SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for php7-sockets-7.4.33-13.5.x86_64.rpm :

* Thu Aug 29 2024 Arjen de Korte - Fix build with GCC14
* Thu Jun 20 2024 pgajdosAATTsuse.com- drop unmaintained apache-rex usage
* Thu Jun 20 2024 pgajdosAATTsuse.com- security update- added patches fix CVE-2024-2756 [bsc#1222857], host/secure cookie bypass due to partial fix + php7-CVE-2024-2756.patch fix CVE-2024-3096 [bsc#1222858], password_verify can erroneously return true, opening ATO risk + php7-CVE-2024-3096.patch fix CVE-2024-5458 [bsc#1226073], filter bypass in filter_var FILTER_VALIDATE_URL + php7-CVE-2024-5458.patch
* Thu May 30 2024 Arjen de Korte - Fix check for newer versions of ICU + php7-fix-newer-versions-icu.patch
* Thu Aug 24 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2023-3823 [bsc#1214106], XML loading external entity without being enabled + php7-CVE-2023-3823.patch fix CVE-2023-3824 [bsc#1214103], buffer overflows in phar_dir_read() + php7-CVE-2023-3824.patch
* Thu Jun 15 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2023-3247 [bsc#1212349], Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP + php7-CVE-2023-3247.patch
* Thu Apr 20 2023 Arjen de Korte - The %_restart_on_update macro was removed from systemd-rpm-macros. Remove %posttrans for FPM as it wasn\'t working as intended anyway. [boo#1210576]
* Tue Mar 14 2023 pgajdosAATTsuse.com- fix potential buffer overflow [bsc#1208199]- modified patches % php-systzdata-v19.patch (refreshed)
* Thu Feb 16 2023 Arjen de Korte - security update- added patches fix CVE-2023-0567 (Password_verify() always return true with some hash) + php7-CVE-2023-0567-a.patch and php7-CVE-2023-0567-b.patch fix CVE-2023-0568 (1-byte array overrun in common path resolve code) + php7-CVE-2023-0568.patch fix CVE-2023-0662 (DOS vulnerability when parsing multipart request body) + php7-CVE-2023-0662.patch
* Mon Jan 09 2023 munix9AATTgooglemail.com- Add fix-NETSNMP_DISABLE_DES.patch to solve \"error: \'usmDESPrivProtocol\' undeclared\" on Factory/TW
* Mon Jan 09 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2022-31631 [bsc#1206958], Due to an integer overflow PDO:quote() may return unquoted string + php7-CVE-2022-31631.patch
* Thu Nov 10 2022 pgajdosAATTsuse.com- hardcode openssl version, openssl3 will not be supported https://www.php.net/manual/en/openssl.requirements.php
* Thu Nov 03 2022 pgajdosAATTsuse.com- version update to 7.4.33
* This is security release that fixes an OOB read due to insufficient input validation in imageloadfont(), and a buffer overflow in hash_update() on long parameter.
* CVE-2022-37454 [bsc#1204577], CVE-2022-31630 [bsc#1204979] https://www.php.net/ChangeLog-7.php#7.4.33
* Thu Sep 29 2022 pgajdosAATTsuse.com- version update to 7.4.32
* This is security release that addresses an infinite recursion with specially constructed phar files, and prevents a clash with variable name mangling for the __Host/__Secure HTTP headers.
* CVEs fixed: CVE-2022-31628, CVE-2022-31629 https://www.php.net/ChangeLog-7.php#7.4.32 https://www.php.net/ChangeLog-7.php#7.4.31
* Fri Jun 10 2022 pgajdosAATTsuse.com- version update to 7.4.30
* This is a security release. https://www.php.net/ChangeLog-7.php#7.4.30
* Fri May 06 2022 pgajdosAATTsuse.com- security update [bsc#1197644]- added patches fix https://github.com/php/php-src/commit/771dbdb319fa7f90584f6b2cc2c54ccff570492d + php7-signedness-php_filter_validate_domain.patch
* Wed Apr 20 2022 pgajdosAATTsuse.com- version update to 7.4.29: Core: No source changes to this release. This update allows for re-building the Windows binaries against upgraded dependencies which have received security updates. Date: Updated to latest IANA timezone database (2022a).
* Mon Apr 11 2022 pgajdosAATTsuse.com- fpm %postrans: check whether sytemctl is available
* Fri Apr 08 2022 Arjen de Korte - Disable build with \'-z now\' as it breaks the php-mysql extension [boo#1197994]
* Thu Mar 31 2022 Arjen de Korte - build PHP-FPM with libacl support (boo#1196870)
* Fri Feb 18 2022 Arjen de Korte - updated to 7.4.28: This is a security release (CVE-2021-21708). See https://www.php.net/ChangeLog-7.php#7.4.28
* Sun Jan 09 2022 Arjen de Korte - use /tmp to store session information (boo#1194414) % php-ini.patch
* Thu Dec 16 2021 Arjen de Korte - updated to 7.4.27: This is a bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.27
* Wed Dec 01 2021 Arjen de Korte - provide configuration for PHP-FPM out of the box (boo#1192414)- package missing php.ini for PHP-FPM (boo#1192672)
* Thu Nov 18 2021 Arjen de Korte - updated to 7.4.26: This is a security release (CVE-2021-21707) which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.26
* Fri Oct 22 2021 Arjen de Korte - updated to 7.4.25: This is a security release (CVE-2021-21703) which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.25
* Mon Sep 27 2021 pgajdosAATTsuse.com- previous version updates fixes also: CVE-2020-7068,CVE-2020-7069,CVE-2020-7070,CVE-2020-7071, CVE-2021-21702,CVE-2021-21704,CVE-2021-21705 bsc#1175223,bsc#1177351,bsc#1177352,bsc#1180706, bsc#1182049,bsc#1188035,bsc#1188037
* Thu Sep 23 2021 Arjen de Korte - updated to 7.4.24: This is a security release (CVE-2021-21706) which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.24
* Wed Sep 15 2021 pgajdosAATTsuse.com- added patches https://github.com/php/php-src/commit/b3646440b1808abf0874b6f89027ce53ec5da03f + php7-gd-removed-unused-constants.patch
* Thu Aug 26 2021 Arjen de Korte - updated to 7.4.23: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.23
* Thu Jul 29 2021 Arjen de Korte - updated to 7.4.22: This is a security and bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.22
* Thu Jul 01 2021 Arjen de Korte - updated to 7.4.21: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.21
* Thu Jun 03 2021 Arjen de Korte - updated to 7.4.20: This is a bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.20
* Thu May 06 2021 Arjen de Korte - updated to 7.4.19: This release reverts a bug related to PDO_pgsql that was introduced in PHP 7.4.18.
* Fri Apr 30 2021 Arjen de Korte - updated to 7.4.18: This is a security bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.18
* Tue Apr 13 2021 Arjen de Korte - Do not hard-depend on systemd: use systemd_ordering instead of systemd_requires.
* Thu Mar 04 2021 Arjen de Korte - updated to 7.4.16: This is a bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.16
* Mon Feb 01 2021 Arjen de Korte - updated to 7.4.15: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.15- suppress warning for all flavors not equal to \"\" in multibuild % php7.rpmlintrc
* Fri Jan 29 2021 Arjen de Korte - add versioning to php-sapi as well
* Sat Jan 23 2021 Arjen de Korte - require this PHP version of subpackages in Recommends/Suggests- run apache-rex tests in php7:test as packages need to be build first (otherwise tests run with previous version)
* Sun Jan 17 2021 Arjen de Korte - add php_cfgdir and php_extdir macros
* Fri Jan 15 2021 Arjen de Korte - deleted patch (redundant cast, both sides are already signed int) - php-odbc-cmp-int-cast.patch
* Wed Jan 13 2021 Arjen de Korte - install php7-cli if no sapi is selected upon php7 installation- add conflicts with earlier version of php-cli, php-fastcgi and php-fpm
* Mon Jan 11 2021 Arjen de Korte - put CLI binary in -cli subpackage so that other moduldes can depend on the php base package that remains (and provides files and maps common for all)
* Fri Jan 08 2021 Arjen de Korte - use pkgconfig() to resolve BuildRequires where upstream uses it too- since php-7.4.0 when using --with-external-gd the configure options - -with-xpm, --with-freetype and --with-jpeg are not needed anymore (and neither are the respective BuildRequires)- add Recommends: php-openssl as many modules can optionally use it- use new %ldconfig macros in Tumbleweed
* Thu Jan 07 2021 Arjen de Korte - build the MySQL Native Driver as a shared module (rather than builtin) to prevent a hard requirement for OpenSSL in the CLI
* Thu Jan 07 2021 Arjen de Korte - updated to 7.4.14: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.14- make phar SOURCE_DATE_EPOCH aware so the timestamps in phar.phar are reproducible and sort filelist to include + php-build-reproducible-phar.patch + php-sort-filelist-phar.patch
* Wed Jan 06 2021 Arjen de Korte - fix build failure for SLE_15
* Wed Jan 06 2021 pgajdosAATTsuse.com- deleted patches - php-openssl.patch (undocumented and not upstreamed patch for a long time) - php7-arm-build-fixes.patch (do not build for SLE12 anymore) - php-pts.patch (undocumented and not upstreamed patch for a long time)- improved patch documentation
* Tue Jan 05 2021 pgajdosAATTsuse.com- use cli sapi php-config --libs
* Mon Jan 04 2021 Arjen de Korte - build devel subpackage in cli configuration (otherwise include files for shared modules are missing)
* Sun Jan 03 2021 Arjen de Korte - php-phar requires the php-zlib extension- trim specfile lint
  
ICM