Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

php5-devel-5.3.8-4.2.1 RPM for i586

From OpenSuSE 12.1 for i586

Name: php5-devel Distribution: openSUSE 12.1
Version: 5.3.8 Vendor: openSUSE
Release: 4.2.1 Build date: Tue Nov 8 09:59:30 2011
Group: Development/Languages/C and C++ Build host: build27
Size: 3289472 Source RPM: php5-5.3.8-4.2.1.src.rpm
Summary: Include files of PHP5
PHP is a server-side, cross-platform, HTML embedded scripting language.
If you are completely new to PHP and want to get some idea of how it
works, have a look at the Introductory Tutorial.  Once you get beyond
that have a look at the example archive sites and some of the other
resources available in the Links section. PHP5 is the latest version.

    The PHP Group
    See for more details




The PHP License, version 3.01


* Mon Nov 07 2011
  - security update:
    CVE-2011-3379 [bnc#728350]
* Sun Sep 18 2011
  - Fix wrong PAGE_SIZE assumption, must use sysconf() instead
  - Fix integer overflow when attempting to use more than 2 Gb
    of memory.
* Mon Sep 05 2011
  - call openssl_config too in order to load user-provided
    engine configuration.
* Sat Sep 03 2011
  - Cleanup patches for upcoming release.
* Sun Aug 28 2011
  - Fixed typos in php5.spec
* Tue Aug 23 2011
  - Fix very publicized critical bug in crypt() implementation
* Fri Aug 12 2011
  - Add mssql support with freetds
  - Update PHP snapshot.
* Tue Aug 09 2011
  - Update snapshot, more static analyzer fixes.
* Sun Aug 07 2011
  - Update snapshot, fix converity warnings
* Fri Aug 05 2011
  - Update snapshot, several check if malloc() succeeded.
* Wed Aug 03 2011
  - Fix build in Factory
  - Fix Segfault with allow_call_time_pass_reference = Off
  - Using class constants in array definition fails
* Mon Aug 01 2011
  - Add sqlite3 session storage, this is no more than
    a forward port of already existent sqlite2 backend
* Sun Jul 31 2011
  - Update snap, PHP 5.3.7-RC4
* Wed Jul 27 2011
  - Update snapshot again.
* Sat Jul 23 2011
  - Update snapshot.
* Thu Jul 14 2011
  - is_a() function is throwing an annoying warning
    "Unknown class passed as parameter" which is noticeable when
    you use PEAR, fix it, if your code uses it you should be
    using the instanceof operator anyway.
  - Update bundled pear.
* Mon Jul 11 2011
  - Crash in gc_remove_zval_from_buffer CVE-NO-NAME
  - Crash in zend_mm_check_ptr // Heap corruption
* Wed Jul 06 2011
  - Fixed missing Expires and Cache-Control headers for ping and status pages
  - fix crypt() issue with overlong salt
  - Fixed bug #52935 (call exit in user_error_handler cause stream relate core).
* Mon Jun 27 2011
  - Fix crash in error_log (strlen with NULL)
  - Fixed exit at FPM startup on fpm_resources_prepare
  - Added master rlimit_files and rlimit_core
  - Removed pid in debug logs written by chrildren processes
  - Replaced shm_slots with a real scoreboard
* Wed Jun 22 2011
  - Enable mysqlnd compression protocol.
* Thu Jun 16 2011
  - Update snapshot to 5.3.7 RC1
* Tue Jun 14 2011
  - Allow bison 2.5
  -File path injection vulnerability in RFC1867 File upload CVE-2011-2202.
* Fri Jun 10 2011
  - Update 5.3 snap
  - Fix compiler failure that happended after compile error.
  - Stream not closed and error not returned when SSL CN_match fails.
* Mon Jun 06 2011
  - Update 5.3 snap
  - Update bundled PEAR
  - Case discrepancy in timezone names cause Uncaught exception and fatal error.
  - SEEK_CUR with 0 value, returns a warning
  - Restore fix: do not accept paths with NULL in them
* Fri Jun 03 2011
  - Update to version
  - Crash when calling call_user_func with unknown function name
  - Fixed double registering of browscap ini directive
* Sun May 29 2011
  - Drop Update alternatives usage, there are no alternatives
    PHP4 is gone and PHP6 is not coming at any time soon.
  - Remove "mm" support from session module, virtually nothing
    uses it and it doesnt support proper locking, mount
    /var/lib/php5 in tmpfs instead.
* Sun May 29 2011
  - Update to
    * Fixes random crash with apache2 SAPI and php_admin_value
    in virtualhost configuration.
* Fri May 20 2011
  - Update 5.3 branch
  - Fix a few memory leaks
  - Check if tempfile can be created in phar extension
  - Fix problems with __halt_compiler and imported namespaces
  - Properly handle out of memory conditions in mysqlnd
* Sat May 14 2011
  - Update 5.3 branch.
  - Fix user after free in xmlreader extension.
* Mon May 09 2011
  - Update to current 5.3 svn version.
  - For practical reasons now the hash extension is built-in,hence
    deprecates package php5-hash, it is nowdays required by the session
    and phar extensions but must be statically built to work.
  - Drop php5-session patch, needed only to workaround compile
    failure when hash extension is built as loadable extension.
  - php.ini now clearly says that by "3" in session.hash_function
    we mean SHA256.
* Fri Apr 29 2011
  - Update to a recent 5.3.x SVN version, mostly bug fixes
    * track_errors causes segfault
    * classes from dl()'ed extensions are not destroyed
    * Crash when assigning value to a dimension in a non-array
    * use-after-free in substr_replace()
* Wed Apr 13 2011
  - fix crash on destruction.
  - allow openssl extension to be built w/o SSLv2
* Tue Apr 05 2011
  - Add a default to date.timezone  because php5 warns that this is a required setting and clutters up the output in zypper installations of pear packages and other places
  - Versions after 5.3.6 may make this fatal
* Sat Apr 02 2011
  - Intl extension failed to load [bnc#659868]
  - Fix update-alternatives usage,will be dropped in the future.
* Mon Mar 28 2011
  - Add tcpd-devel for building the SNMP extension on SLE_10 and apache_server_SLE_10.
* Thu Mar 17 2011
  - Update to php 5.3.6 final
    * Enforce security in the fastcgi protocol parsing with fpm SAPI.
    * Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
    * Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
    * Fixed bug #54055 (buffer overrun with high values for precision ini setting).
    * Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
    * Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)
* Wed Mar 16 2011
  - Upgrade to PHP 5.3.6.RC3
    * Drop obsoleted patches
    * fix some rpmlint warnings
    * Hundreds of changes, see NEWS for details
* Wed Mar 09 2011
  - Fix more date in binaries causing pointless republish of pkgs.
* Fri Feb 25 2011
  - fix for macros.php
    o devel pkg must have Obsoletes/Provides: php-macros
* Tue Feb 22 2011
  - security fixes
    * CVE-2011-0420 [bnc#672933]
    * CVE-2011-0708 [bnc#671710]
* Thu Feb 10 2011
  - extend macros.php
    o __php, __phpize, __php_config, php_version
    o __pear, php_peardir, php_pearxmldir
    o php_pear_gen_filelist
  - add README.macros
* Thu Jan 13 2011
  - security fix:
    * fopen_https_proxy_auth_fix.patch [bnc#656523]
* Mon Jan 10 2011
  - export PHP_MYSQLND_ENABLED=yes to solve the mysqlnd problem
    when extensions are built shared. [bnc#661464]
* Mon Jan 10 2011
  - Go back to libmysql as there is currently no way
    to build shared mysql extensions with mysqlnd. [bnc#661464]
* Sun Jan 09 2011
  - Use mysqlnd driver, this is a newer PHP-native mysql
    extension, that does not require external libraries.
    Now you can use mysql, mariadb or drizzle without extra libs.
    fixes bnc #661464 and other old feature requests.
* Thu Jan 06 2011
  - Update to version 5.3.5, Critical Update
    * Fixed bug #53632 (PHP hangs on numeric value 2.2250738585072011e-308). (CVE-2010-4645)
    Only 32 bit binaries affected, confirmed in factory i586.
* Fri Dec 17 2010
  - revert unsuitable patch php-5.3.4-dlopen.patch
* Tue Dec 14 2010
  - Add  php-5.3.4-dlopen.patch from fedora,makes dlopen to use
    bind_now instead of lazy.
  - Compiler is now in C99 mode for both core and extensions.
* Tue Dec 14 2010
  - fix format string bug in Phar extension I just found and the underlying
    issue, which is the lack of format attributes in several
    core prototypes.
* Mon Dec 13 2010
  - Update to PHP 5.3.4 final
    * Fixed crash in zip extract method (possible CWE-170).
    * Paths with NULL in them (foo\0bar.txt) are now considered as invalid (CVE-2006-7243).
    * Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150).
    * Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709).
    * Fixed possible flaw in open_basedir (CVE-2010-3436).
    * Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950).
    * Fixed symbolic resolution support when the target is a DFS share.
    * Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) (CVE-2010-3710).
    * Key Bug Fixes in PHP 5.3.4 include:
    * Added stat support for zip stream.
    * Added follow_location (enabled by default) option for the http stream support.
    * Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al.
    * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime.
    * Multiple improvements to the FPM SAPI.
    * Over 100 other bug fixes.
  - SUSE specific;
    * enable PTY support in proc_open (temporary)
* Wed Nov 24 2010
  - xft-config is gone
* Tue Nov 02 2010
  - Update to 5.3.3_svn201011020214
    * Fix Performance issue, array_diff may take hours instead
    of seconds in some scenarios,regression appeared in version
* Wed Oct 27 2010
  - Update to 5.3.3_svn20101027xx
  - Fix init script again.
* Thu Oct 14 2010
  - update to 5.3.3_svn201010140300
  - Fix php-fpm init script.
* Sat Oct 09 2010
  - Update to an slightly newer PHP 5.3.3.x snap, fixes
    around 100 bugs including open_basedir problems.
  - add the fpm sapi to the package.
* Tue Aug 03 2010
  - Clarify changelog this update fixed:
    * VUL-0: php5 new unserialize() flaw CVE-2010-2225 [bnc#616232]
    * VUL-0: php5: MOPS-2010-021: fnmatch() Stack Exhaustion Vulnerability [bnc#605097]
    * VUL-0: php5: MOPS-2010-017: preg_quote() Interruption Information Leak [bnc#605100]
    * VUL-0: php5: MOPS-2010-022 use after free [bnc#609763]
    * VUL-0: php5-phar: MOPS-2010-0{24,25,26,27,28} format string bugs [bnc#609766]
    * VUL-0: php5: MOPS-2010-0{32,33,34} use space interruption in iconv functions [bnc#609768]
    * VUL-0: php5: MOPS-2010-0{36,37,38,39,40} userspace interruptions [bnc#609769]
    * VUL-0: php5: MOPS-2010-0{36..46} userspace interruptions [bnc#609769]
    * VUL-0: php5: MOPS-2010-047/048 information leak [bnc#612555]
    * VUL-0: php5: MOPS-2010-049/50/51/52/53/54/55 memory corruption and/or info leak [bnc#612556]
    * VUL-0: PHP5: Session Data Injection Vulnerability [bnc#619483]
    * VUL-0: PHP5: multiple heap based buffer overflows [bnc#619486]
    * bugzilla numbers 619487,619489,619469,609766..
* Tue Jul 20 2010
  - Update to PHP 5.3.3 RC3
  - Massive lot of security fixes see list
* Tue Jun 01 2010
  - possible fix for [bnc#610633]
* Fri Apr 16 2010
  - use FD_CLOEXEC flag to avoid annoying races.
* Sun Apr 04 2010
  - remove obsolete buildRequires
* Fri Apr 02 2010
  - remove build date from binaries so they dont get
    republished every time
  - fix invalid path
* Thu Apr 01 2010
  -  add missing patch, refresh patches with -p0
* Thu Apr 01 2010
  - Update to PHP 5.3.2, see NEWS for details
* Fri Mar 05 2010
  - Add php5-autoconf-2.65.patch to fix build with autoconf 2.65; it's
    a backported combination of svn commits 291283, 291284 and
  - Workaround old php bug by
    replacing -ledit with -ledit -lncurses in the resulting configure
    scripts. This became apparent problem due to libedit being built
    with as-needed now.
  - Add php5-bug51224.patch to fix buffer overflows happening in
    strcpy. It;s a combination of upstream svn revs 284097 and 284099
* Sun Jan 17 2010
  - Remove unneeded gtk-devel BuildRequires.
* Mon Jan 11 2010
  - Remove obsolete build requires of orbit-devel.
* Tue Dec 22 2009
  - avoid alignment crash on alignment-sensitive CPUs
* Wed Dec 02 2009
  - update patch to fix build
* Tue Oct 06 2009
  - Fixed wrong harcoded mysql socket  [bnc#544516]
  - Fixed wrong default include_path
* Tue Sep 08 2009
  - make php5-pear noarch in Factory
* Wed Aug 26 2009
  - remove obsolete patches
  - apply ini patch
  - enable mhash compatibility in the hash extension and obsolete php5-mhash
  - add macros.php to the source list
* Mon Aug 24 2009
  - PHP read_exif_data() only returns the first letter of UTF-16 strings [bnc#518300]
* Sun Aug 23 2009
  - fix missing return values of suhosin extension
* Wed Aug 19 2009
  - fix build on CODE10 products
* Wed Aug 19 2009
  - fix horrible broken open_basedir functionality
* Sun Aug 16 2009
  - update suhosin extension to version 0.9.29
  - mysql extensions now use mysqlnd instead of libmysqlclient.
  - enable sqlite3 extension, part of the php5-sqlite package
  - enable enchant extension
  - enable fileinfo extension
  - enable intl extension
* Fri Aug 14 2009
  - add suhosin patch and newer suhosin extension for compatibility
* Thu Aug 13 2009
  -  Upgrade to PHP 5.3, see
    for the huge list of changes
  -  remove dbase and ncurses extension
* Thu Jul 16 2009
  - disable as-needed to fix build
* Fri Jun 19 2009
  - update to PHP 5.2.10
    * Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files)
    * Added "ignore_errors" option to http fopen wrapper. (David Zulke, Sara)
    * Fixed memory corruptions while reading properties of zip files. (Ilia)
    * Fixed memory leak in ob_get_clean/ob_get_flush. (Christian)
    * Fixed segfault on invalid session.save_path. (Hannes)
    * Fixed leaks in imap when a mail_criteria is used. (Pierre)
    * Changed default value of array_unique()'s optional sorting type parameter back to SORT_STRING to fix backwards compatibility breakage introduced in PHP 5.2.9. (Moriyoshi)
    * Fixed bug #47940 (memory leaks in imap_body). (Pierre, Jake Levitt)
    * Fixed bug #47903 ("@" operator does not work with string offsets). (Felipe)
    * Fixed bug #47644 (Valid integers are truncated with json_decode()). (Scott)
    * Fixed bug #47564 (unpacking unsigned long 32bit big endian returns wrong result). (Ilia)
    * Fixed bug #47365 (ip2long() may allow some invalid values on certain 64bit systems).
    * Over 100 bug fixes.
* Thu May 21 2009
  - add temporary backport of openssl prng function
* Sat Mar 14 2009
  - Update to version 5.2.9, security and bugfix release
    * VUL-0: php5: memory disclosure by imagerotate() [bnc#480850]
    * VUL-0: php5: mbstring.func_overload set in .htaccess becomes global [bnc#471419]
    * Fixed a segfault when malformed string is passed to json_decode()
    * Fixed explode() behavior with empty string to respect negative limit.



Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Jun 10 06:20:49 2017