Commit Graph

39 Commits

Author SHA1 Message Date
Gustavo Zacarias
b3395489fe php: security bump to 5.2.17
PHP bug #53632 and CVE-2010-4645, where conversions from string to
double might cause the PHP interpreter to hang on systems using x87 FPU
registers.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-01-17 20:50:17 +01:00
Peter Korsgaard
b25cf0a05c php: fix CFLAGS handling
The shell doesn't understand += assignments. Fixes a build issue with
sqlite extension and !largefile (and possibly with ext toolchains as well).

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-01-02 22:53:16 +01:00
Gustavo Zacarias
eb8390d66f php: libgmp was renamed to gmp
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-12-27 22:00:59 +01:00
Gustavo Zacarias
1ecf423dfb php: security bump to version 5.2.16
* Fixed extract() to do not overwrite $GLOBALS and $this when using
  EXTR_OVERWRITE.

* Fixed crash in zip extract method (possible CWE-170).

* Fixed a possible double free in imap extension.

* Fixed possible flaw in open_basedir (CVE-2010-3436).

* Fixed NULL pointer dereference in ZipArchive::getArchiveComment.
  (CVE-2010-3709).

* Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL
  with large amount of data).

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-12-22 22:53:57 +01:00
Thomas Rudin
972cd4229b php: add process control support
Closes #2791

Signed-off-by: Thomas Rudin <thomas@rudin.li>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-11-24 23:12:54 +01:00
Thomas Petazzoni
c692a3e443 php: convert old-style hooks to new-style hooks
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2010-09-12 19:24:59 +02:00
Gustavo Zacarias
a022ab5e01 Security bump php to 5.2.14
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
2010-08-24 09:30:41 +02:00
Gustavo Zacarias
d9c2b63674 php: add sqlite3 dependency when using external
Closes #1945

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-06-06 22:46:19 +02:00
Thomas Petazzoni
542fbe8520 Make all package using gettext rely on BR2_NEEDS_GETTEXT
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2010-05-20 22:34:27 +02:00
Gustavo Zacarias
0fd372457e php: bump version
Closes #1429

[Peter: stick to bz2 upstream]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-03-31 10:44:45 +02:00
Peter Korsgaard
a96be19bc3 package: remove redundant DISABLE_{IPV6,NLS,LARGEFILE} configure args
Makefile.autotools.in automatically adds these to the configure invocation,
so there's no need to explicitly list them.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-03-22 14:29:00 +01:00
Gustavo Zacarias
e052e9709a Bump php to 5.2.12
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-01-29 15:00:16 +01:00
Peter Korsgaard
bba2fd540b php: fix pdo sqlite compilation with !BR2_LARGEFILE
Similar fix as with the sqlite package.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2009-11-23 14:25:24 +01:00
Gustavo Zacarias
829d4ff63c Update php package to 5.2.11
Security Enhancements and Fixes in PHP 5.2.11:

   * Fixed certificate validation inside php_openssl_apply_verification_policy
   * Fixed sanity check for the color index in imagecolortransparent()
   * Added missing sanity checks around exif processing
   * Fixed bug #44683 (popen crashes when an invalid mode is passed)

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2009-10-09 15:38:41 +02:00
Will Newton
422ce6536b package: Remove unnecessary dependencies on uclibc.
A C library will have been built by the toolchain makefiles, so there is no
need for packages to explicitly depend on uclibc.

Signed-off-by: Will Newton <will.newton@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2009-09-03 20:22:38 +02:00
Gustavo Zacarias
93308ccba3 php: bump version
Closes #409.

php-5.2.10 is out, mostly misc bugfixes, one small security fix:

Security Enhancements and Fixes in PHP 5.2.10:

    * Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg
files). (Pierre)

Key enhancements in PHP 5.2.10 include:

    * Added "ignore_errors" option to http fopen wrapper. (David Zulke, Sara)
    * Fixed memory corruptions while reading properties of zip files. (Ilia)
    * Fixed memory leak in ob_get_clean/ob_get_flush. (Christian)
    * Fixed segfault on invalid session.save_path. (Hannes)
    * Fixed leaks in imap when a mail_criteria is used. (Pierre)
    * Changed default value of array_unique()'s optional sorting type parameter
back to SORT_STRING to fix backwards compatibility breakage introduced in PHP
5.2.9. (Moriyoshi)
    * Fixed bug #47940 (memory leaks in imap_body). (Pierre, Jake Levitt)
    * Fixed bug #47903 ("@" operator does not work with string offsets).
(Felipe)
    * Fixed bug #47644 (Valid integers are truncated with json_decode()).
(Scott)
    * Fixed bug #47564 (unpacking unsigned long 32bit big endian returns wrong
result). (Ilia)
    * Fixed bug #47365 (ip2long() may allow some invalid values on certain
64bit systems).
    * Over 100 bug fixes.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2009-06-23 09:26:27 +02:00
Peter Korsgaard
b8a8f1c434 php: touch post-install stamp file 2009-03-05 21:38:36 +00:00
Peter Korsgaard
ee0bbc04ff php: only overwrite php.ini if not present in target_skeleton
Allow platforms to provide a custom php.ini in their target_skeleton.
2009-03-04 20:58:12 +00:00
Peter Korsgaard
7685dd41e1 php: convert to Makefile.autotools.in and other improvements
Patch by Gustavo Zacarias <gustavo@zacarias.com.ar>

Closes #5, #77, #141 and #143.

* Migrate php package to Makefile.autotools.in

* Make PCRE regex an option (previously forced on)

* Add calendar option from bug #77

* Add external sqlite3 option from bug #141
New option BR2_PACKAGE_PHP_PDO_SQLITE_EXTERNAL

* Add alternate php.ini configuration option from bug #5
Named BR2_PACKAGE_PHP_CONFIG and defaults to shipped config.
In most scenarios the shipped config isn't good enough, it has
a high memory limit for embedded for example.

* Changed some options from depends to select
Namely openssl, libxml2, zlib, gettext, gmp.

* Disabled some 'y' defaults to make things lighter by default
Namely libxml2, sqlite, pdo and pdo_sqlite.

* Made some of the extensions help text more verbose
2009-03-04 20:58:08 +00:00
Peter Korsgaard
0d5dfaa085 php: bump version
Fixes Fixes CVE-2008-5498, closes #137.

Patch by Gustavo Zacarias <gustavo@zacarias.com.ar>
2009-03-02 19:05:33 +00:00
Peter Korsgaard
0524852e7a php: fix sqlite module
- php comes with it's own embedded sqlite, so no need to select sqlite
- disable largefile support for !BR2_LARGEFILE
- php somehow forgets to link with -ldl, breaking the sqlite extension.
  Fix it by disabling the (unused?) modload support in sqlite.
2009-02-21 09:06:43 +00:00
Peter Korsgaard
21e3fa22ee php: use alternative download URL so we can use DOWNLOAD macro
As noted by Solar on IRC.
2009-02-20 21:55:32 +00:00
Peter Korsgaard
01ea62911e php: don't use DOWNLOAD macro
php.net only offers downloads though a strange php script with the file name
embedded in the *MIDDLE* of the URL, which isn't compatible with the DOWNLOAD
macro. Fix it by reverting php.mk hunk of r24689 to go back to $(WGET).

This ofcourse means that the primary site / fallback mirror stuff isn't used.
2009-02-20 15:13:50 +00:00
Ulf Samuelsson
cf965728d2 Fix spelling error, causing php to use host includes, add patching and unpacked targets 2009-01-25 20:59:30 +00:00
Peter Korsgaard
4a7bfd2775 package/: convert to DOWNLOAD helper 2009-01-16 11:42:52 +00:00
Ulf Samuelsson
675d416144 Bump php version since source is removed due to security risk 2009-01-11 20:08:47 +00:00
Thomas Petazzoni
80ad247617 Bump PHP version to 5.2.7.
Patch provided by Gustavo Zacarias <gustavo@zacarias.com.ar>.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2008-12-13 11:01:21 +00:00
Peter Korsgaard
ac1d92c425 package/: get rid of unneeded $(strip ..) 2008-12-08 08:15:27 +00:00
Peter Korsgaard
02a623ddf9 buildroot: remove trailing spaces
for i in `find -name 'Config*' -o -name 'Makefile*' -o -name '*.mk'`;
do
	sed -i 's/ \+$//' $i;
done
2008-08-04 19:07:05 +00:00
Arnar Mar Sigurðsson
a9aa94d1be Add missing depends 2008-06-01 19:42:14 +00:00
Arnar Mar Sigurðsson
4d953ef59f Dump php to version 5.2.6 and add SimpleXML extension to config menu 2008-06-01 18:04:13 +00:00
John Voltz
554fc8bc7f fixes for php makefile 2008-03-11 18:14:42 +00:00
John Voltz
7059768c4c enhancements for php 2008-03-06 18:21:33 +00:00
Bernhard Reutner-Fischer
14a71561a3 - just use the strip binary to avoid confusing libtool (quotes)
- use $(STRIPCMD) in packages to avoid clashes with $(STRIP)
2007-10-01 16:15:31 +00:00
Bernhard Reutner-Fischer
e1c81b6327 - fix unpacking the tarballs, minor cleanups while at it. 2007-08-22 10:11:18 +00:00
Bernhard Reutner-Fischer
6c6cb06709 - sed -i -e "/;$/s/;$//g" $(egrep ";$" package/* package/*/*.mk toolchain/* toolchain/*/*.mk */Makefile.in -l) 2007-08-21 19:20:18 +00:00
Ulf Samuelsson
e4ead9c13c Remove switches if sstrip is run 2007-08-21 01:53:57 +00:00
Ulf Samuelsson
4955099de0 Från: Brad House <brad@mainstreetsoftworks.com>
Till: 	buildroot@uclibc.org
Ämne: 	[Buildroot] [patch] php fixes and updates
Datum: 	Tue, 14 Aug 2007 16:39:03 -0400  (22.39 CEST)
Changes:
        - fastcgi config option
        - force php to find the php.ini in /etc (it seems to default
          to /lib for some reason)
        - build with posix support, a lot of php scripts require
          this apparently
        - strip the php binary when installing to TARGET_DIR
        - actually 'uninstall' php on a php-clean

-Brad
2007-08-19 21:02:46 +00:00
Ulf Samuelsson
1b50c35b01 Add php package 2007-08-07 17:47:03 +00:00