Changelog for
apache2-mod_php7-7.2.5-lp151.6.25.1.x86_64.rpm :
* Tue Apr 07 2020 pgajdosAATTsuse.com- security update- added patches fix CVE-2020-7064 [bsc#1168326], read one byte of uninitialized memory via malicious data + php7-CVE-2020-7064.patch fix CVE-2020-7066 [bsc#1168352], URL truncation if the URL contains zero (\\0) character + php7-CVE-2020-7066.patch
* Mon Mar 02 2020 pgajdosAATTsuse.com- security update- added patches fix CVE-2020-7062 [bsc#1165280], null pointer dereference when using file upload functionality under specific circumstances + php7-CVE-2020-7062.patch fix CVE-2020-7063 [bsc#1165289], creating PHAR archive using PharData:buildFromIterator() function will add files with default permissions + php7-CVE-2020-7063.patch
* Wed Feb 05 2020 pgajdosAATTsuse.com- security update- added patches CVE-2020-7059 [bsc#1162629] + php7-CVE-2020-7059.patch CVE-2020-7060 [bsc#1162632] + php7-CVE-2020-7060.patch
* Thu Jan 02 2020 pgajdosAATTsuse.com- security update- added patches CVE-2019-11045 [bsc#1159923] + php7-CVE-2019-11045.patch CVE-2019-11046 [bsc#1159924] + php7-CVE-2019-11046.patch CVE-2019-11047 [bsc#1159922] + php7-CVE-2019-11047.patch CVE-2019-11050 [bsc#1159927] + php7-CVE-2019-11050.patch
* Fri Oct 25 2019 pgajdosAATTsuse.com- security update- added patches CVE-2019-11043 [bsc#1154999] + php7-CVE-2019-11043.patch
* Fri Oct 04 2019 pgajdosAATTsuse.com- provide test results via multibuild :test [bsc#1119396]- added sources + _multibuild
* Thu Sep 26 2019 Petr Gajdos
- drop -n from php invocation from pecl [bsc#1151793] https://github.com/pear/pear-core/commit/f94454a74785865cec50bf9d64c410efc29b587a
* Thu Sep 26 2019 pgajdosAATTsuse.com- turn off run of testsuite as we get Kernel panic on s390x
* Thu Aug 22 2019 pgajdosAATTsuse.com- security update- added patches CVE-2019-11041 [bsc#1146360] + php7-CVE-2019-11041.patch CVE-2019-11042 [bsc#1145095] + php7-CVE-2019-11042.patch
* Fri Jun 14 2019 pgajdosAATTsuse.com- security update- added patches CVE-2019-11039 [bsc#1138173] + php-CVE-2019-11039.patch CVE-2019-11040 [bsc#1138172] + php-CVE-2019-11040.patch
* Mon May 13 2019 pgajdosAATTsuse.com- security update- added patches CVE-2019-11036 [bsc#1134322] + php-CVE-2019-11036.patch
* Mon Apr 29 2019 pgajdosAATTsuse.com- security update- added patches CVE-2019-11034 [bsc#1132838] + php-CVE-2019-11034.patch CVE-2019-11035 [bsc#1132837] + php-CVE-2019-11035.patch
* Wed Mar 20 2019 pgajdosAATTsuse.com- security update- added patches CVE-2019-9637 [bsc#1128892] + php-CVE-2019-9637.patch CVE-2019-9675 [bsc#1128886] + php-CVE-2019-9675.patch CVE-2019-9638 [bsc#1128889], CVE-2019-9639 [bsc#1128887] + php-CVE-2019-9638,9639.patch CVE-2019-9640 [bsc#1128883] + php-CVE-2019-9640.patch
* Fri Mar 15 2019 pgajdosAATTsuse.com- upstream bug #41631 is already fixed [bsc#1129032]- deleted sources - README.default_socket_timeout (not needed)
* Mon Mar 11 2019 pgajdosAATTsuse.com- security update
* CVE-2019-9024 [bsc#1126821] + php-CVE-2019-9024.patch
* CVE-2019-9020 [bsc#1126711] + php-CVE-2019-9020.patch
* CVE-2018-20783 [bsc#1127122] + php-CVE-2018-20783.patch
* CVE-2019-9021 [bsc#1126713] + php-CVE-2019-9021.patch
* CVE-2019-9022 [bsc#1126827] + php-CVE-2019-9022.patch
* CVE-2019-9023 [bsc#1126823] + php-CVE-2019-9023.patch
* CVE-2019-9641 [bsc#1128722] + php-CVE-2019-9641.patch
* Tue Mar 05 2019 pgajdosAATTsuse.com- asan_build: build ASAN included- debug_build: build more suitable for debugging
* Wed Dec 19 2018 Martin Pluskal - Enable testsuite during build time and save log to subpackage  testresults (boo#1119396)
* Mon Dec 10 2018 Petr Gajdos - add security patch of imap extension, which is currently disabled
* CVE-2018-19935 [bsc#1118832] + php-CVE-2018-19935.patch
* Wed Sep 19 2018 Petr Gajdos - security update
* CVE-2018-17082 [bsc#1108753] + php-CVE-2018-17082.patch
* Mon Sep 17 2018 Petr Gajdos - reenable php7-dba support of Berkeley DB [bsc#1108554]
* Tue Aug 28 2018 pgajdosAATTsuse.com- align patch names: php7-CVE-2018-14851.patch -> php-CVE-2018-14851.patch php7-CVE-2017-9120.patch -> php-CVE-2017-9120.patch php7-CVE-2018-1000222.patch -> php-CVE-2018-1000222.patch
* Mon Aug 27 2018 pgajdosAATTsuse.com- security update:
* CVE-2018-1000222 [bsc#1105434] + php-CVE-2018-1000222.patch
* Sat Aug 04 2018 pgajdosAATTsuse.com- security update
* CVE-2018-14851 [bsc#1103659] + php-CVE-2018-14851.patch
* CVE-2017-9120 [bsc#1103661] + php-CVE-2017-9120.patch
* Tue Jun 26 2018 pgajdosAATTsuse.com- security update
* CVE-2018-12882 [bsc#1099098] + php-CVE-2018-12882.patch
* Tue May 15 2018 pgajdosAATTsuse.com- main package requires wwwrun:www user [bsc#1093025]
* Thu May 10 2018 pgajdosAATTsuse.com- better workaround for [bsc#1089487]: build mod_phpN.so instead of libphpN.so
* Wed May 09 2018 pgajdosAATTsuse.com- rename freetype-pkgconfig.patch to php7-freetype-pkgconfig.patch to align with the rest of patch names
* Mon May 07 2018 idonmezAATTsuse.com- Add freetype-pkgconfig.patch to fix build with new Freetype: use pkg-config to find Freetype libraries
* Mon Apr 30 2018 pgajdosAATTsuse.com- updated to 7.2.5: This is a security release which also contains several minor bug fixes. http://php.net/ChangeLog-7.php#7.2.5
* Thu Apr 19 2018 pgajdosAATTsuse.com- build-test.sh: generic spec file name
* Mon Apr 16 2018 pgajdosAATTsuse.com- apache2-mod_php7 does not provide libphp7.so [bsc#1089487]
* Wed Apr 04 2018 pgajdosAATTsuse.com- updated to 7.2.4: This is a security release with also contains several minor bug fixes. http://php.net/ChangeLog-7.php#7.2.4- php7-no-build-date.patch refreshed
* Mon Mar 26 2018 pgajdosAATTsuse.com- build firebird extension only for openSUSE (sle15 requirement)
* Tue Mar 20 2018 guillaume.gardetAATTopensuse.org- Fix build for %arm and aarch64
* Fri Mar 16 2018 pgajdosAATTsuse.com- drop imap extension [bsc#1084461]
* Sat Mar 10 2018 dimstarAATTopensuse.org- BuildRequire pkgconfig(enchant) instead of enchant-devel: enchant is moving to version 2.2, with an enchant-1 as compatibility package. By using the pkgconfig symbol, we don\'t have to care for the actual package name.
* Fri Mar 09 2018 pgajdosAATTsuse.com- updated to 7.2.3: This is a security release with also contains several minor bug fixes. http://php.net/ChangeLog-7.php#7.2.3- removed upstreamed php7-pgsql-memory-leak.patch- php7-systzdata-v15.patch refreshed and renamed to php7-systzdata-v16.patch
* Thu Feb 22 2018 crrodriguezAATTopensuse.org- php7-honor-re2c-flags.patch: honor RE2C_FLAGS everywhere.- remove generated lexers so they are recreated at build time
* Thu Feb 22 2018 crrodriguezAATTopensuse.org- php7-date-regenerate-lexers.patch: honor RE2C_FLAGS
* Thu Feb 22 2018 crrodriguezAATTopensuse.org- Support password_hash(\"...\", PASSWORD_ARGON2I), buildrequire libargon2 in supported products.
* Mon Feb 19 2018 crrodriguezAATTopensuse.org- Remove buildRequires on:
* libevent-devel: php7-fpm does not use it.
* pam-devel: not used- Add buildrequire on zlib-devel explicitly.- libvpx is not needed but libwebp is, only when not building against system gd. xft likewise.
* Mon Feb 19 2018 pgajdosAATTsuse.com- fixed memory leak in pgsql extension, php function pg_escape_bytea https://bugs.php.net/bug.php?id=75838 [bsc#1076970] (internal) + php7-pgsql-memory-leak.patch
* Wed Feb 07 2018 pgajdosAATTsuse.com- updated to 7.2.2: This is a bugfix release, with several bug fixes included. http://php.net/ChangeLog-7.php#7.2.2
* Fri Jan 26 2018 pgajdosAATTsuse.com- do not build against system gd when suse_version < 1500
* Tue Jan 23 2018 pgajdosAATTsuse.com- fix build for SLE12
*
* Tue Jan 09 2018 pgajdosAATTsuse.com- updated to 7.2.1: Several security bugs were fixed in this release. http://php.net/ChangeLog-7.php#7.2.1
* Tue Jan 02 2018 pgajdosAATTsuse.com- build against newer webp [bsc#1074121]
* Fri Dec 15 2017 pgajdosAATTsuse.com- build with SLE12
*
* Mon Dec 11 2017 pgajdosAATTsuse.com- updated to 7.2.0: features and improvements:
* Convert numeric keys in object/array casts
* Counting of non-countable objects
* Object typehint
* HashContext as Object
* Argon2 in password hash
* Improve TLS constants to sane values
* Mcrypt extension removed
* New sodium extension- patches: . php7-systzdata-v14.patch transformed to php7-systzdata-v15.patch . removed upstreamed php7-aarch64-mult.patch
* Mon Nov 27 2017 pgajdosAATTsuse.com- updated to 7.1.12: This is a bugfix release, with several bug fixes included.
* Wed Nov 01 2017 bluemer.markAATTgmail.com- Add php-cli as provides to php7
* Fri Oct 27 2017 pgajdosAATTsuse.com- updated to 7.1.11: This is a bugfix release, with several bug fixes included.
* Wed Oct 04 2017 pgajdosAATTsuse.com- fixed installation of wrong cli [bsc#1061555]
* Sat Sep 30 2017 jengelhAATTinai.de- Update not-so-useful repeated package summaries. Update the descriptions to have a bit more explanation. Replace old tar syntax.
* Wed Sep 27 2017 pgajdosAATTsuse.com- build and ship embed SAPI + php7-embed.patch
* Wed Sep 27 2017 pgajdosAATTsuse.com- updated to 7.1.10: Several bugs have been fixed, see https://secure.php.net/ChangeLog-7.php for details
* Tue Sep 12 2017 pgajdosAATTsuse.com- aarch64-mult.patch renamed to php7-aarch64-mult.patch
* Mon Sep 04 2017 pgajdosAATTsuse.com- php7-devel requires php7-pear [bsc#1057104]
* Fri Sep 01 2017 jweberhoferAATTweberhofer.at- Changes related to boo#1056822- New packaging macros in macros.php: %php_pearxmldir, %pear_phpdir, %pear_phpdir, %pear_testdir, %pear_datadir, %pear_cfgdir, %pear_wwwdir, %pear_metadir, %pecl_phpdir, %pecl_docdir, %pecl_testdir, %pecl_datadir- Updated packaging documentation in README.macros
* Thu Aug 31 2017 ilyaAATTilya.pp.ua- Updated to 7.1.9: Several bugs have been fixed.
* ChangeLog https://secure.php.net/ChangeLog-7.php#7.1.9
* Mon Aug 14 2017 pgajdosAATTsuse.com- added /usr/bin/php7 [bsc#734176]
* Mon Aug 07 2017 jweberhoferAATTweberhofer.at- php7-pear should explicitly require php7-pear-Archive_Tar otherwise this dependency must be declared in every php7-pear-
* package explicitly. [bnc#1052389]
* Wed Aug 02 2017 ilyaAATTilya.pp.ua- Updated to 7.1.8: Several bugs have been fixed.
* ChangeLog https://secure.php.net/ChangeLog-7.php#7.1.8
* Wed Jul 26 2017 ilyaAATTilya.pp.ua- Replace %__-type macro indirections.
* Fri Jul 21 2017 pgajdosAATTsuse.com- date extension: regenerate lexers when needed + php7-date-regenerate-lexers.patch
* Mon Jul 17 2017 pgajdosAATTsuse.com- dropped mcrypt extension [fate#323673]
* Mon Jul 17 2017 pgajdosAATTsuse.com- updated to 7.1.7: This is a security release with several bug fixes included.
* Mon Jul 03 2017 tchvatalAATTsuse.com- Drop sle11 support as we are not building against it anymore- Remove php7-BNC-457056.patch that was applied on sle11 only- Remove dependency on imap-devel, it is not used- Switch spell from aspell to enchant, dropping pspell subpackage- Remove unknown switch options from php cli build- Drop support for berkleydb format, by default there are more supported solutions built in php- Use %configure macro in the build phases
* Fri Jun 09 2017 pgajdosAATTsuse.com- updated to 7.1.6: Several bugs have been fixed.
* Fri May 12 2017 13ilyaAATTgmail.com- Updated to 7.1.5: Several bugs have been fixed.
* ChangeLog https://secure.php.net/ChangeLog-7.php#7.1.5
* Sat Apr 15 2017 13ilyaAATTgmail.com- Updated to 7.1.4: Several bugs have been fixed.
* ChangeLog https://secure.php.net/ChangeLog-7.php#7.1.4
* Fri Mar 17 2017 13ilyaAATTgmail.com- Updated to 7.1.3: Several bugs have been fixed.
* ChangeLog https://secure.php.net/ChangeLog-7.php#7.1.3
* Fri Mar 17 2017 kukukAATTsuse.com- Don\'t install the init script if we use systemd
* Mon Feb 20 2017 pgajdosAATTsuse.com- updated to 7.1.2: Several bugs have been fixed.- deleted php7-getrandom-test.patch, upstreamed
* Tue Feb 14 2017 pgajdosAATTsuse.com- updated to 7.1.1: This release is the first point release in the 7.x series. PHP 7.1 comes with numerous improvements and new features such as
* Nullable types
* Void return type
* Iterable pseudo-type
* Class constant visiblity modifiers
* Square bracket syntax for list() and the ability to specify keys in list()
* Catching multiple exceptions types
* Many more features and changes…- migration: http://php.net/manual/en/migration71.php- php7-systzdata-v13.patch replaced by php7-systzdata-v14.patch
* Thu Feb 02 2017 pgajdosAATTsuse.com- suggest php7-
* instead of php-
* [bsc#1022158c#4]- do not suggest php-suhosin at all as we do not build it (not ported to php7 yet)
* Tue Jan 24 2017 pgajdosAATTsuse.com- updated to 7.0.15: Several security bugs were fixed in this release.
* Mon Dec 12 2016 fbuiAATTsuse.com- Replace pkgconfig(libsystemd-
*) with pkgconfig(libsystemd) Nowadays pkgconfig(libsystemd) replaces all libsystemd-
* libs, which are obsolete.
* Mon Dec 12 2016 pgajdosAATTsuse.com- updated to 7.0.14: Several security bugs were fixed in this release.
* Fri Nov 11 2016 pgajdosAATTsuse.com- updated to 7.0.13: This is a security release. Several security bugs were fixed in this release.
* Mon Oct 24 2016 pgajdosAATTsuse.com- adjust firebird dependency
* Mon Oct 17 2016 pgajdosAATTsuse.com- updated to 7.0.12: This is a security release. Several security bugs were fixed in this release.
* Thu Sep 15 2016 pgajdosAATTsuse.com- updated to 7.0.11: Several security bugs were fixed in this release.
* Wed Aug 31 2016 crrodriguezAATTopensuse.org- php7-getrandom-test.patch: Fix incorrect test for the getrandom syscall.
* Mon Aug 22 2016 pgajdosAATTsuse.com- updated to 7.0.10: Several security bugs were fixed in this release.
* Mon Aug 01 2016 pgajdosAATTsuse.com- updated to 7.0.9: Several security bugs were fixed in this release, including the HTTP_PROXY issue.
* Thu Jun 23 2016 pgajdosAATTsuse.com- updated to 7.0.8: This is a security release. Several security bugs were fixed in this release.- removed: php7-mbstring-missing-return.patch (upstreamed)
* Mon Jun 20 2016 pgajdosAATTsuse.com- systemd unit: remove syslog.target from After [bsc#983938]
* Mon May 30 2016 pgajdosAATTsuse.com- updated to 7.0.7: This is a security release. Several security bugs were fixed in this release.
* Thu Apr 28 2016 pgajdosAATTsuse.com- updated to 7.0.6: This is a security release. Several security bugs were fixed in this release.
* removed upstreamed php7-no-reentrant-crypt.patch
* Mon Apr 25 2016 schwabAATTlinux-m68k.org- aarch64-mult.patch: fix asm constraints in aarch64 multiply macro
* Thu Apr 07 2016 pgajdosAATTsuse.com- build for sle12
* Wed Apr 06 2016 pgajdosAATTsuse.com- correct public key
* Fri Apr 01 2016 pgajdosAATTsuse.com- updated to 7.0.5
* Tue Mar 29 2016 pgajdosAATTsuse.com- firebird builds now
* Thu Mar 03 2016 jimmyAATTboombatower.com- update to 7.0.4
* Wed Feb 10 2016 pgajdosAATTsuse.com- updated to 7.0.3
* Thu Feb 04 2016 pgajdosAATTsuse.com- require postgresql-devel < 9.4 for sle12 to fix build
* Fri Jan 29 2016 pgajdosAATTsuse.com- more versioned provides
* Fri Jan 08 2016 pgajdosAATTsuse.com- update to 7.0.2: 31 reported bugs has been fixed, including 6 security related issues.
* Mon Dec 21 2015 jimmyAATTboombatower.com- update to 7.0.1
* Mon Dec 14 2015 pgajdosAATTsuse.com- php5-pear-Archive_Tar provides 1.4.0- install .depdb and .depdblock files along metadata
* php5-depdb-path.patch- versioned provides in subpackages
* Mon Dec 14 2015 jimmyAATTboombatower.com- Provide obsoletes for sub-packages to improve upgrade process.
* Wed Dec 09 2015 jimmyAATTboombatower.com- Obsolete php5 since php7 conflicts and should replace.
* Mon Dec 07 2015 pgajdosAATTsuse.com- marcello at ceschia.de: fix path php-fpm.conf
* Mon Nov 23 2015 pgajdosAATTsuse.com- set pear\'s metadata dir to %{peardir}
* Mon Nov 16 2015 ajAATTajaissle.de- Spec cleanup
* Split Archive_Tar from -pear sub packge to allow updating this part via rpm
* Added \"Provides: php-firebird\" to -firebird sub package
* Added \"Provides: mod_php_any\" to server api module packages - fastcgi and -fpm
* Mon Nov 16 2015 pgajdosAATTsuse.com- test mod_php with %apache_test_module_curl- restart apache during mod_php upgrade
* Tue Sep 08 2015 pgajdosAATTsuse.com- add php5-fix_net-snmp_disable_MD5.patch [bnc#944302]
* Fri Sep 04 2015 pgajdosAATTsuse.com- fixed segfault in odbc extension when result set is containing NULL (php bugs #52554, #53007) [bnc#935074] (internal) + php7-odbc-cmp-int-cast.patch
* Tue Jul 14 2015 pgajdosAATTsuse.com- updated to 7.0.0
* see NEWS for changes
* see UPGRADING for 5.6.x -> 7.0.x transition- removed unneded or not upstreamed patches for long time:
* php5-cloexec.patch
* php5-missing-extdeps.patch
* php5-format-string-issues.patch
* php5-per-mod-log.patch
* php5-apache24-updates.patch
* php5-crypto-checks.patch
* php5-systzdata-r12.patch (new: php7-systzdata-v13.patch)
* Mon Jul 13 2015 pgajdosAATTsuse.com- updated to 5.6.11: Five security-related issues in PHP were fixed in this release, including CVE-2015-3152.
* Thu Jun 25 2015 crrodriguezAATTopensuse.org- php5-systemd-unit.patch: set Killmode=mixed in order to ensure fpm and children forked by script can terminate cleanly.
* Wed Jun 24 2015 pgajdosAATTsuse.com- mod_php5.so executable
* Thu Jun 18 2015 pgajdosAATTsuse.com- use apache-rpm-macros
* Thu Jun 18 2015 pgajdosAATTsuse.com- updated to 5.6.10: Several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326).
* Fri Jun 05 2015 mrueckertAATTsuse.de- enable apparmor support: new BR libapparmor-devel
* Mon May 18 2015 pgajdosAATTsuse.com- update to 5.6.9: Several bugs have been fixed.- systzdata patch updated to r12 - php5-systzdata-r10.patch + php5-systzdata-r12.patch
* Fri Apr 24 2015 pgajdosAATTsuse.com- update to 5.6.8: Several bugs have been fixed some of them beeing security related, like CVE-2015-1351 and CVE-2015-1352.- refreshed php5-crypto-checks.patch
* Mon Apr 20 2015 pgajdosAATTsuse.com- configure php-fpm with --localstatedir=/var [bnc#927147]
* Wed Apr 08 2015 pgajdosAATTsuse.com- systzdata patch updated to r10 - php5-systzdata-v7.patch + php5-systzdata-r10.patch
* Thu Apr 02 2015 pgajdosAATTsuse.com- build against system gd and libzip only for 13.2 and above
* Tue Mar 24 2015 pgajdosAATTsuse.com- update to 5.6.7: Several bugs have been fixed as well as CVE-2015-0231, CVE-2015-2305 and CVE-2015-2331.
* Tue Mar 24 2015 pgajdosAATTsuse.com- build against system gd [bnc#923946]
* Fri Mar 20 2015 pgajdosAATTsuse.com- build against system libzip [bnc#922894]
* Mon Feb 23 2015 pgajdosAATTsuse.com- update to 5.6.6: fixes several bugs and addresses CVE-2015-0235 and CVE-2015-0273.
* Mon Feb 09 2015 pgajdosAATTsuse.com- added README.default_socket_timeout [bnc#907519]
* Tue Feb 03 2015 pgajdosAATTsuse.com- fix sle_11_sp3 build
* Mon Jan 26 2015 pgajdosAATTsuse.com- update to 5.6.5: This release fixes several bugs as well as CVE-2015-0231, CVE-2014-9427 and CVE-2015-0232.- removed patches:
* php-CVE-2014-9426.patch
* php-CVE-2014-9427.patch
* php-CVE-2015-0231.patch
* Wed Jan 21 2015 pgajdosAATTsuse.com- added php-CVE-2015-0231.patch [bnc#910659]
* Mon Jan 05 2015 pgajdosAATTsuse.com- added php-CVE-2014-9426.patch [bnc#911663]- added php-CVE-2014-9427.patch [bnc#911664]
* Fri Dec 19 2014 pgajdosAATTsuse.com- update to 5.6.4: This release fixes several bugs and one CVE related to unserialization.
* Tue Nov 18 2014 pgajdosAATTsuse.com- update to 5.6.3: This release fixes several bugs and one CVE in the fileinfo extension.
* Mon Oct 27 2014 pgajdosAATTsuse.com- update to 5.6.2: Four security-related bugs were fixed in this release, including fixes for CVE-2014-3668, CVE-2014-3669 and CVE-2014-3670.
* Tue Oct 14 2014 pgajdosAATTsuse.com- upgraded to 5.6.1:
* Several bugs were fixed in this release (including CVE-2014-3622).