| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Upstream-Status: Backport from https://github.com/php/php-src/commit/789a37f14405e2d1a05a76c9fb4ed2d49d4580d5
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
Upstream-Status: Backport from [https://github.com/php/php-src/commit/80316123f3e9dcce8ac419bd9dd43546e2ccb5ef]
CVE: CVE-2023-3824
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update php from 7.4.28 to 7.4.33
Fixes below CVEs:
CVE-2021-21708
CVE-2022-31626
CVE-2022-31625
CVE-2022-31628
CVE-2022-31629
CVE-2022-31630
CVE-2022-37454
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
CVE: CVE-2021-21703 CVE-2021-21706 CVE-2021-21707 CVE-2021-21708
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
[Didn't apply cleanly, corrected.]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Lots of bug fixes.
CVE: CVE-2021-21704 CVE-2021-21705
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 93045c3db744a9f1cd0a9b0ce992d44d9c44c309)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 69dcf5bac8adfd55f1a40cff1e989ed8806607cb)
[Stable bug fix only updates]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update: License updated (year updated)
Fix some security issues such as CVE-2021-21702 and remove two
cve patches which already included in the new version.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e418ee4657e084c8b4d42aabf76ff6df99253e91)
[Bug fix only updates plus: CVE-2020-7071 ]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit c4ffcaa2[php: split out phpdbg into a separate package],
package php is empty, we might met error:
nothing provides php needed by php-cli-7.4.9-r0.corei7_64
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9be6b4f5a2ec857475626c74457a94b8d9236fd5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Since PHP 7.0 the phpdbg debugger is built by default and gets shipped
in the main php package, increasing its size by several MB; split it
out into a php-phpdbg package, following Debian naming.
Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c4ffcaa2ab3fbdef1ce58c253b32d82a57a3e2a8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security Advisory
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7069
https://bugs.php.net/patch-display.php?bug_id=79601&patch=openssl_aes_ccm_iv_fix&revision=latest
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fa80193468745a11bc12d5845f66412a0d62e0e2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 992e09f09a40e7a8d03c7c4b5adf40f821ed3774)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security Advisory
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7070
https://bugs.php.net/patch-display.php?bug=79699&patch=fix-urldecode&revision=1600650364
https://github.com/php/php-src/blob/master/main/php_variables.c
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit aff8a1fefb9a1a311e5ba14ad69871514270803a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 09f5a2ac5ab8550f5f0bd05417f2f54d27995dac)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Appending ${TMPDIR} to ${D} doesn't make any sense, because both are
absolute paths. And additionally, the code fails:
rmdir: failed to remove '/usr/src/oe/tmp-musl/work/core2-64-oe-linux-musl/php/7.1.9-r0/image//usr': Directory not empty
Signed-off-by: Max Kellermann <max.kellermann@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit f6338892d9c57c51ed48b04f587b468f7718a8ba)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 7.4.9:
- Fixed: Upgrade apache2handler's php_apache_sapi_get_request_time
to return usec
- Fixed: BSTR to PHP string conversion not binary safe
- Fixed: DCOM does not work with Username, Password parameter
- Fixed: serialize() and unserialize() methods can not be called
statically
- Fixed: Segfault in php_str_replace_common
- Fixed: Assertion failure if dumping closure with unresolved
static variable
- Fixed: Assertion failure when assigning property of string
offset by reference
- Fixed: HT iterators not removed if empty array is destroyed
- Fixed: Changing array during undef index RW error segfaults
- Fixed: Use after free if changing array during undef var during
array write fetch
- Fixed: Use after free if string used in undefined index warning
is changed
- Fixed: Public non-static property in child should take priority
over private static
- Fixed: getimagesize function silently truncates after a null
byte
- Fixed: finfo_file crash (FILEINFO_MIME)
- Fixed: ftp_size on large files
- Fixed: mb_strimwidth does not trim string
- Fixed: Use of freed hash key in the phar_parse_zipfile function
- Fixed: ::getStaticProperties() ignores property modifications
- Fixed: ::getStaticPropertyValue() throws on protected props
- Fixed: Use after free when type duplicated into
ReflectionProperty gets resolved
- Fixed: Can't copy() large 'data://' with open_basedir
- Fixed: dns_check_record() always return true on Alpine
- Fixed: array_walk() does not respect property types
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f46931abf073a4c5b02a160a89fe073f1b67632b)
[Bug fix on update. lts version]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The source of the issue is the update for PHP 7.4 support in
0001-opcache-config.m4-enable-opcache.patch (commit 7cc7a9ec). Instead
of working around the issue in the recipe file, update the patch to
restore the call to PHP_ADD_LIBRARY().
Signed-off-by: Claude Bing <cbing@cybernetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3cfd16be4e1b62efe8ac640cecc080709cf2b9f9)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Explicitly specifying -lrt is required for opcache to be linked against
the proper dependencies. Additionally, PHP disables libdl when it
detects a cross-compilation environment for some reason. In order to
load any type of extension, re-enabling libdl is required.
Signed-off-by: Claude Bing <cbing@cybernetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0145cb4645b720efc36e4a034bb9e1077c191e5e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
PHP 7.4 enables libxml by default and removed it as a configurable
option.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7aeef522ff3522ccf76a6750846e235e7c80427a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
--enable-zip and --with-libzip were removed in PHP 7.x.
These are replaced by --with-zip --with-zlib-dir.
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6690afa59e5bb698e752c3346b8470e40f9d9daa)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
License-Update: License updated (year updated)
note: for 7.4, pear is disabled by default,
and it will be deprecated in future.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
| |
* upgrade to 7.3.16
* remove unuseful patches
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2019-11050.patch
Security Advisory
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11045
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11046
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11047
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11050
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Backport the patch <http://git.php.net/?p=php-src.git;a=commit;
h=0f79b1bf301f455967676b5129240140c5c45b09> to solve CVE-2020-7059.
Because of the version context, this porting mainly refers to the
version merging commit <http://git.php.net/?p=php-src.git;a=commit;
h=a8a6242db7c01bb2d87f29e9b8d5ff3f0f847645>
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
This change makes the parsing go though, we still might have build
issues, which will be reported in world builds seprately
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
| |
Patch for issue fixed upstream removed.
Also merge the inc into the recipe.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Patch for php to sync with the fix for the same issue in
libgd.
CVE: CVE-2019-6978
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
The apache2 module's path has been changed from ${libdir} to
${libexecdir} in commit 8d4d608b4e937bb3b8e3b260bd75338c3ff7e8fd. Update
mod_php.conf to adapt it.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
| |
Its not yet supported
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
It redefines apache2's libexecdir. Update php to sync with that change.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Yuan Chao <yuanc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
Add back zlib support. Define zip support but do not enable it.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
Import patch from Debian.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
| |
Lets remove it directly, since October would be a year after
EOL so waiting until then would make it quite stale
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
-Upgrade from php_7.3.6.bb to php_7.3.7.bb.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
with configuration:
IMAGE_INSTALL_append = " apache2 php-fpm-apache2"
systemctl status apache2.service report error:
httpd: Syntax error on line 509 of /etc/apache2/httpd.conf: Syntax error on line 3 of /etc/apache2/conf.d/php-fpm.conf: Cannot load lib/apache
fix by correct the module path
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
The output is reasonable, but not what is expected.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Configuration:
IMAGE_INSTALL_append = " modphp apache2 phpmyadmin xdebug"
PACKAGECONFIG_append_pn-php = " apache2"
Apache2 service start up with error:
[php7:crit] [pid 3943:tid 140477147074880] Apache is running a threaded MPM,
but your PHP Module is not compiled to be threadsafe.
Fix:
after apache2 is upgraded from 2.4.34 to 2.4.39, apache2-native
installs httpd into STAGING_SBINDIR_NATIVE, correct it so that
ZTS feature is open, and php is compiled to be threadsafe.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
With mariadb 10.x it fails to find headers in right location during
builds
https://bugs.php.net/bug.php?id=75612
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update: 7.x version trim trailing whitespace
7.x:
* drop CVE-2017-9120.patch since it cannot resolve the CVE
* use recommand option --with-libzip, bundled libzip is deprecated
* update patches
5.x:
* use recommand option --with-libzip, bundled libzip is deprecated
* update patches
* Fix php 7.x cross build on hosts which have libxml2 installed
libxml2 is not detected properly, it pokes at host and takes the
libraries and header files added to build which links in libraries like
libicu which may not be available in sysroot causing configure failures
like
checking for sqlite3 files in default path... found in TOPDIR/build/tmp/work/aarch64-yoe-linux/php/7.3.2-r0/recipe-sysroot/usr/lib/..
checking for SQLite 3.3.9+... checking for sqlite3_prepare_v2 in -lsqlite3... no
not found
configure: error: Please install SQLite 3.3.9 first or check libsqlite3 is present
the reason is configure test fails to find icu libraries since they were
added based on build host's libxml2.pc
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
1.Upgrade php from 5.6.38 to 5.6.39.
Signed-off-by: Hong Liu <hongl.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A couple have still been missed in the past despite multiple
attempts at doing so (or simply have re-appeared?).
Search & replace made using the following command:
sed -e 's|\(d\.getVar \?\)( \?\([^,()]*\), \?True)|\1(\2)|g' \
-i $(git grep -E 'getVar ?\( ?([^,()]*), ?True\)' \
| cut -d':' -f1 \
| sort -u)
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The autoconf variable `ac_cv_func_dlopen` controls whether `dlopen()`
is available without linking `libdl.so`. But that doesn't work:
tmp-glibc/work/aarch64-oe-linux/php/7.2.10-r0/recipe-sysroot-native/usr/bin/aarch64-oe-linux/../../libexec/aarch64-oe-linux/gcc/aarch64-oe-linux/8.2.0/ld: ext/sqlite3/libsqlite/sqlite3.o: undefined reference to symbol 'dlsym@@GLIBC_2.17'
tmp-glibc/work/aarch64-oe-linux/php/7.2.10-r0/recipe-sysroot-native/usr/bin/aarch64-oe-linux/../../libexec/aarch64-oe-linux/gcc/aarch64-oe-linux/8.2.0/ld: tmp-glibc/work/aarch64-oe-linux/php/7.2.10-r0/recipe-sysroot/lib/libdl.so.2: error adding symbols: DSO missing from command line
Leave `ac_cv_lib_dl_dlopen=yes`, because that's the one which controls
whether `-ldl` is needed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
| |
Removing "sqlite3" from `PACKAGECONFIG` doesn't actually disable
SQLite, because those options default to "yes". It just switches from
the system SQLite to PHP's internal SQLite copy.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Support openssl 1.1.x
2. 5.6.38 ChangeLog (http://php.net/ChangeLog-5.php#5.6.38)
- Fixed bug #76582 (XSS due to the header Transfer-Encoding: chunked).
- Fixed bug #76423 (Int Overflow lead to Heap OverFlow in
exif_thumbnail_extract of exif.c). (CVE-2018-14883)
- Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while
reading exif data). (CVE-2018-14851)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
| |
1. Upgrade 7.2.9 -> 7.2.10
2. php 5.x not support valgrind config, so move it to php_7.x.bb
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
| |
This reverts commit ff33f477c7288c8d619a129fdaf49bb57deb6282.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
configure will look by default for valgrind.h in some host directories.
We override this by setting --with-valgrind even if we do not want it.
The default value of PACKAGECONFIG does not enable valgrind support.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|