Branches for Precise

Name Status Last Modified Last Commit
lp:ubuntu/precise/php5 bug 2 Mature 2012-04-11 17:53:17 UTC
102. * Cherry picked fixes from Debian tes...

Author: James Page
Revision Date: 2012-04-11 14:27:10 UTC

* Cherry picked fixes from Debian testing:
  - d/maxlifetime: Improve maxlifetime script to scan for more SAPIs and
    scan all *.ini in conf.d directory.
    (LP: #916065).
  - d/libapache2-mod-php5.postinst,libapache2-mod-php5filter.postinst:
    Restart apache on first install to ensure module is fully enabled.
    (LP: #953081).

lp:ubuntu/precise-proposed/php5 bug 2 Mature 2012-09-10 19:18:28 UTC
105. * Applies upstream bug fixes for seve...

Author: Thomas Ward
Revision Date: 2012-07-31 21:15:08 UTC

* Applies upstream bug fixes for several issues and bugs:
  * php5-fpm segfaults with error 4 in libc-2.15.so
      (LP: #1006738. Bug Priority: High)
  * PHP5-FPM not reporting errors to web server (nginx)
      (LP: #1014044. Bug Priority: Medium)

lp:ubuntu/precise-security/php5 bug 2 Mature 2013-03-08 16:22:01 UTC
107. * SECURITY UPDATE: arbitrary file dis...

Author: Marc Deslauriers
Revision Date: 2013-03-08 16:22:01 UTC

* SECURITY UPDATE: arbitrary file disclosure via XML External Entity
  - debian/patches/CVE-2013-1643.patch: disable the entity loader in
    ext/libxml/libxml.c, ext/libxml/php_libxml.h, ext/soap/php_xml.c.
  - CVE-2013-1643

lp:ubuntu/precise-updates/php5 2 Mature 2013-03-08 16:22:01 UTC
107. * SECURITY UPDATE: arbitrary file dis...

Author: Marc Deslauriers
Revision Date: 2013-03-08 16:22:01 UTC

* SECURITY UPDATE: arbitrary file disclosure via XML External Entity
  - debian/patches/CVE-2013-1643.patch: disable the entity loader in
    ext/libxml/libxml.c, ext/libxml/php_libxml.h, ext/soap/php_xml.c.
  - CVE-2013-1643

lp:~clint-fewbar/ubuntu/precise/php5/php5-5.4-merge 1 Development 2012-03-05 18:50:57 UTC
103. * Merge from Debian unstable. Remaini...

Author: Clint Byrum
Revision Date: 2012-03-05 18:49:10 UTC

* Merge from Debian unstable. Remaining changes:
  - d/control: build-depend on mysql 5.5 instead of 5.1 for running tests.
  - d/setup-mysql.sh: modify to work with mysql 5.5 differences
  - debian/rules: export DEB_HOST_MULTIARCH properly.
  - Only build php5-sqlite for sqlite3, dropping the obsolete sqlite2.
  - Add build-dependency on lemon, which we now need.
  - Dropped firebird2.1-dev, libc-client-dev, libmcrypt-dev as it is in universe.
  - Dropped libcurl-dev not in the archive.
  - debian/control: replace build-depends on mysql-server with
    mysql-server-core-5.5 and mysql-client-5.5 to avoid upstart and
    mysql-server-5.5 postinst confusion with starting up multiple
    mysqlds listening on the same port.
  - Dropped php5-imap, php5-interbase, php5-mcrypt since we have versions
    already in universe.
  - Suggest php5-suhosin rather than recommends.
  - Dropped libonig-dev and libqgdbm since its in universe. (libonig MIR
    has been declined due to an inactive upstream. So this is probably
    a permanent change).
  - modulelist: Drop imap, interbase, sybase, and mcrypt.
  - debian/rules:
    * Dropped building of mcrypt, imap, and interbase.
    * Install apport hook for php5.
    * stop mysql instance on clean just in case we failed in tests
  - debian/control: Recommend php5-dev for php-pear.
  - d/rules: enable Suhosin patch with PHP5_SUHOSIN=yes
  - d/NEWS: add note explaining that SUHOSIN *is* enabled in the Ubuntu
    package.
  - d/rules: Simplify apache config settings since we never build
    interbase or firebird.
 * Dropped changes:
  - Pre-Depend on a new enough version of dpkg for dpkg-maintscript-helper
    rather than checking whether it exists at run-time, leading to
    more predictable behaviour on upgrades. This was superseded by
    Debian changes to the same effect.
* PHP 5.4 has landed in unstable
* Imported Upstream version 5.4.0
* Use $(filter pattern...,text) instead of $(findstring find,in) in
  debian/rules to match against space separated list of words and not
  substrings (Closes: #660647)
* Use $(filter pattern...,text) instead of $(findstring find,in) in
  debian/rules to match against space separated list of words and not
  just substrings (i386 != hurd-i386) (Closes: #660647)
* Imported Upstream version 5.4.0~rc8
* Improve maxlifetime script to scan for more SAPIs and scan all *.ini
  in conf.d directory
* Move php5-mysqlnd to Priority: extra to make debcheck happy
* Check for dpkg-maintscript-helper existence in php5-fpm maintainer
  scripts
* Add Pre-Depends: dpkg (>= 1.15.7.2~) | dpkg-maintscript-helper to
  allow single upgrade path (dpkg-maintscript-helper package will be
  provided for Ubuntu Lucid PPA)
* Use corrected module PHPAPI (20100525) and not (220100525)
* Use $ZEND_MODULE_API_NO for $DEBIAN_PHP_API. Check for PHPAPI
  changes, so we don't become binary incompatible without knowing it.
* Update debian/README.Debian.security:
  + register_globals was removed from PHP 5.4
  + Remove safe_mode (removed upstream) and update and reformat text
    slightly
  + Reviewed by english l10n team (thanks a lot)
* php5-fpm now listen on socket instead of localhost by default
  (Closes: #650204)
* Add NEWS about change of default location of php5-fpm socket
* Stop php5-fpm on runlevels 0 1 6 (Closes: #650203)
* Add -ignore_readdir_race to find call in session cleanup (#634864)
* Don't prefix extension list automatically, it's done by subsvars now
  (Closes: #633491)
* Depends on non-forking fuser in psmisc (Closes: #633100)
* php5-common.README.Debian additions and cleanup:
  + Add a paragraph about PHP_INI_SCAN_DIR (Closes: #659123)
  + Reformat README.Debian to common formatting
  + Mention php5-fpm where appropriate
  + Use 'PHP 5' and 'Apache HTTP Server' instead of php5 and apache2
* Textual improvements to README.Debian.security, NEWS
  (closes: #632675,#643015,#658208).
* Imported Upstream version 5.4.0~rc7
  + CVE-2012-0830: Fix PHP remote vulnerability (code injection) in the
    implementation of the max_input_vars configuration variable
  + CVE-2011-3389: Fix possible attack in SSL sockets with SSL 3.0/TLS 1.0.
* ucfize php5-module.* and store priority in module .ini file
* Store dsonames in maintainer scripts to make postrm work
* Make php5enmod idempotent
* Merge all changes from Debian unstable branch (up to 5.3.9-6)
* Fix -Wformat-security error in mysqlnd
* Add php5{en,dis}mod to enable/disable modules from maintainer
  scripts (Closes: #447826, #582320, #627145)
  (Initial work courtesy of Clint Byrum)
* Modify comments in php.inis to match compiled default session
* Adjust new 5.3 patches for 5.4 branch
* Ensure pdo.so is loaded before all other modules
* Add trigger to restart php5-fpm when module is installed/removed
* Remove --with-ttf and --with-t1lib (Closes: #658248, #638755)
* Add debian/NEWS item about missing t1lib functions
* Imported Upstream version 5.4.0~rc6
* Imported Upstream version 5.4.0~rc5
* Update patches for new release
* Disable suhosin patch
* Remove obsolete sqlite(2) module from php5-sqlite
* Use correct signals in php5-fpm init script (Closes: #645934)
* Update gbp.conf for experimental branch
* Imported Upstream version 5.4.0~beta2
* Refresh patches for the 5.4.0beta2 release
* Remove php.ini-paranoid, it's almost useless now
* Remove safe_mode setting from suhosin, it has been removed upstream
* Remove the php_stream stuff to allow compiling with system-wide
  libgd
* php5-common.docs: Don't install non-existant TODO file

15 of 5 results