI SAPIs (FR #22839). (Jani) + - Changed error handler to send HTTP 500 instead of blank page on + PHP errors. (Dmitry, Andrei Nigmatulin) + - Added check for unknown options passed to configure. (Jani) + - Added persistent connection status checker to pdo_pgsql. + (Elvis Pranskevichus, Ilia) + - Added support for ATTR_TIMEOUT inside pdo_pgsql driver. (Ilia) + - Added php_ini_loaded_file() function which returns the path to + the actual php.ini in use. (Jani) + - Added GD version constants GD_MAJOR_VERSION, GD_MINOR_VERSION + GD_RELEASE_VERSION, GD_EXTRA_VERSION and GD_VERSION_STRING. + (Pierre) + - Added missing open_basedir checks to CGI. (anight at + eyelinkmedia dot com, Tony) + - Added missing format validator to unpack() function. (Ilia) + - Added missing error check inside bcpowmod(). (Ilia) + - Added CURLOPT_PRIVATE & CURLINFO_PRIVATE constants. (Andrey A. + Belashkov, Tony) + - Added missing MSG_EOR and MSG_EOF constants to sockets + extension. (Jani) + - Added PCRE_VERSION constant. (Tony) + - Added ReflectionExtension::info() function to print the + phpinfo() block for an extension. (Johannes) + - Implemented FR #41884 (ReflectionClass::getDefaultProperties() + does not handle static attributes). (Tony) + - plus lots of bugfixes +- fixed the pear phar archive to run with 5.2.4 + [http://bugs.php.net/bug.php?id=42146] + +------------------------------------------------------------------- +Wed Jul 25 10:11:15 CEST 2007 - mmarek@suse.cz + +- added /var/lib/pear to php5-pear.rpm + +------------------------------------------------------------------- +Tue Jul 24 12:34:32 UTC 2007 - judas_iscariote@shorewall.net + +- fix nasty deadlock in pear +- update php5-ze2-fixes.patch and actually apply it. + +------------------------------------------------------------------- +Tue Jul 17 07:52:46 CEST 2007 - anosek@suse.cz + +- fixed YOU honors Recommends, breaks php update [#291551] + (moved php-suhosin from Recommends to Suggests) + +------------------------------------------------------------------- +Mon Jun 25 12:07:56 CEST 2007 - mmarek@suse.cz + +- provide /srv/www/cgi-bin/php5 compat symlink instead of patching + config files + +------------------------------------------------------------------- +Sat Jun 23 11:03:50 UTC 2007 - judas_iscariote@shorewall.net +
