Package Release Info

php7-7.2.5-4.58.2

Update Info: SUSE-SLE-Module-Packagehub-Subpackages-15-SP1-2020-1661
Available in Package Hub : 15 SP1 Subpackages Updates

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

php7-embed

Change Logs

* Mon May 25 2020 pgajdos@suse.com
- security update
- added patches
  fix CVE-2019-11048 [bsc#1171999], supplying overly long filenames or field names if HTTP file uploads are allowed could lead to exhausting disk space on the server
  + php7-CVE-2019-11048.patch
* Tue Apr 07 2020 pgajdos@suse.com
- security update
- added patches
  fix CVE-2020-7064 [bsc#1168326], read one byte of uninitialized memory via malicious data
  + php7-CVE-2020-7064.patch
  fix CVE-2020-7066 [bsc#1168352], URL truncation if the URL contains zero (\0) character
  + php7-CVE-2020-7066.patch
* Mon Mar 02 2020 pgajdos@suse.com
- security update
- added patches
  fix CVE-2020-7062 [bsc#1165280], null pointer dereference when using file upload functionality under specific circumstances
  + php7-CVE-2020-7062.patch
  fix CVE-2020-7063 [bsc#1165289], creating PHAR archive using PharData:buildFromIterator() function will add files with default permissions
  + php7-CVE-2020-7063.patch
* Wed Feb 05 2020 pgajdos@suse.com
- security update
- added patches
  CVE-2020-7059 [bsc#1162629]
  + php7-CVE-2020-7059.patch
  CVE-2020-7060 [bsc#1162632]
  + php7-CVE-2020-7060.patch
Version: 7.2.5-4.49.1
* Thu Jan 02 2020 pgajdos@suse.com
- security update
- added patches
  CVE-2019-11045 [bsc#1159923]
  + php7-CVE-2019-11045.patch
  CVE-2019-11046 [bsc#1159924]
  + php7-CVE-2019-11046.patch
  CVE-2019-11047 [bsc#1159922]
  + php7-CVE-2019-11047.patch
  CVE-2019-11050 [bsc#1159927]
  + php7-CVE-2019-11050.patch
Version: 7.2.5-4.46.1
* Fri Oct 25 2019 pgajdos@suse.com
- security update
- added patches
  CVE-2019-11043 [bsc#1154999]
  + php7-CVE-2019-11043.patch
Version: 7.2.5-4.43.2
* Fri Oct 04 2019 pgajdos@suse.com
- provide test results via multibuild :test [bsc#1119396]
- added sources
  + _multibuild
Version: 7.2.5-4.40.1
* Thu Sep 26 2019 pgajdos@suse.com
- drop -n from php invocation from pecl [bsc#1151793]
  https://github.com/pear/pear-core/commit/f94454a74785865cec50bf9d64c410efc29b587a
* Thu Sep 26 2019 pgajdos@suse.com
- turn off run of testsuite as we get Kernel panic on s390x
* Thu Aug 22 2019 pgajdos@suse.com
- security update
- added patches
  CVE-2019-11041 [bsc#1146360]
  + php7-CVE-2019-11041.patch
  CVE-2019-11042 [bsc#1145095]
  + php7-CVE-2019-11042.patch
Version: 7.2.5-4.35.3
* Fri Jun 14 2019 pgajdos@suse.com
- security update
- added patches
  CVE-2019-11039 [bsc#1138173]
  + php-CVE-2019-11039.patch
  CVE-2019-11040 [bsc#1138172]
  + php-CVE-2019-11040.patch
Version: 7.2.5-4.32.1
* Mon May 13 2019 pgajdos@suse.com
- security update
- added patches
  CVE-2019-11036 [bsc#1134322]
  + php-CVE-2019-11036.patch
* Mon Apr 29 2019 pgajdos@suse.com
- security update
- added patches
  CVE-2019-11034 [bsc#1132838]
  + php-CVE-2019-11034.patch
  CVE-2019-11035 [bsc#1132837]
  + php-CVE-2019-11035.patch
* Wed Mar 20 2019 pgajdos@suse.com
- security update
- added patches
  CVE-2019-9637 [bsc#1128892]
  + php-CVE-2019-9637.patch
  CVE-2019-9675 [bsc#1128886]
  + php-CVE-2019-9675.patch
  CVE-2019-9638 [bsc#1128889], CVE-2019-9639 [bsc#1128887]
  + php-CVE-2019-9638,9639.patch
  CVE-2019-9640 [bsc#1128883]
  + php-CVE-2019-9640.patch
* Fri Mar 15 2019 pgajdos@suse.com
- upstream bug #41631 is already fixed [bsc#1129032]
- deleted sources
  - README.default_socket_timeout (not needed)
* Mon Mar 11 2019 pgajdos@suse.com
- security update
  * CVE-2019-9024 [bsc#1126821]
    + php-CVE-2019-9024.patch
  * CVE-2019-9020 [bsc#1126711]
    + php-CVE-2019-9020.patch
  * CVE-2018-20783 [bsc#1127122]
    + php-CVE-2018-20783.patch
  * CVE-2019-9021 [bsc#1126713]
    + php-CVE-2019-9021.patch
  * CVE-2019-9022 [bsc#1126827]
    + php-CVE-2019-9022.patch
  * CVE-2019-9023 [bsc#1126823]
    + php-CVE-2019-9023.patch
  * CVE-2019-9641 [bsc#1128722]
    + php-CVE-2019-9641.patch
* Tue Mar 05 2019 pgajdos@suse.com
- asan_build: build ASAN included
- debug_build: build more suitable for debugging
* Wed Dec 19 2018 mpluskal@suse.com
- Enable testsuite during build time and save log to subpackage
   testresults (boo#1119396)
* Mon Dec 10 2018 pgajdos@suse.com
- add security patch of imap extension, which is currently disabled
  * CVE-2018-19935 [bsc#1118832]
    + php-CVE-2018-19935.patch
* Wed Sep 19 2018 pgajdos@suse.com
- security update
  * CVE-2018-17082 [bsc#1108753]
    + php-CVE-2018-17082.patch
* Mon Sep 17 2018 pgajdos@suse.com
- reenable php7-dba support of Berkeley DB [bsc#1108554]
* Tue Aug 28 2018 pgajdos@suse.com
- align patch names:
  php7-CVE-2018-14851.patch -> php-CVE-2018-14851.patch
  php7-CVE-2017-9120.patch -> php-CVE-2017-9120.patch
  php7-CVE-2018-1000222.patch -> php-CVE-2018-1000222.patch
* Mon Aug 27 2018 pgajdos@suse.com
- security update:
  * CVE-2018-1000222 [bsc#1105434]
    + php-CVE-2018-1000222.patch
* Sat Aug 04 2018 pgajdos@suse.com
- security update
  * CVE-2018-14851 [bsc#1103659]
    + php-CVE-2018-14851.patch
  * CVE-2017-9120 [bsc#1103661]
    + php-CVE-2017-9120.patch
* Tue Jun 26 2018 pgajdos@suse.com
- security update
  * CVE-2018-12882 [bsc#1099098]
    + php-CVE-2018-12882.patch
* Tue May 15 2018 pgajdos@suse.com
- main package requires wwwrun:www user [bsc#1093025]
* Thu May 10 2018 pgajdos@suse.com
- better workaround for [bsc#1089487]: build mod_phpN.so
  instead of libphpN.so
* Wed May 09 2018 pgajdos@suse.com
- rename freetype-pkgconfig.patch to php7-freetype-pkgconfig.patch
  to align with the rest of patch names
* Mon May 07 2018 idonmez@suse.com
- Add freetype-pkgconfig.patch to fix build with new Freetype:
  use pkg-config to find Freetype libraries
* Mon Apr 30 2018 pgajdos@suse.com
- updated to 7.2.5: This is a security release which also contains
  several minor bug fixes.
  http://php.net/ChangeLog-7.php#7.2.5
* Thu Apr 19 2018 pgajdos@suse.com
- build-test.sh: generic spec file name