|
|
|
|
Changelog for php7-devel-7.4.33-37.2.noarch.rpm :
* Thu May 30 2024 Arjen de Korte - Fix check for newer versions of ICU + php74-fix-newer-versions-icu.patch * Fri Apr 19 2024 pgajdosAATTsuse.com- security update- added patches fix CVE-2024-2756 [bsc#1222857], host/secure cookie bypass due to partial fix + php74-CVE-2024-2756.patch fix CVE-2024-3096 [bsc#1222858], password_verify can erroneously return true, opening ATO risk + php74-CVE-2024-3096.patch * Thu Aug 24 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2023-3823 [bsc#1214106], XML loading external entity without being enabled + php74-CVE-2023-3823.patch fix CVE-2023-3824 [bsc#1214103], buffer overflows in phar_dir_read() + php74-CVE-2023-3824.patch * Thu Jun 15 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2023-3247 [bsc#1212349], Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP + php74-CVE-2023-3247.patch * Tue Mar 21 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2022-4900 [bsc#1209537], potential buffer overflow via PHP_CLI_SERVER_WORKERS environment variable + php74-CVE-2022-4900.patch * Tue Mar 14 2023 pgajdosAATTsuse.com- fix potential buffer overflow [bsc#1208199]- modified patches % php-systzdata-v19.patch (refreshed) * Fri Feb 17 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2023-0568 [bsc#1208366], NULL byte off-by-one in php_check_specific_open_basedir + php74-CVE-2023-0568.patch fix CVE-2023-0662 [bsc#1208367], DoS vulnerability when parsing multipart request body + php74-CVE-2023-0662.patch https://github.com/php/php-src/commit/a92acbad873a05470af1a47cb785a18eadd827b5, relates to CVE-2023-0567 [bsc#1208388] + php74-crypt-possible-buffer-overread.patch * Mon Jan 09 2023 munix9AATTgooglemail.com- Add fix-NETSNMP_DISABLE_DES.patch to solve \"error: \'usmDESPrivProtocol\' undeclared\" on Factory/TW * Mon Jan 09 2023 pgajdosAATTsuse.com- security update- added patches fix CVE-2022-31631 [bsc#1206958], Due to an integer overflow PDO:quote() may return unquoted string + php7-CVE-2022-31631.patch * Thu Nov 03 2022 Arjen de Korte - updated to 7.4.33: This is a security release (CVE-2022-31630, CVE-2022-37454). See https://www.php.net/ChangeLog-7.php#7.4.33 * Thu Sep 29 2022 Arjen de Korte - updated to 7.4.32: This is a security release (CVE-2022-31628, CVE-2022-31629). See https://www.php.net/ChangeLog-7.php#7.4.32 * Thu Jun 09 2022 Arjen de Korte - updated to 7.4.30: This is a security release (CVE-2022-31625, CVE-2022-31626). See https://www.php.net/ChangeLog-7.php#7.4.30 * Fri May 06 2022 pgajdosAATTsuse.com- added patches fix https://github.com/php/php-src/commit/771dbdb319fa7f90584f6b2cc2c54ccff570492d + php7-signedness-php_filter_validate_domain.patch * Thu Apr 14 2022 Arjen de Korte - updated to 7.4.29: This is a bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.29 * Mon Apr 11 2022 pgajdosAATTsuse.com- fpm %postrans: check whether sytemctl is available * Fri Apr 08 2022 Arjen de Korte - Disable build with \'-z now\' as it breaks the php-mysql extension (boo#1197994) * Thu Mar 31 2022 Arjen de Korte - build PHP-FPM with libacl support (boo#1196870) * Fri Feb 18 2022 Arjen de Korte - updated to 7.4.28: This is a security release (CVE-2021-21708). See https://www.php.net/ChangeLog-7.php#7.4.28 * Sun Jan 09 2022 Arjen de Korte - use /tmp to store session information (boo#1194414) % php-ini.patch * Thu Dec 16 2021 Arjen de Korte - updated to 7.4.27: This is a bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.27 * Wed Dec 01 2021 Arjen de Korte - provide configuration for PHP-FPM out of the box (boo#1192414)- package missing php.ini for PHP-FPM (boo#1192672) * Thu Nov 18 2021 Arjen de Korte - updated to 7.4.26: This is a security release (CVE-2021-21707) which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.26 * Fri Oct 22 2021 Arjen de Korte - updated to 7.4.25: This is a security release (CVE-2021-21703) which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.25 * Mon Sep 27 2021 pgajdosAATTsuse.com- previous version updates fixes also: CVE-2020-7068,CVE-2020-7069,CVE-2020-7070,CVE-2020-7071, CVE-2021-21702,CVE-2021-21704,CVE-2021-21705 bsc#1175223,bsc#1177351,bsc#1177352,bsc#1180706, bsc#1182049,bsc#1188035,bsc#1188037 * Thu Sep 23 2021 Arjen de Korte - updated to 7.4.24: This is a security release (CVE-2021-21706) which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.24 * Wed Sep 15 2021 pgajdosAATTsuse.com- added patches https://github.com/php/php-src/commit/b3646440b1808abf0874b6f89027ce53ec5da03f + php7-gd-removed-unused-constants.patch * Thu Aug 26 2021 Arjen de Korte - updated to 7.4.23: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.23 * Thu Jul 29 2021 Arjen de Korte - updated to 7.4.22: This is a security and bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.22 * Thu Jul 01 2021 Arjen de Korte - updated to 7.4.21: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.21 * Thu Jun 03 2021 Arjen de Korte - updated to 7.4.20: This is a bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.20 * Thu May 06 2021 Arjen de Korte - updated to 7.4.19: This release reverts a bug related to PDO_pgsql that was introduced in PHP 7.4.18. * Fri Apr 30 2021 Arjen de Korte - updated to 7.4.18: This is a security bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.18 * Tue Apr 13 2021 Arjen de Korte - Do not hard-depend on systemd: use systemd_ordering instead of systemd_requires. * Thu Mar 04 2021 Arjen de Korte - updated to 7.4.16: This is a bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.16 * Mon Feb 01 2021 Arjen de Korte - updated to 7.4.15: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.15- suppress warning for all flavors not equal to \"\" in multibuild % php7.rpmlintrc * Fri Jan 29 2021 Arjen de Korte - add versioning to php-sapi as well * Sat Jan 23 2021 Arjen de Korte - require this PHP version of subpackages in Recommends/Suggests- run apache-rex tests in php7:test as packages need to be build first (otherwise tests run with previous version) * Sun Jan 17 2021 Arjen de Korte - add php_cfgdir and php_extdir macros * Fri Jan 15 2021 Arjen de Korte - deleted patch (redundant cast, both sides are already signed int) - php-odbc-cmp-int-cast.patch * Wed Jan 13 2021 Arjen de Korte - install php7-cli if no sapi is selected upon php7 installation- add conflicts with earlier version of php-cli, php-fastcgi and php-fpm * Mon Jan 11 2021 Arjen de Korte - put CLI binary in -cli subpackage so that other moduldes can depend on the php base package that remains (and provides files and maps common for all) * Fri Jan 08 2021 Arjen de Korte - use pkgconfig() to resolve BuildRequires where upstream uses it too- since php-7.4.0 when using --with-external-gd the configure options - -with-xpm, --with-freetype and --with-jpeg are not needed anymore (and neither are the respective BuildRequires)- add Recommends: php-openssl as many modules can optionally use it- use new %ldconfig macros in Tumbleweed * Thu Jan 07 2021 Arjen de Korte - build the MySQL Native Driver as a shared module (rather than builtin) to prevent a hard requirement for OpenSSL in the CLI * Thu Jan 07 2021 Arjen de Korte - updated to 7.4.14: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.14- make phar SOURCE_DATE_EPOCH aware so the timestamps in phar.phar are reproducible and sort filelist to include + php-build-reproducible-phar.patch + php-sort-filelist-phar.patch * Wed Jan 06 2021 Arjen de Korte - fix build failure for SLE_15 * Wed Jan 06 2021 pgajdosAATTsuse.com- deleted patches - php-openssl.patch (undocumented and not upstreamed patch for a long time) - php7-arm-build-fixes.patch (do not build for SLE12 anymore) - php-pts.patch (undocumented and not upstreamed patch for a long time)- improved patch documentation * Tue Jan 05 2021 pgajdosAATTsuse.com- use cli sapi php-config --libs * Mon Jan 04 2021 Arjen de Korte - build devel subpackage in cli configuration (otherwise include files for shared modules are missing) * Sun Jan 03 2021 Arjen de Korte - php-phar requires the php-zlib extension- trim specfile lint
|
|
|