| 2013-10-21 14:34:48 |
haggi |
bug |
|
|
added bug |
| 2013-10-21 14:45:21 |
haggi |
attachment added |
|
php -i https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1242726/+attachment/3886267/+files/phpinfo.txt |
|
| 2013-10-21 15:00:37 |
Ondřej Surý |
summary |
json_encode php function missing |
php5-common is missing dependency on php5-json |
|
| 2013-10-22 21:51:21 |
Robie Basak |
php5 (Ubuntu): status |
New |
Triaged |
|
| 2013-10-22 21:51:26 |
Robie Basak |
php5 (Ubuntu): importance |
Undecided |
High |
|
| 2013-10-22 21:53:30 |
Robie Basak |
bug |
|
|
added subscriber Robie Basak |
| 2013-10-22 23:35:39 |
Robie Basak |
description |
After the upgrade to saucy the function json_encode is missing from the current version of php5.
It should be always there on PHP versions >= 5.2.0 (not a pecl module anymore) [1]
to reproduce:
---
user@vm:~$ echo '<?php json_encode(true);' | php
PHP Fatal error: Call to undefined function json_encode() in - on line 1
PHP Stack trace:
PHP 1. {main}() -:0
user@vm:~$ php -v
PHP 5.5.3-1ubuntu2 (cli) (built: Oct 9 2013 14:49:12)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2013 Zend Technologies
with Zend OPcache v7.0.3-dev, Copyright (c) 1999-2013, by Zend Technologies
with Xdebug v2.2.3, Copyright (c) 2002-2013, by Derick Rethans
---
[1] http://php.net/manual/en/function.json-encode.php
ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: php5 (not installed)
ProcVersionSignature: Ubuntu 3.11.0-12.19-generic 3.11.3
Uname: Linux 3.11.0-12-generic x86_64
ApportVersion: 2.12.5-0ubuntu2
Architecture: amd64
Date: Mon Oct 21 16:30:04 2013
InstallationDate: Installed on 2013-06-03 (140 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
MarkForUpload: True
SourcePackage: php5
UpgradeStatus: Upgraded to saucy on 2013-10-21 (0 days ago) |
[Availability]
Available in universe; successfully built on all architectures.
[Rationale]
Useful functionality for a large proportion of php users; JSON support is
pretty essential for many web services nowadays.
New dependency of php5 (see background information below)
[Security]
JSON parsing is security sensitive; particular in web applications for which
PHP is often used. This package is a wrapper around json-c which is in main
already. We do need to make sure that the wrapper is not vulnerable, but the
JSON parsing itself is already covered by json-c in main.
No other relevant security history. CVE-2009-1271 appears to refer to the JSON
module bundled with PHP and not this alternative implementation.
No suid or sgid binaries. No executables in /sbin or /usr/sbin. No daemons. No
use of privileged ports.
This is an add-on to PHP and an expected use (parsing untrusted input) is
security sensitive.
[QA]
Works with no further configuration or documentation.
No debconf questions.
No long-term outstanding bugs upstream. The only bug in Debian appears to
relate to a edge case difference in error handling behaviour, which I'm not
sure is a bug at all. No relevant bugs in Ubuntu.
Outstanding Lintian bugs all refer to PHP packaging issues; this package is
maintained by the PHP maintainer in Debian.
No exotic hardware.
Test suite is run during package build using dh_auto_test which fails on test
suite failure.
No watch file.
[Dependencies]
All in main, including libjson-c-dev.
[Standards compliance]
Packaging uses debhelper 9, standard phpize and dh-php5.
[Maintenance]
This is a straightforward wrapper around json-c. Except to trivially keep
synced with Debian.
The Ubuntu Server team will subscribe to the package.
[Background Information]
The JSON module bundled by PHP upstream is not DFSG compliant due to a problem
with a licence term. See
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692613 for details. So Debian
does not ship with the embedded JSON module, but instead ships php-json
(binary: phphp5-json) which is an independent implementation, and php depends
on it.
For parity with Debian and common use of PHP, we should have php-json in main.
Otherwise we cannot depend on php5-json, and so JSON functionality in PHP will
be broken by default.
[Original Description]
After the upgrade to saucy the function json_encode is missing from the current version of php5.
It should be always there on PHP versions >= 5.2.0 (not a pecl module anymore) [1]
to reproduce:
---
user@vm:~$ echo '<?php json_encode(true);' | php
PHP Fatal error: Call to undefined function json_encode() in - on line 1
PHP Stack trace:
PHP 1. {main}() -:0
user@vm:~$ php -v
PHP 5.5.3-1ubuntu2 (cli) (built: Oct 9 2013 14:49:12)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2013 Zend Technologies
with Zend OPcache v7.0.3-dev, Copyright (c) 1999-2013, by Zend Technologies
with Xdebug v2.2.3, Copyright (c) 2002-2013, by Derick Rethans
---
[1] http://php.net/manual/en/function.json-encode.php
ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: php5 (not installed)
ProcVersionSignature: Ubuntu 3.11.0-12.19-generic 3.11.3
Uname: Linux 3.11.0-12-generic x86_64
ApportVersion: 2.12.5-0ubuntu2
Architecture: amd64
Date: Mon Oct 21 16:30:04 2013
InstallationDate: Installed on 2013-06-03 (140 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
MarkForUpload: True
SourcePackage: php5
UpgradeStatus: Upgraded to saucy on 2013-10-21 (0 days ago) |
|
| 2013-10-22 23:35:51 |
Robie Basak |
summary |
php5-common is missing dependency on php5-json |
[MIR] php5-common is missing dependency on php5-json |
|
| 2013-10-22 23:36:10 |
Robie Basak |
bug |
|
|
added subscriber MIR approval team |
| 2013-10-22 23:36:25 |
Robie Basak |
bug task added |
|
php-json (Ubuntu) |
|
| 2013-10-22 23:36:47 |
Robie Basak |
description |
[Availability]
Available in universe; successfully built on all architectures.
[Rationale]
Useful functionality for a large proportion of php users; JSON support is
pretty essential for many web services nowadays.
New dependency of php5 (see background information below)
[Security]
JSON parsing is security sensitive; particular in web applications for which
PHP is often used. This package is a wrapper around json-c which is in main
already. We do need to make sure that the wrapper is not vulnerable, but the
JSON parsing itself is already covered by json-c in main.
No other relevant security history. CVE-2009-1271 appears to refer to the JSON
module bundled with PHP and not this alternative implementation.
No suid or sgid binaries. No executables in /sbin or /usr/sbin. No daemons. No
use of privileged ports.
This is an add-on to PHP and an expected use (parsing untrusted input) is
security sensitive.
[QA]
Works with no further configuration or documentation.
No debconf questions.
No long-term outstanding bugs upstream. The only bug in Debian appears to
relate to a edge case difference in error handling behaviour, which I'm not
sure is a bug at all. No relevant bugs in Ubuntu.
Outstanding Lintian bugs all refer to PHP packaging issues; this package is
maintained by the PHP maintainer in Debian.
No exotic hardware.
Test suite is run during package build using dh_auto_test which fails on test
suite failure.
No watch file.
[Dependencies]
All in main, including libjson-c-dev.
[Standards compliance]
Packaging uses debhelper 9, standard phpize and dh-php5.
[Maintenance]
This is a straightforward wrapper around json-c. Except to trivially keep
synced with Debian.
The Ubuntu Server team will subscribe to the package.
[Background Information]
The JSON module bundled by PHP upstream is not DFSG compliant due to a problem
with a licence term. See
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692613 for details. So Debian
does not ship with the embedded JSON module, but instead ships php-json
(binary: phphp5-json) which is an independent implementation, and php depends
on it.
For parity with Debian and common use of PHP, we should have php-json in main.
Otherwise we cannot depend on php5-json, and so JSON functionality in PHP will
be broken by default.
[Original Description]
After the upgrade to saucy the function json_encode is missing from the current version of php5.
It should be always there on PHP versions >= 5.2.0 (not a pecl module anymore) [1]
to reproduce:
---
user@vm:~$ echo '<?php json_encode(true);' | php
PHP Fatal error: Call to undefined function json_encode() in - on line 1
PHP Stack trace:
PHP 1. {main}() -:0
user@vm:~$ php -v
PHP 5.5.3-1ubuntu2 (cli) (built: Oct 9 2013 14:49:12)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2013 Zend Technologies
with Zend OPcache v7.0.3-dev, Copyright (c) 1999-2013, by Zend Technologies
with Xdebug v2.2.3, Copyright (c) 2002-2013, by Derick Rethans
---
[1] http://php.net/manual/en/function.json-encode.php
ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: php5 (not installed)
ProcVersionSignature: Ubuntu 3.11.0-12.19-generic 3.11.3
Uname: Linux 3.11.0-12-generic x86_64
ApportVersion: 2.12.5-0ubuntu2
Architecture: amd64
Date: Mon Oct 21 16:30:04 2013
InstallationDate: Installed on 2013-06-03 (140 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
MarkForUpload: True
SourcePackage: php5
UpgradeStatus: Upgraded to saucy on 2013-10-21 (0 days ago) |
MIR for php-json:
[Availability]
Available in universe; successfully built on all architectures.
[Rationale]
Useful functionality for a large proportion of php users; JSON support is
pretty essential for many web services nowadays.
New dependency of php5 (see background information below)
[Security]
JSON parsing is security sensitive; particular in web applications for which
PHP is often used. This package is a wrapper around json-c which is in main
already. We do need to make sure that the wrapper is not vulnerable, but the
JSON parsing itself is already covered by json-c in main.
No other relevant security history. CVE-2009-1271 appears to refer to the JSON
module bundled with PHP and not this alternative implementation.
No suid or sgid binaries. No executables in /sbin or /usr/sbin. No daemons. No
use of privileged ports.
This is an add-on to PHP and an expected use (parsing untrusted input) is
security sensitive.
[QA]
Works with no further configuration or documentation.
No debconf questions.
No long-term outstanding bugs upstream. The only bug in Debian appears to
relate to a edge case difference in error handling behaviour, which I'm not
sure is a bug at all. No relevant bugs in Ubuntu.
Outstanding Lintian bugs all refer to PHP packaging issues; this package is
maintained by the PHP maintainer in Debian.
No exotic hardware.
Test suite is run during package build using dh_auto_test which fails on test
suite failure.
No watch file.
[Dependencies]
All in main, including libjson-c-dev.
[Standards compliance]
Packaging uses debhelper 9, standard phpize and dh-php5.
[Maintenance]
This is a straightforward wrapper around json-c. Except to trivially keep
synced with Debian.
The Ubuntu Server team will subscribe to the package.
[Background Information]
The JSON module bundled by PHP upstream is not DFSG compliant due to a problem
with a licence term. See
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692613 for details. So Debian
does not ship with the embedded JSON module, but instead ships php-json
(binary: phphp5-json) which is an independent implementation, and php depends
on it.
For parity with Debian and common use of PHP, we should have php-json in main.
Otherwise we cannot depend on php5-json, and so JSON functionality in PHP will
be broken by default.
[Original Description]
After the upgrade to saucy the function json_encode is missing from the current version of php5.
It should be always there on PHP versions >= 5.2.0 (not a pecl module anymore) [1]
to reproduce:
---
user@vm:~$ echo '<?php json_encode(true);' | php
PHP Fatal error: Call to undefined function json_encode() in - on line 1
PHP Stack trace:
PHP 1. {main}() -:0
user@vm:~$ php -v
PHP 5.5.3-1ubuntu2 (cli) (built: Oct 9 2013 14:49:12)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2013 Zend Technologies
with Zend OPcache v7.0.3-dev, Copyright (c) 1999-2013, by Zend Technologies
with Xdebug v2.2.3, Copyright (c) 2002-2013, by Derick Rethans
---
[1] http://php.net/manual/en/function.json-encode.php
ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: php5 (not installed)
ProcVersionSignature: Ubuntu 3.11.0-12.19-generic 3.11.3
Uname: Linux 3.11.0-12-generic x86_64
ApportVersion: 2.12.5-0ubuntu2
Architecture: amd64
Date: Mon Oct 21 16:30:04 2013
InstallationDate: Installed on 2013-06-03 (140 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
MarkForUpload: True
SourcePackage: php5
UpgradeStatus: Upgraded to saucy on 2013-10-21 (0 days ago) |
|
| 2013-10-22 23:42:06 |
Launchpad Janitor |
php-json (Ubuntu): status |
New |
Confirmed |
|
| 2013-10-23 23:12:55 |
Robie Basak |
php-json (Ubuntu): importance |
Undecided |
High |
|
| 2013-11-04 22:05:01 |
Michael Terry |
php-json (Ubuntu): assignee |
|
Jamie Strandboge (jdstrand) |
|
| 2013-11-25 15:02:33 |
Jamie Strandboge |
php-json (Ubuntu): assignee |
Jamie Strandboge (jdstrand) |
Seth Arnold (seth-arnold) |
|
| 2013-12-21 06:44:26 |
Seth Arnold |
bug |
|
|
added subscriber Seth Arnold |
| 2013-12-21 06:44:29 |
Seth Arnold |
php-json (Ubuntu): assignee |
Seth Arnold (seth-arnold) |
|
|
| 2013-12-21 10:24:17 |
manfreed |
bug |
|
|
added subscriber manfreed |
| 2013-12-23 15:49:45 |
Michael Terry |
bug task added |
|
pkg-php-tools (Ubuntu) |
|
| 2013-12-23 15:50:14 |
Michael Terry |
php-json (Ubuntu): status |
Confirmed |
Fix Committed |
|
| 2013-12-23 15:51:36 |
Michael Terry |
pkg-php-tools (Ubuntu): status |
New |
Fix Committed |
|
| 2013-12-24 12:17:34 |
Matthias Klose |
php-json (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2013-12-24 12:17:57 |
Matthias Klose |
pkg-php-tools (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2014-01-21 20:10:45 |
Launchpad Janitor |
php5 (Ubuntu): status |
Triaged |
Fix Released |
|
| 2014-01-21 20:10:45 |
Launchpad Janitor |
cve linked |
|
2013-6420 |
|
| 2014-01-21 20:10:45 |
Launchpad Janitor |
cve linked |
|
2013-6712 |
|
