Age | Commit message (Collapse) | Author |
|
Bump php to version 5.3.13 to solve multiple CVEs.
The 5.2 series is no longer maintained.
The PCRE and SPL extensions are no longer optional.
Reflection is no longer optional either.
Ncurses was spun out to PECL.
Add a ton of new extensions and give more granular options on others
(like the libxml2-based ones).
The FastCGI option no longer exists, it's always on as long as CGI is.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
The zip extension requires zlib, so select it.
[Peter: Only select zlib, not php zlib extension]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Thanks to the pkgparentdir and pkgname functions, we can rewrite the
AUTOTARGETS macro in a way that avoids the need for each package to
repeat its name and the directory in which it is present.
[Peter: pkgdir->pkgparentdir]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
PHP bug #53632 and CVE-2010-4645, where conversions from string to
double might cause the PHP interpreter to hang on systems using x87 FPU
registers.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
The shell doesn't understand += assignments. Fixes a build issue with
sqlite extension and !largefile (and possibly with ext toolchains as well).
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Patch from php svn r295402.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
* Fixed extract() to do not overwrite $GLOBALS and $this when using
EXTR_OVERWRITE.
* Fixed crash in zip extract method (possible CWE-170).
* Fixed a possible double free in imap extension.
* Fixed possible flaw in open_basedir (CVE-2010-3436).
* Fixed NULL pointer dereference in ZipArchive::getArchiveComment.
(CVE-2010-3709).
* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL
with large amount of data).
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Closes #2791
Signed-off-by: Thomas Rudin <thomas@rudin.li>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
|
|
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Closes #1945
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
gettext needs WCHAR support in the toolchain, and as libglib2 depends on
gettext and lots of stuff depends on libglib2, quite a lot of packages
needs to have their dependencies adjusted.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
When neither CLI nor CGI is selected, PHP's configure script fails
with:
checking whether to build CGI binary... configure: error: No SAPIs selected.
Of couse, the help text of the options says that at least one of them
should be selected, but when doing testing with randpackageconfig,
noone is reading these help texts.
Therefore, based on the suggestion of Yann E. Morin, modify the
Config.in organization so that at least one of the option is selected.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
Closes #1429
[Peter: stick to bz2 upstream]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Makefile.autotools.in automatically adds these to the configure invocation,
so there's no need to explicitly list them.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Similar fix as with the sqlite package.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Security Enhancements and Fixes in PHP 5.2.11:
* Fixed certificate validation inside php_openssl_apply_verification_policy
* Fixed sanity check for the color index in imagecolortransparent()
* Added missing sanity checks around exif processing
* Fixed bug #44683 (popen crashes when an invalid mode is passed)
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
A C library will have been built by the toolchain makefiles, so there is no
need for packages to explicitly depend on uclibc.
Signed-off-by: Will Newton <will.newton@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
Closes #409.
php-5.2.10 is out, mostly misc bugfixes, one small security fix:
Security Enhancements and Fixes in PHP 5.2.10:
* Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg
files). (Pierre)
Key enhancements in PHP 5.2.10 include:
* Added "ignore_errors" option to http fopen wrapper. (David Zulke, Sara)
* Fixed memory corruptions while reading properties of zip files. (Ilia)
* Fixed memory leak in ob_get_clean/ob_get_flush. (Christian)
* Fixed segfault on invalid session.save_path. (Hannes)
* Fixed leaks in imap when a mail_criteria is used. (Pierre)
* Changed default value of array_unique()'s optional sorting type parameter
back to SORT_STRING to fix backwards compatibility breakage introduced in PHP
5.2.9. (Moriyoshi)
* Fixed bug #47940 (memory leaks in imap_body). (Pierre, Jake Levitt)
* Fixed bug #47903 ("@" operator does not work with string offsets).
(Felipe)
* Fixed bug #47644 (Valid integers are truncated with json_decode()).
(Scott)
* Fixed bug #47564 (unpacking unsigned long 32bit big endian returns wrong
result). (Ilia)
* Fixed bug #47365 (ip2long() may allow some invalid values on certain
64bit systems).
* Over 100 bug fixes.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
|
|
Allow platforms to provide a custom php.ini in their target_skeleton.
|
|
Patch by Gustavo Zacarias <gustavo@zacarias.com.ar>
Closes #5, #77, #141 and #143.
* Migrate php package to Makefile.autotools.in
* Make PCRE regex an option (previously forced on)
* Add calendar option from bug #77
* Add external sqlite3 option from bug #141
New option BR2_PACKAGE_PHP_PDO_SQLITE_EXTERNAL
* Add alternate php.ini configuration option from bug #5
Named BR2_PACKAGE_PHP_CONFIG and defaults to shipped config.
In most scenarios the shipped config isn't good enough, it has
a high memory limit for embedded for example.
* Changed some options from depends to select
Namely openssl, libxml2, zlib, gettext, gmp.
* Disabled some 'y' defaults to make things lighter by default
Namely libxml2, sqlite, pdo and pdo_sqlite.
* Made some of the extensions help text more verbose
|
|
Fixes Fixes CVE-2008-5498, closes #137.
Patch by Gustavo Zacarias <gustavo@zacarias.com.ar>
|
|
Hunks missing from r25406.
|
|
|
|
- php comes with it's own embedded sqlite, so no need to select sqlite
- disable largefile support for !BR2_LARGEFILE
- php somehow forgets to link with -ldl, breaking the sqlite extension.
Fix it by disabling the (unused?) modload support in sqlite.
|
|
As noted by Solar on IRC.
|
|
php.net only offers downloads though a strange php script with the file name
embedded in the *MIDDLE* of the URL, which isn't compatible with the DOWNLOAD
macro. Fix it by reverting php.mk hunk of r24689 to go back to $(WGET).
This ofcourse means that the primary site / fallback mirror stuff isn't used.
|
|
Package configs should start with BR2_PACKAGE_.
|
|
unpacked targets
|
|
|
|
|
|
Patch provided by Gustavo Zacarias <gustavo@zacarias.com.ar>.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
for i in `find -name 'Config*' -o -name 'Makefile*' -o -name '*.mk'`;
do
sed -i 's/ \+$//' $i;
done
|
|
'default n' is the default, so there's no need to say it explicitly.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- use $(STRIPCMD) in packages to avoid clashes with $(STRIP)
|
|
|