Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

php4-cli-4.4.7-1tr RPM for i586

From Trustix 2.2 for i586

Name: php4-cli Distribution: Trustix Secure Linux
Version: 4.4.7 Vendor: Comodo Trustix
Release: 1tr Build date: Mon May 7 14:00:43 2007
Group: Trustix Official Build host: ttrmgtnived.comodo.net
Size: 1384176 Source RPM: php4-4.4.7-1tr.src.rpm
Packager: Comodo Trustix <http://www.trustix.com>
Summary: CLI/PHP4 support
This package contains a standalone PHP binary.

The CLI (command line interface) SAPI has been introduced
with a goal of making PHP better at supporting the creation of
stand alone applications.

Provides

Requires

License

PHP

Changelog

* Mon May 07 2007 Nived Gopalan <nived at trustix dot org> 4.4.7-1tr
  - New Upstream.
  - SECURITY Fix: Several vulnerabilities have been reported in PHP,
    where some have unknown impacts and others can be exploited by
    malicious users to manipulate certain data, disclose potentially
    sensitive information, bypass certain security restrictions,
    or to cause a DoS.(SA25123)
* Fri Mar 09 2007 Nived Gopalan <nived at trustix dot org> 4.4.6-1tr
  - New Upstream.
  - Fixes crash problem with the session extension when register_globals
    is turned on.
* Fri Feb 23 2007 Nived Gopalan <nived at trustix dot org> 4.4.5-1tr
  - New Upstream.
  - SECURITY Fix: Several vulnerabilities have been reported in PHP, 
    which can be exploited by malicious people to disclose potentially
    sensitive information, cause a DoS and potentially compromise a
    vulnerable system. (SA24089)
* Wed Oct 11 2006 Nived Gopalan <nived at trustix dot org> 4.4.4-4tr
  - SECURITY Fix: Maksymilian Arciemowicz has reported a vulnerability
    in PHP, caused due to an error within the "ini_restore()" function,
    which can be exploited to reset certain options to their default
    value specified in php.ini.
  
    The Common Vulnerabilities and Exposures project has assigned the
    name CVE-2006-4625 to this issue.
* Fri Oct 06 2006 Nived Gopalan <nived at trustix dot org> 4.4.4-3tr
  - SECURITY Fix: A vulnerability has been reported in PHP, caused due
    to an integer overflow within the "_ecalloc" function. This can
    potentially be exploited to execute arbitrary code via specially
    crafted requests if a PHP script allocates memory based on attacker
    supplied data.
  
    The Common Vulnerabilities and Exposures project has assigned the
    name CVE-2006-4812 to this issue.
* Wed Sep 13 2006 Nived Gopalan <nived at trustix dot org> 4.4.4-2tr
  - Added BuildRequires ncurses-devel, byacc and bison, Bug #1749.
* Mon Aug 21 2006 Nived Gopalan <nived at trustix dot org> 4.4.4-1tr
  - New Upstream.
  - SECURITY Fix: Fixed overflows inside str_repeat() and wordwrap()
    functions on 64bit systems.
  - Fixed overflow in GD extension on invalid GIF images.
  - Fixed possible open_basedir/safe_mode bypass in cURL extension.
  - Fixed overflows inside str_repeat() and wordwrap() functions on
    64bit systems.
  - Fixed a buffer overflow inside sscanf() function.
  - Fixed memory_limit restriction on 64 bit system.
* Thu Apr 06 2006 Nived Gopalan <nived at trustix dot org> 4.4.2-2tr
  - SECURITY Fix: A vulnerability has been discovered in PHP, caused due
    to the "html_entity_decode()" PHP function not being binary safe. This
    can be exploited to disclose certain part of the memory via a script
    calling the "html_entity_decode()" function with input controlled by
    the attacker and where the result is sent to the attacker.
  
    The Common Vulnerabilities and Exposures project has assigned the
    name CVE-2006-1490 this issue.
* Tue Mar 21 2006 Nived Gopalan <nived at trustix dot org> 4.4.2-1tr
  - New Upstream.
* Mon Nov 14 2005 Ajith Thampi <ajith at trustix dot org> 4.4.1-2tr
  - PHP developers released PHP 4.4.1 version on 2005-10-31. Security
    fixes introduced bug, which affects three SquirrelMail functions.
    If your SquirrelMail install does not use server side sorting, PHP
    bug can create infinite loop in message display.
* Wed Nov 02 2005 Bipin S <bipin at comodo dot com> 4.4.1-1tr
  - New upstream and Multiple Security Fixes.
  - SECURITY Fix: Updated to the latest pcrelib to fix a possible integer
    overflow vulnerability announced in CVE-2005-2491.
  - Fixed a Cross Site Scripting (XSS) vulnerability in phpinfo().
  - Fixed multiple safe_mode/open_basedir bypass vulnerabilities in
    ext/curl and ext/gd.
  - Fixed a possible $GLOBALS overwrite problem in file upload handling,
    extract() and import_request_variables().
  - Fixed a problem when a request was terminated due to memory_limit
    constraints during certain parse_str() calls.
  - Fixed an issue with trailing slashes in allowed basedirs.
  - Fixed an issue with calling virtual() on Apache 2.
* Mon Oct 17 2005 Bipin S <bipin at comodo dot com> 4.4.0-6tr
  - Man pages for php-config and phpize is now known as php-config4 and
    phpize4 respectively.
  - Security Fix: A vulnerability has been identified in PHP, which could be
    exploited by malicious users to bypass security policies. This flaw is
    due to an error in "fopen_wrappers.c" that does not properly restrict access
    to other directories when the "open_basedir" directive includes a trailing
    slash, which could allow certain scripts in a directory (e.g. "/user/test2/)
    to access files in other directories whose names are substrings of the original
    directory (e.g. "/user/test22/).
                                                                                                                               
    The Common Vulnerabilities and Exposures project has assigned the
    name CAN-2005-3054 to this issue.
* Tue Aug 30 2005 Ajith Thampi <ajith at comodo dot com> 4.4.0-5tr
  - Fix Integer overflow in pcre_compile.c which allows attackers to
    execute arbitrary code via quantifier values in regular expressions,
    which leads to a heap-based buffer overflow.
  
    The Common Vulnerabilities and Exposures project has assigned the
    name CAN-2005-2491 to this issue.
* Tue Aug 16 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 4.4.0-4tr
  - Added FastCGI support, Bug #1190.
* Mon Aug 15 2005 Erlend Midttun <erlendbm at trustix dot org> 4.4.0-3tr
  - Now BuildRequire curl.  Bug #1184.
  - Now own /usr/share/php4.  Bug #1188
  - Now also ship with -devel files. Bug #1189
* Tue Jul 12 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 4.4.0-1tr
  - New Upstream
  - Security Bug Fix release to 4.3.11, Fix Bug #1064 
    Vendor update for XML_RPC to fix remote code execution vulnerability.
* Mon Jul 11 2005 Thushara Gopalakrishnan <thushara at comodo dot com> 4.3.11.-7tr
  - Added missing Buildrequires, Bug #1056.
* Fri Jul 08 2005 Thushara Gopalakrishnan <thushara at comodo dot com> 4.3.11-6tr
  - Changed directory Permissions, Bug #1037
* Thu Jul 07 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 4.3.11-5tr
  - Added Support for Freetype2 Font library. Fix Bug #1043.
  - Enabled support for Socket functions. Fix Bug #1042.
* Thu Jun 30 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 4.3.11-4tr
  - Security Fix: PHP XML RPC's remote code execution vulnerability.
  - GulfTech Security recently discovered a vulnerability in the PHP XML RPC
    that leads to remote code execution.
  
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CAN-2005-1921 to this issue.
* Thu May 26 2005 Raghu <raghu at comodo dot com> 4.3.11-3tr
  - Added mhash support, Bug #748
* Fri Apr 22 2005 Ajith Thampi <ajith at comodo dot com> 4.3.11-2tr
  - Rebuilt with postgresql-8.0.2
* Fri Apr 01 2005 Erlend Midttun <erlendbm at trustix dot org> 4.3.11-1tr
  - New upstream.
  - Make it co-exist with PHP 5
* Fri Dec 17 2004 Erlend Midttun <erlendbm at trustix dot org> 4.3.10-2tr
  - New upstream.  Fixes more CANs than I can remember.
* Thu Sep 30 2004 Erlend Midttun <erlendbm at trustix dot org> 4.3.9-2tr
  - New upstream.
* Thu Jul 22 2004 Oystein Viggen <oysteivi at trustix dot com> 2.3.8-2tr
  - New upstream.
* Fri Jun 18 2004 Chr. Toldnes <christht at trustix dot org> 4.3.7-1tr
  - New upstream version: 4.3.7
* Sun Mar 14 2004 Chr. Toldnes <christht at trustix dot org> 4.3.4-8tr
  - removed cyrus support, does not build with new cyrus.
* Mon Mar 01 2004 Erlend Midttun <erlendbm at trustix dot org> 4.3.4-6tr
  - Added the missing extensions.
* Wed Dec 03 2003 Erlend Midttun <erlendbm at trustix dot org> 4.3.4-4tr
  - Stricter defaults in php.ini.
* Wed Nov 19 2003 Tor Hveem <torh at trustix dot org> 4.3.4-3th
  - Readd a BuildReq
  - Renamed libpng12 Req to libpng
  - Tried removing the _noVersionedDependencies hack
* Tue Nov 18 2003 Tor Hveem <torh at trustix dot org> 4.3.4-2th
  - Rebuild for apache with LFS
* Wed Nov 05 2003 Gerald Dachs <gda at trustix dot org> 4.3.4-1gd
  - New upstream version
  - build requires rpm-build >= 4.0.4-22gd
* Tue Sep 16 2003 Tor Hveem <torh at trustix dot org> 4.3.3-1th
  - New upstream
  - Fixed docs and tests paths
  - Fixed some bogus BuildReq's
* Fri Sep 12 2003 Gerald Dachs <gda at trustix dot org> 4.3.2-9gd
  - enabled db4 support
* Mon Jun 23 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.2-8tr
  - Added %defattr
* Sat Jun 21 2003 Gerald Dachs <gda at trustix dot org> 4.3.2-7gd
  - Added --with-gettext
* Wed Jun 18 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.2-6tr
  - Big rebuild
* Wed Jun 11 2003 Gerald Dachs <gda at trustix dot org> 4.3.2-5gd
  - buildrequries cyrus-sasl-devel, readline-devel
* Wed Jun 11 2003 Gerald Dachs <gda at trustix dot org> 4.3.2-4gd
  - use --with-regex=php now, removed patch0
* Sat Jun 07 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.2-3em
  - Fix file conflict on /usr/bin/php.
* Sun Jun 01 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.2-2em
  - Removed libapr-devel
* Sun Jun 01 2003 Gerald Dachs <gda at trustix dot org> 4.3.2-1gd
  - New upstream version.
  - openssl linked static, because of bug in php
  - hack for pleasing apxs with a fake httpd.conf
  - made patch to allow to use --with-regex=system
* Wed May 28 2003 Gerald Dachs <gda at trustix dot org> 4.3.1-8gd
  - Added package domxml
* Fri May 23 2003 Tor Hveem <torh at trustix dot org> 4.3.1-7th
  - Missing BuildReq readline-devel, libpng-devel, libjpeg-devel, mysql-devel
  - Added --with-cyrus
  - Added package gd
* Thu May 15 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.1-6em
  - Moved docs
* Wed Apr 30 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.1-5em
  - Major cleanup.
* Wed Apr 30 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.1-4em
  - mod_php4-pgsql requires postgresql-libs and not postgresql.
* Mon Apr 28 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.1-3em
  - Rebuild against new mysql.
* Mon Mar 24 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.1-2em
  - Rebuilt against glibc 2.3.2.
* Thu Mar 20 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.1-1em
  - New upstream version.
* Fri Feb 28 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.0-6em
  - Fixed entension dir.
* Wed Feb 19 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.0-5em
  - Added conf file.
* Sat Jan 18 2003 Gerald Dachs <gda at trustix dot org> 4.3.0-4gd
  - rebuilt against openssl 0.9.7
* Sat Jan 11 2003 Tor Hveem <torh at trustix dot org> 4.3.0-3th
  - added packages: openssl, cli, exif
* Fri Jan 03 2003 Erlend Midttun <erlendbm at trustix dot com> 4.3.0-2em
  - Changed Req: imap to BuildReq: uw-imap-devel on -imap package
  - New and improved php.ini file.  Slightly modified php.ini-recommended.
* Sat Dec 28 2002 Tor Hveem <torh at trustix dot org> 4.3.0-1th
  - New upstream version: 4.3.0
  - Removed tsrm patch
  - Added new build requirements bzip2-devel, libapr-devel
  - Readded imap module
* Thu Sep 26 2002 Erlend Midttun <erlendbm at trustix dot com> 4.2.3-2em
  - Added buildreq flex.
* Wed Sep 11 2002 Erlend Midttun <erlendbm at trustix dot com> 4.2.3-1em
  - New PHP.
  - Now required Apache 2.
* Mon Mar 25 2002 Christian H. Toldnes <christht at trustix dot com>
  - The old rfc1867.c didn't fix it. Applied a new patch.
* Thu Feb 28 2002 Christian H. Toldnes <christht at trustix dot com>
  - Applied securitypatch. (rfc1867.c)
* Wed Sep 26 2001 Erlend Midttun <erlendbm at trustix dot com>
  - Seems the previous mailsec patch was broken, trying again.
* Thu Jul 26 2001 Erlend Midttun <erlendbm at trustix dot com>
  - Fixed a few dependencies.
* Thu Jul 19 2001 Oystein Viggen <oysteivi at trustix dot com>
  - Add a fix from cvs to stop mail() from breaking safe mode.
* Mon Jul 16 2001 Oystein Viggen <oysteivi at trustix dot com>
  - 4.0.6 didn't fix memlimit.  Added patch from the php team.
* Mon Jul 09 2001 Oystein Viggen <oysteivi at trustix dot com>
  - Because of build problems, imap is no longer built as a module.
* Tue Jul 03 2001 Oystein Viggen <oysteivi at trustix dot com>
  - define _noVersionedDependencies
* Mon Jul 02 2001 Oystein Viggen <oysteivi at trustix dot com>
  - New upstream version: 4.0.6
  - This new version fixes a bug with --enable-memory-limit
* Mon Jun 11 2001 Oystein Viggen <oysteivi at trustix dot com>
  - New upstream version: 4.0.5
* Mon Mar 19 2001 Alexander Reelsen <ar at trustix dot com>
  - Picked up 4.0.4pl1
  - Created dynamic modules (and own packages) for imap, ldap, mysql and pgsql
* Wed Oct 18 2000 Per Ivar Paulsen <perp at trustix dot com>
  - Update to 3.0.17. Removed syslog patch
* Wed May 03 2000 Per Ivar Paulsen <perp at trustix dot com>
  - Update to php 3.0.16
* Sat Feb 26 2000 Lars Gaarden <larsg at trustix dot com>
  - Picked up php 3.0.15
* Fri Feb 25 2000 Lars Gaarden <larsg at trustix dot com>
  - Added Provides: php
* Tue Jan 25 2000 Per Ivar Paulsen <perp at trustix dot com>
  - picked up php 3.0.14.
  - Initial release for the Trustix Secure Linux distribution.
  - Added noreplace.
  - Moved man and info pages to /usr/share adhering to FHS
  - TODO: add better default configuration
* Thu Jan 06 2000 Per Ivar Paulsen <perp@paulsen.org>
  - picked up php 3.0.13. And updated manual
* Fri Apr 16 1999 Preston Brown <pbrown@redhat.com>
  - pick up php3.ini
* Wed Mar 24 1999 Preston Brown <pbrown@redhat.com>
  - build against apache 1.3.6
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com> 
  - auto rebuild in the new build environment (release 2)
* Mon Mar 08 1999 Preston Brown <pbrown@redhat.com>
  - upgraded to 3.0.7.
* Wed Feb 24 1999 Preston Brown <pbrown@redhat.com>
  - Injected new description and group.
* Sun Feb 07 1999 Preston Brown <pbrown@redhat.com>
  - upgrade to php 3.0.6, built against apache 1.3.4
* Mon Oct 12 1998 Cristian Gafton <gafton@redhat.com>
  - rebuild for apache 1.3.3
* Thu Oct 08 1998 Preston Brown <pbrown@redhat.com>
  - updated to 3.0.5, fixes nasty bugs in 3.0.4.
* Sun Sep 27 1998 Cristian Gafton <gafton@redhat.com>
  - updated to 3.0.4 and recompiled for apache 1.3.2
* Thu Sep 03 1998 Preston Brown <pbrown@redhat.com>
  - improvements; builds with apache-devel package installed.
* Tue Sep 01 1998 Preston Brown <pbrown@redhat.com>
  - Made initial cut for PHP3.

Files

/usr/bin/php4
/usr/share/man/man1/php-config4.1.gz
/usr/share/man/man1/php4.1.gz
/usr/share/man/man1/phpize4.1.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Sep 15 21:53:39 2014