SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for php-exif-5.2.4-1tr.i586.rpm :
Sat Sep 1 14:00:00 2007 Nived Gopalan 5.2.4-1tr
- New Upstream.
- SECURITY Fix. Some vulnerabilities have been reported in PHP, where
some have unknown impacts and others can be exploited by malicious
users to bypass certain security restrictions (SA26642).
Includes fixes for CVE-2007-3996, CVE-2007-3378 and CVE-2007-3997.

Thu Jul 19 14:00:00 2007 Nived Gopalan 5.2.3-2tr
- Rebuilt with new cURL.

Tue Jul 17 14:00:00 2007 Nived Gopalan 5.2.3-1tr
- New Upstream.
- SECURITY Fix: Multiple security fixes.
- Fixes an integer overflow inside chunk_split().
- Fixes possible infinite loop in imagecreatefrompng.
- Fixes ext/filter Email Validation Vulnerability.
- Fixes an error in the \"realpath()\" function which allows bypassing
of the \"open_basedir\" restriction and identifying the existence
of files.

The Common Vulnerabilities and Exposures project has assigned the
names CVE-2007-2872, CVE-2007-2756, CVE-2007-1900 and CVE-2007-3007
to these issues.

Mon May 7 14:00:00 2007 Nived Gopalan 5.2.2-1tr
- New Upstream.
- SECURITY Fix: Several vulnerabilities have been reported in PHP,
where some have unknown impacts and others can be exploited by
malicious users to manipulate certain data, disclose potentially
sensitive information, bypass certain security restrictions,
or to cause a DoS.(SA25123)

Mon Feb 12 13:00:00 2007 Nived Gopalan 5.2.1-1tr
- New Upstream.
- Includes fix for php \"out of memory\" error, Bug #2062.
- Multiple Security fixes.

Mon Nov 13 13:00:00 2006 Bipin S 5.2.0-3tr
- Enabled mssql support, Bug #1918.
- Added build-requires gcc-c++-devel Bug #2041.

Fri Nov 3 13:00:00 2006 Nived Gopalan 5.2.0-1tr
- New Upstream.
- SECURITY Fix: Some vulnerabilities have been reported in PHP,
caused due to boundary errors within the \"htmlentities()\" and
\"htmlspecialchars()\" functions. If a PHP application uses these
functions to process user-supplied input, this can be exploited
to cause buffer overflows by passing specially crafted data to
the affected application.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-5465 to this issue.

Thu Nov 2 13:00:00 2006 Nived Gopalan 5.1.6-4tr
- Added support for mcrypt, Bug #1956.
- Added support for pdo-sqlite, pdo-mysql and sqlite, Bug #1959.
- Included openssl support, Bug #1958.
- Added buildrequires expat-devel and fontconfig-devel, Bug #2011.

Wed Oct 11 14:00:00 2006 Nived Gopalan 5.1.6-3tr
- SECURITY Fix: Maksymilian Arciemowicz has reported a vulnerability
in PHP, caused due to an error within the \"ini_restore()\" function,
which can be exploited to reset certain options to their default
value specified in php.ini.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-4625 to this issue.

Fri Oct 6 14:00:00 2006 Nived Gopalan 5.1.6-2tr
- SECURITY Fix: A vulnerability has been reported in PHP, caused due
to an integer overflow within the \"_ecalloc\" function. This can
potentially be exploited to execute arbitrary code via specially
crafted requests if a PHP script allocates memory based on attacker
supplied data.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-4812 to this issue.

Wed Sep 13 14:00:00 2006 Nived Gopalan 5.1.6-1tr
- New Upstream.
- Added BuildRequires ncurses-devel, bison and byacc, Bug #1917.
- Included missing devel files, Bug #1923.

Tue Aug 22 14:00:00 2006 Nived Gopalan 5.1.5-1tr
- New Upstream
- SECURITY Fix: Added missing safe_mode/open_basedir checks inside the
error_log(), file_exists(), imap_open() and imap_reopen() functions.
- Fixed overflows inside str_repeat() and wordwrap() functions on
64bit systems.
- Fixed possible open_basedir/safe_mode bypass in cURL extension and
with realpath cache.
- Fixed overflow in GD extension on invalid GIF images.
- Fixed a buffer overflow inside sscanf() function.
- Fixed an out of bounds read inside stripos() function.
- Fixed memory_limit restriction on 64 bit system.

Tue Jan 17 13:00:00 2006 Ajith Thampi 5.0.5-3tr
- Rebuilt

Mon Nov 14 13:00:00 2005 Ajith Thampi 5.0.5-2tr
- Added dba support as module. Bug #1382
- Added xslt support as module.

Wed Oct 19 14:00:00 2005 Bipin S 5.0.5-1tr
- New upstream.
- Upgraded PCRE library to version 5.0.
- Removed phpextdist from file list.
- Security Fix: A vulnerability has been identified in PHP, which could be
exploited by malicious users to bypass security policies. This flaw is
due to an error in \"fopen_wrappers.c\" that does not properly restrict access
to other directories when the \"open_basedir\" directive includes a trailing
slash, which could allow certain scripts in a directory (e.g. \"/user/test2/)
to access files in other directories whose names are substrings of the original
directory (e.g. \"/user/test22/).

The Common Vulnerabilities and Exposures project has assigned the
name CAN-2005-3054 to this issue.

Mon Oct 3 14:00:00 2005 Bipin S 5.0.4-22tr
- Added libimap in requires for imap.
- Fixed Bug #1308.

Fri Sep 23 14:00:00 2005 Bipin S 5.0.4-21tr
- Added calender support. Bug #1303.
- Created pspell sub package.

Wed Sep 21 14:00:00 2005 Bipin S 5.0.4-20tr
- Added pspell support. Bug #1299.

Mon Sep 12 14:00:00 2005 Bipin S 5.0.4-19tr
- Minor cleanup. Fixed Bug# 877.

Tue Aug 30 14:00:00 2005 Ajith Thampi 5.0.4-18tr
- Fix Integer overflow in pcre_compile.c which allows attackers to
execute arbitrary code via quantifier values in regular expressions,
which leads to a heap-based buffer overflow.

The Common Vulnerabilities and Exposures project has assigned the
name CAN-2005-2491 to this issue.
- added support for mbstring, Bug #1247.

Tue Aug 16 14:00:00 2005 Syed Shabir Zakiullah 5.0.4-17tr
- Now Install missing pear packages, Bug #1185
- New Upstream of XML_RPC to fix broken PEAR installation, Bug #1185

Tue Aug 9 14:00:00 2005 Syed Shabir Zakiullah 5.0.4-16tr
- Rebuilt with Curl support.

Mon Aug 1 14:00:00 2005 Syed Shabir Zakiullah 5.0.4-15tr
- Enabled FastCGI support in /home/httpd/cgi-bin/php-fcgi. Bug #1136

Thu Jul 7 14:00:00 2005 Syed Shabir Zakiullah 5.0.4-14tr
- Enabled support for Socket functions. Ref. Bug #1042.

Thu Jun 30 14:00:00 2005 Syed Shabir Zakiullah 5.0.4-13tr
- Security Fix: PHP XML RPC\'s remote code execution vulnerability.
- GulfTech Security recently discovered a vulnerability in the PHP XML RPC
that leads to remote code execution.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-1921 to this issue.

Thu Jun 9 14:00:00 2005 Hasher J 5.0.4-12tr
- Added libxml2-devel, freetype, mhash-devel in buildrequires
Bug #877

Thu May 26 14:00:00 2005 Ajith Thampi 5.0.4-10tr
- Added mhash support, referenced Bug #748

Wed May 4 14:00:00 2005 Ajith Thampi 5.0.4-9tr
- Rebuilt to fix apache Segfaulting issue

Thu Apr 28 14:00:00 2005 Ajith Thampi 5.0.4-8tr
- Re-Added support for pcntl in CLI due to persistence , Bug #384

Mon Apr 25 14:00:00 2005 Ajith Thampi 5.0.4-7tr
- Rebuilt on db-4.3.27
- Removed pcntl option, deemed unstable
- Added xslt support, Bug #507

Thu Apr 21 14:00:00 2005 Ajith Thampi 5.0.4-6tr
- Built with snmp support, Added snmp package

Wed Apr 20 14:00:00 2005 Ajith Thampi 5.0.4-5tr
- Added pcntl option, Bug #384
- Rebuilt for postgresql-8.0.2

Tue Apr 12 14:00:00 2005 Raghu 5.0.4-4tr
- Rebuilt for openldap-2.2.24

Mon Apr 11 14:00:00 2005 Raghu 5.0.4-3tr
- Rebuilt for openldap-2.2.9

Thu Apr 7 14:00:00 2005 Syed Shabir Zakiullah 5.0.4-2tr
- Rebuilt against new readline

Mon Apr 4 14:00:00 2005 Syed Shabir Zakiullah 5.0.4-1tr
- New Upstream

Thu Mar 24 13:00:00 2005 Syed Shabir Zakiullah 5.0.3-4tr
- Fixed path for apache modules in filelist

Fri Mar 18 13:00:00 2005 Ajith Thampi 5.0.3-3tr
- Removed uw-imap dependency to libc-client
- Rebuilt with kerberos support

Wed Feb 2 13:00:00 2005 Ajith Thampi 5.0.3-2tr
- Rebuild for db-4.2.52

Fri Dec 17 13:00:00 2004 Erlend Midttun 5.0.3-1tr
- New upstream. Fixes more CAN\'s than I can remember

Mon Dec 13 13:00:00 2004 Erlend Midttun 5.0.2-6tr
- Added freetype and ttf to gd.

Sat Dec 11 13:00:00 2004 Erlend Midttun 5.0.2-5tr
- Added patch from Christian Hamar to add zlib support

Sat Nov 13 13:00:00 2004 Erlend Midttun 5.0.2-4tr
- Now with soap support.

Tue Nov 9 13:00:00 2004 Oystein Viggen 5.0.2-3tr
- Rebuild with shared openssl

Sat Nov 6 13:00:00 2004 Erlend Midttun 5.0.2-2tr
- Now with extension-dir set to /usr/share/php

Thu Oct 28 14:00:00 2004 Erlend Midttun 5.0.2-2tr
- Now with MySQLi support.

Thu Oct 28 14:00:00 2004 Erlend Midttun 5.0.2-1tr
- New upstream.

Sun Sep 19 14:00:00 2004 Erlend Midttun 5.0.1-3tr
- Try to get obsoletes and provides right.

Mon Sep 13 14:00:00 2004 Erlend Midttun 5.0.1-2tr
- Now with v5 php.ini as well.

Mon Sep 13 14:00:00 2004 Erlend Midttun 5.0.1-1tr
- New major upstream.

Thu Jul 22 14:00:00 2004 Oystein Viggen 4.3.8-2tr
- New upstream.

Fri Jun 18 14:00:00 2004 Chr. Toldnes 4.3.7-1tr
- New upstream version: 4.3.7

Sun Mar 14 13:00:00 2004 Chr. Toldnes 4.3.4-8tr
- removed cyrus support, does not build with new cyrus.

Mon Mar 1 13:00:00 2004 Erlend Midttun 4.3.4-6tr
- Added the missing extensions.

Wed Dec 3 13:00:00 2003 Erlend Midttun 4.3.4-4tr
- Stricter defaults in php.ini.

Wed Nov 19 13:00:00 2003 Tor Hveem 4.3.4-3th
- Readd a BuildReq
- Renamed libpng12 Req to libpng
- Tried removing the _noVersionedDependencies hack

Tue Nov 18 13:00:00 2003 Tor Hveem 4.3.4-2th
- Rebuild for apache with LFS

Wed Nov 5 13:00:00 2003 Gerald Dachs 4.3.4-1gd
- New upstream version
- build requires rpm-build >= 4.0.4-22gd

Tue Sep 16 14:00:00 2003 Tor Hveem 4.3.3-1th
- New upstream
- Fixed docs and tests paths
- Fixed some bogus BuildReq\'s

Fri Sep 12 14:00:00 2003 Gerald Dachs 4.3.2-9gd
- enabled db4 support

Mon Jun 23 14:00:00 2003 Erlend Midttun 4.3.2-8tr
- Added %defattr

Sat Jun 21 14:00:00 2003 Gerald Dachs 4.3.2-7gd
- Added --with-gettext

Wed Jun 18 14:00:00 2003 Erlend Midttun 4.3.2-6tr
- Big rebuild

Wed Jun 11 14:00:00 2003 Gerald Dachs 4.3.2-5gd
- buildrequries cyrus-sasl-devel, readline-devel

Wed Jun 11 14:00:00 2003 Gerald Dachs 4.3.2-4gd
- use --with-regex=php now, removed patch0

Sat Jun 7 14:00:00 2003 Erlend Midttun 4.3.2-3em
- Fix file conflict on /usr/bin/php.

Sun Jun 1 14:00:00 2003 Erlend Midttun 4.3.2-2em
- Removed libapr-devel

Sun Jun 1 14:00:00 2003 Gerald Dachs 4.3.2-1gd
- New upstream version.
- openssl linked static, because of bug in php
- hack for pleasing apxs with a fake httpd.conf
- made patch to allow to use --with-regex=system

Wed May 28 14:00:00 2003 Gerald Dachs 4.3.1-8gd
- Added package domxml

Fri May 23 14:00:00 2003 Tor Hveem 4.3.1-7th
- Missing BuildReq readline-devel, libpng-devel, libjpeg-devel, mysql-devel
- Added --with-cyrus
- Added package gd

Thu May 15 14:00:00 2003 Erlend Midttun 4.3.1-6em
- Moved docs

Wed Apr 30 14:00:00 2003 Erlend Midttun 4.3.1-5em
- Major cleanup.

Wed Apr 30 14:00:00 2003 Erlend Midttun 4.3.1-4em
- mod_php4-pgsql requires postgresql-libs and not postgresql.

Mon Apr 28 14:00:00 2003 Erlend Midttun 4.3.1-3em
- Rebuild against new mysql.

Mon Mar 24 13:00:00 2003 Erlend Midttun 4.3.1-2em
- Rebuilt against glibc 2.3.2.

Thu Mar 20 13:00:00 2003 Erlend Midttun 4.3.1-1em
- New upstream version.

Fri Feb 28 13:00:00 2003 Erlend Midttun 4.3.0-6em
- Fixed entension dir.

Wed Feb 19 13:00:00 2003 Erlend Midttun 4.3.0-5em
- Added conf file.

Sat Jan 18 13:00:00 2003 Gerald Dachs 4.3.0-4gd
- rebuilt against openssl 0.9.7

Sat Jan 11 13:00:00 2003 Tor Hveem 4.3.0-3th
- added packages: openssl, cli, exif

Fri Jan 3 13:00:00 2003 Erlend Midttun 4.3.0-2em
- Changed Req: imap to BuildReq: uw-imap-devel on -imap package
- New and improved php.ini file. Slightly modified php.ini-recommended.

Sat Dec 28 13:00:00 2002 Tor Hveem 4.3.0-1th
- New upstream version: 4.3.0
- Removed tsrm patch
- Added new build requirements bzip2-devel, libapr-devel
- Readded imap module

Thu Sep 26 14:00:00 2002 Erlend Midttun 4.2.3-2em
- Added buildreq flex.

Wed Sep 11 14:00:00 2002 Erlend Midttun 4.2.3-1em
- New PHP.
- Now required Apache 2.

Mon Mar 25 13:00:00 2002 Christian H. Toldnes
- The old rfc1867.c didn\'t fix it. Applied a new patch.

Thu Feb 28 13:00:00 2002 Christian H. Toldnes
- Applied securitypatch. (rfc1867.c)

Wed Sep 26 14:00:00 2001 Erlend Midttun
- Seems the previous mailsec patch was broken, trying again.

Thu Jul 26 14:00:00 2001 Erlend Midttun
- Fixed a few dependencies.

Thu Jul 19 14:00:00 2001 Oystein Viggen
- Add a fix from cvs to stop mail() from breaking safe mode.

Mon Jul 16 14:00:00 2001 Oystein Viggen
- 4.0.6 didn\'t fix memlimit. Added patch from the php team.

Mon Jul 9 14:00:00 2001 Oystein Viggen
- Because of build problems, imap is no longer built as a module.

Tue Jul 3 14:00:00 2001 Oystein Viggen
- define _noVersionedDependencies

Mon Jul 2 14:00:00 2001 Oystein Viggen
- New upstream version: 4.0.6
- This new version fixes a bug with --enable-memory-limit

Mon Jun 11 14:00:00 2001 Oystein Viggen
- New upstream version: 4.0.5

Mon Mar 19 13:00:00 2001 Alexander Reelsen
- Picked up 4.0.4pl1
- Created dynamic modules (and own packages) for imap, ldap, mysql and pgsql

Wed Oct 18 14:00:00 2000 Per Ivar Paulsen
- Update to 3.0.17. Removed syslog patch

Wed May 3 14:00:00 2000 Per Ivar Paulsen
- Update to php 3.0.16

Sat Feb 26 13:00:00 2000 Lars Gaarden
- Picked up php 3.0.15

Fri Feb 25 13:00:00 2000 Lars Gaarden
- Added Provides: php

Tue Jan 25 13:00:00 2000 Per Ivar Paulsen
- picked up php 3.0.14.
- Initial release for the Trustix Secure Linux distribution.
- Added noreplace.
- Moved man and info pages to /usr/share adhering to FHS
- TODO: add better default configuration

Thu Jan 6 13:00:00 2000 Per Ivar Paulsen
- picked up php 3.0.13. And updated manual

Fri Apr 16 14:00:00 1999 Preston Brown
- pick up php3.ini

Wed Mar 24 13:00:00 1999 Preston Brown
- build against apache 1.3.6

Sun Mar 21 13:00:00 1999 Cristian Gafton
- auto rebuild in the new build environment (release 2)

Mon Mar 8 13:00:00 1999 Preston Brown
- upgraded to 3.0.7.

Wed Feb 24 13:00:00 1999 Preston Brown
- Injected new description and group.

Sun Feb 7 13:00:00 1999 Preston Brown
- upgrade to php 3.0.6, built against apache 1.3.4

Mon Oct 12 14:00:00 1998 Cristian Gafton
- rebuild for apache 1.3.3

Thu Oct 8 14:00:00 1998 Preston Brown
- updated to 3.0.5, fixes nasty bugs in 3.0.4.

Sun Sep 27 14:00:00 1998 Cristian Gafton
- updated to 3.0.4 and recompiled for apache 1.3.2

Thu Sep 3 14:00:00 1998 Preston Brown
- improvements; builds with apache-devel package installed.

Tue Sep 1 14:00:00 1998 Preston Brown
- Made initial cut for PHP3.


  
ICM