Comment 28 for bug 21995

This bug was fixed in the package php5 - 5.2.4-2ubuntu1

---------------
php5 (5.2.4-2ubuntu1) hardy; urgency=low

  * Merge from Debian unstable (LP: #176011). Remaining Ubuntu changes:
    - debian/control, debian/rules: Disable a few build dependencies and
      accompanying binary packages which we do not want to support in main:
      + firebird2-dev/php5-interbase (we have a separate php-interbase source)
      + libc-client-dev/php5-imap (we have a separate php-imap source)
      + libmcrypt-dev/php5-mcrypt (separate php-mcrypt source)
    - debian/rules: Correctly mangle PHP5_* macros for lpia
    - debian/control: DebianMaintainerField
  * Builds php5-gmp (LP: #176013)
  * Fixes sybase_ct for MS SQL (LP: #21995)
  * New Ubuntu changes:
    - debian/rules: use 32M memory_limit for CLI and 16M for cgi/libapache
      (LP: #148871)
    - debian/control, debian/rules: Configure CLI with --with-libedit for
      readline support again, now that the libedit issue is fixed.
      Extended debian/patches/027-readline_is_editline.patch (LP: #124846)
    - Force build against db4.4 (by ignoring db4.5 if it is installed),
      debian/patches/use-specific-libdb-version.patch (LP: #165247)

php5 (5.2.4-2) unstable; urgency=low

  [ sean finney ]
  * for posterity revised previous changelog to reference the CVE id's
    of security issues resolved by the latest upstream release.
  * lintian: use debian/compat instead of DH_COMPAT in debian/rules.
  * lintian: use source:Version and binary:Version where appropriate,
    instead of Source-Version
  * lintian: remove a couple pieces of cruft in the changelog that were causing
    false-postive wrong-bug-number-in-closes, but were generally useless
    anyway.

  [ Raphael Geissert ]
  * Using test-results.txt as a target
  * cronjob now checks for existance of /usr/lib/php5/maxlifetime (Closes: #439286)
  * Fixed memory limit of 1232M in php.ini for cli (Closes: #440624)
  * Build the interbase extension using firebird2.0-dev (Closes: #433736)
  * Unapply patches with debian/rules clean

  [ Steve Langasek ]
  * Don't patch configure or php_config.h.in in suhosin.patch, as these are
    auto-generated and including them in the patch results in a race
    condition for the necessary build-time regeneration. Thanks to Daniel
    Schepler for reporting, and to Damyan Ivanov for helping to sort out the
    fix. Closes: #443637.
  * Also remove the modified auto-generated files in the clean target,
    which triggers a warning about disappearing files when building the
    source package but avoids carrying irrelevant diffs to these files
    in the Debian diff.
  * Now that the testsuite is being run at build time, test failures cause
    a bunch of junk files to be left around in the Debian diff. So clean up
    several false-positive failures:
    - 052-phpinfo_no_configure.patch: we're patching the output of phpinfo(),
      so patch the test as well
    - fix_broken_upstream_tests.patch: use a local directory for tests that
      use sessions, skip the phpinfo test after all because it doesn't appear
      to be compatible with current testsuite behavior, and disable the
      moneyformat test if en_US locale is not available.
    There are still several other failing tests, but these are not false
    positives and remain enabled pending investigation.

php5 (5.2.4-1) unstable; urgency=low

  * New upstream release.
  * Security issues resolved in the latest release:
    - CVE-2007-2519 - Directory traversal vulnerability in PEAR

  [ sean finney ]
  * patch from Jan Wagner to be able to conditionally disable any
    patches that break binary-compatibility with official php
    binary-only extensions. see debian/rules for more information.
  * now incorporate the php unit tests into the build process. for
    those interested the output is stored in the file
    /usr/share/doc/php5-common/test-results.txt .
  * by default we now ship with enable_dl = Off, as there are some
    fairly significant ramifications security-wise to having it on.
  * we shipping with the suhosin patch enabled by default.
    special thanks to Blars Blarson for providing a sparc machine for
    testing purposes with 5.2.3 (closes: #397179).
  * new binary package php5-gmp, with the newly enabled gmp extension,
    since whatever reason for not doing so either never existed or no
    no longer exists (closes: #344137). Build-Depends added for libgmp3-dev.

  [ Steve Langasek ]
  * php5-module.postinst: don't assume that the postinst is only relevant
    when called with 'configure' as an argument, some future debhelper code
    could apply in the case of other methods of invocation.
  * Clean up build dependencies for recent library transitions:
    - libsnmp-dev is now the real package name, and is supported as a virtual
      package for backports.
    - re-add firebird2-dev as an alternative to firebird1.5-dev, to support
      backports.
    - the curl -dev package name has changed from libcurl3-openssl-dev to
      libcurl4-openssl-dev; update to the proper name, with libcurl-dev as
      an alternative.
  * Switch php5-sybase to use the mssql extension instead of the sybase_ct
    extension. Closes: #418734, #329065.

 -- dAniel hAhler <email address hidden> Wed, 19 Dec 2007 10:48:04 +0100