Lucene search
OracleLinuxELSA-2023-2903HistoryMay 24, 2023 - 12:00 a.m.
php:7.4 security update
2023-05-2400:00:00
linux.oracle.com
50
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
82.1%
libzip
[1.6.1-1]
- update to 1.6.1
- enable lzma support
[1.5.2-1] - update to 1.5.2
- add all explicit cmake options to ensure openssl is used
even in local build with other lilbraries available
[1.5.1-1] - update to 1.5.1
- drop dependency on zlib-devel and bzip2-devel no more
referenced in libzip.pc - drop rpath patch merged upstream
[1.5.0-2] - add dependency on zlib-devel and bzip2-devel #1556068
[1.5.0-1] - update to 1.5.0
- use openssl for cryptography instead of bundled custom AES implementation
[1.4.0-5] - missing BR on C compiler
- use ldconfig_scriptlets
[1.4.0-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[1.4.0-3] - add upstream patch and drop multilib hack
[1.4.0-2] - re-add multilib hack #1529886
[1.4.0-1] - update to 1.4.0
- switch to cmake
- add upstream patch for lib64
[1.3.2-1] - update to 1.3.2
- drop multilib header hack
- change URL to https://libzip.org/
- test suite now ok on all arch
[1.3.0-2] - use multilib-rpm-config for multilib hacks
[1.3.0-1] - update to 1.3.0
- add dependency on bzip2 library
- ignore 3 tests failing on 32-bit
[1.2.0-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[1.2.0-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[1.2.0-1] - update to 1.2.0
- soname bump to 5
[1.2.0-0] - update to 1.2.0
- soname bump to 5
- temporarily keep libzip.so.4
[1.1.3-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
[1.1.3-1] - update to 1.1.3
[1.1.2-1] - update to 1.1.2
- add BR on perl(Getopt::Long)
[1.1.1-1] - update to 1.1.1
[1.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
[1.1-1] - update to 1.1
- new ziptool command
- add fix for undefined optopt in ziptool.c (upstream)
[1.0.1-3] - fix libzip-tools summary #1288424
[1.0.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
[1.0.1-1] - update to 1.0.1
- soname bump from .2 to .4
- drop ziptorrent
- create ‘tools’ sub package
[0.11.2-5] - actually apply patch (using %autosetup)
[0.11.2-4] - CVE-2015-2331: integer overflow when processing ZIP archives (#1204676,#1204677)
[0.11.2-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
[0.11.2-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
[0.11.2-1] - update to 0.11.2
- run test during build
[0.11.1-3] - replace php patch with upstream one
[0.11.1-2] - include API-CHANGES and LICENSE in package doc
[0.11.1-1] - update to 0.11.1
[0.10.1-7] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
[0.10.1-6] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
[0.10.1-5] - fix typo in multiarch (#866171)
[0.10.1-4] - Warning about conflicting contexts for /usr/lib64/libzip/include/zipconf.h versus /usr/include/zipconf-64.h (#853954)
[0.10.1-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
[0.10.1-2] - spec cleanup, better multilib fix
[0.10.1-1] - update to 0.10.1 (security fix only)
- fixes for CVE-2012-1162 and CVE-2012-1163
[0.10-2] - try to fix ARM issue (#799684)
[0.10-1] - update to 0.10
- apply patch with changes from php bundled lib (thanks spot)
- handle multiarch headers (ex from MySQL)
[0.9.3-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
[0.9.3-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
[0.9.3-2] - Cleaned up pkgconfig deps which are now automatically handled by RPM.
[0.9.3-1] - Updated to libzip 0.9.3
[0.9-4] - Use bzipped upstream tarball.
[0.9-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
[0.9-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
[0.9-1] - libzip-0.9
[0.8-5] - rebuild for new gcc-4.3
[0.8-4] - use better workaround for removing rpaths
[0.8-3] - require pkgconfig in devel subpkg
- move api description to devel subpkg
- keep timestamps in %install
- avoid lib64 rpaths
[0.8-2] - Change License to BSD
[0.8-1] - Initial version for Fedora
php-pear
php-pecl-apcu
[5.1.18-1] - update to 5.1.18
[5.1.17-1] - update to 5.1.17
[5.1.12-1] - update to 5.1.12 (stable)
[5.1.11-1] - update to 5.1.11 (stable)
[5.1.10-1] - update to 5.1.10 (stable)
[5.1.9-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[5.1.9-2] - undefine _strict_symbol_defs_build
[5.1.9-1] - Update to 5.1.9 (php 7, stable)
[5.1.8-5] - rebuild for https://fedoraproject.org/wiki/Changes/php72
[5.1.8-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[5.1.8-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[5.1.8-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
[5.1.8-1] - Update to 5.1.8 (php 7, stable)
[5.1.7-2] - rebuild for https://fedoraproject.org/wiki/Changes/php71
[5.1.7-1] - Update to 5.1.7 (php 7, stable)
[5.1.6-1] - Update to 5.1.6 (php 7, stable)
[5.1.5-1] - Update to 5.1.5 (php 7, stable)
[4.0.11-1] - Update to 4.0.11 (stable)
- fix license usage and spec cleanup
[4.0.10-4] - add upstream patch, fix FTBFS with 5.6.21RC1, thanks Koschei
[4.0.10-3] - drop scriptlets (replaced file triggers in php-pear)
[4.0.10-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
[4.0.10-1] - Update to 4.0.10 (stable)
[4.0.8-1] - Update to 4.0.8
[4.0.7-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
[4.0.7-1] - Update to 4.0.7
[4.0.6-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
[4.0.6-2] - rebuild for https://fedoraproject.org/wiki/Changes/Php56
[4.0.6-1] - Update to 4.0.6 (beta)
[4.0.4-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
[4.0.4-2] - add numerical prefix to extension configuration file
[4.0.4-1] - Update to 4.0.4 (beta)
[4.0.3-1] - Update to 4.0.3 (beta)
- install doc in pecl doc_dir
- install tests in pecl test_dir (in devel)
- cleanup SCL stuff
[4.0.2-3] - EPEL-7 build
[4.0.2-2] - fix perm on config dir
- improve SCL compatibility
- always provides php-pecl-apc-devel and apc-panel
[4.0.2-1] - Update to 4.0.2
[4.0.1-3] - restore APC serializers ABI (patch merged upstream)
[4.0.1-2] - adapt for SCL
[4.0.1-1] - Update to 4.0.1
- add missing scriptlet
- fix Conflicts
[4.0.0-2] - fix segfault when used from command line
[4.0.0-1] - first pecl release
- rename from php-apcu to php-pecl-apcu
[4.0.0-0.4.git4322fad] - new snapshot (test before release)
[4.0.0-0.3.git647cb2b] - new snapshot with our pull request
- allow to run test suite simultaneously on 32/64 arch
- build warning free
[4.0.0-0.2.git6d20302] - new snapshot with full APC compatibility
[4.0.0-0.1.git44e8dd4] - initial package, version 4.0.0
php-pecl-rrd
[2.0.1-1] - build for RHEL 8
[2.0.1-13] - rebuild for https://fedoraproject.org/wiki/Changes/php74
[2.0.1-12] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
[2.0.1-11] - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
[2.0.1-10] - Rebuild for https://fedoraproject.org/wiki/Changes/php73
[2.0.1-9] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
[2.0.1-8] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[2.0.1-7] - undefine _strict_symbol_defs_build
[2.0.1-6] - rebuild for https://fedoraproject.org/wiki/Changes/php72
[2.0.1-5] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[2.0.1-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[2.0.1-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
[2.0.1-2] - rebuild for https://fedoraproject.org/wiki/Changes/php71
[2.0.1-1] - update to 2.0.1
[1.1.3-10] - rebuild for new rrdtool
- fix license management
- don’t provide the test suite
[1.1.3-9] - drop scriptlets (replaced by file triggers in php-pear)
- cleanup
[1.1.3-8] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
[1.1.3-7] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
[1.1.3-6] - ignore failed tests with rrdtool 1.5
FTBFS detected by Koschei, reported upstream - skip test suite on arm
[1.1.3-5] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
[1.1.3-4] - rebuild for https://fedoraproject.org/wiki/Changes/Php56
[1.1.3-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
[1.1.3-2] - add numerical prefix to extension configuration file
[1.1.3-1] - Update to 1.1.3 (stable)
- drop merged patch
[1.1.2-1] - Update to 1.1.2 (stable)
- install doc in pecl doc_dir
- install tests in pecl test_dir
- add conditional build of ZTS extension
[1.1.1-2] - patch for build warning
- patch to fix test result with recent rrdtool
[1.1.1-1] - Update to 1.1.1
[1.1.0-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
[1.1.0-3] - rebuild for http://fedoraproject.org/wiki/Features/Php55
[1.1.0-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
[1.1.0-1] - Version 1.1.0 (stable), api 1.1.0 (stable)
[1.0.5-4] - ignore test results (fails with rrdtool 1.4.7)
[1.0.5-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
[1.0.5-3] - build against php 5.4
[1.0.5-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
[1.0.5-1] - update to 1.0.5
- change license from PHP to BSD
[1.0.4-1] - Version 1.0.4 (stable) - API 1.0.4 (stable)
- fix filters
[1.0.3-1] - Version 1.0.3 (stable) - API 1.0.3 (stable)
- no change in sources
[1.0.2-1] - Version 1.0.2 (stable) - API 1.0.2 (stable)
- no change in sources
[1.0.1-1] - Version 1.0.1 (stable) - API 1.0.1 (stable)
- no change in sources
- remove generated Changelog (only latest version, no real value)
[1.0.0-1] - Version 1.0.0 (stable) - API 1.0.0 (stable)
- remove all patches merged by upstream
[0.10.0-2] - improved patches
- implement rrd_strversion
[0.10.0-1] - Version 0.10.0 (stable) - API 0.10.0 (beta)
- remove patches, merged upstream
- add links to 5 new upstream bugs
[0.9.0-1] - Version 0.9.0 (beta) - API 0.9.0 (beta)
- initial RPM
php-pecl-xdebug
[2.9.5-1] - update to 2.9.5
php-pecl-zip
[1.18.2-1] - update to 1.18.2
[1.15.4-1] - Update to 1.15.4
[1.15.3-1] - Update to 1.15.3
[1.15.2-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[1.15.2-2] - undefine _strict_symbol_defs_build
[1.15.2-1] - Update to 1.15.2
[1.15.1-4] - rebuild for https://fedoraproject.org/wiki/Changes/php72
[1.15.1-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[1.15.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[1.15.1-1] - Update to 1.15.1
[1.15.0-1] - Update to 1.15.0
[1.14.0-1] - Update to 1.14.0
[1.13.5-4] - rebuild for new libzip
[1.13.5-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
[1.13.5-2] - rebuild for https://fedoraproject.org/wiki/Changes/php71
[1.13.5-1] - Update to 1.13.5
[1.13.4-1] - Update to 1.13.4
[1.13.3-2] - rebuild for https://fedoraproject.org/wiki/Changes/php70
[1.13.3-1] - Update to 1.13.3
[1.13.2-1] - Update to 1.13.2
- fix license management
[1.13.1-3] - drop scriptlets (replaced file triggers in php-pear)
- ignore 1 test (change in php, FTBFS detected by Koschei)
[1.13.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
[1.13.1-1] - Update to 1.13.1 (no change)
[1.13.0-1] - Update to 1.13.0
- raise dependency on libzip 1.0.0
- don’t install/register tests
[1.12.5-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
[1.12.5-2] - rebuild for new libzip
[1.12.5-1] - Update to 1.12.5 (stable)
[1.12.4-5] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
[1.12.4-4] - rebuild for https://fedoraproject.org/wiki/Changes/Php56
[1.12.4-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
[1.12.4-2] - add numerical prefix to extension configuration file
[1.12.4-1] - Update to 1.12.4 (stable) for libzip 0.11.2
[1.12.3-1] - Update to 1.12.3 (stable)
- drop merged patch
[1.12.2-2] - upstream patch, don’t use any libzip private struct
- drop LICENSE_libzip when system version is used
- always build ZTS extension
[1.12.2-1] - update to 1.12.2 (beta)
- drop merged patches
- install doc in pecl doc_dir
- install tests in pecl test_dir
[1.12.1-5] - really really fix all spurious-executable-perm
[1.12.1-4] - really fix all spurious-executable-perm
[1.12.1-3] - fixes from review comments #999313: clarify License
- drop execution right from sources
- BR libzip-devel always needed
[1.12.1-2] - refresh our merged patches from upstream git
[1.12.1-1] - New spec for version 1.12.1 (beta)
php
[7.4.33-1] - rebase to 7.4.33
- fix: due to an integer overflow PDO::quote() may return unquoted string
CVE-2022-31631
[7.4.30-1] - rebase to 7.4.30 #2099615
[7.4.19-3] - fix password of excessive length triggers buffer overflow leading to RCE
CVE-2022-31626
[7.4.19-2] - fix SSRF bypass in FILTER_VALIDATE_URL
CVE-2021-21705 - fix Local privilege escalation via PHP-FPM
CVE-2021-21703
[7.4.19-1] - rebase to 7.4.19 #1944110
[7.4.6-4] - fix regression in 7.4.6 with generators and exception
[7.4.6-3] - build phpdbg only once
- fix regression in 7.4.6 when yielding an array based generator
[7.4.6-2] - use php-config from embed SAPI to reduce used libs
[7.4.6-1] - update to 7.4.6
- add ffi extension
- add /usr/share/php/preload as default ffi.preload configuration
- run FPM tests
- set opcache.enable_cli in provided default configuration
- ensure all shared extensions can be loaded
- drop wddx, recode and extensions
- run test suite using 4 concurrent workers
[7.3.5-5] - fix underflow in env_path_info in fpm_main.c CVE-2019-11043
[7.3.5-3] - fix AVC denied httpd_execmem when php-opcache is installed #1725104
[7.3.5-2] - cleanup php-devel dependencies
[7.3.5-1] - update to 7.3.5
[7.2.11-1] - update to 7.2.11 #1628543
[7.2.8-4] - drop tidy extension #1619290
[7.2.8-3] - update to 7.2.8
[7.2.7-3] - FPM: add getallheaders, backported from 7.3 #1582533
[7.2.7-2] - drop libargon2 dependency #1595261
[7.2.7-1] - Update to 7.2.7 - http://www.php.net/releases/7_2_7.php
- drop -mstackrealign option, workaround to #1593144
[7.2.6-2] - switch back to bundled onigurama
[7.2.6-1] - Update to 7.2.6 - http://www.php.net/releases/7_2_6.php
[7.2.5-1] - Update to 7.2.5 - http://www.php.net/releases/7_2_5.php
[7.2.4-1] - Update to 7.2.4 - http://www.php.net/releases/7_2_4.php
- FPM: update default pool configuration for process.dumpable
[7.2.3-4] - use systemd RuntimeDirectory instead of /etc/tmpfiles.d
[7.2.3-3] - enable argon2 password hash
[7.2.3-2] - php-json is optional
- add file trigger to restart the php-fpm service
when new pool or new extension installed
[7.2.3-1] - Update to 7.2.3 - http://www.php.net/releases/7_2_3.php
- FPM: revert pid file removal
[7.2.3~RC1-4] - disable ZTS on RHEL
[7.2.3~RC1-3] - disable pspell extension on RHEL
- improve devel dependencies
[7.2.3~RC1-2] - rebuild for new tag and drop patch merged upstream
- drop ldconfig scriptlets
[7.2.3~RC1-1] - update to 7.2.3RC1
- adapt systzdata, fixheader and ldap_r patches
- apply upstream patch for date ext
[7.2.2-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[7.2.2-1] - Update to 7.2.2 - http://www.php.net/releases/7_2_2.php
[7.2.2~RC1-3] - disable interbase, imap, pdo_dblib and sodium on rhel
[7.2.2~RC1-3] - undefine _strict_symbol_defs_build
[7.2.2~RC1-2] - Rebuilt for switch to libxcrypt
[7.2.2~RC1-1] - update to 7.2.2RC1
- define SOURCE_DATE_EPOCH for reproducible build
[7.2.1-1] - Update to 7.2.1 - http://www.php.net/releases/7_2_1.php
[7.2.1~RC1-1] - update to 7.2.1RC1
[7.2.0-3] - Rebuild for ICU 60.1
[7.2.0-2] - refresh patch for https://bugs.php.net/75514
[7.2.0-1] - update to 7.2.0 GA
- add upstream patch for https://bugs.php.net/75514
[7.2.0~RC6-1] - Update to 7.2.0RC6
[7.2.0~RC5-1] - Update to 7.2.0RC5
- make php-fpm a weak dependency
[7.2.0~RC4-2] - enable argon2 password hash
[7.2.0~RC4-1] - Update to 7.2.0RC4
[7.2.0~RC3-1] - Update to 7.2.0RC3
- drop mcrypt extension
- add sodium extension
- use system oniguruma
- drop .so suffix from ini files
- refresh configuration files from upstream
[7.1.10-1] - Update to 7.1.10 - http://www.php.net/releases/7_1_10.php
[7.1.10~RC1-2] - php now requires php-fpm and start it with httpd / nginx
[7.1.10~RC1-1] - Update to 7.1.10RC1
[7.1.9-2] - Automatically load OpenSSL configuration file, from PHP 7.2
[7.1.9-1] - Update to 7.1.9 - http://www.php.net/releases/7_1_9.php
[7.1.9~RC1-1] - Update to 7.1.9RC1
- php-fpm: drop unneeded ‘pid’ from default configuration
[7.1.8-1] - Update to 7.1.8 - http://www.php.net/releases/7_1_8.php
[7.1.8~RC1-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[7.1.8~RC1-1] - Update to 7.1.8RC1
[7.1.7-2] - disable httpd MPM check
[7.1.7-1] - Update to 7.1.7 - http://www.php.net/releases/7_1_7.php
[7.1.7~RC1-1] - Update to 7.1.7RC1
[7.1.6-1] - Update to 7.1.6 - http://www.php.net/releases/7_1_6.php
- add upstream security patches for oniguruma
[7.1.6~RC1-1] - Update to 7.1.6RC1
[7.1.5-1] - Update to 7.1.5 - http://www.php.net/releases/7_1_5.php
[7.1.5-0.3.RC1] - enable PHP execution of .phar files, see #1117140
[7.1.5-0.2.RC1] - new sources from new tag
[7.1.5-0.1.RC1] - Update to 7.1.5RC1
[7.1.4-1] - Update to 7.1.4 - http://www.php.net/releases/7_1_4.php
[7.1.4-0.1.RC1] - Update to 7.1.4RC1
[7.1.3-3] - timelib is MIT license
[7.1.3-2] - remove %attr, see #1432372
[7.1.3-1] - Update to 7.1.3 - http://www.php.net/releases/7_1_3.php
[7.1.3-0.1.RC1] - Update to 7.1.3RC1
[7.1.2-1] - Update to 7.1.2 - http://www.php.net/releases/7_1_2.php
[7.1.2-0.2.RC1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
[7.1.2-0.2.RC1] - Update to 7.1.2RC1 (new sources)
[7.1.2-0.1.RC1] - Update to 7.1.2RC1
[7.1.1-1] - Update to 7.1.1 - http://www.php.net/releases/7_1_1.php
[7.1.1-0.1.RC1] - Update to 7.1.1RC1
[7.1.0-1] - Update to 7.1.0 - http://www.php.net/releases/7_1_0.php
[7.1.0-0.3.RC6] - disable pcre.jit everywhere as it raise AVC #1398474
- sync provided configuration with upstream production defaults
[7.1.0-0.2.RC6] - re-enable interbase sub package
see http://bugzilla.redhat.com/1394750 sub package inconsistency - add patch to fix firebird include path (using fb_config)
[7.1.0-0.1.RC6] - Update to 7.1.0RC6
- update tzdata patch to v14, improve check for valid tz file
- disable interbase sub package (interbase and pdo_firebird)
[7.1.0-0.1.RC3] - Update to 7.1.0RC3
[7.0.12-0.1.RC1] - Update to 7.0.12RC1
[7.0.11-1] - Update to 7.0.11 - http://www.php.net/releases/7_0_11.php
[7.0.11-0.1.RC1] - Update to 7.0.11RC1
[7.0.10-1] - Update to 7.0.10 - http://www.php.net/releases/7_0_10.php
[7.0.10-0.1.RC1] - Update to 7.0.10RC1
[7.0.9-1] - Update to 7.0.9 - http://www.php.net/releases/7_0_9.php
- wddx: add upstream patch for https://bugs.php.net/72564
[7.0.9-0.1.RC1] - Update to 7.0.9RC1
[7.0.8-2] - own tests/doc directories for pecl packages #1351345
[7.0.8-1] - Update to 7.0.8 - http://www.php.net/releases/7_0_8.php
- https://fedoraproject.org/wiki/Changes/php70
- drop ereg, mysql, mssql extensions
- add json extension
[5.6.23-1] - Update to 5.6.23 - http://www.php.net/releases/5_6_23.php
[5.6.23-0.1.RC1] - update to 5.6.23RC1
[5.6.22-2] - drop unneeded option --with-vpx-dir, fix FTBFS, thanks Koschei
[5.6.22-1] - Update to 5.6.22 - http://www.php.net/releases/5_6_22.php
[5.6.22-0.1.RC1] - update to 5.6.22RC1
[5.6.21-1] - Update to 5.6.21
http://www.php.net/releases/5_6_21.php
[5.6.21-0.2.RC1] - rebuild for ICU 57.1
[5.6.21-0.1.RC1] - update to 5.6.21RC1
[5.6.20-1.1] - rebuild for ICU 57.1
[5.6.20-1] - Update to 5.6.20
http://www.php.net/releases/5_6_20.php
[5.6.20-0.1.RC1] - update to 5.6.20RC1
[5.6.19-1] - Update to 5.6.19
http://www.php.net/releases/5_6_19.php
[5.6.19-0.1.RC1] - update to 5.6.19RC1
[5.6.18-2] - define %pecl_xmldir and own it (/var/lib/php/peclxml)
[5.6.18-1] - Update to 5.6.18
http://www.php.net/releases/5_6_18.php
[5.6.18-0.1.RC1] - update to 5.6.18RC1
[5.6.17-1] - Update to 5.6.17
http://www.php.net/releases/5_6_17.php
[5.6.17-0.1.RC1] - update to 5.6.17RC1
[5.6.16-2] - rebuild for libvpx 1.5.0
[5.6.16-1] - Update to 5.6.16
http://www.php.net/releases/5_6_16.php
[5.6.16-0.2.RC2] - rebuild (tidy)
[5.6.16-0.1.RC1] - update to 5.6.16RC1
[5.6.15-1] - Update to 5.6.15
http://www.php.net/releases/5_6_15.php - php-config: reports all built sapis
[5.6.15-0.1.RC1] - update to 5.6.15RC1
[5.6.14-1] - Update to 5.6.14
http://www.php.net/releases/5_6_14.php - php-fpm: enable http authorization headers
[5.6.14-0.1.RC1] - update to 5.6.14RC1
[5.6.13-1] - Update to 5.6.13
http://www.php.net/releases/5_6_13.php
[5.6.12-1] - Update to 5.6.12
http://www.php.net/releases/5_6_12.php
[5.6.12-0.1.RC1] - update to 5.6.12RC1
[5.6.11-2] - fix typo in php.conf #1244104
[5.6.11-1] - Update to 5.6.11
http://www.php.net/releases/5_6_11.php
[5.6.11-0.1.RC1] - update to 5.6.11RC1
- the phar link is now correctly created
[5.6.10-1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
[5.6.10-1] - Update to 5.6.10
http://www.php.net/releases/5_6_10.php - add explicit spec license (implicit by FPCA)
[5.6.10-0.1.RC1] - update to 5.6.10RC1
- opcache is now 7.0.6-dev
[5.6.9-1] - Update to 5.6.9
http://www.php.net/releases/5_6_9.php
[5.6.9-0.1.RC1] - update to 5.6.9RC1
- adapt systzdata patch for upstream changes for new zic
[5.6.8-1] - Update to 5.6.8
http://www.php.net/releases/5_6_8.php
[5.6.8-0.3.RC1] - add upstream patch to drop SSLv3 tests
[5.6.8-0.2.RC1] - rebuild for libvpx 1.4.0
[5.6.8-0.1.RC1] - update to 5.6.8RC1
[5.6.7-2] - Update to 5.6.7
http://www.php.net/releases/5_6_7.php
[5.6.7-1] - update to 5.6.7RC1
[5.6.6-1] - Update to 5.6.6
http://www.php.net/releases/5_6_6.php
[5.6.6-0.1.RC1] - php 5.6.6RC1 for Koschei
[5.6.5-2] - rebuild for ICU 54.1
[5.6.5-1] - Update to 5.6.5
http://www.php.net/releases/5_6_5.php - drop deprecated php-fpm EnvironmentFile
[5.6.5-0.1.RC1] - update to 5.6.5RC1
- FPM: enable ACL support for Unix Domain Socket
- FPM: switch default configuration to use UDS
[5.6.4-2] - Update to 5.6.4 (real)
http://www.php.net/releases/5_6_4.php - php-xmlrpc requires php-xml
[5.6.4-1] - Update to 5.6.4
http://www.php.net/releases/5_6_4.php
[5.6.4-0.1.RC1] - php 5.6.4RC1
[5.6.3-4] - FPM: add upstream patch for https://bugs.php.net/68428
listen.allowed_clients is IPv4 only
[5.6.3-3] - sync php-fpm configuration with upstream
- refresh upstream patch for 68421
[5.6.3-2] - FPM: add upstream patch for https://bugs.php.net/68421
access.format=R doesn’t log ipv6 address - FPM: add upstream patch for https://bugs.php.net/68420
listen=9000 listens to ipv6 localhost instead of all addresses - FPM: add upstream patch for https://bugs.php.net/68423
will no longer load all pools
[5.6.3-1] - Update to PHP 5.6.3
http://php.net/releases/5_6_3.php
[5.6.3-0.2.RC1] - php 5.6.3RC1 (refreshed, phpdbg changes reverted)
- new version of systzdata patch, fix case sensitivity
- ignore Factory in date tests
[5.6.3-0.1.RC1] - php 5.6.3RC1
- disable opcache.fast_shutdown in default config
- enable phpdbg_webhelper new extension (in php-dbg)
[5.6.1-1] - Update to PHP 5.6.2
http://php.net/releases/5_6_2.php
[5.6.1-1] - Update to PHP 5.6.1
http://php.net/releases/5_6_1.php - use default system cipher list by Fedora policy
http://fedoraproject.org/wiki/Changes/CryptoPolicy
[5.6.1-0.2.RC1] - provides nginx configuration (see #1142298)
[5.6.1-0.1.RC1] - php 5.6.1RC1
[5.6.0-1] - PHP 5.6.0 is GA
http://php.net/releases/5_6_0.php - fix ZTS man pages, upstream patch for 67878
- provides php(httpd)
[5.6.0-0.7.RC4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
[5.6.0-0.6.RC4] - php 5.6.0RC4
[5.6.0-0.5.RC3] - fpm requires httpd >= 2.4.10 for proxy support in SetHandler
[5.6.0-0.4.RC3] - php 5.6.0RC3
- cleanup with_libmysql
- fix licenses handling
- fix zts-php-config --php-binary output #1124605
- provide php.conf with php-fpm, allow apache + fpm
to work with default configuration, without mod_php
[5.6.0-0.3.RC2] - php 5.6.0RC2
[5.6.0-0.2.RC1] - fix phpdbg with libedit https://bugs.php.net/67499
- add workaround for unserialize/mock issue from 5.4/5.5
[5.6.0-0.1.RC1] - php 5.6.0RC1
https://fedoraproject.org/wiki/Changes/Php56 - add php-dbg subpackage
- update php.ini and opcache.ini from upstream production template
- move zts-php to php-cli
[5.5.13-3] - fix regression introduce in fix for #67118
[5.5.13-2] - fileinfo: fix insufficient boundary check
- workaround regression introduce in fix for 67072 in
serialize/unzerialize functions
[5.5.13-1] - Update to 5.5.13
http://www.php.net/releases/5_5_13.php - sync php.ini with upstream php.ini-production
[5.5.12-1] - Update to 5.5.12
http://www.php.net/releases/5_5_12.php - php-fpm: change default unix socket permission CVE-2014-0185
[5.5.11-2] - add numerical prefix to extension configuration files
- prevent .user.ini files from being viewed by Web clients
- load php directives only when mod_php is active
[5.5.11-1] - Update to 5.5.11
http://www.php.net/ChangeLog-5.php#5.5.11
[5.5.10-1] - Update to 5.5.10
http://www.php.net/ChangeLog-5.php#5.5.10 - php-fpm should own /var/lib/php/session and wsdlcache
- fix pcre test results with libpcre < 8.34
[5.5.9-2] - upstream patch for https://bugs.php.net/66731
[5.5.9-1.1] - rebuild
[5.5.9-1] - Update to 5.5.9
http://www.php.net/ChangeLog-5.php#5.5.9 - Install macros to /usr/lib/rpm/macros.d
[5.5.8-2] - fix _httpd_mmn expansion in absence of httpd-devel
[5.5.8-1] - update to 5.5.8
- drop conflicts with other opcode caches as both can
be used only for user data cache
[5.5.7-1] - update to 5.5.7, fix for CVE-2013-6420
- fix zend_register_functions breaks reflection, php bug 66218
- fix Heap buffer over-read in DateInterval, php bug 66060
- fix fix overflow handling bug in non-x86
[5.5.6-1] - update to 5.5.6
[5.5.5-1] - update to 5.5.5
- sync php.ini with upstream
[5.5.4-1] - update to 5.5.4
- improve security, use specific soap.wsdl_cache_dir
use /var/lib/php/wsdlcache for mod_php and php-fpm - sync short_tag comments in php.ini with upstream
[5.5.3-1] - update to 5.5.3
- fix typo and add missing entries in php.ini
- drop zip extension
[5.5.2-1] - update to 5.5.2, fixes for CVE-2011-4718 + CVE-2013-4248
[5.5.1-3] - improve system libzip patch
[5.5.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
[5.5.1-1] - update to 5.5.1
- add Provides: php(pdo-abi), for consistency with php(api)
and php(zend-abi) - improved description for mod_php
- fix opcache ZTS configuration (blacklists in /etc/php-zts.d)
- add missing man pages (phar, php-cgi)
[5.5.0-2] - add security fix for CVE-2013-4113
- add missing ASL 1.0 license
- 32k stack size seems ok for tests on both 32/64bits build
[5.5.0-1] - update to 5.5.0 final
[5.5.0-0.11.RC3] - also drop JSON from sources
- clean conditional for JSON (as removed from the sources)
- clean conditional for FPM (always build)
[5.5.0-0.10.RC3] - drop JSON extension
[5.5.0-0.9.RC3] - build with system GD >= 2.1.0
[5.5.0-0.8.RC3] - update to 5.5.0RC3
[5.5.0-0.7.RC2] - update to 5.5.0RC2
- add missing options in php-fpm.conf
- run php-fpm in systemd notify mode
- /etc/syconfig/php-fpm is deprecated (still used)
- add /systemd/system/php-fpm.service.d
[5.5.0-0.6.RC1] - update to 5.5.0RC1
- remove reference to apache in some sub-packages description
- add option to disable json extension
- drop most (very old) ‘Obsoletes’, add version to others
[5.5.0-0.5.beta4] - update to 5.5.0beta4
- zend_extension doesn’t requires full path
- refresh patch for system libzip
- drop opcache patch merged upstream
- add BuildRequires libvpx-devel for WebP support in php-gd
- php-fpm own /usr/share/fpm
[5.5.0-0.4.beta3] - update to 5.5.0beta3
- allow wildcard in opcache.blacklist_filename and provide
default /etc/php.d/opcache-default.blacklist - clean spec, use only spaces (no tab)
[5.5.0-0.3.beta2] - clean old deprecated options
[5.5.0-0.2.beta2] - update to 5.5.0beta2
- Zend Optimizer+ renamed to Zend OPcache
- sync provided configuration with upstream
[5.5.0-0.1.beta1] - update to 5.5.0beta1
http://fedoraproject.org/wiki/Features/Php55 - new Zend OPcache extension in php-opccache new sub-package
- don’t display XFAIL tests in report
- use xz compressed tarball
- build simplexml and xml extensions shared (moved in php-xml)
- build bz2, calendar, ctype, exif, ftp, gettext, iconv
sockets and tokenizer extensions shared (in php-common) - build gmp extension shared (in php-gmp new sub-package)
- build shmop extension shared (moved in php-process)
- drop some old compatibility provides (php-api, php-zend-abi, php-pecl-*)
[5.4.13-1] - update to 5.4.13
- security fix for CVE-2013-1643
- Hardened build (links with -z now option)
[ 5.4.13-0.2.RC1] - Remove %config from %{_sysconfdir}/rpm/macros.*
(https://fedorahosted.org/fpc/ticket/259).
[5.4.13-0.1.RC1] - update to 5.4.13RC1
- drop patches merged upstream
[5.4.12-4] - add support for ppc64p7 arch (Power7 optimized)
[5.4.12-3] - make ZTS build optional (still enabled)
[5.4.12-2] - make php-mysql package optional and disabled
[5.4.12-1] - update to 5.4.12
- security fix for CVE-2013-1635
- drop gdbm because of license incompatibility
[5.4.12-0.6.RC2] - enable tokyocabinet and gdbm dba handlers
[5.4.12-0.5.RC2] - update to 5.4.12RC2
[5.4.12-0.4.RC1] - upstream patch (5.4.13) to fix dval to lval conversion
https://bugs.php.net/64142
[5.4.12-0.3.RC1] - upstream patch (5.4.13) for 2 failed tests
[5.4.12-0.2.RC1] - fix buit-in web server on ppc64 (fdset usage)
https://bugs.php.net/64128
[5.4.12-0.1.RC1] - update to 5.4.12RC1
[5.4.11-3] - rebuild for new libicu
[5.4.11-2] - rebuild due to ‘jpeg8-ABI’ feature drop
[5.4.11-1] - update to 5.4.11
[5.4.11-0.2.RC1] - fix php.conf to allow MultiViews managed by php scripts
[5.4.11-0.1.RC1] - update to 5.4.11RC1
[5.4.10-1] - update to 5.4.10
- remove patches merged upstream
[5.4.9-3] - drop ‘Configure Command’ from phpinfo output
[5.4.9-2] - prevent php_config.h changes across (otherwise identical) rebuilds
[5.4.9-1] - update to 5.4.9
[5.4.9-0.5.RC1] - switch back to upstream generated scanner/parser
[5.4.9-0.4.RC1] - use _httpd_contentdir macro and fix php.gif path
[5.4.9-0.3.RC1] - improve system libzip patch to use pkg-config
[5.4.9-0.2.RC1] - use _httpd_moddir macro
[5.4.9-0.1.RC1] - update to 5.4.9RC1
- improves php.conf (use FilesMatch + SetHandler)
- improves filter (httpd module)
- apply ldap_r patch on fedora >= 18 only
[5.4.8-6] - clarify Licenses
- missing provides xmlreader and xmlwriter
- modernize spec
- change php embedded library soname version to 5.4
[5.4.8-5] - fix _httpd_mmn macro definition
[5.4.8-4] - fix mysql_sock macro definition
[5.4.8-3] - fix installed headers
[5.4.8-2] - use libldap_r for ldap extension
[5.4.8-1] - update to 5.4.8
- define both session.save_handler and session.save_path
- fix possible segfault in libxml (#828526)
- php-fpm: create apache user if needed
- use SKIP_ONLINE_TEST during make test
- php-devel requires pcre-devel and php-cli (instead of php)
[5.4.7-11] - provides php-phar
- update systzdata patch to v10, timezone are case insensitive
[5.4.7-10] - fix typo in systemd macro
[5.4.7-9] - php-fpm: enable PrivateTmp
- php-fpm: new systemd macros (#850268)
- php-fpm: add upstream patch for startup issue (#846858)
[5.4.7-8] - systemd integration, https://bugs.php.net/63085
- no odbc call during timeout, https://bugs.php.net/63171
- check sqlite3_column_table_name, https://bugs.php.net/63149
[5.4.7-7] - most failed tests explained (i386, x86_64)
[5.4.7-6] - fix for http://bugs.php.net/63126 (#783967)
[5.4.7-5] - patch to ensure we use latest libdb (not libdb4)
[5.4.7-4] - really fix rhel tests (use libzip and libdb)
[5.4.7-3] - fix test to enable zip extension on RHEL-7
[5.4.7-2] - remove session.save_path from php.ini
move it to apache and php-fpm configuration files
[5.4.7-1] - update to 5.4.7
http://www.php.net/releases/5_4_7.php - php-fpm: don’t daemonize
[5.4.6-2] - enable php-fpm on secondary arch (#849490)
[5.4.6-1] - update to 5.4.6
- update to v9 of systzdata patch
- backport fix for new libxml
[5.4.5-1] - update to 5.4.5
[5.4.4-4] - also provide php(language)%{_isa}
- define %{php_version}
[5.4.4-3] - drop BR for libevent (#835671)
- provide php(language) to allow version check
[5.4.4-2] - add missing provides (core, ereg, filter, standard)
[5.4.4-1] - update to 5.4.4 (CVE-2012-2143, CVE-2012-2386)
- use /usr/lib/tmpfiles.d instead of /etc/tmpfiles.d
- use /run/php-fpm instead of /var/run/php-fpm
[5.4.3-1] - update to 5.4.3 (CVE-2012-2311, CVE-2012-2329)
[5.4.2-1] - update to 5.4.2 (CVE-2012-1823)
[5.4.1-1] - update to 5.4.1
[5.4.0-6] - rebuild for new icu
- switch (conditionally) to libdb-devel
[5.4.0-5] - fix Loadmodule with MPM event (use ZTS if not MPM worker)
- split conf.d/php.conf + conf.modules.d/10-php.conf with httpd 2.4
[5.4.0-4] - rebuild for missing automatic provides (#807889)
[5.4.0-3] - really use _httpd_mmn
[5.4.0-2] - rebuild against httpd 2.4
- use _httpd_mmn, _httpd_apxs macros
[5.4.0-1] - update to PHP 5.4.0 finale
[5.4.0-0.4.RC8] - update to PHP 5.4.0RC8
[5.4.0-0.3.RC7] - update to PHP 5.4.0RC7
- provides env file for php-fpm (#784770)
- add patch to use system libzip (thanks to spot)
- don’t provide INSTALL file
[5.4.0-0.2.RC6] - all binaries in /usr/bin with zts prefix
[5.4.0-0.1.RC6] - update to PHP 5.4.0RC6
https://fedoraproject.org/wiki/Features/Php54
[5.3.8-4.4] - fix systemd unit
[5.3.8-4.3] - switch to systemd
[5.3.8-4.2] - Rebuild for new libpng
[5.3.8-3.2] - rebuild with new gmp without compat lib
[5.3.8-3.1] - rebuild with new gmp
[5.3.8-3] - revert is_a() to php <= 5.3.6 behavior (from upstream)
with new option (allow_string) for new behavior
[5.3.8-2] - add mysqlnd sub-package
- drop patch4, use --libdir to use /usr/lib*/php/build
- add patch to redirect mysql.sock (in mysqlnd)
[5.3.8-1] - update to 5.3.8
http://www.php.net/ChangeLog-5.php#5.3.8
[5.3.7-1] - update to 5.3.7
http://www.php.net/ChangeLog-5.php#5.3.7 - merge php-zts into php (#698084)
[5.3.6-4] - rebuild for net-snmp SONAME bump
[5.3.6-3] - enable mhash extension (emulated by hash extension)
[5.3.6-2] - rebuild for new MySQL client library
[5.3.6-1] - update to 5.3.6
http://www.php.net/ChangeLog-5.php#5.3.6 - fix php-pdo arch specific requires
[5.3.5-6] - disable zip extension per ‘No Bundled Libraries’ policy (#551513)
[5.3.5-5] - rebuild for icu 4.6
[5.3.5-4] - fix systemd-units requires
[5.3.5-3] - add tmpfiles.d configuration for php-fpm
- add Arch specific requires/provides
[5.3.5-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
[5.3.5-1] - update to 5.3.5
http://www.php.net/ChangeLog-5.php#5.3.5 - clean duplicate configure options
[5.3.4-2] - rebuild against MySQL 5.5.8
- remove all RPM_SOURCE_DIR
[5.3.4-1.1] - security patch from upstream for #660517
[5.3.4-1] - update to 5.3.4
http://www.php.net/ChangeLog-5.php#5.3.4 - move phpize to php-cli (see #657812)
[5.3.3-5] - ghost /var/run/php-fpm (see #656660)
- add filter_setup to not provides extensions as .so
[5.3.3-4] - use mysql_config in libdir directly to avoid biarch build failures
[5.3.3-3] - rebuild for new net-snmp
[5.3.3-2] - add php-fpm sub-package
[5.3.3-1] - PHP 5.3.3 released
[5.3.2-3] - garbage collector upstream patches (#580236)
[5.3.2-2] - rebuild for icu 4.4
[5.3.2-1] - PHP 5.3.2 Released!
- remove mime_magic option (now provided by fileinfo, by emu)
- add patch for http://bugs.php.net/50578
- remove patch for libedit (upstream)
- add runselftest option to allow build without test suite
[5.3.1-3] - update to v7 of systzdata patch
[5.3.1-2] - fix build with autoconf 2.6x
[5.3.1-1] - update to 5.3.1
- remove openssl patch (merged upstream)
- add provides for php-pecl-json
- add prod/devel php.ini in doc
[5.3.0-7] - use libedit instead of readline to resolve licensing issues
[5.3.0-6] - rebuilt with new openssl
[5.3.0-5] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
[5.3.0-4] - rediff systzdata patch
[5.3.0-3] - update to v6 of systzdata patch; various fixes
[5.3.0-2] - update to v5 of systzdata patch; parses zone.tab and extracts
timezone->{country-code,long/lat,comment} mapping table
[5.3.0-1] - update to 5.3.0
- remove ncurses, dbase, mhash extensions
- add enchant, sqlite3, intl, phar, fileinfo extensions
- raise sqlite version to 3.6.0 (for sqlite3, build with --enable-load-extension)
- sync with upstream ‘production’ php.ini
[5.2.10-1] - update to 5.2.10
- add interbase sub-package
[5.2.9-1] - update to 5.2.9
[5.2.8-10] - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
[5.2.8-9] - add recode support, -recode subpackage (#106755)
- add -zts subpackage with ZTS-enabled build of httpd SAPI
- adjust php.conf to use -zts SAPI build for worker MPM
[5.2.8-8] - fix patch fuzz, renumber patches
[5.2.8-7] - drop obsolete configure args
- drop -odbc patch (#483690)
[5.2.8-5] - split out sysvshm, sysvsem, sysvmsg, posix into php-process
[5.2.8-4] - move wddx to php-xml, build curl shared in -common
- remove BR for expat-devel, bogus configure option
[5.2.8-3] - rebuild for new MySQL
[5.2.8-2] - libtool 2 workaround for phpize (#476004)
- add missing php_embed.h (#457777)
[5.2.8-1] - update to 5.2.8
[5.2.7-1.1] - libtool 2 workaround
[5.2.7-1] - update to 5.2.7
- enable pdo_dblib driver in php-mssql
[5.2.6-7] - tweak Summary, thanks to Richard Hughes
[5.2.6-6] - move gd_README to php-gd
- update to r4 of systzdata patch; introduces a default timezone
name of ‘System/Localtime’, which uses /etc/localtime (#469532)
[5.2.6-5] - enable XPM support in php-gd
- Fix BR for php-gd
[5.2.6-4] - enable T1lib support in php-gd
[5.2.6-3] - update to 5.2.6
- sync default php.ini with upstream
- drop extension_dir from default php.ini, rely on hard-coded
default, to make php-common multilib-safe (#455091) - update to r3 of systzdata patch
[5.2.5-7] - split pspell extension out into php-spell (#443857)
[5.2.5-6] - Autorebuild for GCC 4.3
[5.2.5-5] - ext/date: use system timezone database
[5.2.5-4] - rebuild for libc-client bump
[5.2.5-3] - Rebuild for openssl bump
[5.2.5-2] - update to 5.2.5
[5.2.4-3] - correct pcre BR version (#333021)
- restore metaphone fix (#205714)
- add READMEs to php-cli
[5.2.4-2] - update to 5.2.4
[5.2.3-9] - rebuild for fixed APR
[5.2.3-8] - add ldconfig post/postun for -embedded (Hans de Goede)
[5.2.3-7] - add php-embedded sub-package
[5.2.3-6] - fix build with new glibc
- fix License
[5.2.3-5] - define php_extdir in macros.php
[5.2.3-4] - obsolete php-dbase
[5.2.3-3] - add mcrypt, mhash, tidy, mssql subpackages (Dmitry Butskoy)
- enable dbase extension and package in -common
[5.2.3-2] - update to 5.2.3 (thanks to Jeff Sheltren)
[5.2.2-4] - fix php-pdo *_arg_force_ref global symbol abuse (#216125)
[5.2.2-3] - rebuild against uw-imap-devel
[5.2.2-2] - update to 5.2.2
- synch changes from upstream recommended php.ini
[5.2.1-5] - enable SASL support in LDAP extension (#205772)
[5.2.1-4] - drop mime_magic extension (deprecated by php-pecl-Fileinfo)
[5.2.1-3] - fix regression in str_{i,}replace (from upstream)
[5.2.1-2] - update to 5.2.1
- add Requires(pre) for httpd
- trim %changelog to versions >= 5.0.0
[5.2.0-10] - bump default memory_limit to 32M (#220821)
- mark config files noreplace again (#174251)
- drop trailing dots from Summary fields
- use standard BuildRoot
- drop libtool15 patch (#226294)
[5.2.0-9] - add php(api), php(zend-abi) provides (#221302)
- package /usr/share/php and append to default include_path (#225434)
[5.2.0-8] - fix filter.h installation path
- fix php-zend-abi version (Remi Collet, #212804)
[5.2.0-7] - rebuild again
[5.2.0-6] - rebuild for net-snmp soname bump
[5.2.0-5] - build json and zip shared, in -common (Remi Collet, #215966)
- obsolete php-json and php-pecl-zip
- build readline extension into /usr/bin/php* (#210585)
- change module subpackages to require php-common not php (#177821)
[5.2.0-4] - provide php-zend-abi (#212804)
- add /etc/rpm/macros.php exporting interface versions
- synch with upstream recommended php.ini
[5.2.0-3] - update to 5.2.0 (#213837)
- php-xml provides php-domxml (#215656)
- fix php-pdo-abi provide (#214281)
[5.1.6-4] - rebuild for curl soname bump
- add build fix for curl 7.16 API
[5.1.6-3] - from upstream: add safety checks against integer overflow in _ecalloc
[5.1.6-2] - update to 5.1.6 (security fixes)
- bump default memory_limit to 16M (#196802)
[5.1.4-8.1] - rebuild
[5.1.4-8] - Provide php-posix (#194583)
- only provide php-pcntl from -cli subpackage
- add missing defattr’s (thanks to Matthias Saou)
[5.1.4-7] - move Obsoletes for php-openssl to -common (#194501)
- Provide: php-cgi from -cli subpackage
[5.1.4-6] - split out php-cli, php-common subpackages (#177821)
- add php-pdo-abi version export (#193202)
[5.1.4-5.1] - rebuilt for new libnetsnmp
[5.1.4-5] - provide mod_php (#187891)
- provide php-cli (#192196)
- use correct LDAP fix (#181518)
- define _GNU_SOURCE in php_config.h and leave it defined
- drop (circular) dependency on php-pear
[5.1.4-3] - update to 5.1.4
[5.1.3-3] - update to 5.1.3
[5.1.2-5] - provide php-api (#183227)
- add provides for all builtin modules (Tim Jackson, #173804)
- own %{_libdir}/php/pear for PEAR packages (per #176733)
- add obsoletes to allow upgrade from FE4 PDO packages (#181863)
[5.1.2-4.3] - bump again for double-long bug on ppc(64)
[5.1.2-4.1] - rebuilt for new gcc4.1 snapshot and glibc changes
[5.1.2-4] - rebuild for new libc-client soname
[5.1.2-3] - only build xmlreader and xmlwriter shared (#177810)
[5.1.2-2] - update to 5.1.2
[5.1.1-8] - rebuild again
[5.1.1-7] - rebuild for new net-snmp
[5.1.1-6] - enable short_open_tag in default php.ini again (#175381)
- Fri Dec 09 2005 Jesse Keating
- rebuilt
[5.1.1-5] - require net-snmp for php-snmp (#174800)
[5.1.1-4] - add /usr/share/pear back to hard-coded include_path (#174885)
[5.1.1-3] - rebuild for httpd 2.2
[5.1.1-2] - update to 5.1.1
- remove pear subpackage
- enable pdo extensions (php-pdo subpackage)
- remove non-standard conditional module builds
- enable xmlreader extension
[5.0.5-6] - rebuilt against new openssl
[5.0.5-5] - pear: update to XML_RPC 1.4.4, XML_Parser 1.2.7, Mail 1.1.9 (#172528)
[5.0.5-4] - rebuild for new libnetsnmp
[5.0.5-3] - update to 5.0.5
- add fix for upstream #34435
- devel: require autoconf, automake (#159283)
- pear: update to HTTP-1.3.6, Mail-1.1.8, Net_SMTP-1.2.7, XML_RPC-1.4.1
- fix imagettftext et al (upstream, #161001)
[5.0.4-11] - ldap: restore ldap_start_tls() function
[5.0.4-10] - disable RPATHs in shared extensions (#156974)
[5.0.4-9] - build simplexml_import_dom even with shared dom (#156434)
- prevent truncation of copied files to ~2Mb (#155916)
- install /usr/bin/php from CLI build alongside CGI
- enable sysvmsg extension (#142988)
[5.0.4-8] - prevent build of builtin dba as well as shared extension
[5.0.4-7] - split out dba and bcmath extensions into subpackages
- BuildRequire gcc-c++ to avoid AC_PROG_CXX{,CPP} failure (#155221)
- pear: update to DB-1.7.6
- enable FastCGI support in /usr/bin/php-cgi (#149596)
[5.0.4-6] - build /usr/bin/php with the CLI SAPI, and add /usr/bin/php-cgi,
built with the CGI SAPI (thanks to Edward Rudd, #137704) - add php(1) man page for CLI
- fix more test cases to use -n when invoking php
[5.0.4-5] - rebuild for new libpq soname
[5.0.4-4] - bundle from PEAR: HTTP, Mail, XML_Parser, Net_Socket, Net_SMTP
- snmp: disable MSHUTDOWN function to prevent error_log noise (#153988)
- mysqli: add fix for crash on x86_64 (Georg Richter, upstream #32282)
[5.0.4-3] - build shared objects as PIC (#154195)
[5.0.4-2] - fix PEAR installation and bundle PEAR DB-1.7.5 package
[5.0.4-1] - update to 5.0.4 (#153068)
- add .phps AddType to php.conf (#152973)
- better gcc4 fix for libxmlrpc
[5.0.3-5] - BuildRequire mysql-devel >= 4.1
- don’t mark php.ini as noreplace to make upgrades work (#152171)
- fix subpackage descriptions (#152628)
- fix memset(,0) in Zend (thanks to Dave Jones)
- fix various compiler warnings in Zend
[5.0.3-4] - package mysqli extension in php-mysql
- really enable pcntl (#142903)
- don’t build with --enable-safe-mode (#148969)
- use ‘Instant Client’ libraries for oci8 module (Kai Bolay, #149873)
[5.0.3-3] - fix build with GCC 4
[5.0.3-2] - install the ext/gd headers (#145891)
- enable pcntl extension in /usr/bin/php (#142903)
- add libmbfl array arithmetic fix ([email protected], #143795)
- add BuildRequire for recent pcre-devel (#147448)
[5.0.3-1] - update to 5.0.3 (thanks to Robert Scheck et al, #143101)
- enable xsl extension (#142174)
- package both the xsl and dom extensions in php-xml
- enable soap extension, shared (php-soap package) (#142901)
- add patches from upstream 5.0 branch:
- Zend_strtod.c compile fixes
- correct php_sprintf return value usage
[5.0.2-8]
- update for db4-4.3 (Robert Scheck, #140167)
- build against mysql-devel
- run tests in %check
[5.0.2-7] - truncate changelog at 4.3.1-1
- merge from 4.3.x package:
- enable mime_magic extension and Require: file (#130276)
[5.0.2-6] - fix dom/sqlite enable/without confusion
[5.0.2-5] - fix phpize installation for lib64 platforms
- add fix for segfault in variable parsing introduced in 5.0.2
[5.0.2-4] - update to 5.0.2 (#127980)
- build against mysqlclient10-devel
- use new RTLD_DEEPBIND to load extension modules
- drop explicit requirement for elfutils-devel
- use AddHandler in default conf.d/php.conf (#135664)
- ‘fix’ round() fudging for recent gcc on x86
- disable sqlite pending audit of warnings and subpackage split
[5.0.1-4] - don’t build dom extension into 2.0 SAPI
[5.0.1-3] - ExclusiveArch: x86 ppc x86_64 for the moment
[5.0.1-2] - fix default extension_dir and conf.d/php.conf
[5.0.1-1] - update to 5.0.1
- only build shared modules once
- put dom extension in php-dom subpackage again
- move extension modules into %{_libdir}/php/modules
- don’t use --with-regex=system, it’s ignored for the apache* SAPIs
- Wed Aug 11 2004 Tom Callaway
- Merge in some spec file changes from Jeff Stern ([email protected])
- Mon Aug 09 2004 Tom Callaway
- bump to 5.0.0
- add patch to prevent clobbering struct re_registers from regex.h
- remove domxml references, replaced with dom now built-in
- fix php.ini to refer to php5 not php4
Related
nessus
nessus
AlmaLinux 8 : php:8.0 (ALSA-2023:0848)
2023-02-21 00:00:00
Rocky Linux 8 : php:8.0 (RLSA-2023:0848)
2023-02-22 00:00:00
RHEL 8 : php:8.0 (RHSA-2023:0848)
2023-02-21 00:00:00
rocky
rocky
php security update
2023-04-06 15:53:36
php:8.0 security update
2023-02-22 01:08:53
almalinux
almalinux
Moderate: php:8.0 security update
2023-02-21 00:00:00
Moderate: php:8.1 security update
2023-05-09 00:00:00
Moderate: php security update
2023-02-28 00:00:00
redhat
redhat
(RHSA-2023:2417) Moderate: php:8.1 security update
2023-05-09 05:10:10
(RHSA-2023:2903) Moderate: php:7.4 security update
2023-05-16 05:57:44
(RHSA-2023:0965) Moderate: php security update
2023-02-28 07:53:30
oraclelinux
oraclelinux
8.1 security update
2023-05-15 00:00:00
php security update
2023-02-28 00:00:00
php:8.0 security update
2023-02-22 00:00:00
osv
osv
Moderate: php security update
2023-04-06 15:53:36
Moderate: php:7.4 security update
2023-05-16 00:00:00
Moderate: php security update
2023-02-28 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5277-1)
2022-11-15 00:00:00
Ubuntu: Security Advisory (USN-5717-1)
2022-11-09 00:00:00
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2023-1332)
2023-02-09 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: php-8.1.12-1.fc37
2022-11-10 22:53:48
[SECURITY] Fedora 36 Update: php-8.1.11-1.fc36
2022-10-06 15:15:28
[SECURITY] Fedora 35 Update: php-8.0.24-1.fc35
2022-10-07 13:13:29
ubuntu
ubuntu
PHP vulnerabilities
2022-11-08 00:00:00
PHP vulnerabilities
2023-03-02 00:00:00
PHP vulnerability
2023-01-23 00:00:00
gentoo
gentoo
PHP: Multiple Vulnerabilities
2022-11-19 00:00:00
debian
debian
[SECURITY] [DSA 5277-1] php7.4 security update
2022-11-13 18:52:43
[SECURITY] [DLA 3243-1] php7.3 security update
2022-12-15 18:33:17
mageia
mageia
Updated php packages fix security vulnerability
2022-10-08 23:22:22
Updated php packages fix security vulnerability
2023-01-24 10:58:24
slackware
slackware
[slackware-security] php
2022-09-30 18:00:43
[slackware-security] php
2022-11-10 19:52:56
[slackware-security] php80/php81
2022-10-31 23:47:05
altlinux
altlinux
Security fix for the ALT Linux 10 package php8.1 version 8.1.11-alt1
2022-10-11 00:00:00
Security fix for the ALT Linux 10 package php8.2 version 8.1.11-alt1
2022-09-30 00:00:00
Security fix for the ALT Linux 10 package php8.2 version 8.1.12-alt1
2022-10-31 00:00:00
suse
suse
Security update for php7 (moderate)
2022-11-01 00:00:00
Security update for php8 (important)
2022-10-19 00:00:00
cve
cve
ibm
ibm
alpinelinux
alpinelinux
debiancve
debiancve
ubuntucve
ubuntucve
prion
prion
Code injection
2022-09-28 23:15:00
Design/Logic Flaw
2022-11-14 07:15:00
Code injection
2022-09-28 23:15:00
f5
f5
K000136109 : PHP SQLite vulnerability CVE-2022-31631
2023-09-06 00:00:00
redhatcve
redhatcve
cnvd
cnvd
PHP Denial of Service Vulnerability
2022-09-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-09-30 11:08:30
Arbitrary Code Execution
2022-10-27 03:36:20
SQL Injection
2023-01-08 13:03:34
checkpoint_advisories
checkpoint_advisories
PHP Authentication Bypass (CVE-2022-31629)
2022-11-24 00:00:00
redos
redos
ROS-20221222-04
2022-12-22 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-31628 affecting package php 7.4.14-3
2024-04-26 21:08:25
CVE-2022-31629 affecting package php 7.4.14-3
2024-04-26 21:08:25
githubexploit
githubexploit
Exploit for Vulnerability in Php
2022-10-07 08:15:23
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
82.1%
Related for ELSA-2023-2903