Please merge php5 5.2.4-2 (main) from Debian unstable (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
php5 (Ubuntu) |
Fix Released
|
Wishlist
|
Soren Hansen |
Bug Description
Binary package hint: php5
Debian changelog since the last merge:
php5 (5.2.4-2) unstable; urgency=low
[ sean finney ]
* for posterity revised previous changelog to reference the CVE id's
of security issues resolved by the latest upstream release.
* lintian: use debian/compat instead of DH_COMPAT in debian/rules.
* lintian: use source:Version and binary:Version where appropriate,
instead of Source-Version
* lintian: remove a couple pieces of cruft in the changelog that were causing
false-postive wrong-bug-
anyway.
[ Raphael Geissert ]
* Using test-results.txt as a target
* cronjob now checks for existance of /usr/lib/
* Fixed memory limit of 1232M in php.ini for cli (Closes: #440624)
* Build the interbase extension using firebird2.0-dev (Closes: #433736)
* Unapply patches with debian/rules clean
[ Steve Langasek ]
* Don't patch configure or php_config.h.in in suhosin.patch, as these are
auto-generated and including them in the patch results in a race
condition for the necessary build-time regeneration. Thanks to Daniel
Schepler for reporting, and to Damyan Ivanov for helping to sort out the
fix. Closes: #443637.
* Also remove the modified auto-generated files in the clean target,
which triggers a warning about disappearing files when building the
source package but avoids carrying irrelevant diffs to these files
in the Debian diff.
* Now that the testsuite is being run at build time, test failures cause
a bunch of junk files to be left around in the Debian diff. So clean up
several false-positive failures:
- 052-phpinfo_
so patch the test as well
- fix_broken_
use sessions, skip the phpinfo test after all because it doesn't appear
to be compatible with current testsuite behavior, and disable the
moneyformat test if en_US locale is not available.
There are still several other failing tests, but these are not false
positives and remain enabled pending investigation.
-- sean finney <email address hidden> Wed, 24 Oct 2007 21:51:14 +0200
php5 (5.2.4-1) unstable; urgency=low
* New upstream release.
* Security issues resolved in the latest release:
- CVE-2007-2519 - Directory traversal vulnerability in PEAR
[ sean finney ]
* patch from Jan Wagner to be able to conditionally disable any
patches that break binary-
binary-only extensions. see debian/rules for more information.
* now incorporate the php unit tests into the build process. for
those interested the output is stored in the file
/usr/
* by default we now ship with enable_dl = Off, as there are some
fairly significant ramifications security-wise to having it on.
* we shipping with the suhosin patch enabled by default.
special thanks to Blars Blarson for providing a sparc machine for
testing purposes with 5.2.3 (closes: #397179).
* new binary package php5-gmp, with the newly enabled gmp extension,
since whatever reason for not doing so either never existed or no
no longer exists (closes: #344137). Build-Depends added for libgmp3-dev.
[ Steve Langasek ]
* php5-module.
when called with 'configure' as an argument, some future debhelper code
could apply in the case of other methods of invocation.
* Clean up build dependencies for recent library transitions:
- libsnmp-dev is now the real package name, and is supported as a virtual
package for backports.
- re-add firebird2-dev as an alternative to firebird1.5-dev, to support
backports.
- the curl -dev package name has changed from libcurl3-
an alternative.
* Switch php5-sybase to use the mssql extension instead of the sybase_ct
extension. Closes: #418734, #329065.
-- sean finney <email address hidden> Sun, 16 Sep 2007 14:46:06 +0200
Related branches
CVE References
Changed in php5: | |
importance: | Undecided → Wishlist |
status: | New → Triaged |
Changed in php5: | |
assignee: | nobody → blueyed |
status: | Triaged → In Progress |
Changed in php5: | |
assignee: | blueyed → nobody |
status: | In Progress → Triaged |
Changed in php5: | |
assignee: | nobody → blueyed |
status: | Triaged → In Progress |
I've talked with Soren about it and he wants to look into it. Therefor assigning to him.