|
|
|
|
Changelog for php8-bz2-8.3.12-lp155.191.1.x86_64.rpm :
* Sat Sep 28 2024 Thorsten Kukuk - Add /srv/www directories to filelist [bsc#1231027] * Thu Sep 26 2024 Arjen de Korte - version update to 8.3.12 CGI: Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926) Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927) Core: Fixed bug GH-15408 (MSan false-positve on zend_max_execution_timer). Fixed bug GH-15515 (Configure error grep illegal option q). Fixed bug GH-15514 (Configure error: genif.sh: syntax error). Fixed bug GH-15565 (--disable-ipv6 during compilation produces error EAI_SYSTEM not found). Fixed bug GH-15587 (CRC32 API build error on arm 32-bit). Fixed bug GH-15330 (Do not scan generator frames more than once). Fixed uninitialized lineno in constant AST of internal enums. Curl: Fixed bug GH-15547 (curl_multi_select overflow on timeout argument). DOM: Fixed bug GH-15551 (Segmentation fault (access null pointer) in ext/dom/xml_common.h). Fixed bug GH-15654 (Signed integer overflow in ext/dom/nodelist.c). Fileinfo: Fixed bug GH-15752 (Incorrect error message for finfo_file with an empty filename argument). FPM: Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered). (CVE-2024-9026) MySQLnd: Fixed bug GH-15432 (Heap corruption when querying a vector). Opcache: Fixed bug GH-15661 (Access null pointer in Zend/Optimizer/zend_inference.c). Fixed bug GH-15658 (Segmentation fault in Zend/zend_vm_execute.h). SAPI: Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data). (CVE-2024-8925) Standard: Fixed bug GH-15552 (Signed integer overflow in ext/standard/scanf.c). Streams: Fixed bug GH-15628 (php_stream_memory_get_buffer() not zero-terminated). * Fri Aug 30 2024 pgajdosAATTsuse.com- version update to 8.3.11 Core: Fixed bug GH-15020 (Memory leak in Zend/Optimizer/escape_analysis.c). Fixed bug GH-15023 (Memory leak in Zend/zend_ini.c). Fixed bug GH-13330 (Append -Wno-implicit-fallthrough flag conditionally). Fix uninitialized memory in network.c. Fixed bug GH-15108 (Segfault when destroying generator during shutdown). Fixed bug GH-15275 (Crash during GC of suspended generator delegate). Curl: Fixed case when curl_error returns an empty string. DOM: Fix UAF when removing doctype and using foreach iteration. FFI: Fixed bug GH-14286 (ffi enum type (when enum has no name) make memory leak). Hash: Fix crash when converting array data for array in shm in xxh3. Intl: Fixed bug GH-15087 (IntlChar::foldCase()\'s $option is not optional). Opcache: Fixed bug GH-13817 (Segmentation fault for enabled observers after pass 4). Fixed bug GH-13775 (Memory leak possibly related to opcache SHM placement). Output: Fixed bug GH-15179 (Segmentation fault (null pointer dereference) in ext/standard/url_scanner_ex.re). PDO_Firebird: Fix bogus fallthrough path in firebird_handle_get_attribute(). PHPDBG: Fixed bug GH-13199 (EOF emits redundant prompt in phpdbg local console mode with libedit/readline). Fixed bug GH-15268 (heap buffer overflow in phpdbg (zend_hash_num_elements() Zend/zend_hash.h)). Fixed bug GH-15210 use-after-free on watchpoint allocations. Soap: Fixed bug #55639 (Digest autentication dont work). Fix SoapFault property destruction. Fixed bug GH-15252 (SOAP XML broken since PHP 8.3.9 when using classmap constructor option). Standard: Fix passing non-finite timeout values in stream functions. Fixed GH-14780 p(f)sockopen timeout overflow. Streams: Fixed bug GH-15028 (Memory leak in ext/phar/stream.c). Fixed bug GH-15034 (Integer overflow on stream_notification_callback byte_max parameter with files bigger than 2GB). Reverted fix for GH-14930 (Custom stream wrapper dir_readdir output truncated to 255 characters). Tidy: Fix memory leaks in ext/tidy basedir restriction code. * Fri Aug 16 2024 Arjen de Korte - version update to 8.3.10 Core: Fixed bug GH-13922 (Fixed support for systems with sysconf(_SC_GETPW_R_SIZE_MAX) == -1). Fixed bug GH-14626 (Fix is_zend_ptr() for huge blocks). Fixed bug GH-14590 (Memory leak in FPM test gh13563-conf-bool-env.phpt. Fixed OSS-Fuzz #69765. Fixed bug GH-14741 (Segmentation fault in Zend/zend_types.h). Fixed bug GH-14969 (Use-after-free in property coercion with __toString()). Dom: Fixed bug GH-14702 (DOMDocument::xinclude() crash). Fileinfo: Fixed bug GH-14888 (README.REDIST.BINS refers to non-existing LICENSE). Gd: ext/gd/tests/gh10614.phpt: skip if no PNG support. restored warning instead of fata error. LibXML: Fixed bug GH-14563 (Build failure with libxml2 v2.13.0). Opcache: Fixed bug GH-14550 (No warning message when Zend DTrace is enabled that opcache.jit is implictly disabled). Output: Fixed bug GH-14808 (Unexpected null pointer in Zend/zend_string.h with empty output buffer). PDO: Fixed bug GH-14712 (Crash with PDORow access to null property). Phar: Fixed bug GH-14603 (null string from zip entry). PHPDBG: Fixed bug GH-14596 (crashes with ASAN and ZEND_RC_DEBUG=1). Fixed bug GH-14553 (echo output trimmed at NULL byte). Shmop: Fixed bug GH-14537 (shmop Windows 11 crashes the process). SPL: Fixed bug GH-14639 (Member access within null pointer in ext/spl/spl_observer.c). Standard: Fixed bug GH-14775 (range function overflow with negative step argument). Fix 32-bit wordwrap test failures. Fixed bug GH-14774 (time_sleep_until overflow). Streams: Fixed bug GH-14930 (Custom stream wrapper dir_readdir output truncated to 255 characters in PHP 8.3). Tidy: Fix memory leak in tidy_repair_file(). Treewide: Fix compatibility with libxml2 2.13.2. XML: Move away from to-be-deprecated libxml fields. Fixed bug GH-14834 (Error installing PHP when --with-pear is used). * Sun Jul 07 2024 pgajdosAATTsuse.com- version update to 8.3.9 Core: Fixed bug GH-14315 (Incompatible pointer type warnings). Fixed bug GH-12814 (max_execution_time reached too early on MacOS 14 when running on Apple Silicon). Fixed bug GH-14387 (Crash when stack walking in destructor of yielded from values during Generator->throw()). Fixed bug GH-14456 (Attempting to initialize class with private constructor calls destructor). Fixed bug GH-14510 (memleak due to missing pthread_attr_destroy()-call). Fixed bug GH-14549 (Incompatible function pointer type for fclose). BCMatch: Fixed bug (bcpowmod() with mod = -1 returns 1 when it must be 0). Curl: Fixed bug GH-14307 (Test curl_basic_024 fails with curl 8.8.0). DOM: Fixed bug GH-14343 (Memory leak in xml and dom). FPM: Fixed bug GH-14037 (PHP-FPM ping.path and ping.response config vars are ignored in status pool). GD: Fix parameter numbers for imagecolorset(). Intl: Fix reference handling in SpoofChecker. MySQLnd: Partially fix bug GH-10599 (Apache crash on Windows when using a self-referencing anonymous function inside a class with an active mysqli connection). Opcache: Fixed bug GH-14267 (opcache.jit=off does not allow enabling JIT at runtime). Fixed TLS access in JIT on FreeBSD/amd64. Fixed bug GH-11188 (Error when building TSRM in ARM64). PDO ODBC: Fixed bug GH-14367 (incompatible SDWORD type with iODBC). PHPDBG: Fixed bug GH-13681 (segfault on watchpoint addition failure). Soap: Fixed bug #47925 (PHPClient can\'t decompress response). Fix missing error restore code. Fix memory leak if calling SoapServer::setObject() twice. Fix memory leak if calling SoapServer::setClass() twice. Fix reading zlib ini settings in ext-soap. Fix memory leaks with string function name lookups. Fixed bug #69280 (SoapClient classmap doesn\'t support fully qualified class name). Fixed bug #76232 (SoapClient Cookie Header Semicolon). Fixed memory leaks when calling SoapFault::__construct() twice. Sodium: Fix memory leaks in ext/sodium on failure of some functions. SPL: Fixed bug GH-14290 (Member access within null pointer in extension spl). Standard: Fixed bug GH-14483 (Fixed off-by-one error in checking length of abstract namespace Unix sockets). Streams: Fixed bug GH-11078 (PHP Fatal error triggers pointer being freed was not allocated and malloc: double free for ptr errors). * Thu Jun 20 2024 pgajdosAATTsuse.com- drop unmaintained apache-rex usage * Fri Jun 07 2024 pgajdosAATTsuse.com- version update to 8.3.8 [bsc#1226073] CGI: Fixed buffer limit on Windows, replacing read call usage by _read. Fixed bug GHSA-3qgc-jrrr-25jv (Bypass of CVE-2012-1823, Argument Injection in PHP-CGI). (CVE-2024-4577) CLI: Fixed bug GH-14189 (PHP Interactive shell input state incorrectly handles quoted heredoc literals.). Core: Fixed bug GH-13970 (Incorrect validation of #[Attribute] flags type for non-compile-time expressions). DOM: Fix crashes when entity declaration is removed while still having entity references. Fix references not handled correctly in C14N. Fix crash when calling childNodes next() when iterator is exhausted. Fix crash in ParentNode::append() when dealing with a fragment containing text nodes. Filter: Fixed bug GHSA-w8qr-v226-r27w (Filter bypass in filter_var FILTER_VALIDATE_URL). (CVE-2024-5458) FPM: Fix bug GH-14175 (Show decimal number instead of scientific notation in systemd status). Hash: ext/hash: Swap the checking order of `__has_builtin` and `__GNUC__` (Saki Takamachi) Intl: Fixed build regression on systems without C++17 compilers. MySQLnd: Fix bug GH-14255 (mysqli_fetch_assoc reports error from nested query). Opcache: Fixed bug GH-14109 (Fix accidental persisting of internal class constant in shm). OpenSSL: The openssl_private_decrypt function in PHP and Marvin attack. Standard: Fixed bug GHSA-9fcc-425m-g385 (Bypass of CVE-2024-1874). (CVE-2024-5585) XML: Fixed bug GH-14124 (Segmentation fault with XML extension under certain memory limit). XMLReader: Fixed bug GH-14183 (XMLReader::open() can\'t be overridden).- modified patches % php-build-reproducible-phar.patch (refreshed) * Thu May 09 2024 pgajdosAATTsuse.com- version update to 8.3.7 Core: Fixed zend_call_stack build with Linux/uclibc-ng without thread support. Fixed bug GH-13772 (Invalid execute_data->opline pointers in observer fcall handlers when JIT is enabled). Fixed bug GH-13931 (Applying zero offset to null pointer in Zend/zend_opcode.c). Fixed bug GH-13942 (Align the behavior of zend-max-execution-timers with other timeout implementations). Fixed bug GH-14003 (Broken cleanup of unfinished calls with callable convert parameters). Fixed bug GH-14013 (Erroneous dnl appended in configure). Fixed bug GH-10232 (If autoloading occurs during constant resolution filename and lineno are identified incorrectly). Fixed bug GH-13727 (Missing void keyword). Fibers: Fixed bug GH-13903 (ASAN false positive underflow when executing copy()). Fileinfo: Fixed bug GH-13795 (Test failing in ext/fileinfo/tests/bug78987.phpt on big-endian PPC). FPM: Fixed bug GH-13563 (Setting bool values via env in FPM config fails). Intl: Fixed build for icu 74 and onwards. MySQLnd: Fix shift out of bounds on 32-bit non-fast-path platforms. Opcache: Fixed bug GH-13433 (Segmentation Fault in zend_class_init_statics when using opcache.preload). Fixed incorrect assumptions across compilation units for static calls. OpenSSL: Fixed bug GH-10495 (feof on OpenSSL stream hangs indefinitely). PDO SQLite: Fix GH-13984 (Buffer size is now checked before memcmp). Fix GH-13998 (Manage refcount of agg_context->val correctly). Phar: Fixed bug GH-13836 (Renaming a file in a Phar to an already existing filename causes a NULL pointer dereference). Fixed bug GH-13833 (Applying zero offset to null pointer in zend_hash.c). Fix potential NULL pointer dereference before calling EVP_SignInit. PHPDBG: Fixed bug GH-13827 (Null pointer access of type \'zval\' in phpdbg_frame). Posix: Fix usage of reentrant functions in ext/posix. Session: Fixed bug GH-13856 (Member access within null pointer of type \'ps_files\' in ext/session/mod_files.c). Fixed bug GH-13891 (memleak and segfault when using ini_set with session.trans_sid_hosts). Fixed buffer _read/_write size limit on windows for the file mode. Streams: Fixed file_get_contents() on Windows fails with \"errno=22 Invalid argument\". Fixed bug GH-13264 (Part 1 - Memory leak on stream filter failure). Fixed bug GH-13860 (Incorrect PHP_STREAM_OPTION_CHECK_LIVENESS case in ext/openssl/xp_ssl.c - causing use of dead socket). Fixed bug GH-11678 (Build fails on musl 1.2.4 - lfs64). Treewide: Fix gcc-14 Wcalloc-transposed-args warnings. * Fri Apr 12 2024 pgajdosAATTsuse.com- version update to 8.3.6 [bsc#1222857] [bsc#1222858] Core: Fixed GH-13569 (GC buffer unnecessarily grows up to GC_MAX_BUF_SIZE when scanning WeakMaps). Fixed bug GH-13612 (Corrupted memory in destructor with weak references). Fixed bug GH-13446 (Restore exception handler after it finishes). Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure). Fixed bug GH-13670 (GC does not scale well with a lot of objects created in destructor). DOM: Add some missing ZPP checks. Fix potential memory leak in XPath evaluation results. FPM: Fixed GH-11086 (FPM: config test runs twice in daemonised mode). Fix incorrect check in fpm_shm_free(). GD: Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests). Gettext: Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL. MySQLnd: Fix GH-13452 (Fixed handshake response [mysqlnd]). Fix incorrect charset length in check_mb_eucjpms(). Opcache: Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null). Fixed GH-13712 (Segmentation fault for enabled observers when calling trait method of internal trait when opcache is loaded). Random: Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown modes). Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used). Session: Fixed bug GH-13680 (Segfault with session_decode and compilation error). SPL: Fixed bug GH-13685 (Unexpected null pointer in zend_string.h). Standard: Fixed bug GH-11808 (Live filesystem modified by tests). Fixed GH-13402 (Added validation of `\ ` in $additional_headers of mail()). Fixed bug GH-13203 (file_put_contents fail on strings over 4GB on Windows). Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command parameter of proc_open). (CVE-2024-1874) Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix). (CVE-2024-2756) Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true, opening ATO risk). (CVE-2024-3096) Fixed bug GHSA-fjp9-9hwx-59fq (mb_encode_mimeheader runs endlessly for some inputs). (CVE-2024-2757) Fix bug GH-13932 (Attempt to fix mbstring on windows build) (msvc). * Tue Mar 19 2024 pgajdosAATTsuse.com- version update to 8.3.4 * This is a bug fix release. * Wed Mar 06 2024 Pedro Monreal - Use the system default cipher list instead of hardcoded values by using crypto-policies. [bsc#1211301] * Use the --with-system-ciphers configure option. * Fri Feb 16 2024 pgajdosAATTsuse.com- version update to 8.3.3 * A bugfix release.- modified patches % php-build-reproducible-phar.patch (refreshed) * Thu Jan 18 2024 pgajdosAATTsuse.com- version update to 8.3.2 * This is a bug fix release.- modified patches % php-ar-flags.patch (refreshed) % php-build-reproducible-phar.patch (refreshed) * Wed Dec 27 2023 Manu Maier - version update to 8.3.1 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.3.1 * Fri Nov 24 2023 pgajdosAATTsuse.com- version update to 8.3.0 * https://www.php.net/releases/8.3/en.php * Typed class constants * Dynamic class constant fetch * New #[\\Override] attribute * Deep-cloning of readonly properties * New json_validate() function * New Randomizer::getBytesFromString() method * New Randomizer::getFloat() and Randomizer::nextFloat() methods * New DOMElement::getAttributeNames(), DOMElement::insertAdjacentElement(), DOMElement::insertAdjacentText(), DOMElement::toggleAttribute(), DOMNode::contains(), DOMNode::getRootNode(), DOMNode::isEqualNode(), DOMNameSpaceNode::contains(), and DOMParentNode::replaceChildren() methods. * New IntlCalendar::setDate(), IntlCalendar::setDateTime(), IntlGregorianCalendar::createFromDate(), and IntlGregorianCalendar::createFromDateTime() methods. * New ldap_connect_wallet(), and ldap_exop_sync() functions. * New mb_str_pad() function. * New posix_sysconf(), posix_pathconf(), posix_fpathconf(), and posix_eaccess() functions. * New ReflectionMethod::createFromMethodName() method. * New socket_atmark() function. * New str_increment(), str_decrement(), and stream_context_set_options() functions. * New ZipArchive::getArchiveFlag() method. * Support for generation EC keys with custom EC parameters in OpenSSL extension. * New INI setting zend.max_allowed_stack_size to set the maximum allowed stack size. * php.ini now supports fallback/default value syntax. * Anonymous classes can now be readonly. * https://www.php.net/ChangeLog-8.php#PHP_8_3- modified patches % php-ar-flags.patch (refreshed) % php-build-reproducible-phar.patch (refreshed) % php-ini.patch (refreshed)- modified sources % php8.keyring- deleted patches - php-systzdata-v23.patch- added patches + php-systzdata-v24.patch * Fri Nov 24 2023 pgajdosAATTsuse.com- version update to 8.2.13 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.2.13 * Thu Oct 26 2023 pgajdosAATTsuse.com- version update to 8.2.12 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.2.12 * Fri Sep 29 2023 pgajdosAATTsuse.com- version update to 8.2.11 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.2.11 * Tue Sep 26 2023 pgajdosAATTsuse.com- add missing references to rpm changelog- 15sp4 only: [bsc#1200772], [jsc#SLE-24723] add pecl, pear [jsc#SLE-23639] version update * Fri Sep 01 2023 Bernhard Wiedemann - Use %make_build macro * Fri Sep 01 2023 pgajdosAATTsuse.com- version update to 8.2.10 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.2.10 * Tue Aug 22 2023 pgajdosAATTsuse.com- version update to 8.2.9 * This is a security release. * Fixes CVE-2023-3824 [bsc#1214103] and CVE-2023-3823 [bsc#1214106] * https://www.php.net/ChangeLog-8.php#8.2.9- deleted patches - php-unicode-allow-redistribution.patch (upstreamed)- deleted sources - repack.sh (not needed) * Mon Jul 17 2023 pgajdosAATTsuse.com- version update to 8.2.8 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.2.8- modified patches % php-sort-filelist-phar.patch (refreshed) * Thu Jun 22 2023 pgajdosAATTsuse.com- version update to 8.2.7 * Readonly classes * Disjunctive Normal Form (DNF) Types * Allow null, false, and true as stand-alone types * New \"Random\" extension * Constants in traits * Deprecate dynamic properties * for details, see https://www.php.net/releases/8.2/en.php https://www.php.net/manual/en/migration82.php- modified patches % php-ar-flags.patch (refreshed) % php-build-reproducible-phar.patch (refreshed) % php-date-regenerate-lexers.patch (refreshed) % php-ini.patch (refreshed) % php-systzdata-v23.patch (refreshed)- CVE-2023-3247 [bsc#1212349] * Tue May 30 2023 pgajdosAATTsuse.com- version update to 8.1.20 * This is a security release. * https://www.php.net/ChangeLog-8.php#8.1.20- force to repack tarball after update https://github.com/php/php-src/issues/11300- session.save_path set to /var/lib/php8/sessions in mod_php8.conf and www.conf php-fpm pool example- modified sources % mod_php8.conf- added sources + repack.sh + php-unicode-allow-redistribution.patch * Thu May 25 2023 pgajdosAATTsuse.com- repack the tarball temporarily [bsc#1211648] * Tue May 23 2023 pgajdosAATTsuse.com- also MIT license (systzdata patch, ext/date/lib/parse_posix.c) [https://build.suse.de/request/show/298230] * Fri May 12 2023 pgajdosAATTsuse.com- version update to 8.1.19 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.1.19- modified patches % php-ar-flags.patch (refreshed) % php-build-reproducible-phar.patch (refreshed) % php-ini.patch (refreshed) % php-systzdata-v23.patch (refreshed) * Wed May 10 2023 pgajdosAATTsuse.com- downgrade back to 8.1.18 https://lists.opensuse.org/archives/list/factoryAATTlists.opensuse.org/thread/4ADCEV2FII7J5FZEWREFETTEVX7CDUSR/ * Thu May 04 2023 pgajdosAATTsuse.com- version update to 8.2.5 * Readonly classes * Disjunctive Normal Form (DNF) Types * Allow null, false, and true as stand-alone types * New \"Random\" extension * Constants in traits * Deprecate dynamic properties * for details, see https://www.php.net/releases/8.2/en.php https://www.php.net/manual/en/migration82.php- modified patches % php-ar-flags.patch (refreshed) % php-build-reproducible-phar.patch (refreshed) % php-ini.patch (refreshed)- deleted patches - php-crypt-tests.patch (not needed)- modified sources % php8.keyring * Thu Apr 20 2023 Arjen de Korte - The %_restart_on_update macro was removed from systemd-rpm-macros. Remove %posttrans for FPM as it wasn\'t working as intended anyway. [boo#1210576] * Fri Apr 14 2023 pgajdosAATTsuse.com- version update to 8.1.18 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.1.18- modified patches % php-ar-flags.patch (refreshed) % php-build-reproducible-phar.patch (refreshed) % php-ini.patch (refreshed) * Thu Mar 16 2023 pgajdosAATTsuse.com- version update to 8.1.17 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.1.17 * Tue Mar 14 2023 pgajdosAATTsuse.com- update to newest systzdata patch [bsc#1208199]- deleted patches - php-systzdata-v21.patch (upstreamed)- added patches fix use of the system timezone database + php-systzdata-v23.patch * Sun Mar 05 2023 Aeneas Jaißle - add \"/usr/share/php\" to include_path * Fri Mar 03 2023 pgajdosAATTsuse.com- allow to specify load order of extensions in %{php_sysconf}/conf.d [bsc#1205162] * Sat Feb 25 2023 Arjen de Korte - change to %bcond conditional build dependencies * Thu Feb 16 2023 pgajdosAATTsuse.com- version update to 8.1.16 * This is a security release that addresses CVE-2023-0567, CVE-2023-0568, and CVE-2023-0662. ([bsc#1208366], [bsc#1208367], [bsc#1208388]) * https://www.php.net/ChangeLog-8.php#8.1.16 * Fri Feb 03 2023 pgajdosAATTsuse.com- version update to 8.1.15 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.1.15 * Fri Jan 06 2023 pgajdosAATTsuse.com- version update to 8.1.14 * This is a security release. * fixed: CVE-2022-31631 [bsc#1206958] * https://www.php.net/ChangeLog-8.php#8.1.14 * Wed Nov 30 2022 pgajdosAATTsuse.com- amend %preun to fix [bsc#1205782] * Fri Nov 25 2022 pgajdosAATTsuse.com- version update to 8.1.13 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.1.13 * Mon Oct 31 2022 pgajdosAATTsuse.com- version update to 8.1.12 * This is a security release. * fixed: CVE-2022-31630 [bsc#1204979], CVE-2022-37454 [bsc#1204577] * https://www.php.net/ChangeLog-8.php#8.1.12 * Thu Sep 29 2022 pgajdosAATTsuse.com- version update to 8.1.11 * This is a security release. * CVEs fixed: CVE-2022-31628 [bsc#1203867], CVE-2022-31629 [bsc#1203870] https://www.php.net/ChangeLog-8.php#8.1.11 * Fri Sep 02 2022 pgajdosAATTsuse.com- version update to 8.1.10 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.1.10 * Fri Aug 19 2022 pgajdosAATTsuse.com- version update to 8.1.9 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.1.9 * Mon Jul 18 2022 pgajdosAATTsuse.com- version update to 8.1.8 * This is a security release. https://www.php.net/ChangeLog-8.php#8.1.8- fixes CVE-2022-31627 [bsc#1201499] * Fri Jun 10 2022 pgajdosAATTsuse.com- version update to 8.1.7 * This is a security release. https://www.php.net/ChangeLog-8.php#8.1.7 * CVE-2022-31625 [bsc#1200645] * CVE-2022-31626 [bsc#1200628] * Wed May 25 2022 pgajdosAATTsuse.com- version update to 8.1.6: * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.1.6 * Wed Apr 20 2022 pgajdosAATTsuse.com- version update to 8.1.5: * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.1.5 * [bsc#1197644] * Mon Apr 11 2022 pgajdosAATTsuse.com- fpm %postrans: check whether sytemctl is available * Fri Apr 08 2022 Arjen de Korte - Disable build with \'-z now\' as it breaks the php-mysql extension [boo#1197994] * Thu Mar 31 2022 Arjen de Korte - build PHP-FPM with libacl support (boo#1196870) * Thu Mar 17 2022 Arjen de Korte - updated to 8.1.4: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.1.4 * Fri Feb 25 2022 Dominique Leuenberger - Fix boolean dep supplements: add parantheses. Without parantheses, this results in three separate supplements, against \'php-fpm\', \'and\', and \'apache2\' (boo#1196492). * Fri Feb 18 2022 Arjen de Korte - updated to 8.1.3: This is a security release (CVE-2021-21708 [bsc#1196252]) which also contains several bug fixes. See https://www.php.net/ChangeLog-8.php#8.1.3 * Fri Feb 11 2022 Arjen de Korte - provide an Apache configuration for PHP-FPM + php8-fpm.conf * Fri Jan 28 2022 Arjen de Korte - update keyring to include PHP 8.1 release managers signing keys % php8.keyring * Thu Jan 20 2022 Arjen de Korte - updated to 8.1.2: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.1.2- updated to 8.1.1: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.1.1- update to 8.1.0: This release marks the latest major release of the PHP language. See https://www.php.net/ChangeLog-8.php#8.1.0- cleanup php8.rpmlintrc- build ffi extension (experimental)- enable avif support for gd extension- rebased patches % php-ar-flags.patch % php-crypt-tests.patch % php-ini.patch % php-build-reproducible-phar.patch- deleted patches - php-systzdata-v20.patch - php8-gd-removed-unused-constants.patch- added patch + php-systzdata-v21.patch * Thu Jan 20 2022 Arjen de Korte - updated to 8.0.15: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.0.15 * Sun Jan 09 2022 Arjen de Korte - use /tmp to store session information (boo#1194414) % php-ini.patch * Fri Dec 17 2021 Arjen de Korte - updated to 8.0.14: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.0.14 * Wed Dec 01 2021 Arjen de Korte - provide configuration for PHP-FPM out of the box (boo#1192414)- package missing php.ini for PHP-FPM (boo#1192672) * Fri Nov 19 2021 Arjen de Korte - updated to 8.0.13: This is a security release (CVE-2021-21707 [bsc#1193041]) which also contains several bug fixes. See https://www.php.net/ChangeLog-8.php#8.0.13 * Thu Oct 21 2021 Arjen de Korte - updated to 8.0.12: This is a security release (CVE-2021-21703 [bsc#1192050]) which also contains several bug fixes. See https://www.php.net/ChangeLog-8.php#8.0.12 * Thu Sep 23 2021 Arjen de Korte - updated to 8.0.11: This is a security release fixing CVE-2021-21706. See https://www.php.net/ChangeLog-8.php#8.0.11 * Thu Sep 23 2021 pgajdosAATTsuse.com- added patches fix https://github.com/php/php-src/commit/b3646440b1808abf0874b6f89027ce53ec5da03f + php8-gd-removed-unused-constants.patch * Thu Aug 26 2021 Arjen de Korte - updated to 8.0.10: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-8.php#8.0.10- deleted patch - php-systzdata-v19.patch- added patch + php-systzdata-v20.patch * Wed Aug 04 2021 Marcus Rueckert - fix apparmor support: seems it requires a configure flag now. * Thu Jul 29 2021 Arjen de Korte - updated to 8.0.9: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.0.9 * Thu Jul 01 2021 Arjen de Korte - updated to 8.0.8: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-8.php#8.0.8 * Fri Jun 04 2021 Arjen de Korte - updated to 8.0.7: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.0.7 * Thu Jun 03 2021 Arjen de Korte - updated to 8.0.6: This release reverts a bug related to PDO_pgsql that was introduced in PHP 8.0.5. * Thu Apr 29 2021 Arjen de Korte - updated to 8.0.5: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.0.5 * Tue Apr 13 2021 Arjen de Korte - Do not hard-depend on systemd: use systemd_ordering instead of systemd_requires. * Tue Mar 09 2021 pgajdosAATTsuse.com- instead of [bsc#1183180]- modified sources % mod_php8.conf * Thu Mar 04 2021 Arjen de Korte - updated to 8.0.3: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.0.3 * Mon Feb 01 2021 Arjen de Korte - updated to 8.0.2: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.0.2- suppress warning for all flavors not equal to \"\" in multibuild and obsoletes for php7 % php8.rpmlintrc * Fri Jan 29 2021 Arjen de Korte - add conflicts with earlier versions of php (boo#1181292) * Thu Jan 28 2021 Arjen de Korte - update contents of configuration file (still referenced php7) % mod_php8.conf * Sat Jan 23 2021 Arjen de Korte - require this PHP version of subpackages in Recommends/Suggests- run apache-rex tests in php8:test as packages need to be build first (otherwise tests run with previous version) * Mon Jan 18 2021 Arjen de Korte - add conflicts with earlier version of php-devel and php-phar- add obsoletes for all subtargets that don\'t have conflicts yet- add php_cfgdir and php_extdir macros * Fri Jan 15 2021 Arjen de Korte - replace php8.keyring with signatures for PHP-8 release managers * Fri Jan 15 2021 Arjen de Korte - deleted patch (redundant cast, both sides are already signed int) - php-odbc-cmp-int-cast.patch * Wed Jan 13 2021 Arjen de Korte - install php8-cli if no sapi is selected upon php8 installation- add conflicts with earlier version of php-cli, php-fastcgi and php-fpm * Mon Jan 11 2021 Arjen de Korte - put CLI binary in -cli subpackage so that other moduldes can depend on the php base package that remains (and provides files and maps common for all)- remove Obsoletes: php5- * * Fri Jan 08 2021 Arjen de Korte - updated to 8.0.1: This is a bug fix release. See https://www.php.net/ChangeLog-8.php#8.0.1- use pkgconfig() to resolve BuildRequires where upstream uses it too- since php-7.4.0 when using --with-external-gd the configure options - -with-xpm, --with-freetype and --with-jpeg are not needed anymore (and neither are the respective BuildRequires)- build the MySQL Native Driver as a shared module (rather than builtin) to prevent a hard requirement for OpenSSL in the CLI- add Recommends: php-openssl as many modules can optionally use it- use new %ldconfig macros in Tumbleweed- change PEAR dir to /usr/share/php/PEAR * Fri Jan 08 2021 pgajdosAATTsuse.com- install mod_php8 directly- note it provides php_module instead of php8_module per upstream change * Thu Jan 07 2021 pgajdosAATTsuse.com- install embed\'s libphp8.so directly- deleted patches - php-embed.patch (not needed) * Wed Jan 06 2021 pgajdosAATTsuse.com- deleted patches - php-openssl.patch (undocumented and not upstreamed patch for a long time) - php7-arm-build-fixes.patch (do not build for SLE12 anymore) - php-pts.patch (undocumented and not upstreamed patch for a long time)- imporved patch documentation * Tue Jan 05 2021 pgajdosAATTsuse.com- use cli sapi php-config --libs * Sun Jan 03 2021 Arjen de Korte - php-phar requires the php-zlib extension- trim specfile lint * Thu Dec 31 2020 Arjen de Korte - install macros.php in %{_rpmconfigdir}/macros.d * Wed Dec 30 2020 Arjen de Korte - build devel subpackage in embed subpackage (where it previously was built) * Mon Dec 28 2020 Arjen de Korte - don\'t build with CPU specific instructions as it can\'t be guaranteed these are available at runtime + php-no-check-cpu.patch- remove obsolete patch (replaced by SOURCE_DATE_EPOCH) - php-no-build-date.patch * Fri Dec 18 2020 Arjen de Korte - add D(eterministic) flag to AR_FLAGS to (php-ar-flags.patch)- modified sources % _multibuild * Sun Dec 13 2020 Arjen de Korte - restart php-fpm.service in %posttrans fpm (extensions may need to be updated too, so restart must be delayed to after all RPM transactions have completed) * Fri Dec 04 2020 Arjen de Korte - do not add mod_php to httpd.conf during %install (better fix for new apache2 from Apache development repo) + php-install-mod_php.patch- do not build php-cgi when not needed- only build extensions in cli * Sun Nov 29 2020 Arjen de Korte - fix building with new apache2 from Apache development repo * Fri Nov 27 2020 pgajdosAATTsuse.com- do not build firebird extension in any case * Wed Nov 25 2020 Manu Maier - update to 8.0.0 See https://www.php.net/ChangeLog-8.php#8.0.0- modified patches % php-date-regenerate-lexers.patch * Sun Nov 15 2020 Manu Maier - update to 8.0.0 RC 4- modified patches % php-crypt-tests.patch (refreshed) % php-fix_net-snmp_disable_MD5.patch (refreshed) % php-no-build-date.patch (refreshed) % php-odbc-cmp-int-cast.patch (refreshed) % php-openssl.patch (refreshed) * Tue Oct 27 2020 Manu Maier - update to 8.0.0 RC 3 * Fri Oct 16 2020 Manu Maier - update to 8.0.0 RC 2- modified patches % php-ini.patch (refreshed) % php-phpize.patch (refreshed) % php-php-config.patch * Wed Oct 07 2020 pgajdosAATTsuse.com- update to 8.0.0 RC 1 https://www.php.net/manual/en/migration80.php- modified patches % php-no-build-date.patch (refreshed)- deleted patches - php-pts.patch (upstreamed) * Thu Oct 01 2020 Arjen de Korte - updated to 7.4.11: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.11 * Mon Sep 07 2020 pgajdosAATTsuse.com- do not rely on apr-devel to pull db-devel * Thu Sep 03 2020 Arjen de Korte - updated to 7.4.10: This is a bug fix release. See https://www.php.net/ChangeLog-7.php#7.4.10 * Thu Aug 06 2020 Arjen de Korte - updated to 7.4.9: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.9 * Thu Jul 09 2020 Arjen de Korte - updated to 7.4.8: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.8 * Thu Jul 09 2020 pgajdosAATTsuse.com- Use /run/php-fpm instead of /run/php- modified sources % php-fpm.tmpfiles.d * Thu Jul 09 2020 pgajdosAATTsuse.com- do not install %{_tmpfilesdir}, %{_tmpfilesdir}/php-fpm.conf in test favour * Mon Jul 06 2020 Daniel Molkentin - added tmpfiles.d for php-fpm to provide a base base for a socket (boo#1173786) * Thu Jun 11 2020 Arjen de Korte - updated to 7.4.7: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.7 * Thu May 14 2020 Arjen de Korte - updated to 7.4.6: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.6 * Wed May 13 2020 pgajdosAATTsuse.com- added patches build fixes in SLE12 + php7-arm-build-fixes.patch * Tue May 12 2020 pgajdosAATTsuse.com- added to SLE-12 [jsc#SLE-12474] * Tue May 12 2020 pgajdosAATTsuse.com- spec file usable under SLE12 again and better prepared for phpM -> phpMN transition * Mon May 11 2020 pgajdosAATTsuse.com- added to SLE-15-SP2 [jsc#SLE-12482], including fixes for: CVE-2020-7063 [bsc#1165289] CVE-2020-7062 [bsc#1165280] CVE-2019-11046, CVE-2019-11050, CVE-2019-11047, CVE-2019-11045 * Tue Apr 14 2020 Arjen de Korte - updated to 7.4.5: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.5 * Thu Apr 02 2020 pgajdosAATTsuse.com- remove Berkeley DB Database support [jsc#SLE-12210] * Fri Mar 20 2020 pgajdosAATTsuse.com- build firebird extension in any case * Tue Mar 17 2020 Arjen de Korte - updated to 7.4.4: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.4 * Thu Mar 12 2020 Martin Liška - Enable LTO as it works now (boo#1133275). * Wed Feb 19 2020 Arjen de Korte - updated to 7.4.3: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.3 * Mon Feb 10 2020 pgajdosAATTsuse.com- add %apache_rex_deps * Thu Jan 23 2020 Arjen de Korte - updated to 7.4.2: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.2 * Wed Dec 18 2019 Arjen de Korte - updated to 7.4.1: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.1- deleted patches - php-fix-mysqlnd-compression-library.patch - php-fpm-service-fails-to-start.patch * Tue Dec 10 2019 pgajdosAATTsuse.com- php7-devel requires glibc-devel, libxml2-devel, pcre2-devel again * Thu Dec 05 2019 Arjen de Korte - relax systemd restrictions for FPM as they were too strict in some applications- change leftover Requires php7- to php-- remove external libraries from -devel subpackage- added patches + php-fpm-service-fails-to-start.patch * Thu Nov 28 2019 Arjen de Korte - update to 7.4.0: * Typed Properties * Arrow Functions * Limited Return Type Covariance and Argument Type Contravariance * Unpacking Inside Arrays * Numeric Literal Separator * Weak References * Allow Exceptions from __toString() * Opcache Preloading * The interbase and wddx extensions are removed and now available through PECL * PEAR is now packaged separately in php7-pear source package (https://externals.io/message/103977) * See https://www.php.net/ChangeLog-7.php#7.4.0 for a complete list of changes- deleted patches - php-suse-addons.tar.bz - php-systzdata-v18.patch- added patches + php-fix-mysqlnd-compression-library.patch + php-systzdata-v19.patch + mod_php7.conf- modified files/patches % php-no-build-date.patch % php-systemd-unit.patch % php7.keyring (use keys of the PHP-7.4 release managers) % php7.rpmlintrc * Tue Nov 19 2019 pgajdosAATTsuse.com- added to SLE-15-SP2 [SLE-10860], fixes CVE-2019-11043 [bsc#1154999] CVE-2019-11041 [bsc#1146360] CVE-2019-11042 [bsc#1145095] CVE-2019-11039 [bsc#1138173] CVE-2019-11040 [bsc#1138172] CVE-2019-11036 [bsc#1134322] CVE-2019-11034 [bsc#1132838] CVE-2019-11035 [bsc#1132837] CVE-2019-9637 [bsc#1128892] CVE-2019-9675 [bsc#1128886] CVE-2019-9638 [bsc#1128889], CVE-2019-9639 [bsc#1128887] CVE-2019-9640 [bsc#1128883] CVE-2019-9024 [bsc#1126821] CVE-2019-9020 [bsc#1126711] CVE-2018-20783 [bsc#1127122] CVE-2019-9021 [bsc#1126713] CVE-2019-9022 [bsc#1126827] CVE-2019-9023 [bsc#1126823] CVE-2019-9641 [bsc#1128722] CVE-2018-19935 [bsc#1118832] CVE-2018-17082 [bsc#1108753] CVE-2018-1000222 [bsc#1105434] CVE-2018-14851 [bsc#1103659] CVE-2017-9120 [bsc#1103661] CVE-2018-12882 [bsc#1099098] [bsc#1151793] * Tue Nov 12 2019 Dominique Leuenberger - Do not add the generic provides to the php7-test package. * Fri Oct 25 2019 pgajdosAATTsuse.com- version update to 7.3.11: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.3.11 * Fri Oct 04 2019 pgajdosAATTsuse.com- provide test results via multibuild :test- added sources + _multibuild * Mon Sep 30 2019 pgajdosAATTsuse.com- remove pcre.jit=0 setting default as https://bugs.php.net/bug.php?id=77260 is solved on pcre2 side [bsc#1124446]- modified patches % php-ini.patch (amended) * Sun Sep 29 2019 suse+buildAATTde-korte.org- updated to 7.3.10: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.3.10 * Sat Aug 31 2019 suse+buildAATTde-korte.org- updated to 7.3.9: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.3.9 * Sat Aug 03 2019 suse+buildAATTde-korte.org- updated to 7.3.8: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.3.8 * Thu Jul 04 2019 suse+buildAATTde-korte.org- updated to 7.3.7: This is a bug fix release. See https://www.php.net/ChangeLog-7.php#7.3.7 * Thu May 30 2019 suse+buildAATTde-korte.org- updated to 7.3.6: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.3.6 * Wed May 29 2019 pgajdosAATTsuse.com- check via apache-rex * Fri May 24 2019 pgajdosAATTsuse.com- build for 42.3 * Thu May 02 2019 suse+buildAATTde-korte.org- updated to 7.3.5: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.3.5 * Wed Apr 24 2019 Martin Liška - Disable LTO (boo#1133275). * Thu Apr 04 2019 suse+buildAATTde-korte.org- updated to 7.3.4: This is a security release which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.3.4 * Fri Mar 15 2019 pgajdosAATTsuse.com- upstream bug #41631 is already fixed [bsc#1129032]- deleted sources - README.default_socket_timeout (not needed) * Fri Mar 08 2019 pgajdosAATTsuse.com- updated to 7.3.3: This is a security release which also contains several bug fixes. See http://www.php.net/ChangeLog-7.php#7.3.3- deleted patches - php-systzdata-v17.patch (upstreamed)- added patches + php-systzdata-v18.patch (thanks to remirepo) * Tue Mar 05 2019 pgajdosAATTsuse.com- asan_build: build ASAN included- debug_build: build more suitable for debugging * Thu Feb 28 2019 Tomáš Chvátal - Disable tests that do deadlock now with curl update, this is fixed in next release 7.3.3 thus reenable here when released * Thu Feb 28 2019 pgajdosAATTsuse.com- rename php7- *.patch to more general php-#1.patch why: this aligns with maintenance patch names, which are in changelogs comfortably copied over php72, php7, php5, php53; moreover, php$N prefix causes issues when package is renamed, e. g. php7 to php72- deleted patches - php7-crypt-tests.patch - php7-date-regenerate-lexers.patch - php7-embed.patch - php7-fix_net-snmp_disable_MD5.patch - php7-ini.patch - php7-no-build-date.patch - php7-odbc-cmp-int-cast.patch - php7-openssl.patch - php7-php-config.patch - php7-phpize.patch - php7-pts.patch - php7-systemd-unit.patch - php7-systzdata-v17.patch- added patches + php-crypt-tests.patch + php-date-regenerate-lexers.patch + php-embed.patch + php-fix_net-snmp_disable_MD5.patch + php-ini.patch + php-no-build-date.patch + php-odbc-cmp-int-cast.patch + php-openssl.patch + php-php-config.patch + php-phpize.patch + php-pts.patch + php-systemd-unit.patch + php-systzdata-v17.patch * Mon Feb 25 2019 pgajdosAATTsuse.com- fix wrongly ported patch, using the one from remirepo (Thanks!) [bsc#1126449]- modified patches % php7-systzdata-v17.patch * Wed Feb 13 2019 Petr Gajdos - updated to version 7.3.2: This is a bugfix release, with several bug fixes included. See http://php.net/ChangeLog-7.php#7.3.2- php7-systzdata-v16.patch modified and renamed to php7-systzdata-v17.patch * Thu Feb 07 2019 Petr Gajdos - set pcre.jit=0 until https://bugs.php.net/bug.php?id=77260 is solved [bsc#1124446] * Thu Jan 31 2019 Arjen de Korte - spec file cleanup * add BuildRequires gpg2 * remove outdated README.SUSE-pear - Squirrelmail uses PDO instead of DB now by default * remove outdated php7-depdb-path.patch - Horde packages no longer build so need to be fixed anyway- update php7.rpmlintrc to suppress warnings that aren\'t fixable and drown out other warnings * Wed Jan 30 2019 Arjen de Korte - provide the version of PEAR, rather than the PHP version in php-pear * Wed Jan 30 2019 Arjen de Korte - configure cache_dir, metadata_dir and sig_bin through PHP_PEAR_ * exports * Tue Jan 29 2019 Arjen de Korte - remove install-pear-nozlib.phar (the bundled and tested version from the PHP sources is fresh enough for our purposes)- merge back php7-pear-Archive_Tar in php7-pear- rename cache_dir to pear and create it * Tue Jan 22 2019 Arjen de Korte - fix php7.spec typos * Tue Jan 22 2019 Petr Gajdos - verify install-pear-nozlib.phar * Tue Jan 22 2019 Arjen de Korte - update install-pear-nozlib.phar to version 1.10.10 * switch source to GitHub * provides Archive_Tar 1.4.4 (fixes CVE-2018-1000888) * Mon Jan 14 2019 Petr Gajdos - update to 7.3.1: This is a security release which also contains several bug fixes. See http://php.net/ChangeLog-7.php- remove suhosin stuff * Sun Dec 30 2018 Cristian Rodríguez - Support LMDB in php7-dba, it is advisable to use it instead of bdb. * Thu Dec 20 2018 Cristian Rodríguez - Update php7-pts.patch: open slave_pty using TIOCGPTPEER if available instead of the name returned by ptsname() so it is safe to use when interacting with namespaces. * Thu Dec 20 2018 Cristian Rodríguez - update install-pear-nozlib.phar to its latest version, otherwise pecl stops working due to protocol switch http -> https * Wed Dec 19 2018 Martin Pluskal - Mark testresults package as noarch * Thu Dec 13 2018 Martin Pluskal - Enable testsuite during build time and save log to subpackage testresults (boo#1119396) * Mon Dec 10 2018 Cristian Rodríguez - update to pcre2 broke building third party modules, php7-devel needs pcre-devel --> pcre2-devel change. * Mon Dec 10 2018 Petr Gajdos - update to 7.3.0: * Improved PHP GC * Add net_get_interfaces() * Implemented flexible heredoc and nowdoc syntax * Added support for references in list() and array destructuring * Added syslog.facility and syslog.ident INI entries for customizing syslog logging * The declaration and use of case-insensitive constants has been deprecated * Added syslog.filter INI entry for syslog filtering * Added the \'add_slashes\' sanitization mode * Added support for WebP in imagecreatefromstring() * Export internal structures and accessor helpers for GMP object. * Added gmp_binomial(n, k) * Added gmp_lcm(a, b) * Added gmp_perfect_power(a) * Added gmp_kronecker(a, b) * Added JSON_THROW_ON_ERROR flag * Added ldap_exop_refresh helper for EXOP REFRESH operation with dds overlay * Added full support for sending and parsing ldap controls * Removed support for ODBCRouter * Removed support for Birdstep * Added openssl_pkey_derive function * Add min_proto_version and max_proto_version ssl stream options as well as related constants for possible TLS protocol values * Migrated to PCRE2 * Expose TDS version as \\PDO::DBLIB_ATTR_TDS_VERSION attribute on \\PDO instance * Treat DATETIME2 columns like DATETIME * Added is_countable() function * Added support for the SameSite cookie directive, including an alternative signature for setcookie(), setrawcookie() and session_set_cookie_params() * Many bugfixes and other changes, see http://php.net/ChangeLog-7.php#7.3.0- patch changes % php7-ini.patch % php7-no-build-date.patch % php7-odbc-cmp-int-cast.patch - php7-honor-re2c-flags.patch (upstreamed) * Mon Dec 10 2018 Petr Gajdos - update to 7.2.13: This is a security release. http://php.net/ChangeLog-7.php * Fri Nov 16 2018 Petr Gajdos - core package recommends instead of requires smtp_daemon [bsc#1115213] * Fri Nov 09 2018 Petr Gajdos - update to 7.2.12: This is a bugfix release. http://php.net/ChangeLog-7.php- forward ported: % php7-crypt-tests.patch % php7-honor-re2c-flags.patch % php7-odbc-cmp-int-cast.patch * Mon Oct 15 2018 Petr Gajdos - update to 7.2.11: This is a bugfix release. http://php.net/ChangeLog-7.php * Mon Sep 17 2018 Petr Gajdos - updated to 7.2.10: This is a security release which also contains several minor bug fixes. http://php.net/ChangeLog-7.php * Mon Sep 17 2018 Petr Gajdos - reenable php7-dba support of Berkeley DB [bsc#1108554] * Tue Sep 11 2018 Petr Gajdos - remove Supplements: packageand(%{apache_mmn}:%{name}) from Apache httpd module as I do not see the reason why system that have php7 and apache2 installed should get the module automatically as well. This had a drawback of selecting apache2-prefork while [#] zypper in apache2-worker The following 5 NEW packages are going to be installed: apache2 apache2-mod_php7 apache2-prefork apache2-utils apache2-worker [#] because apache2-mod_php7 Requires: apache2-prefork. * Fri Aug 17 2018 pgajdosAATTsuse.com- updated to 7.2.9: This is a bugfix release. http://php.net/ChangeLog-7.php * Fri Aug 03 2018 pgajdosAATTsuse.com- updated to 7.2.8: This is a security release which also contains several minor bug fixes. http://php.net/ChangeLog-7.php#7.2.8 * Tue Jun 26 2018 pgajdosAATTsuse.com- updated to 7.2.7: A Bugfix release which includes a segfault fix for opcache. http://php.net/ChangeLog-7.php#7.2.7 * Thu Jun 07 2018 pgajdosAATTsuse.com- actually build against system gd for 42.3, made a bold comment [bsc#1074025c#5] * Tue May 29 2018 pgajdosAATTsuse.com- fix build for SLE12, where %license does not exist * Tue May 29 2018 pgajdosAATTsuse.com- updated to 7.2.6: Bugfix release which includes a memory corruption fix for EXIF. http://php.net/ChangeLog-7.php#7.2.6 * Fri May 25 2018 idonmezAATTsuse.com- Remove php7-freetype-pkgconfig.patch as it seems to break Freetype detection on some systems bsc#1094534 * Tue May 15 2018 pgajdosAATTsuse.com- main package requires wwwrun:www user [bsc#1093025] * Thu May 10 2018 pgajdosAATTsuse.com- better workaround for [bsc#1089487]: build mod_phpN.so instead of libphpN.so * Wed May 09 2018 pgajdosAATTsuse.com- rename freetype-pkgconfig.patch to php7-freetype-pkgconfig.patch to align with the rest of patch names * Mon May 07 2018 idonmezAATTsuse.com- Add freetype-pkgconfig.patch to fix build with new Freetype: use pkg-config to find Freetype libraries * Mon Apr 30 2018 pgajdosAATTsuse.com- updated to 7.2.5: This is a security release which also contains several minor bug fixes. http://php.net/ChangeLog-7.php#7.2.5 * Thu Apr 19 2018 pgajdosAATTsuse.com- build-test.sh: generic spec file name * Mon Apr 16 2018 pgajdosAATTsuse.com- apache2-mod_php7 does not provide libphp7.so [bsc#1089487] * Wed Apr 04 2018 pgajdosAATTsuse.com- updated to 7.2.4: This is a security release with also contains several minor bug fixes. http://php.net/ChangeLog-7.php#7.2.4- php7-no-build-date.patch refreshed * Mon Mar 26 2018 pgajdosAATTsuse.com- build firebird extension only for openSUSE (sle15 requirement) * Tue Mar 20 2018 guillaume.gardetAATTopensuse.org- Fix build for %arm and aarch64 * Fri Mar 16 2018 pgajdosAATTsuse.com- drop imap extension [bsc#1084461] * Sat Mar 10 2018 dimstarAATTopensuse.org- BuildRequire pkgconfig(enchant) instead of enchant-devel: enchant is moving to version 2.2, with an enchant-1 as compatibility package. By using the pkgconfig symbol, we don\'t have to care for the actual package name. * Fri Mar 09 2018 pgajdosAATTsuse.com- updated to 7.2.3: This is a security release with also contains several minor bug fixes. http://php.net/ChangeLog-7.php#7.2.3- removed upstreamed php7-pgsql-memory-leak.patch- php7-systzdata-v15.patch refreshed and renamed to php7-systzdata-v16.patch * Thu Feb 22 2018 crrodriguezAATTopensuse.org- php7-honor-re2c-flags.patch: honor RE2C_FLAGS everywhere.- remove generated lexers so they are recreated at build time * Thu Feb 22 2018 crrodriguezAATTopensuse.org- php7-date-regenerate-lexers.patch: honor RE2C_FLAGS * Thu Feb 22 2018 crrodriguezAATTopensuse.org- Support password_hash(\"...\", PASSWORD_ARGON2I), buildrequire libargon2 in supported products. * Mon Feb 19 2018 crrodriguezAATTopensuse.org- Remove buildRequires on: * libevent-devel: php7-fpm does not use it. * pam-devel: not used- Add buildrequire on zlib-devel explicitly.- libvpx is not needed but libwebp is, only when not building against system gd. xft likewise. * Mon Feb 19 2018 pgajdosAATTsuse.com- fixed memory leak in pgsql extension, php function pg_escape_bytea https://bugs.php.net/bug.php?id=75838 [bsc#1076970] (internal) + php7-pgsql-memory-leak.patch * Wed Feb 07 2018 pgajdosAATTsuse.com- updated to 7.2.2: This is a bugfix release, with several bug fixes included. http://php.net/ChangeLog-7.php#7.2.2 * Fri Jan 26 2018 pgajdosAATTsuse.com- do not build against system gd when suse_version < 1500 * Tue Jan 23 2018 pgajdosAATTsuse.com- fix build for SLE12 * * Tue Jan 09 2018 pgajdosAATTsuse.com- updated to 7.2.1: Several security bugs were fixed in this release. http://php.net/ChangeLog-7.php#7.2.1 * Tue Jan 02 2018 pgajdosAATTsuse.com- build against newer webp [bsc#1074121] * Fri Dec 15 2017 pgajdosAATTsuse.com- build with SLE12 * * Mon Dec 11 2017 pgajdosAATTsuse.com- updated to 7.2.0: features and improvements: * Convert numeric keys in object/array casts * Counting of non-countable objects * Object typehint * HashContext as Object * Argon2 in password hash * Improve TLS constants to sane values * Mcrypt extension removed * New sodium extension- patches: . php7-systzdata-v14.patch transformed to php7-systzdata-v15.patch . removed upstreamed php7-aarch64-mult.patch * Mon Nov 27 2017 pgajdosAATTsuse.com- updated to 7.1.12: This is a bugfix release, with several bug fixes included. * Wed Nov 01 2017 bluemer.markAATTgmail.com- Add php-cli as provides to php7 * Fri Oct 27 2017 pgajdosAATTsuse.com- updated to 7.1.11: This is a bugfix release, with several bug fixes included. * Wed Oct 04 2017 pgajdosAATTsuse.com- fixed installation of wrong cli [bsc#1061555] * Sat Sep 30 2017 jengelhAATTinai.de- Update not-so-useful repeated package summaries. Update the descriptions to have a bit more explanation. Replace old tar syntax. * Wed Sep 27 2017 pgajdosAATTsuse.com- build and ship embed SAPI + php7-embed.patch * Wed Sep 27 2017 pgajdosAATTsuse.com- updated to 7.1.10: Several bugs have been fixed, see https://secure.php.net/ChangeLog-7.php for details * Tue Sep 12 2017 pgajdosAATTsuse.com- aarch64-mult.patch renamed to php7-aarch64-mult.patch * Mon Sep 04 2017 pgajdosAATTsuse.com- php7-devel requires php7-pear [bsc#1057104] * Fri Sep 01 2017 jweberhoferAATTweberhofer.at- Changes related to boo#1056822- New packaging macros in macros.php: %php_pearxmldir, %pear_phpdir, %pear_phpdir, %pear_testdir, %pear_datadir, %pear_cfgdir, %pear_wwwdir, %pear_metadir, %pecl_phpdir, %pecl_docdir, %pecl_testdir, %pecl_datadir- Updated packaging documentation in README.macros * Thu Aug 31 2017 ilyaAATTilya.pp.ua- Updated to 7.1.9: Several bugs have been fixed. * ChangeLog https://secure.php.net/ChangeLog-7.php#7.1.9 * Mon Aug 14 2017 pgajdosAATTsuse.com- added /usr/bin/php7 [bsc#734176] * Mon Aug 07 2017 jweberhoferAATTweberhofer.at- php7-pear should explicitly require php7-pear-Archive_Tar otherwise this dependency must be declared in every php7-pear- * package explicitly. [bnc#1052389] * Wed Aug 02 2017 ilyaAATTilya.pp.ua- Updated to 7.1.8: Several bugs have been fixed. * ChangeLog https://secure.php.net/ChangeLog-7.php#7.1.8 * Wed Jul 26 2017 ilyaAATTilya.pp.ua- Replace %__-type macro indirections. * Fri Jul 21 2017 pgajdosAATTsuse.com- date extension: regenerate lexers when needed + php7-date-regenerate-lexers.patch * Mon Jul 17 2017 pgajdosAATTsuse.com- dropped mcrypt extension [fate#323673] * Mon Jul 17 2017 pgajdosAATTsuse.com- updated to 7.1.7: This is a security release with several bug fixes included. * Mon Jul 03 2017 tchvatalAATTsuse.com- Drop sle11 support as we are not building against it anymore- Remove php7-BNC-457056.patch that was applied on sle11 only- Remove dependency on imap-devel, it is not used- Switch spell from aspell to enchant, dropping pspell subpackage- Remove unknown switch options from php cli build- Drop support for berkleydb format, by default there are more supported solutions built in php- Use %configure macro in the build phases * Fri Jun 09 2017 pgajdosAATTsuse.com- updated to 7.1.6: Several bugs have been fixed. * Fri May 12 2017 13ilyaAATTgmail.com- Updated to 7.1.5: Several bugs have been fixed. * ChangeLog https://secure.php.net/ChangeLog-7.php#7.1.5 * Sat Apr 15 2017 13ilyaAATTgmail.com- Updated to 7.1.4: Several bugs have been fixed. * ChangeLog https://secure.php.net/ChangeLog-7.php#7.1.4 * Fri Mar 17 2017 13ilyaAATTgmail.com- Updated to 7.1.3: Several bugs have been fixed. * ChangeLog https://secure.php.net/ChangeLog-7.php#7.1.3 * Fri Mar 17 2017 kukukAATTsuse.com- Don\'t install the init script if we use systemd * Mon Feb 20 2017 pgajdosAATTsuse.com- updated to 7.1.2: Several bugs have been fixed.- deleted php7-getrandom-test.patch, upstreamed * Tue Feb 14 2017 pgajdosAATTsuse.com- updated to 7.1.1: This release is the first point release in the 7.x series. PHP 7.1 comes with numerous improvements and new features such as * Nullable types * Void return type * Iterable pseudo-type * Class constant visiblity modifiers * Square bracket syntax for list() and the ability to specify keys in list() * Catching multiple exceptions types * Many more features and changes…- migration: http://php.net/manual/en/migration71.php- php7-systzdata-v13.patch replaced by php7-systzdata-v14.patch * Thu Feb 02 2017 pgajdosAATTsuse.com- suggest php7- * instead of php- * [bsc#1022158c#4]- do not suggest php-suhosin at all as we do not build it (not ported to php7 yet) * Tue Jan 24 2017 pgajdosAATTsuse.com- updated to 7.0.15: Several security bugs were fixed in this release. * Mon Dec 12 2016 fbuiAATTsuse.com- Replace pkgconfig(libsystemd- *) with pkgconfig(libsystemd) Nowadays pkgconfig(libsystemd) replaces all libsystemd- * libs, which are obsolete. * Mon Dec 12 2016 pgajdosAATTsuse.com- updated to 7.0.14: Several security bugs were fixed in this release. * Fri Nov 11 2016 pgajdosAATTsuse.com- updated to 7.0.13: This is a security release. Several security bugs were fixed in this release. * Mon Oct 24 2016 pgajdosAATTsuse.com- adjust firebird dependency * Mon Oct 17 2016 pgajdosAATTsuse.com- updated to 7.0.12: This is a security release. Several security bugs were fixed in this release. * Thu Sep 15 2016 pgajdosAATTsuse.com- updated to 7.0.11: Several security bugs were fixed in this release. * Wed Aug 31 2016 crrodriguezAATTopensuse.org- php7-getrandom-test.patch: Fix incorrect test for the getrandom syscall. * Mon Aug 22 2016 pgajdosAATTsuse.com- updated to 7.0.10: Several security bugs were fixed in this release. * Mon Aug 01 2016 pgajdosAATTsuse.com- updated to 7.0.9: Several security bugs were fixed in this release, including the HTTP_PROXY issue. * Thu Jun 23 2016 pgajdosAATTsuse.com- updated to 7.0.8: This is a security release. Several security bugs were fixed in this release.- removed: php7-mbstring-missing-return.patch (upstreamed) * Mon Jun 20 2016 pgajdosAATTsuse.com- systemd unit: remove syslog.target from After [bsc#983938] * Mon May 30 2016 pgajdosAATTsuse.com- updated to 7.0.7: This is a security release. Several security bugs were fixed in this release. * Thu Apr 28 2016 pgajdosAATTsuse.com- updated to 7.0.6: This is a security release. Several security bugs were fixed in this release. * removed upstreamed php7-no-reentrant-crypt.patch * Mon Apr 25 2016 schwabAATTlinux-m68k.org- aarch64-mult.patch: fix asm constraints in aarch64 multiply macro * Thu Apr 07 2016 pgajdosAATTsuse.com- build for sle12 * Wed Apr 06 2016 pgajdosAATTsuse.com- correct public key * Fri Apr 01 2016 pgajdosAATTsuse.com- updated to 7.0.5 * Tue Mar 29 2016 pgajdosAATTsuse.com- firebird builds now * Thu Mar 03 2016 jimmyAATTboombatower.com- update to 7.0.4 * Wed Feb 10 2016 pgajdosAATTsuse.com- updated to 7.0.3 * Thu Feb 04 2016 pgajdosAATTsuse.com- require postgresql-devel < 9.4 for sle12 to fix build * Fri Jan 29 2016 pgajdosAATTsuse.com- more versioned provides * Fri Jan 08 2016 pgajdosAATTsuse.com- update to 7.0.2: 31 reported bugs has been fixed, including 6 security related issues. * Mon Dec 21 2015 jimmyAATTboombatower.com- update to 7.0.1 * Mon Dec 14 2015 pgajdosAATTsuse.com- php5-pear-Archive_Tar provides 1.4.0- install .depdb and .depdblock files along metadata * php5-depdb-path.patch- versioned provides in subpackages * Mon Dec 14 2015 jimmyAATTboombatower.com- Provide obsoletes for sub-packages to improve upgrade process. * Wed Dec 09 2015 jimmyAATTboombatower.com- Obsolete php5 since php7 conflicts and should replace. * Mon Dec 07 2015 pgajdosAATTsuse.com- marcello at ceschia.de: fix path php-fpm.conf * Mon Nov 23 2015 pgajdosAATTsuse.com- set pear\'s metadata dir to %{peardir} * Mon Nov 16 2015 ajAATTajaissle.de- Spec cleanup * Split Archive_Tar from -pear sub packge to allow updating this part via rpm * Added \"Provides: php-firebird\" to -firebird sub package * Added \"Provides: mod_php_any\" to server api module packages - fastcgi and -fpm * Mon Nov 16 2015 pgajdosAATTsuse.com- test mod_php with %apache_test_module_curl- restart apache during mod_php upgrade * Tue Sep 08 2015 pgajdosAATTsuse.com- add php5-fix_net-snmp_disable_MD5.patch [bnc#944302] * Fri Sep 04 2015 pgajdosAATTsuse.com- fixed segfault in odbc extension when result set is containing NULL (php bugs #52554, #53007) [bnc#935074] (internal) + php7-odbc-cmp-int-cast.patch * Tue Jul 14 2015 pgajdosAATTsuse.com- updated to 7.0.0 * see NEWS for changes * see UPGRADING for 5.6.x -> 7.0.x transition- removed unneded or not upstreamed patches for long time: * php5-cloexec.patch * php5-missing-extdeps.patch * php5-format-string-issues.patch * php5-per-mod-log.patch * php5-apache24-updates.patch * php5-crypto-checks.patch * php5-systzdata-r12.patch (new: php7-systzdata-v13.patch) * Mon Jul 13 2015 pgajdosAATTsuse.com- updated to 5.6.11: Five security-related issues in PHP were fixed in this release, including CVE-2015-3152. * Thu Jun 25 2015 crrodriguezAATTopensuse.org- php5-systemd-unit.patch: set Killmode=mixed in order to ensure fpm and children forked by script can terminate cleanly. * Wed Jun 24 2015 pgajdosAATTsuse.com- mod_php5.so executable * Thu Jun 18 2015 pgajdosAATTsuse.com- use apache-rpm-macros * Thu Jun 18 2015 pgajdosAATTsuse.com- updated to 5.6.10: Several bugs have been fixed as well as several security issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). * Fri Jun 05 2015 mrueckertAATTsuse.de- enable apparmor support: new BR libapparmor-devel * Mon May 18 2015 pgajdosAATTsuse.com- update to 5.6.9: Several bugs have been fixed.- systzdata patch updated to r12 - php5-systzdata-r10.patch + php5-systzdata-r12.patch * Fri Apr 24 2015 pgajdosAATTsuse.com- update to 5.6.8: Several bugs have been fixed some of them beeing security related, like CVE-2015-1351 and CVE-2015-1352.- refreshed php5-crypto-checks.patch * Mon Apr 20 2015 pgajdosAATTsuse.com- configure php-fpm with --localstatedir=/var [bnc#927147] * Wed Apr 08 2015 pgajdosAATTsuse.com- systzdata patch updated to r10 - php5-systzdata-v7.patch + php5-systzdata-r10.patch * Thu Apr 02 2015 pgajdosAATTsuse.com- build against system gd and libzip only for 13.2 and above * Tue Mar 24 2015 pgajdosAATTsuse.com- update to 5.6.7: Several bugs have been fixed as well as CVE-2015-0231, CVE-2015-2305 and CVE-2015-2331. * Tue Mar 24 2015 pgajdosAATTsuse.com- build against system gd [bnc#923946] * Fri Mar 20 2015 pgajdosAATTsuse.com- build against system libzip [bnc#922894] * Mon Feb 23 2015 pgajdosAATTsuse.com- update to 5.6.6: fixes several bugs and addresses CVE-2015-0235 and CVE-2015-0273. * Mon Feb 09 2015 pgajdosAATTsuse.com- added README.default_socket_timeout [bnc#907519] * Tue Feb 03 2015 pgajdosAATTsuse.com- fix sle_11_sp3 build * Mon Jan 26 2015 pgajdosAATTsuse.com- update to 5.6.5: This release fixes several bugs as well as CVE-2015-0231, CVE-2014-9427 and CVE-2015-0232.- removed patches: * php-CVE-2014-9426.patch * php-CVE-2014-9427.patch * php-CVE-2015-0231.patch * Wed Jan 21 2015 pgajdosAATTsuse.com- added php-CVE-2015-0231.patch [bnc#910659] * Mon Jan 05 2015 pgajdosAATTsuse.com- added php-CVE-2014-9426.patch [bnc#911663]- added php-CVE-2014-9427.patch [bnc#911664] * Fri Dec 19 2014 pgajdosAATTsuse.com- update to 5.6.4: This release fixes several bugs and one CVE related to unserialization. * Tue Nov 18 2014 pgajdosAATTsuse.com- update to 5.6.3: This release fixes several bugs and one CVE in the fileinfo extension. * Mon Oct 27 2014 pgajdosAATTsuse.com- update to 5.6.2: Four security-related bugs were fixed in this release, including fixes for CVE-2014-3668, CVE-2014-3669 and CVE-2014-3670. * Tue Oct 14 2014 pgajdosAATTsuse.com- upgraded to 5.6.1: * Several bugs were fixed in this release (including CVE-2014-3622).
|
|
|