Commit a0c8eb82 authored by Adam Conrad's avatar Adam Conrad Committed by Mark A. Hershberger

Imported Debian patch 5.1.1-1

parent 8891a28c
php5 (5.1.1-1) unstable; urgency=low
* New upstream bugfix release, skipping the problematic 5.1.0 release:
- Fixes a zend.ze1_compatibility_mode segfault (closes: #333374)
- Remove libtool patch from acinclude.m4, now integrated upstream.
- Remove 038-round_test_fix.patch, now integrated upstream.
- Remove 049-exported-headers.patch, as upstream's build system has
gotten more clever about what they should and shouldn't export.
- Remove 054-open_basedir_slash.patch, now integrated upstream.
- Remove 055-gd_safe_mode_checks.patch, fixed differently upstream.
- Mangle 101-sqlite_is_shared.patch, to deal with upstream changes.
- Remove 104-64_bit_serialize.patch, now integrated upstream.
- Remove 105-64_bit_imagettftext.patch, now integrated upstream.
* Many security vulnerabilities fixed (closes: #341368, #336005, #336654):
- Resolves a local denial of service in the apache2 SAPI, which can
be triggered by using session.save_path in .htaccess; CVE-2005-3319
- Resolves an infinite loop in the exif_read_data function which can
be triggered with a specially-crafted JPEG image; CVE-2005-3353
- Resolves a vulnerability in the parse_str function whereby a remote
attacker can fool PHP into turning on register_globals, thus making
applications vulnerable to global variable injections; CVE-2005-3389
- Resolves a vulnerability in the RFC1867 file upload feature where, if
register_globals is enabled, a remote attacker can modify the GLOBALS
array with a multipart/form-data POST request; see CVE-2005-3390
- Resolves numerous safe_mode and open_basedir bypasses; CVE-2005-3391
- Resolves INI settings leaks in the apache2 SAPI, leading to safe_mode
and open_basedir bypasses between virtual hosts; CVE-2005-3392
- Resolves a CRLF injection vulnerability in the mb_send_mail function,
allowing injection of arbitrary mail headers; see CVE-2005-3883
- Includes PEAR 1.4.5, resolving a vulnerability in the pear installer
which could lead to arbitrary code execution; see CVE-2005-4154
* Bump libdb build-dep from libdb4.2 to libdb4.3, to match with apache.
* Bump our MySQL build-dep to 5.0's libmysqlclient15-dev (closes: #343793)
* Automate the process of getting the list of built-in modules into the
package descriptions, so it stays fresh in the future (closes: #341867)
* Intentionally disable PDO support until I've sorted out the best way to
deal with shipping this shiny new feature that won't break the world.
* The new PEAR happens to fix the Command.php greedy match bug filed in
Debian as part of the fix for the wider security issue (closes: #334969)
* Create 056-mime_magic_strings.patch, making the mime_magic extension
more liberal about what mime-types is accepts, as well as making it skip
over ones it dislikes, rather than disabling itself (closes: #335674)
* Add 057-no_apache_installed.patch, to stop spewing a mess of errors in
configure because we don't have the apache binaries in the build chroot.
* Fix small typo in the php5-xsl package description (closes: #344816)
-- Adam Conrad <adconrad@0c3.net> Thu, 15 Dec 2005 14:46:56 +1100
php5 (5.0.5-3) unstable; urgency=low
* Build-Depend on libcurl3-openssl-dev, since libcurl3-dev is going away
......@@ -14,7 +62,7 @@ php5 (5.0.5-3) unstable; urgency=low
get some random binary on $PATH that won't work right (closes: #329415)
* Set PHP_PEAR_SIG_BIN to /usr/bin/gpg, and have php-pear Recommends: gnupg
-- Adam Conrad <adconrad@ubuntu.com> Fri, 21 Oct 2005 02:30:19 +1000
-- Adam Conrad <adconrad@0c3.net> Fri, 21 Oct 2005 02:30:19 +1000
php5 (5.0.5-2) unstable; urgency=medium
......@@ -42,6 +90,7 @@ php5 (5.0.5-1) unstable; urgency=low
- Drop 102-php_streams.patch, fixed upstream.
- Drop 103-catch_segv.patch, also fixed upstream.
- Includes PEAR XML_RPC fix for CAN-2005-2498.
- Includes phpinfo() XSS fix for CVE-2005-3388.
* Distribute the shiny new manpages for php-config and phpize.
-- Adam Conrad <adconrad@0c3.net> Mon, 12 Sep 2005 02:29:24 +1000
......
......@@ -3,7 +3,7 @@ Section: web
Priority: optional
Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
Uploaders: Adam Conrad <adconrad@0c3.net>, Steve Langasek <vorlon@debian.org>, Jeroen van Wolffelaar <jeroen@wolffelaar.nl>, Ondřej Surý <ondrej@debian.org>
Build-Depends: apache-dev (>= 1.3.23), apache2-prefork-dev (>= 2.0.53-3), autoconf, automake1.4, bison, chrpath, debhelper (>= 3), flex (>= 2.5.4), freetds-dev, po-debconf, libbz2-dev (>= 1.0.0), libcurl3-openssl-dev | libcurl3-dev, libdb4.2-dev, libexpat1-dev (>= 1.95.2-2.1), libfreetype6-dev, libgcrypt11-dev, libgd2-xpm-dev (>= 2.0.28-3), libgdbm-dev, libjpeg62-dev, libkrb5-dev, libldap2-dev, libmhash-dev (>= 0.8.8), libmysqlclient14-dev, libncurses5-dev, libpam0g-dev, libpcre3-dev (>= 4.3-1), libpng12-dev, libpq-dev | postgresql-dev, librecode-dev, libsnmp9-dev | libsnmp-dev, libsqlite0-dev, libssl-dev (>= 0.9.6), libt1-dev, libtool (>= 1.4.2-4), libwrap0-dev, libxmltok1-dev, libxml2-dev (>= 2.4.14), libxslt1-dev (>= 1.0.18), re2c, unixodbc-dev, zlib1g-dev (>= 1.0.9)
Build-Depends: apache-dev (>= 1.3.23), apache2-prefork-dev (>= 2.0.53-3), autoconf, automake1.4, bison, chrpath, debhelper (>= 3), flex (>= 2.5.4), freetds-dev, po-debconf, libbz2-dev (>= 1.0.0), libcurl3-openssl-dev | libcurl3-dev, libdb4.3-dev, libexpat1-dev (>= 1.95.2-2.1), libfreetype6-dev, libgcrypt11-dev, libgd2-xpm-dev (>= 2.0.28-3), libgdbm-dev, libjpeg62-dev, libkrb5-dev, libldap2-dev, libmhash-dev (>= 0.8.8), libmysqlclient15-dev | libmysqlclient12-dev, libncurses5-dev, libpam0g-dev, libpcre3-dev (>= 4.3-1), libpng12-dev, libpq-dev | postgresql-dev, librecode-dev, libsnmp9-dev | libsnmp-dev, libsqlite0-dev, libssl-dev (>= 0.9.6), libt1-dev, libtool (>= 1.4.2-4), libwrap0-dev, libxmltok1-dev, libxml2-dev (>= 2.4.14), libxslt1-dev (>= 1.0.18), re2c, unixodbc-dev, zlib1g-dev (>= 1.0.9)
Build-Conflicts: bind-dev
Standards-Version: 3.6.2
......@@ -48,10 +48,7 @@ Description: server-side, HTML-embedded scripting language (apache 1.3 module)
found in the apache, apache-ssl, and apache-perl packages). To use php5
with Apache 2.0, you probably want libapache2-mod-php5 instead.
.
Compiled in extensions include: bcmath, bz2, calendar, ctype, dba, dbx,
exif, filepro, ftp, gettext, iconv, mbstring, mime_magic, openssl, overload,
pcre, posix, session, shmop, sockets, standard, sysvmsg, sysvsem, sysvshm,
tokenizer, wddx, xml, xmlrpc, yp, zip, and zlib.
${php:Extensions}
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
......@@ -72,10 +69,7 @@ Description: server-side, HTML-embedded scripting language (apache 2.0 module)
ONLY works with Apache's prefork MPM, as it is not compiled thread-safe.
To use php5 with Apache 1.3, you probably want libapache-mod-php5 instead.
.
Compiled in extensions include: bcmath, bz2, calendar, ctype, dba, dbx,
exif, filepro, ftp, gettext, iconv, mbstring, mime_magic, openssl, overload,
pcre, posix, session, shmop, sockets, standard, sysvmsg, sysvsem, sysvshm,
tokenizer, wddx, xml, xmlrpc, yp, zip, and zlib.
${php:Extensions}
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
......@@ -96,10 +90,7 @@ Description: server-side, HTML-embedded scripting language (CGI binary)
httpd that supports a similar mechanism. Note that MOST apache users
probably want the libapache-mod-php5 or libapache2-mod-php5 packages.
.
Compiled in extensions include: bcmath, bz2, calendar, ctype, dba, dbx,
exif, filepro, ftp, gettext, iconv, mbstring, mime_magic, openssl,
overload, pcre, posix, session, shmop, sockets, standard, sysvmsg, sysvsem,
sysvshm, tokenizer, wddx, xml, xmlrpc, yp, zip, and zlib.
${php:Extensions}
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
......@@ -119,10 +110,7 @@ Description: command-line interpreter for the php5 scripting language
testing PHP scripts from a shell, or perhaps even performing general
shell scripting tasks, if you're frightened of perl and python.
.
Compiled in extensions include: bcmath, bz2, calendar, ctype, dba, dbx,
exif, filepro, ftp, gettext, iconv, mbstring, mime_magic, ncurses, openssl,
overload, pcntl, pcre, posix, readline, session, shmop, sockets, standard,
sysvmsg, sysvsem, sysvshm, tokenizer, wddx, xml, xmlrpc, yp, zip, and zlib.
${php:Extensions}
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
......@@ -305,7 +293,7 @@ Package: php5-xsl
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}, ${php:Depends}, php5-common (= ${Source-Version})
Description: XSL module for php5
This package provides a module for XSL with libxlst backend an XSL parser.
This package provides a module for XSL using the libxslt XSL parser.
.
PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
......
......@@ -11,32 +11,10 @@ diff -urN php4-4.3.4.orig/TSRM/configure.in php4-4.3.4/TSRM/configure.in
dnl TSRM_PTHREAD
diff -urN php4-4.3.4.orig/acinclude.m4 php4-4.3.4/acinclude.m4
--- php4-4.3.4.orig/acinclude.m4 2003-10-03 00:29:24.000000000 -0400
+++ php4-4.3.4/acinclude.m4 2004-02-16 00:59:06.000000000 -0500
@@ -779,13 +779,13 @@
dnl
AC_DEFUN([PHP_BUILD_PROGRAM],[
OVERALL_TARGET=[]ifelse($1,,php,$1)
- php_c_pre='$(CC)'
+ php_c_pre='$(LIBTOOL) --mode=compile $(CC)'
php_c_meta='$(COMMON_FLAGS) $(CFLAGS_CLEAN) $(EXTRA_CFLAGS)'
- php_c_post=' && echo > $[@]'
- php_cxx_pre='$(CXX)'
+ php_c_post=
+ php_cxx_pre='$(LIBTOOL) --mode=compile $(CXX)'
php_cxx_meta='$(COMMON_FLAGS) $(CXXFLAGS_CLEAN) $(EXTRA_CXXFLAGS)'
- php_cxx_post=' && echo > $[@]'
- php_lo=o
+ php_cxx_post=
+ php_lo=lo
case $with_pic in
yes) pic_setting='-prefer-pic';;
diff -urN php4-4.3.4.orig/configure.in php4-4.3.4/configure.in
--- php4-4.3.4.orig/configure.in 2003-11-02 17:15:05.000000000 -0500
+++ php4-4.3.4/configure.in 2004-02-16 01:00:52.000000000 -0500
@@ -1238,9 +1238,6 @@
@@ -1159,9 +1159,6 @@
LDFLAGS="$LDFLAGS $PHP_AIX_LDFLAGS"
AC_PROG_LIBTOOL
......
diff -urN php4-4.3.4.orig/acinclude.m4 php4-4.3.4/acinclude.m4
--- php4-4.3.4.orig/acinclude.m4 2004-02-16 01:01:22.000000000 -0500
+++ php4-4.3.4/acinclude.m4 2004-02-16 01:03:12.000000000 -0500
@@ -1777,9 +1777,7 @@
@@ -2199,9 +2199,7 @@
PHP_ADD_INCLUDE($OPENSSL_INCDIR)
......
This diff is collapsed.
--- php4-4.3.10/configure.in 2004-12-15 17:00:57.000000000 -0700
+++ php4-4.3.10/configure.in 2004-12-15 17:03:30.000000000 -0700
@@ -581,50 +581,50 @@
@@ -532,50 +532,50 @@
dnl Check for getaddrinfo, should be a better way, but...
dnl Also check for working getaddrinfo
......@@ -43,7 +43,7 @@
- freeaddrinfo(ai);
- exit(0);
-}
- ],ac_cv_func_getaddrinfo=yes, ac_cv_func_getaddrinfo=no),
- ],ac_cv_func_getaddrinfo=yes, ac_cv_func_getaddrinfo=no, ac_cv_func_getaddrinfo=no),
-ac_cv_func_getaddrinfo=no)])
-if test "$ac_cv_func_getaddrinfo" = yes; then
+dnl AC_CACHE_CHECK([for getaddrinfo], ac_cv_func_getaddrinfo,
......@@ -85,7 +85,7 @@
+dnl freeaddrinfo(ai);
+dnl exit(0);
+dnl }
+dnl ],ac_cv_func_getaddrinfo=yes, ac_cv_func_getaddrinfo=no),
+dnl ],ac_cv_func_getaddrinfo=yes, ac_cv_func_getaddrinfo=no, ac_cv_func_getaddrinfo=no),
+dnl ac_cv_func_getaddrinfo=no)])
+dnl if test "$ac_cv_func_getaddrinfo" = yes; then
AC_DEFINE(HAVE_GETADDRINFO,1,[Define if you have the getaddrinfo function])
......
--- php4-4.3.8/acinclude.m4.orig 2004-08-09 07:41:27.000000000 -0600
+++ php4-4.3.8/acinclude.m4 2004-08-09 07:42:19.000000000 -0600
@@ -347,7 +347,7 @@
@@ -1112,7 +1112,7 @@
}
],[
......@@ -9,7 +9,7 @@
],[
ac_cv_pwrite=no
],[
@@ -374,7 +374,7 @@
@@ -1141,7 +1141,7 @@
exit(0);
}
],[
......
--- php4-4.3.9/ext/readline/config.m4 2003-09-30 20:54:04.000000000 -0600
+++ php4-4.3.9/ext/readline/config.m4 2004-10-04 21:40:38.000000000 -0600
@@ -10,7 +10,7 @@
@@ -12,7 +12,7 @@
if test "$PHP_READLINE" != "no"; then
for i in $PHP_READLINE /usr/local /usr; do
......@@ -9,7 +9,7 @@
done
if test -z "$READLINE_DIR"; then
@@ -54,7 +54,7 @@
@@ -66,7 +66,7 @@
elif test "$PHP_LIBEDIT" != "no"; then
for i in $PHP_LIBEDIT /usr/local /usr; do
......
......@@ -3,7 +3,7 @@ Save and restore umask across requests correctly.
--- php-4.3.10/sapi/apache2handler/sapi_apache2.c.umask
+++ php-4.3.10/sapi/apache2handler/sapi_apache2.c
@@ -395,6 +395,19 @@
@@ -401,6 +401,19 @@
return APR_SUCCESS;
}
......@@ -23,7 +23,7 @@ Save and restore umask across requests correctly.
static int php_apache_request_ctor(request_rec *r, php_struct *ctx TSRMLS_DC)
{
char *content_type;
@@ -545,6 +558,8 @@
@@ -575,6 +588,8 @@
} else {
zend_file_handle zfd;
......@@ -32,7 +32,7 @@ Save and restore umask across requests correctly.
zfd.type = ZEND_HANDLE_FILENAME;
zfd.filename = (char *) r->filename;
zfd.free_filename = 0;
@@ -555,6 +570,9 @@
@@ -585,6 +600,9 @@
} else {
zend_execute_scripts(ZEND_INCLUDE TSRMLS_CC, NULL, 1, &zfd);
}
......
diff -urN php-5.0.4.orig/ext/sockets/sockets.c php-5.0.4/ext/sockets/sockets.c
--- php-5.0.4.orig/ext/sockets/sockets.c 2005-02-15 00:44:31.000000000 +0100
+++ php-5.0.4/ext/sockets/sockets.c 2005-04-10 17:32:15.851738072 +0200
@@ -540,6 +540,7 @@
@@ -542,6 +542,7 @@
php_sock = (php_socket*) zend_fetch_resource(element TSRMLS_CC, -1, le_socket_name, NULL, 1, le_socket);
if (!php_sock) continue; /* If element is not a resource, skip it */
......@@ -12,7 +12,7 @@ diff -urN php-5.0.4.orig/ext/sockets/sockets.c php-5.0.4/ext/sockets/sockets.c
diff -urN php-5.0.4.orig/ext/standard/streamsfuncs.c php-5.0.4/ext/standard/streamsfuncs.c
--- php-5.0.4.orig/ext/standard/streamsfuncs.c 2005-01-15 05:51:03.000000000 +0100
+++ php-5.0.4/ext/standard/streamsfuncs.c 2005-04-10 17:34:29.274454736 +0200
@@ -546,6 +546,9 @@
@@ -588,6 +588,9 @@
* is not displayed.
* */
if (SUCCESS == php_stream_cast(stream, PHP_STREAM_AS_FD_FOR_SELECT | PHP_STREAM_CAST_INTERNAL, (void*)&this_fd, 1) && this_fd >= 0) {
......
Index: ext/standard/config.m4
===================================================================
RCS file: /repository/php-src/ext/standard/config.m4,v
retrieving revision 1.47.2.14
diff -u -r1.47.2.14 config.m4
--- 4.3/ext/standard/config.m4 10 May 2004 07:25:11 -0000 1.47.2.14
+++ 4.3/ext/standard/config.m4 19 Aug 2004 13:55:54 -0000
@@ -259,8 +259,11 @@
AC_MSG_CHECKING([whether rounding works as expected])
AC_TRY_RUN([
#include <math.h>
+ double my_floor(double n) {
+ return floor(n*pow(10,2) + 0.5);
+ }
int main() {
- return floor(0.045*pow(10,2) + 0.5)/10.0 != 0.5;
+ return my_floor(0.045)/10.0 != 0.5;
}
],[
PHP_ROUND_FUZZ=0.5
--- php4-4.3.10/ext/snmp/snmp.c 2005-03-23 00:32:06.000000000 -0700
+++ php4-4.3.10/ext/snmp/snmp.c 2005-03-23 00:30:18.000000000 -0700
@@ -214,7 +214,9 @@
@@ -220,7 +220,9 @@
*/
PHP_MSHUTDOWN_FUNCTION(snmp)
{
......
--- php-5.0.4/ext/recode/recode.c 2005-07-13 14:43:06.000000000 +1000
+++ php-5.0.4/ext/recode/recode.c 2005-07-13 14:43:45.000000000 +1000
@@ -130,8 +130,8 @@
@@ -129,8 +129,8 @@
{
RECODE_REQUEST request = NULL;
char *r = NULL;
bool success;
- int r_len = 0, r_alen = 0;
- int req_len, str_len;
+ size_t r_len = 0, r_alen = 0;
......
diff -urN php-5.0.4.orig/ext/standard/dl.c php-5.0.4/ext/standard/dl.c
--- php-5.0.4.orig/ext/standard/dl.c 2005-04-10 18:08:47.677529904 +0200
+++ php-5.0.4/ext/standard/dl.c 2005-04-10 18:09:04.163023728 +0200
@@ -60,15 +60,6 @@
convert_to_string_ex(file);
--- php5-5.1.1/ext/standard/dl.c 2005-08-09 02:49:43.000000000 +1000
+++ php5-5.1.1/ext/standard/dl.c 2005-12-15 15:40:28.000000000 +1100
@@ -76,12 +76,7 @@
if ((strncmp(sapi_module.name, "cgi", 3)!=0) &&
(strcmp(sapi_module.name, "cli")!=0) &&
(strncmp(sapi_module.name, "embed", 5)!=0)) {
-#ifdef ZTS
- if ((strncmp(sapi_module.name, "cgi", 3)!=0) &&
- (strcmp(sapi_module.name, "cli")!=0) &&
- (strncmp(sapi_module.name, "embed", 5)!=0)) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Not supported in multithreaded Web servers - use extension=%s in your php.ini", Z_STRVAL_PP(file));
- RETURN_FALSE;
- }
-#else
php_error_docref(NULL TSRMLS_CC, E_STRICT, "dl() is deprecated - use extension=%s in your php.ini", Z_STRVAL_PP(file));
-#endif
-
if (!PG(enable_dl)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Dynamically loaded extensions aren't enabled");
} else if (PG(safe_mode)) {
}
php_dl(*file, MODULE_TEMPORARY, return_value, 0 TSRMLS_CC);
diff -uNr php-5.0.4.orig/scripts/Makefile.frag php-5.0.4/scripts/Makefile.frag
--- php-5.0.4.orig/scripts/Makefile.frag 2005-02-28 06:28:25.000000000 +0100
+++ php-5.0.4/scripts/Makefile.frag 2005-04-26 11:48:18.421951904 +0200
@@ -38,17 +38,17 @@
main/ \
main/streams/ \
regex/ \
+ ext/gd \
ext/iconv/ \
ext/libxml/ \
ext/standard/ \
ext/session/ \
ext/dom/xml_common.h \
ext/xml/ \
- ext/xml/expat/ \
ext/mbstring/ \
ext/mbstring/libmbfl/ \
- ext/mbstring/libmbfl/mbfl/ \
+ ext/mbstring/libmbfl/mbfl/ \
+ ext/mbstring/mbregex \
- ext/sqlite/libsqlite/src/sqlite.h
install-headers:
-@for i in $(HEADER_DIRS); do \
--- php4-4.3.11/ext/standard/info.c.orig 2005-07-10 06:23:11.000000000 +1000
+++ php4-4.3.11/ext/standard/info.c 2005-07-10 06:23:33.000000000 +1000
@@ -441,7 +441,7 @@
@@ -443,7 +443,7 @@
php_info_print_table_start();
php_info_print_table_row(2, "System", php_uname );
php_info_print_table_row(2, "Build Date", __DATE__ " " __TIME__ );
......
diff -ur php-5.0.4/configure.in php5-5.0.4/configure.in
--- php-5.0.4/configure.in 2005-03-31 07:43:12.000000000 +1000
+++ php5-5.0.4/configure.in 2005-07-31 02:35:46.000000000 +1000
@@ -1044,8 +1044,10 @@
@@ -972,8 +972,10 @@
ZEND_MODULE_API_NO=`egrep '#define ZEND_MODULE_API_NO ' $srcdir/Zend/zend_modules.h|sed 's/#define ZEND_MODULE_API_NO //'`
ZEND_MODULE_API_NO=`$EGREP '#define ZEND_MODULE_API_NO ' $srcdir/Zend/zend_modules.h|$SED 's/#define ZEND_MODULE_API_NO //'`
+DEBIAN_PHP_API=`egrep -h '^#define ZEND_EXTENSION_API_NO|^#define ZEND_MODULE_API_NO|#define PHP_API_VERSION' $srcdir/Zend/zend_extensions.h $srcdir/Zend/zend_modules.h $srcdir/main/php.h | awk '{print $3}' | sed -e 's/^2200/200/' | sort -n | tail -n 1`
+
......@@ -13,9 +13,9 @@ diff -ur php-5.0.4/configure.in php5-5.0.4/configure.in
if test "$oldstyleextdir" = "yes"; then
if test "$PHP_DEBUG" = "1"; then
part1=debug
@@ -1176,6 +1178,7 @@
@@ -1102,6 +1104,7 @@
PHP_SUBST(CXXFLAGS)
PHP_SUBST(CXXFLAGS_CLEAN)
PHP_SUBST(CXX_PHP_COMPILE)
PHP_SUBST_OLD(DEBUG_CFLAGS)
+PHP_SUBST_OLD(DEBIAN_PHP_API)
PHP_SUBST_OLD(EXTENSION_DIR)
......@@ -24,23 +24,25 @@ diff -ur php-5.0.4/configure.in php5-5.0.4/configure.in
diff -ur php-5.0.4/scripts/php-config.in php5-5.0.4/scripts/php-config.in
--- php-5.0.4/scripts/php-config.in 2005-03-16 17:36:54.000000000 +1100
+++ php5-5.0.4/scripts/php-config.in 2005-07-31 02:34:52.000000000 +1000
@@ -7,6 +7,7 @@
ldflags="@PHP_LDFLAGS@"
libs="@EXTRA_LIBS@"
extension_dir='@EXTENSION_DIR@'
@@ -12,6 +12,7 @@
program_suffix="@program_suffix@"
exe_extension="@EXEEXT@"
php_binary="@bindir@/${program_prefix}php${program_suffix}${exe_extension}"
+phpapi="@DEBIAN_PHP_API@"
case "$1" in
--prefix)
@@ -21,8 +22,10 @@
echo $extension_dir;;
--version)
echo $version;;
@@ -28,10 +29,12 @@
echo $includedir;;
--php-binary)
echo $php_binary;;
+--phpapi)
+ echo $phpapi;;
--version)
echo $version;;
*)
- echo "Usage: $0 [--prefix|--includes|--ldflags|--libs|--extension-dir|--version]"
+ echo "Usage: $0 [--prefix|--includes|--ldflags|--libs|--extension-dir|--version|--phpapi]"
- echo "Usage: $0 [--prefix|--includes|--ldflags|--libs|--extension-dir|--include-dir|--php-binary|--version]"
+ echo "Usage: $0 [--prefix|--includes|--ldflags|--libs|--extension-dir|--include-dir|--php-binary|--phpapi|--version]"
exit 1;;
esac
--- php-5.0.5/main/fopen_wrappers.c 2005-07-16 12:14:44.000000000 +0000
+++ php-5.0.5/main/fopen_wrappers.c 2005-09-26 09:07:55.000000000 +0000
@@ -109,8 +109,8 @@
/* Handler for basedirs that end with a / */
resolved_basedir_len = strlen(resolved_basedir);
if (basedir[strlen(basedir) - 1] == PHP_DIR_SEPARATOR) {
- if (resolved_basedir[resolved_basedir_len - 1] == '/') {
- resolved_basedir[resolved_basedir_len - 1] = PHP_DIR_SEPARATOR;
+ if (resolved_basedir[resolved_basedir_len - 1] != PHP_DIR_SEPARATOR) {
+ resolved_basedir[resolved_basedir_len] = PHP_DIR_SEPARATOR;
resolved_basedir[++resolved_basedir_len] = '\0';
}
}
===================================================================
RCS file: /repository/php-src/ext/gd/gd.c,v
retrieving revision 1.294.2.12
retrieving revision 1.294.2.13
diff -p --unified=3 -r1.294.2.12 -r1.294.2.13
--- php-5.0.5/ext/gd/gd.c 2005/05/06 16:49:04 1.294.2.12
+++ php-5.0.5/ext/gd/gd.c 2005/10/06 20:42:56 1.294.2.13
@@ -1726,7 +1726,7 @@ static void _php_image_output(INTERNAL_F
}
if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) {
- if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC)) {
+ if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(fn, "rb+", CHECKUID_CHECK_FILE_AND_DIR))) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid filename '%s'", fn);
RETURN_FALSE;
}
===================================================================
RCS file: /repository/php-src/ext/gd/gd_ctx.c,v
retrieving revision 1.20
retrieving revision 1.20.2.1
diff -p --unified=3 -r1.20 -r1.20.2.1
--- php-5.0.5/ext/gd/gd_ctx.c 2004/01/28 16:25:12 1.20
+++ php-5.0.5/ext/gd/gd_ctx.c 2005/10/06 20:42:56 1.20.2.1
@@ -82,7 +82,7 @@ static void _php_image_output_ctx(INTERN
}
if ((argc == 2) || (argc > 2 && Z_STRLEN_PP(file))) {
- if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC)) {
+ if (!fn || fn == empty_string || php_check_open_basedir(fn TSRMLS_CC) || (PG(safe_mode) && !php_checkuid(fn, "rb+", CHECKUID_CHECK_FILE_AND_DIR))) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid filename '%s'", fn);
RETURN_FALSE;
}
--- php-5.1.1/ext/mime_magic/mime_magic.c 2005-10-19 01:04:07.000000000 +1000
+++ php5-5.1.1/ext/mime_magic/mime_magic.c 2005-12-20 19:25:24.000000000 +1100
@@ -494,7 +494,7 @@
} while (*(++p) != '/');
++p;
do {
- if (!isalnum(*p) && (*p != '-') && (*p != '.') && !isspace(*p)) {
+ if (!isalnum(*p) && (*p != '-') && (*p != '.') && (*p != '+') && !isspace(*p)) {
return 0;
}
} while (*(++p));
@@ -627,6 +627,15 @@
else if (strncmp(l, "string", NSTRING) == 0) {
m->type = STRING;
l += NSTRING;
+ if (*l == '/') {
+ ++l;
+ if ((*l == 'B') || (*l == 'b') || (*l == 'c')) {
+ ++l;
+ if ((*l == 'B') || (*l == 'b') || (*l == 'c')) {
+ ++l;
+ }
+ }
+ }
}
else if (strncmp(l, "date", NDATE) == 0) {
m->type = DATE;
@@ -720,7 +729,7 @@
if (!is_valid_mimetype(l, strlen(l))) {
if(MIME_MAGIC_G(debug))
php_error_docref("http://www.php.net/mime_magic" TSRMLS_CC, E_WARNING, ": (%s:%d) '%s' is not a valid mimetype, entry skipped", MIME_MAGIC_G(magicfile), lineno, l);
- return -1;
+ return 0;
}
strncpy(m->desc, l, sizeof(m->desc) - 1);
--- php5-5.1.1/sapi/apache/config.m4 2005-05-30 09:16:45.000000000 +1000
+++ php5-5.1.1/sapi/apache/config.m4 2005-12-20 20:02:26.000000000 +1100
@@ -52,11 +52,11 @@
APXS_HTTPD=`$APXS -q SBINDIR`/`$APXS -q TARGET`
APACHE_INCLUDE=-I$APXS_INCLUDEDIR
- # Test that we're trying to configure with apache 1.x
- PHP_AP_EXTRACT_VERSION($APXS_HTTPD)
- if test "$APACHE_VERSION" -ge 2000000; then
- AC_MSG_ERROR([You have enabled Apache 1.3 support while your server is Apache 2. Please use the appropiate switch --with-apxs2])
- fi
+dnl # Test that we're trying to configure with apache 1.x
+dnl PHP_AP_EXTRACT_VERSION($APXS_HTTPD)
+dnl if test "$APACHE_VERSION" -ge 2000000; then
+dnl AC_MSG_ERROR([You have enabled Apache 1.3 support while your server is Apache 2. Please use the appropiate switch --with-apxs2])
+dnl fi
for flag in $APXS_CFLAGS; do
case $flag in
--- php5-5.1.1/sapi/apache2handler/config.m4 2005-09-02 00:33:47.000000000 +1000
+++ php5-5.1.1/sapi/apache2handler/config.m4 2005-12-20 19:57:17.000000000 +1100
@@ -56,13 +56,13 @@
APACHE_CFLAGS="$APACHE_CPPFLAGS -I$APXS_INCLUDEDIR $APR_CFLAGS $APU_CFLAGS"
- # Test that we're trying to configure with apache 2.x
- PHP_AP_EXTRACT_VERSION($APXS_HTTPD)
- if test "$APACHE_VERSION" -le 2000000; then
- AC_MSG_ERROR([You have enabled Apache 2 support while your server is Apache 1.3. Please use the appropiate switch --with-apxs (without the 2)])
- elif test "$APACHE_VERSION" -lt 2000044; then
- AC_MSG_ERROR([Please note that Apache version >= 2.0.44 is required])
- fi
+dnl # Test that we're trying to configure with apache 2.x
+dnl PHP_AP_EXTRACT_VERSION($APXS_HTTPD)
+dnl if test "$APACHE_VERSION" -le 2000000; then
+dnl AC_MSG_ERROR([You have enabled Apache 2 support while your server is Apache 1.3. Please use the appropiate switch --with-apxs (without the 2)])
+dnl elif test "$APACHE_VERSION" -lt 2000044; then
+dnl AC_MSG_ERROR([Please note that Apache version >= 2.0.44 is required])
+dnl fi
APXS_LIBEXECDIR='$(INSTALL_ROOT)'`$APXS -q LIBEXECDIR`
if test -z `$APXS -q SYSCONFDIR`; then
diff -ur php-5.0.4/ext/sqlite/config.m4 php5-5.0.4/ext/sqlite/config.m4
--- php-5.0.4/ext/sqlite/config.m4 2005-01-10 08:05:16.000000000 +1100
+++ php5-5.0.4/ext/sqlite/config.m4 2005-07-17 02:06:05.000000000 +1000
@@ -49,7 +49,7 @@
--- php5-5.1.1/ext/sqlite/config.m4 2005-06-14 11:44:16.000000000 +1000
+++ php5-5.1.1/ext/sqlite/config.m4 2005-12-15 16:32:04.000000000 +1100
@@ -86,7 +86,7 @@
])
PHP_SUBST(SQLITE_SHARED_LIBADD)
- PHP_NEW_EXTENSION(sqlite, sqlite.c sess_sqlite.c libsqlite/src/encode.c, $ext_shared)
+ PHP_NEW_EXTENSION(sqlite, sqlite.c sess_sqlite.c, $ext_shared)
SQLITE_MODULE_TYPE=external
PHP_SQLITE_CFLAGS=$pdo_inc_path
- sqlite_extra_sources="libsqlite/src/encode.c"
+ sqlite_extra_sources=""
else
# use bundled library
PHP_PROG_LEMON
--- php-5.0.4/ext/standard/incomplete_class.c.bug34435 2004-11-25 20:28:37.000000000 +0000
+++ php-5.0.4/ext/standard/incomplete_class.c 2005-09-09 13:00:39.000000000 +0100
@@ -122,7 +122,7 @@
/* {{{ php_lookup_class_name
*/
-char *php_lookup_class_name(zval *object, size_t *nlen)
+char *php_lookup_class_name(zval *object, zend_uint *nlen)
{
zval **val;
char *retval = NULL;
@@ -144,7 +144,7 @@
/* {{{ php_store_class_name
*/
-void php_store_class_name(zval *object, const char *name, size_t len)
+void php_store_class_name(zval *object, const char *name, zend_uint len)
{
zval *val;
TSRMLS_FETCH();
--- php-5.0.4/ext/standard/php_incomplete_class.h.bug34435 2005-06-29 10:29:08.000000000 +0100
+++ php-5.0.4/ext/standard/php_incomplete_class.h 2005-09-09 13:00:31.000000000 +0100
@@ -42,7 +42,7 @@
#define PHP_CLASS_ATTRIBUTES \
char *class_name; \
- size_t name_len; \
+ zend_uint name_len; \
zend_bool free_class_name = 0; \
zend_bool incomplete_class = 0
@@ -55,8 +55,8 @@
zend_class_entry *php_create_incomplete_class(TSRMLS_D);
-char *php_lookup_class_name(zval *object, size_t *nlen);
-void php_store_class_name(zval *object, const char *name, size_t len);
+char *php_lookup_class_name(zval *object, zend_uint *nlen);
+void php_store_class_name(zval *object, const char *name, zend_uint len);
#ifdef __cplusplus
};
===================================================================
RCS file: /repository/php-src/ext/gd/gd.c,v
retrieving revision 1.307
retrieving revision 1.308
diff -p --unified=3 -r1.307 -r1.308
--- php-5.0.4/ext/gd/gd.c 2005/03/27 23:43:51 1.307
+++ php-5.0.4/ext/gd/gd.c 2005/04/10 21:37:16 1.308
@@ -3109,7 +3109,8 @@ static void php_imagettftext_common(INTE
{
zval *IM, *EXT = NULL;
gdImagePtr im=NULL;
- int col = -1, x = -1, y = -1, str_len, fontname_len, i, brect[8];
+ long col = -1, x = -1, y = -1;
+ int str_len, fontname_len, i, brect[8];
double ptsize, angle;
unsigned char *str = NULL, *fontname = NULL;
char *error = NULL;
/usr/bin
/usr/lib/php5
pear/README
pear/CODING_STANDARDS
......@@ -88,10 +88,16 @@ COMMON_CONFIG= --build=$(PHP5_BUILD_GNU_TYPE)-gnu --host=$(PHP5_HOST_GNU_TYPE)-
--with-kerberos=/usr \
--with-openssl=/usr \
--enable-dbx \
--disable-pdo \
--enable-soap \
--with-mime-magic=$(MAGIC_MIME) \
--with-exec-dir=/usr/lib/php5/libexec
BUILTIN_EXTENSION_CHECK=$$e=get_loaded_extensions(); natcasesort($$e); \
$$s="The following extensions are built in:"; \
foreach($$e as $$i) { $$s .= " $$i"; } \
echo("php:Extensions=" . wordwrap($$s . ".\n", 75, "\$${Newline} "));
patch: patch-stamp
patch-stamp:
dh_testdir
......@@ -436,10 +442,6 @@ binary-arch: build install
cat debian/copyright.header LICENSE Zend/LICENSE > debian/copyright
dh_installdocs -a
for i in README CODING_STANDARDS; do \
cp pear/$$i debian/php5-common/usr/share/doc/php5-common/PEAR/; \
done
cat debian/modulelist | while read package extname dsoname; do \
rm -rf debian/php5-$$package/usr/share/doc/php5-$$package; \
ln -s php5-common debian/php5-$$package/usr/share/doc/php5-$$package; \
......@@ -484,6 +486,15 @@ binary-arch: build install
echo "php:Depends=phpapi-$${phpapi}" >> debian/php5-$$package.substvars; \
done
for i in cgi cli; do \
"$$i"-build/sapi/cli/php -n -r '$(BUILTIN_EXTENSION_CHECK)' \
>> debian/php5-"$$i".substvars; \
done
for i in apache apache2; do \
"$$i"-build/sapi/cli/php -n -r '$(BUILTIN_EXTENSION_CHECK)' \
>> debian/lib"$$i"-mod-php5.substvars; \
done
echo "apache:Depends=apache-common (>= $(APACHE_VERSION))" >>debian/libapache-mod-php5.substvars
echo "apache2:Depends=apache2-mpm-prefork (>> 2.0.52)" >>debian/libapache2-mod-php5.substvars
dh_gencontrol -a
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment