Please merge php5 5.2.4-2 (main) from Debian unstable (main)

Binary package hint: php5

Debian changelog since the last merge:

php5 (5.2.4-2) unstable; urgency=low
   [ sean finney ]
   * for posterity revised previous changelog to reference the CVE id's
     of security issues resolved by the latest upstream release.
   * lintian: use debian/compat instead of DH_COMPAT in debian/rules.
   * lintian: use source:Version and binary:Version where appropriate,
     instead of Source-Version
   * lintian: remove a couple pieces of cruft in the changelog that were causing
     false-postive wrong-bug-number-in-closes, but were generally useless
     anyway.

   [ Raphael Geissert ]
   * Using test-results.txt as a target
   * cronjob now checks for existance of /usr/lib/php5/maxlifetime (Closes: #439286)
   * Fixed memory limit of 1232M in php.ini for cli (Closes: #440624)
   * Build the interbase extension using firebird2.0-dev (Closes: #433736)
   * Unapply patches with debian/rules clean

   [ Steve Langasek ]
   * Don't patch configure or php_config.h.in in suhosin.patch, as these are
     auto-generated and including them in the patch results in a race
     condition for the necessary build-time regeneration. Thanks to Daniel
     Schepler for reporting, and to Damyan Ivanov for helping to sort out the
     fix. Closes: #443637.
   * Also remove the modified auto-generated files in the clean target,
     which triggers a warning about disappearing files when building the
     source package but avoids carrying irrelevant diffs to these files
     in the Debian diff.
   * Now that the testsuite is being run at build time, test failures cause
     a bunch of junk files to be left around in the Debian diff. So clean up
     several false-positive failures:
     - 052-phpinfo_no_configure.patch: we're patching the output of phpinfo(),
       so patch the test as well
     - fix_broken_upstream_tests.patch: use a local directory for tests that
       use sessions, skip the phpinfo test after all because it doesn't appear
       to be compatible with current testsuite behavior, and disable the
       moneyformat test if en_US locale is not available.
     There are still several other failing tests, but these are not false
     positives and remain enabled pending investigation.

 -- sean finney <email address hidden> Wed, 24 Oct 2007 21:51:14 +0200
php5 (5.2.4-1) unstable; urgency=low
   * New upstream release.
   * Security issues resolved in the latest release:
     - CVE-2007-2519 - Directory traversal vulnerability in PEAR

   [ sean finney ]
   * patch from Jan Wagner to be able to conditionally disable any
     patches that break binary-compatibility with official php
     binary-only extensions. see debian/rules for more information.
   * now incorporate the php unit tests into the build process. for
     those interested the output is stored in the file
     /usr/share/doc/php5-common/test-results.txt .
   * by default we now ship with enable_dl = Off, as there are some
     fairly significant ramifications security-wise to having it on.
   * we shipping with the suhosin patch enabled by default.
     special thanks to Blars Blarson for providing a sparc machine for
     testing purposes with 5.2.3 (closes: #397179).
   * new binary package php5-gmp, with the newly enabled gmp extension,
     since whatever reason for not doing so either never existed or no
     no longer exists (closes: #344137). Build-Depends added for libgmp3-dev.

   [ Steve Langasek ]
   * php5-module.postinst: don't assume that the postinst is only relevant
     when called with 'configure' as an argument, some future debhelper code
     could apply in the case of other methods of invocation.
   * Clean up build dependencies for recent library transitions:
     - libsnmp-dev is now the real package name, and is supported as a virtual
       package for backports.
     - re-add firebird2-dev as an alternative to firebird1.5-dev, to support
       backports.
     - the curl -dev package name has changed from libcurl3-openssl-dev to
       libcurl4-openssl-dev; update to the proper name, with libcurl-dev as
       an alternative.
   * Switch php5-sybase to use the mssql extension instead of the sybase_ct
     extension. Closes: #418734, #329065.

 -- sean finney <email address hidden> Sun, 16 Sep 2007 14:46:06 +0200