SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for php-sqlite-5.2.4-1tr.i586.rpm :
Mon Sep 3 03:00:00 2007 Nived Gopalan 5.2.4-1tr
- New Upstream.
- SECURITY Fix. Some vulnerabilities have been reported in PHP, where
some have unknown impacts and others can be exploited by malicious
users to bypass certain security restrictions (SA26642).
Includes fixes for CVE-2007-3996, CVE-2007-3378 and CVE-2007-3997.

Wed Jul 18 03:00:00 2007 Nived Gopalan 5.2.3-1tr
- New Upstream.
- SECURITY Fix: Multiple security fixes.
- Fixes an integer overflow inside chunk_split().
- Fixes possible infinite loop in imagecreatefrompng.
- Fixes ext/filter Email Validation Vulnerability.
- Fixes an error in the \"realpath()\" function which allows bypassing
of the \"open_basedir\" restriction and identifying the existence
of files.

The Common Vulnerabilities and Exposures project has assigned the
names CVE-2007-2872, CVE-2007-2756, CVE-2007-1900 and CVE-2007-3007
to these issues.

Mon May 7 03:00:00 2007 Nived Gopalan 5.2.2-1tr
- New Upstream.
- SECURITY Fix: Several vulnerabilities have been reported in PHP,
where some have unknown impacts and others can be exploited by
malicious users to manipulate certain data, disclose potentially
sensitive information, bypass certain security restrictions,
or to cause a DoS.(SA25123)

Mon Feb 12 02:00:00 2007 Nived Gopalan 5.2.1-1tr
- New Upstream.
- Multiple security fixes.

Mon Nov 13 02:00:00 2006 Bipin S 5.2.0-2tr
- Enabled mssql support. Bug #1918.
- Added build-requires gcc-c++-devel Bug #2041.

Fri Nov 3 02:00:00 2006 Nived Gopalan 5.2.0-1tr
- New Upstream.
- SECURITY Fix: Some vulnerabilities have been reported in PHP,
caused due to boundary errors within the \"htmlentities()\" and
\"htmlspecialchars()\" functions. If a PHP application uses these
functions to process user-supplied input, this can be exploited
to cause buffer overflows by passing specially crafted data to
the affected application.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-5465 to this issue.

Wed Nov 1 02:00:00 2006 Nived Gopalan 5.1.6-4tr
- Added support for mcrypt, Bug #1956.
- Added support for pdo-sqlite, pdo-mysql and sqlite, Bug #1959.
- Included openssl support, Bug #1958.
- Added buildrequires expat-devel, Bug #2011.

Wed Oct 11 03:00:00 2006 Nived Gopalan 5.1.6-3tr
- SECURITY Fix: Maksymilian Arciemowicz has reported a vulnerability
in PHP, caused due to an error within the \"ini_restore()\" function,
which can be exploited to reset certain options to their default
value specified in php.ini.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-4625 to this issue.

Fri Oct 6 03:00:00 2006 Nived Gopalan 5.1.6-2tr
- SECURITY Fix: A vulnerability has been reported in PHP, caused due
to an integer overflow within the \"_ecalloc\" function. This can
potentially be exploited to execute arbitrary code via specially
crafted requests if a PHP script allocates memory based on attacker
supplied data.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-4812 to this issue.

Wed Sep 13 03:00:00 2006 Nived Gopalan 5.1.6-1tr
- New Upstream.
- Added BuildRequires freetype-devel, ncurses-devel,
bison and byacc, Bug #1917.
- Included missing devel files, Bug #1923.

Tue Aug 22 03:00:00 2006 Nived Gopalan 5.1.5-1tr
- New Upstream
- SECURITY Fix: Added missing safe_mode/open_basedir checks inside the
error_log(), file_exists(), imap_open() and imap_reopen() functions.
- Fixed overflows inside str_repeat() and wordwrap() functions on
64bit systems.
- Fixed possible open_basedir/safe_mode bypass in cURL extension and
with realpath cache.
- Fixed overflow in GD extension on invalid GIF images.
- Fixed a buffer overflow inside sscanf() function.
- Fixed an out of bounds read inside stripos() function.
- Fixed memory_limit restriction on 64 bit system.

Mon Oct 17 03:00:00 2005 Bipin S 5.0.5-1tr
- New upstream.
- Upgraded PCRE library to version 5.0.
- Removed phpextdist from the file list.
- Security Fix: A vulnerability has been identified in PHP, which could be
exploited by malicious users to bypass security policies. This flaw is
due to an error in \"fopen_wrappers.c\" that does not properly restrict access
to other directories when the \"open_basedir\" directive includes a trailing
slash, which could allow certain scripts in a directory (e.g. \"/user/test2/)
to access files in other directories whose names are substrings of the original
directory (e.g. \"/user/test22/).

The Common Vulnerabilities and Exposures project has assigned the
name CAN-2005-3054 to this issue.

Mon Aug 29 03:00:00 2005 Ajith Thampi 5.0.4-12tr
- Fix Integer overflow in pcre_compile.c which allows attackers to
execute arbitrary code via quantifier values in regular expressions,
which leads to a heap-based buffer overflow.

The Common Vulnerabilities and Exposures project has assigned the
name CAN-2005-2491 to this issue.

Tue Aug 16 03:00:00 2005 Syed Shabir Zakiullah 5.0.4-10tr
- Added FastCGI support Ref. Bug #1190
- Now Install missing pear packages, Bug #1185
- New Upstream of XML_RPC to fix broken PEAR installation, Bug #1185

Tue Aug 9 03:00:00 2005 Syed Shabir Zakiullah 5.0.4-9tr
- Added support for curl module.

Thu Jul 14 03:00:00 2005 Nived Gopalan 5.0.4-8tr
- Included php-cli.ini

Thu Jul 7 03:00:00 2005 Syed Shabir Zakiullah 5.0.4-7tr
- Enabled support for Socket functions. Ref Bug #1042.

Thu Jun 30 03:00:00 2005 Syed Shabir Zakiullah 5.0.4-6tr
- Security Fix: PHP XML RPC\'s remote code execution vulnerability.
- GulfTech Security recently discovered a vulnerability in the PHP XML RPC
that leads to remote code execution.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-1921 to this issue.

Thu Jun 9 03:00:00 2005 Hasher J 5.0.4-5tr
- Added libxml2-devel, freetype, mhash-devel in buildrequires
Bug #877

Thu May 26 03:00:00 2005 Raghu 5.0.4-4tr
- Added mhash support, Bug #748

Thu Apr 28 03:00:00 2005 Ajith Thampi 5.0.4-3tr
- Added support for pcntl in CLI due to persistence , Bug #384

Fri Apr 22 03:00:00 2005 Ajith Thampi 5.0.4-2tr
- Rebuilt with postgresql-8.0.2

Mon Apr 4 03:00:00 2005 Syed Shabir Zakiullah 5.0.4-1tr
- New Upstream

Mon Feb 14 02:00:00 2005 Erlend Midttun 5.0.3-2tr
- Adding multibyte-support as requested.

Fri Dec 17 02:00:00 2004 Erlend Midttun 5.0.3-1tr
- New upstream. Fixes more CAN\'s than I can remember

Mon Dec 13 02:00:00 2004 Erlend Midttun 5.0.2-6tr
- Added freetype and ttf to gd.

Sat Dec 11 02:00:00 2004 Erlend Midttun 5.0.2-5tr
- Added patch from Christian Hamar to add zlib support

Sat Nov 13 02:00:00 2004 Erlend Midttun 5.0.2-4tr
- Now with soap support.

Tue Nov 9 02:00:00 2004 Oystein Viggen 5.0.2-3tr
- Rebuild with shared openssl

Sat Nov 6 02:00:00 2004 Erlend Midttun 5.0.2-2tr
- Now with extension-dir set to /usr/share/php

Thu Oct 28 03:00:00 2004 Erlend Midttun 5.0.2-2tr
- Now with MySQLi support.

Thu Oct 28 03:00:00 2004 Erlend Midttun 5.0.2-1tr
- New upstream.

Sun Sep 19 03:00:00 2004 Erlend Midttun 5.0.1-3tr
- Try to get obsoletes and provides right.

Mon Sep 13 03:00:00 2004 Erlend Midttun 5.0.1-2tr
- Now with v5 php.ini as well.

Mon Sep 13 03:00:00 2004 Erlend Midttun 5.0.1-1tr
- New major upstream.

Thu Jul 22 03:00:00 2004 Oystein Viggen 4.3.8-2tr
- New upstream.

Fri Jun 18 03:00:00 2004 Chr. Toldnes 4.3.7-1tr
- New upstream version: 4.3.7

Sun Mar 14 02:00:00 2004 Chr. Toldnes 4.3.4-8tr
- removed cyrus support, does not build with new cyrus.

Mon Mar 1 02:00:00 2004 Erlend Midttun 4.3.4-6tr
- Added the missing extensions.

Wed Dec 3 02:00:00 2003 Erlend Midttun 4.3.4-4tr
- Stricter defaults in php.ini.

Wed Nov 19 02:00:00 2003 Tor Hveem 4.3.4-3th
- Readd a BuildReq
- Renamed libpng12 Req to libpng
- Tried removing the _noVersionedDependencies hack

Tue Nov 18 02:00:00 2003 Tor Hveem 4.3.4-2th
- Rebuild for apache with LFS

Wed Nov 5 02:00:00 2003 Gerald Dachs 4.3.4-1gd
- New upstream version
- build requires rpm-build >= 4.0.4-22gd

Tue Sep 16 03:00:00 2003 Tor Hveem 4.3.3-1th
- New upstream
- Fixed docs and tests paths
- Fixed some bogus BuildReq\'s

Fri Sep 12 03:00:00 2003 Gerald Dachs 4.3.2-9gd
- enabled db4 support

Mon Jun 23 03:00:00 2003 Erlend Midttun 4.3.2-8tr
- Added %defattr

Sat Jun 21 03:00:00 2003 Gerald Dachs 4.3.2-7gd
- Added --with-gettext

Wed Jun 18 03:00:00 2003 Erlend Midttun 4.3.2-6tr
- Big rebuild

Wed Jun 11 03:00:00 2003 Gerald Dachs 4.3.2-5gd
- buildrequries cyrus-sasl-devel, readline-devel

Wed Jun 11 03:00:00 2003 Gerald Dachs 4.3.2-4gd
- use --with-regex=php now, removed patch0

Sat Jun 7 03:00:00 2003 Erlend Midttun 4.3.2-3em
- Fix file conflict on /usr/bin/php.

Sun Jun 1 03:00:00 2003 Erlend Midttun 4.3.2-2em
- Removed libapr-devel

Sun Jun 1 03:00:00 2003 Gerald Dachs 4.3.2-1gd
- New upstream version.
- openssl linked static, because of bug in php
- hack for pleasing apxs with a fake httpd.conf
- made patch to allow to use --with-regex=system

Wed May 28 03:00:00 2003 Gerald Dachs 4.3.1-8gd
- Added package domxml

Fri May 23 03:00:00 2003 Tor Hveem 4.3.1-7th
- Missing BuildReq readline-devel, libpng-devel, libjpeg-devel, mysql-devel
- Added --with-cyrus
- Added package gd

Thu May 15 03:00:00 2003 Erlend Midttun 4.3.1-6em
- Moved docs

Wed Apr 30 03:00:00 2003 Erlend Midttun 4.3.1-5em
- Major cleanup.

Wed Apr 30 03:00:00 2003 Erlend Midttun 4.3.1-4em
- mod_php4-pgsql requires postgresql-libs and not postgresql.

Mon Apr 28 03:00:00 2003 Erlend Midttun 4.3.1-3em
- Rebuild against new mysql.

Mon Mar 24 02:00:00 2003 Erlend Midttun 4.3.1-2em
- Rebuilt against glibc 2.3.2.

Thu Mar 20 02:00:00 2003 Erlend Midttun 4.3.1-1em
- New upstream version.

Fri Feb 28 02:00:00 2003 Erlend Midttun 4.3.0-6em
- Fixed entension dir.

Wed Feb 19 02:00:00 2003 Erlend Midttun 4.3.0-5em
- Added conf file.

Sat Jan 18 02:00:00 2003 Gerald Dachs 4.3.0-4gd
- rebuilt against openssl 0.9.7

Sat Jan 11 02:00:00 2003 Tor Hveem 4.3.0-3th
- added packages: openssl, cli, exif

Fri Jan 3 02:00:00 2003 Erlend Midttun 4.3.0-2em
- Changed Req: imap to BuildReq: uw-imap-devel on -imap package
- New and improved php.ini file. Slightly modified php.ini-recommended.

Sat Dec 28 02:00:00 2002 Tor Hveem 4.3.0-1th
- New upstream version: 4.3.0
- Removed tsrm patch
- Added new build requirements bzip2-devel, libapr-devel
- Readded imap module

Thu Sep 26 03:00:00 2002 Erlend Midttun 4.2.3-2em
- Added buildreq flex.

Wed Sep 11 03:00:00 2002 Erlend Midttun 4.2.3-1em
- New PHP.
- Now required Apache 2.

Mon Mar 25 02:00:00 2002 Christian H. Toldnes
- The old rfc1867.c didn\'t fix it. Applied a new patch.

Thu Feb 28 02:00:00 2002 Christian H. Toldnes
- Applied securitypatch. (rfc1867.c)

Wed Sep 26 03:00:00 2001 Erlend Midttun
- Seems the previous mailsec patch was broken, trying again.

Thu Jul 26 03:00:00 2001 Erlend Midttun
- Fixed a few dependencies.

Thu Jul 19 03:00:00 2001 Oystein Viggen
- Add a fix from cvs to stop mail() from breaking safe mode.

Mon Jul 16 03:00:00 2001 Oystein Viggen
- 4.0.6 didn\'t fix memlimit. Added patch from the php team.

Mon Jul 9 03:00:00 2001 Oystein Viggen
- Because of build problems, imap is no longer built as a module.

Tue Jul 3 03:00:00 2001 Oystein Viggen
- define _noVersionedDependencies

Mon Jul 2 03:00:00 2001 Oystein Viggen
- New upstream version: 4.0.6
- This new version fixes a bug with --enable-memory-limit

Mon Jun 11 03:00:00 2001 Oystein Viggen
- New upstream version: 4.0.5

Mon Mar 19 02:00:00 2001 Alexander Reelsen
- Picked up 4.0.4pl1
- Created dynamic modules (and own packages) for imap, ldap, mysql and pgsql

Wed Oct 18 03:00:00 2000 Per Ivar Paulsen
- Update to 3.0.17. Removed syslog patch

Wed May 3 03:00:00 2000 Per Ivar Paulsen
- Update to php 3.0.16

Sat Feb 26 02:00:00 2000 Lars Gaarden
- Picked up php 3.0.15

Fri Feb 25 02:00:00 2000 Lars Gaarden
- Added Provides: php

Tue Jan 25 02:00:00 2000 Per Ivar Paulsen
- picked up php 3.0.14.
- Initial release for the Trustix Secure Linux distribution.
- Added noreplace.
- Moved man and info pages to /usr/share adhering to FHS
- TODO: add better default configuration

Thu Jan 6 02:00:00 2000 Per Ivar Paulsen
- picked up php 3.0.13. And updated manual

Fri Apr 16 03:00:00 1999 Preston Brown
- pick up php3.ini

Wed Mar 24 02:00:00 1999 Preston Brown
- build against apache 1.3.6

Sun Mar 21 02:00:00 1999 Cristian Gafton
- auto rebuild in the new build environment (release 2)

Mon Mar 8 02:00:00 1999 Preston Brown
- upgraded to 3.0.7.

Wed Feb 24 02:00:00 1999 Preston Brown
- Injected new description and group.

Sun Feb 7 02:00:00 1999 Preston Brown
- upgrade to php 3.0.6, built against apache 1.3.4

Mon Oct 12 03:00:00 1998 Cristian Gafton
- rebuild for apache 1.3.3

Thu Oct 8 03:00:00 1998 Preston Brown
- updated to 3.0.5, fixes nasty bugs in 3.0.4.

Sun Sep 27 03:00:00 1998 Cristian Gafton
- updated to 3.0.4 and recompiled for apache 1.3.2

Thu Sep 3 03:00:00 1998 Preston Brown
- improvements; builds with apache-devel package installed.

Tue Sep 1 03:00:00 1998 Preston Brown
- Made initial cut for PHP3.


  
ICM