lp:ubuntu/raring/php5
- Get this branch:
- bzr branch lp:ubuntu/raring/php5
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 109. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary file disclosure via XML External Entity
- debian/patches/ CVE-2013- 1643.patch: disable the entity loader in
ext/libxml/ libxml. c, ext/libxml/ php_libxml. h, ext/soap/php_xml.c.
- CVE-2013-1643 - 108. By Clint Byrum
-
* Merge from Debian experimental. Remaining changes:
- d/rules: Simplify apache config settings since we never build
interbase or firebird.
- debian/rules: export DEB_HOST_MULTIARCH properly.
- Add build-dependency on lemon, which we now need.
- Dropped firebird2.1-dev, libc-client-dev, libmcrypt-dev as it is
in universe.
- Dropped libcurl-dev not in the archive.
- debian/control: replace build-depends on mysql-server with
mysql-server- core-5. 5 and mysql-client-5.5 to avoid upstart and
mysql-server- 5.5 postinst confusion with starting up multiple
mysqlds listening on the same port.
- Dropped php5-imap, php5-interbase, php5-mcrypt since we have
versions already in universe.
- Dropped libonig-dev and libqgdbm since its in universe. (libonig
MIR has been declined due to an inactive upstream. So this is
probably a permanent change).
- modulelist: Drop imap, interbase, sybase, and mcrypt.
- debian/rules:
- Dropped building of mcrypt, imap, and interbase.
- Install apport hook for php5.
- stop mysql instance on clean just in case we failed in tests
- debian/control, debian/rules: Re-enable libedit-dev.
* Dropped changes:
- Re-add logic to guess default timezone from system to fix default
timezone regression Cherry-picked from Debian 5.4.4-6 (also in
Debian 5.4.6-2).
- debian/patches/ libxml290. patch: Fix FTBFS with libxml 2.9.0.
(included upstream) - 107. By Marc Deslauriers
-
[ Robie Basak ]
* Re-add logic to guess default timezone from system to fix default timezone
regression (LP: #1069529). Cherry-picked from Debian 5.4.4-6 (also in
Debian 5.4.6-2).[ Marc Deslauriers ]
* debian/patches/ libxml290. patch: Fix FTBFS with libxml 2.9.0. - 106. By Clint Byrum
-
* Merge from Debian experimental (LP: #1006738 , LP: #1040212)
Remaining changes:
- d/rules: Simplify apache config settings since we never build
interbase or firebird.
- debian/rules: export DEB_HOST_MULTIARCH properly.
- Add build-dependency on lemon, which we now need.
- Dropped firebird2.1-dev, libc-client-dev, libmcrypt-dev as it is
in universe.
- Dropped libcurl-dev not in the archive.
- debian/control: replace build-depends on mysql-server with
mysql-server- core-5. 5 and mysql-client-5.5 to avoid upstart and
mysql-server- 5.5 postinst confusion with starting up multiple
mysqlds listening on the same port.
- Dropped php5-imap, php5-interbase, php5-mcrypt since we have
versions already in universe.
- Dropped libonig-dev and libqgdbm since its in universe. (libonig
MIR has been declined due to an inactive upstream. So this is
probably a permanent change).
- modulelist: Drop imap, interbase, sybase, and mcrypt.
- debian/rules:
- Dropped building of mcrypt, imap, and interbase.
- Install apport hook for php5.
- stop mysql instance on clean just in case we failed in tests
- debian/control, debian/rules: Re-enable libedit-dev.
* Dropped Changes:
- debian/rules: change memory limits on example .ini files. - 105. By Clint Byrum
-
* Merge from Debian unstable. (LP: #1014044) (LP: #1024355)
Remaining changes:
- d/rules: Simplify apache config settings since we never build
interbase or firebird.
- debian/rules: export DEB_HOST_MULTIARCH properly.
- Add build-dependency on lemon, which we now need.
- Dropped firebird2.1-dev, libc-client-dev, libmcrypt-dev as it is in universe.
- Dropped libcurl-dev not in the archive.
- debian/control: replace build-depends on mysql-server with
mysql-server- core-5. 5 and mysql-client-5.5 to avoid upstart and
mysql-server- 5.5 postinst confusion with starting up multiple
mysqlds listening on the same port.
- Dropped php5-imap, php5-interbase, php5-mcrypt since we have versions
already in universe.
- Dropped libonig-dev and libqgdbm since its in universe. (libonig MIR
has been declined due to an inactive upstream. So this is probably
a permanent change).
- modulelist: Drop imap, interbase, sybase, and mcrypt.
- debian/rules:
* Dropped building of mcrypt, imap, and interbase.
* Install apport hook for php5.
* stop mysql instance on clean just in case we failed in tests - 104. By Clint Byrum
-
* Merge from Debian unstable. Remaining changes:
- d/rules: Simplify apache config settings since we never build
interbase or firebird.
- debian/rules: export DEB_HOST_MULTIARCH properly.
- Add build-dependency on lemon, which we now need.
- Dropped firebird2.1-dev, libc-client-dev, libmcrypt-dev as it is in universe.
- Dropped libcurl-dev not in the archive.
- debian/control: replace build-depends on mysql-server with
mysql-server- core-5. 5 and mysql-client-5.5 to avoid upstart and
mysql-server- 5.5 postinst confusion with starting up multiple
mysqlds listening on the same port.
- Dropped php5-imap, php5-interbase, php5-mcrypt since we have versions
already in universe.
- Dropped libonig-dev and libqgdbm since its in universe. (libonig MIR
has been declined due to an inactive upstream. So this is probably
a permanent change).
- modulelist: Drop imap, interbase, sybase, and mcrypt.
- debian/rules:
* Dropped building of mcrypt, imap, and interbase.
* Install apport hook for php5.
* stop mysql instance on clean just in case we failed in tests
* Dropped Changes:
* d/rules: enable Suhosin patch with PHP5_SUHOSIN=yes -- Upstream suhosin
has been slow to adopt PHP 5.4, and is showing signs of disengagement.
Therefore, we will follow Debian's lead and drop Suhosin for now.
- d/control: build-depend on mysql 5.5 instead of 5.1 for running tests.
-- Debian just deps on mysql-server
- Suggest php5-suhosin rather than recommends. -- Dropping suhosin
- d/setup-mysql.sh: modify to work with mysql 5.5 differences -- superseded
in Debian.
- Only build php5-sqlite for sqlite3, dropping the obsolete sqlite2. --
superseded in Debian
- d/maxlifetime: Improve maxlifetime script to scan for more SAPIs and
scan all *.ini in conf.d directory. -- Change came from Debian
- d/libapache2-mod-php5. postinst, libapache2- mod-php5filter. postinst:
Restart apache on first install to ensure module is fully enabled.
-- Change came from Debian
- debian/patches/ php5-CVE- 2012-1823. patch: filter query strings that
are prefixed with '-' -- Fixed upstream
- debian/control: Recommend php5-dev for php-pear. -- This was a poorly
conceived idea anyway.
- Pre-Depend on a new enough version of dpkg for dpkg-maintscript-helper
rather than checking whether it exists at run-time, leading to more
predictable behaviour on upgrades. -- Applied in Debian
- d/p/gd-multiarch- fix.patch: superseded
* d/NEWS: add note explaining that SUHOSIN is no longer enabled in the
Ubuntu packages. - 103. By Steve Beattie
-
* SECURITY UPDATE: php5-cgi query string parameters parsing
vulnerability
- debian/patches/ php5-CVE- 2012-1823. patch: filter query strings that
are prefixed with '-'
- CVE-2012-1823
- CVE-2012-2311 - 102. By James Page
-
* Cherry picked fixes from Debian testing:
- d/maxlifetime: Improve maxlifetime script to scan for more SAPIs and
scan all *.ini in conf.d directory.
(LP: #916065).
- d/libapache2-mod-php5. postinst, libapache2- mod-php5filter. postinst:
Restart apache on first install to ensure module is fully enabled.
(LP: #953081). - 101. By Colin Watson
-
Pre-Depend on a new enough version of dpkg for dpkg-maintscrip
t-helper
rather than checking whether it exists at run-time, leading to more
predictable behaviour on upgrades. - 100. By Clint Byrum
-
* Merge from Debian testing. Remaining changes:
- d/control: build-depend on mysql 5.5 instead of 5.1 for running tests.
- d/setup-mysql.sh: modify to work with mysql 5.5 differences
- debian/rules: export DEB_HOST_MULTIARCH properly.
- Only build php5-sqlite for sqlite3, dropping the obsolete sqlite2.
- Add build-dependency on lemon, which we now need.
- Dropped firebird2.1-dev, libc-client-dev, libmcrypt-dev as it is in universe.
- Dropped libcurl-dev not in the archive.
- debian/control: replace build-depends on mysql-server with
mysql-server- core-5. 5 and mysql-client-5.5 to avoid upstart and
mysql-server- 5.5 postinst confusion with starting up multiple
mysqlds listening on the same port.
- Dropped php5-imap, php5-interbase, php5-mcrypt since we have versions
already in universe.
- Suggest php5-suhosin rather than recommends.
- Dropped libonig-dev and libqgdbm since its in universe. (libonig MIR
has been declined due to an inactive upstream. So this is probably
a permanent change).
- modulelist: Drop imap, interbase, sybase, and mcrypt.
- debian/rules:
* Dropped building of mcrypt, imap, and interbase.
* Install apport hook for php5.
* stop mysql instance on clean just in case we failed in tests
- debian/control: Recommend php5-dev for php-pear.
* Dropped Changes:
- d/patches/CVE-2011- 4566.patch: Applied upstream
- debian/rules: --enable-pcntl for cgi as well. (Applied in Debian)
* d/rules: enable Suhosin patch with PHP5_SUHOSIN=yes
* d/NEWS: add note explaining that SUHOSIN *is* enabled in the Ubuntu
package.
* d/rules: Simplify apache config settings since we never build
interbase or firebird.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)