php5-ncurses-5.2.13-0.1.1>t  DH`pKӸ/=„b)`EzLf:AiKvš ̯w(1ߚS-fL̡lуY aE8F=>`0Kxdg^ Pv? Av{qy;.M>grke$ j*xgܮ"9`G"#/d&V.iJruUHQ=snп͵߯:n c_U`1c>0j10nZFk30ab206f5be5af8b6a0905ecee7ee1dffd1fe424KӸ/=„~Q+3#6q;%"awԝSdYp2%B3,?mYm,1V)Wq,,# .XOJ80^CSpY jb%UٮK0w0O*=MeEgHt}mN"hW8>6!?d  2c |     ",HPt  [ (~8I9I: IFdGxHIXY\]^bc~defklzCphp5-ncurses5.2.130.1.1PHP5 Extension ModuleThis module adds ncurses support (for CLI and GCI versions only). Authors: -------- The PHP Group See http://www.php.net/credits.php for more detailsKaloewe6aopenSUSE 11.1openSUSEOther uncritical OpenSource License; "The PHP License, version 3.1. ..."; The PHP License, version 3.1.http://bugs.opensuse.orgDevelopment/Libraries/PHPhttp://www.php.netlinuxi586Q6KLKQb39df64bf76e4c422830d7d2663a1492998ef07c4960d62996265a4868d315c0rootrootrootrootphp5-5.2.13-0.1.1.src.rpmphp-ncursesncurses.sophp5-ncursesJJ@@@@@@Jphp5rpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.4)libncurses.so.5libpanel.so.5rpmlib(PayloadIsLzma)5.2.134.0-13.0.4-14.4.2-14.4.2.3K]KrJ@IV@Il@Ik0I@I@I@I@H@HH|@H"@H@GOG GZ@G@GsGaG^{G8@@Fֱ@F@FōF @FF;@FF@F@F} @FnF` @F]g@FQFNFHO@FDZF=@Faffected_rows on no connection causes segfault). - Fixed bug php#50680 (strtotime() does not support eighth ordinal number). - Fixed bug php#50661 (DOMDocument::loadXML does not allow UTF-16). - Fixed bug php#50657 (copy() with an empty (zero-byte) HTTP source succeeds but returns false). - Fixed bug php#50636 (MySQLi_Result sets values before calling constructor). - Fixed bug php#50632 (filter_input() does not return default value if the variable does not exist). - Fixed bug php#50576 (XML_OPTION_SKIP_TAGSTART option has no effect). - Fixed bug php#50575 (PDO_PGSQL LOBs are not compatible with PostgreSQL 8.5). - Fixed bug php#50558 (Broken object model when extending tidy). - Fixed bug php#50540 (Crash while running ldap_next_reference test cases). - Fixed bug php#50508 (compile failure: Conflicting HEADER type declarations). - Fixed bug php#50394 (Reference argument converted to value in __call). - Fixed bug php#49851 (http wrapper breaks on 1024 char long headers). - Fixed bug php#49600 (imageTTFText text shifted right). - Fixed bug php#49585 (date_format buffer not long enough for >4 digit years). - Fixed bug php#49463 (setAttributeNS fails setting default namespace). - Fixed bug php#48667 (Implementing Iterator and IteratorAggregate). - Fixed bug php#48590 (SoapClient does not honor max_redirects). - Fixed bug php#48190 (Content-type parameter "boundary" is not case-insensitive in HTTP uploads). - Fixed bug php#47601 (defined() requires class to exist when testing for class constants). - Fixed bug php#47409 (extract() problem with array containing word "this"). - Fixed bug php#47002 (Field truncation when reading from dbase dbs with more then 1024 fields). - Fixed bug php#45599 (strip_tags() truncates rest of string with invalid attribute). - Fixed bug php#44827 (define() allows :: in constant names). - reworked bnc-435595.patch (change grabbed from php 5.3.2) - added php5-CVE-2010-0397.patch to fix CVE-2010-0397 [bnc#588975]- Update to 5.2.12 release - fix CVE-2009-3546 [bnc#547525] - fix CVE-2009-4142 [bnc#565924] - fix CVE-2009-2626,CVE-2009-4017 [bnc#557157] * Security Enhancements and Fixes in PHP 5.2.12: * Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus) * Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus) * Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion, identified by Bogdan Calin. (CVE-2009-4017, Ilia) * Added protection for $_SESSION from interrupt corruption and improved "session.save_path" check, identified by Stefan Esser. (CVE-2009-4143, Stas) * Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com) * Key enhancements in PHP 5.2.12 include: * Fixed unnecessary invocation of setitimer when timeouts have been disabled. (Arvind Srinivasan) * Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre) * Fixed crash in SQLiteDatabase::ArrayQuery() and SQLiteDatabase::SingleQuery() when calling using Reflection. (Felipe) * Fixed crash when instantiating PDORow and PDOStatement through Reflection. (Felipe) * Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe) * Fixed bug #50207 (segmentation fault when concatenating very large strings on 64bit linux). (Ilia) * Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle database). (Felipe) * Fixed bug #50006 (Segfault caused by uksort()). (Felipe) * Fixed bug #50005 (Throwing through Reflection modified Exception object makes segmentation fault). (Felipe) * Fixed bug #49174 (crash when extending PDOStatement and trying to set queryString property). (Felipe) * Fixed bug #49098 (mysqli segfault on error). (Rasmus) * Over 50 other bug fixes. - dropped really-with-libedit.patch- VUL-0: php5: 5.2.11 release [bnc#540242] - Update suhosin patch and extension (older versions will crash) - Require timezone, merged from SLE/factory bugfixes- Update to version 5.2.9, security and bugfix release * VUL-0: php5: memory disclosure by imagerotate() [bnc#480850] * VUL-0: php5: mbstring.func_overload set in .htaccess becomes global [bnc#471419] * Fixed a segfault when malformed string is passed to json_decode() * Fixed explode() behavior with empty string to respect negative limit.- libxml version detection of previous fix will never work. 11.1 version is 2.7.2 not 2.7.3 and presence of XML_PARSE_OLDSAX enumeration value cannot be tested with defined()..- VUL-0: php: buffer overflow in ext/mbstring [BNC#462499] - VUL-0: php5: dir traversal vulnerability in ZipArchive [BNC#464048] - PHP5: ext/xml is broken due to libxml2 2.7.x changes [BNC#457056] * Note that this MUST be submitted AFTER libxml2 update- fix ext/imap buffer overflows, old API used [#BNC402665]- QA Results fixed * array_pad "succeeds" when padding with large negative number [BNC#435595]- QA Results: fix PPC64 regression of gd module [BNC#364518]- update system timezone support patch to r4 * added "System/Localtime" tzname which uses /etc/localtime- Using the ArrayObject class leaks and corrupt memory, causing a really nasty undefined behaviour in userspace code, whatever can happend due to corruption of the symbol table. see http://bugs.php.net/bug.php?id=46222 where martian variables get created as example.- update suhosin to version 0.9.27 * Fixed problem with suhosin.perdir Thanks to Hosteurope for tracking this down * Fixed problems with ext/uploadprogress Reported by: Christian Stocker * Added suhosin.srand.ignore and suhosin.mt_srand.ignore (default: on) * Modified rand()/srand() to use the Mersenne Twister algorithm with separate state * Added better internal seeding of rand() and mt_rand()- do not restart apache after update of mod_php5 [BNC#419508]- Don't try to replace libtool. - Fix alignment violation. - Don't define feature test macros after system headers.- update to PHP 5.2.6 * Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. * Fixed integer overflow in printf() identified by Maksymilian Aciemowicz. * Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh. * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. * Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser. * Fixed two possible crashes inside the posix extension. * Fixed bug #44069 (Huge memory usage with concatenation using . instead of .=) * Fixed bug #44141 (private parent constructor callable through static function). * Fixed bug #43589 (a possible infinite loop in bz2_filter.c). * Fixed bug #43450 (Memory leak on some functions with implicit object __toString() call). * Fixed bug #43201 (Crash on using uninitialized vals and __get/__set). * Fixed bug #42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql). * Fixed bug #42937 (__call() method not invoked when methods are called on parent from child class). * Fixed bug #42736 (xmlrpc_server_call_method() crashes). * Fixed bug #42369 (Implicit conversion to string leaks memory). * Fixed bug #41562 (SimpleXML memory issue). * Fixed bug #43606 (define missing depencies of the exif extension). (crrodriguez at suse dot de) * Fixed bug #43498 (file_exists() on a proftpd server got SIZE not allowed in ASCII mode). (Ilia, crrodriguez at suse dot de) * Over 120 bug fixes.- update suhosin extension to version 0.9.23 - Fixed suhosin extension now compiles with snapshots of PHP 5.3 - Fixed crypt() behaves like normal again when there is no salt supplied - wrong Obsoletes causes upgrade trouble [bnc #355618]- use %%_with_ming and %%_with_qdbm instead of %%opensuse_bs, enables building in the bs in other projects than server:php (bnc#357917)- Try patch recently published by Redhat that allows PHP to use the system timezone database instead of the bundled one.- Do not hard require php5-timezonedb, instead provide a capability php(tzdatabase) = builtin_tz_ver so it gets installed via rpm Supplements only when needed.- PHP is leaking file descriptors badly on relative includes (php-5.2.5-fdleak.patch)- suhosin 0.9.22 - Fixed function_exists() now checks the Suhosin permissions - Fixed crypt() salt no longer uses Blowfish by default - Fixed .htaccess/perdir support - Fixed compilation problem on OS/X - Added protection against some attacks through _SERVER variables - Added suhosin.server.strip and suhosin.server.encode- use /dev/urandom for generating session-IDs [#337005] - L3: PHP: Venezuela Time Zone Update starting date changed to December 9 [#345548]- update to PHP 5.2.5 * Fixed dl() to only accept filenames. reported by Laurent Gaffie. * Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887). * Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences. * Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie. * Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications reported by SecurityReason. * Fixed bug #42869 (automatic session id insertion adds sessions id to non-local forms). * Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()). * Upgraded PCRE to version 7.3 (Nuno) * Added optional parameter $provide_object to debug_backtrace(). (Sebastian) * Added alpha support for imagefilter() IMG_FILTER_COLORIZE. (Pierre) * Added ability to control memory consumption between request using ZEND_MM_COMPACT environment variable. (Dmitry) * Improved speed of array_intersect_key(), array_intersect_assoc(), array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and array_udiff_assoc(). (Dmitry) * Fixed move_uploaded_file() to always set file permissions of resulting file according to UMASK. (Andrew Sitnikov) * Fixed possible crash in ext/soap because of uninitialized value. (Zdash Urf) * Fixed regression in glob() when enforcing safe_mode/open_basedir checks on paths containing '*'. (Ilia) * Fixed PDO crash when driver returns empty LOB stream. (Stas) * Fixed iconv_*() functions to limit argument sizes as workaround to libc bug (CVE-2007-4783, CVE-2007-4840 by Laurent Gaffie). (Christian Hoffmann, Stas) * Fixed missing brackets leading to build warning and error in the log. Win32 code. (Andrey) * Fixed leaks with multiple connects on one mysqli object. (Andrey) * Fixed imagerectangle regression with 1x1 rectangle (libgd #106). (Pierre) * Fixed bug #43196 (array_intersect_assoc() crashes with non-array input). (Jani) * Fixed bug #43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with fetchAll()). (Ilia) * Fixed bug #43137 (rmdir() and rename() do not clear statcache). (Jani) * Fixed bug #43130 (Bound parameters cannot have - in their name). (Ilia) * Fixed bug #43099 (XMLWriter::endElement() does not check # of params). (Ilia) * Fixed bug #43020 (Warning message is missing with shuffle() and more than one argument). (Scott) * Fixed bug #42976 (Crash when constructor for newInstance() or newInstanceArgs() fails) (Ilia) * Fixed bug #42917 (PDO::FETCH_KEY_PAIR doesn't work with setFetchMode). (Ilia) * Fixed bug #42890 (Constant "LIST" defined by mysqlclient and c-client). (Andrey) * Fixed bug #42818 ($foo = clone(array()); leaks memory). (Dmitry) * Fixed bug #42817 (clone() on a non-object does not result in a fatal error). (Ilia) * Fixed bug #42785 (json_encode() formats doubles according to locale rather then following standard syntax). (Ilia) * Fixed bug #42783 (pg_insert() does not accept an empty list for insertion). (Ilia) * Fixed bug #42773 (WSDL error causes HTTP 500 Response). (Dmitry) * Fixed bug #42772 (Storing $this in a static var fails while handling a cast to string). (Dmitry) * Fixed bug #42767 (highlight_string() truncates trailing comment). (Ilia) * Fixed bug #42739 (mkdir() doesn't like a trailing slash when safe_mode is enabled). (Ilia) * Fixed bug #42703 (Exception raised in an iterator::current() causes segfault in FilterIterator) (Marcus) * Fixed bug #42699 (PHP_SELF duplicates path). (Dmitry) * Fixed bug #42654 (RecursiveIteratorIterator modifies only part of leaves) (Marcus) * Fixed bug #42643 (CLI segfaults if using ATTR_PERSISTENT). (Ilia) * Fixed bug #42637 (SoapFault : Only http and https are allowed). (Bill Moran) * Fixed bug #42627 (bz2 extension fails to build with -fno-common). (dolecek at netbsd dot org) * Fixed bug #42596 (session.save_path MODE option does not work). (Ilia) * Fixed bug #42590 (Make the engine recognize \v and \f escape sequences). (Ilia) * Fixed bug #42587 (behavior change regarding symlinked .php files). (Dmitry) * Fixed bug #42579 (apache_reset_timeout() does not exist). (Jani) * Fixed bug #42549 (ext/mysql failed to compile with libmysql 3.23). (Scott) * Fixed bug #42523 (PHP_SELF duplicates path). (Dmitry) * Fixed bug #42512 (ip2long('255.255.255.255') should return 4294967295 on 64-bit PHP). (Derick) * Fixed bug #42506 (php_pgsql_convert() timezone parse bug) (nonunnet at gmail dot com, Ilia) * Fixed bug #42462 (Segmentation when trying to set an attribute in a DOMElement). (Rob) * Fixed bug #42453 (CGI SAPI does not shut down cleanly with -i/-m/-v cmdline options). (Dmitry) * Fixed bug #42452 (PDO classes do not expose Reflection API information). (Hannes) * Fixed bug #42468 (Write lock on file_get_contents fails when using a compression stream). (Ilia) * Fixed bug #42488 (SoapServer reports an encoding error and the error itself breaks). (Dmitry) * Fixed bug #42378 (mysqli_stmt_bind_result memory exhaustion). (Andrey) * Fixed bug #42359 (xsd:list type not parsed). (Dmitry) * Fixed bug #42326 (SoapServer crash). (Dmitry) * Fixed bug #42214 (SoapServer sends clients internal PHP errors). (Dmitry) * Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime values). (Ilia) * Fixed bug #42139 (XMLReader option constants are broken using XML()). (Rob) * Fixed bug #42086 (SoapServer return Procedure '' not present for WSIBasic compliant wsdl). (Dmitry) * Fixed bug #41822 (Relative includes broken when getcwd() fails). (Ab5602, Jani) * Fixed bug #39651 (proc_open() append mode doesn't work on windows). (Nuno)- update to PHP 5.2.4, no relevant changes since RC3.- PHP 5.2.4RC3 - Fixed version_compare() to support "rc" as well as "RC" for release candidate version numbers. - Fixed bug #42368 (Incorrect error message displayed by pg_escape_string). (Ilia) - Fixed phpbug #42365 and Novell bugzilla #292998 (glob() crashes and/or accepts way too many flags). (Jani) - Fixed bug #42183 (classmap causes crash in non-wsdl mode). (Dmitry) - Fixed bug #42009 (is_a() and is_subclass_of() should NOT call autoload, in the same way as "instanceof" operator). (Dmitry) - Fixed bug #41904 (proc_open(): empty env array should cause empty environment to be passed to process). (Jani) - Fixed bug #37273 (Symlinks and mod_files session handler allow open_basedir bypass). (Ilia) - remove wrong hardcoded requirement on libedit - devel package at least does not need libtool the php build enviroment uses a private copy. - drop no longer needed patches already in upstream- updated to version 5.2.4RC2 - Fixed oci8 and PDO_OCI extensions to allow configuring with Oracle 11g client libraries. (Chris Jones) - Fixed bug #42292 ($PHP_CONFIG not set for phpized builds). (Jani) - Fixed bug #42261 (header wrong for date field). (roberto at spadim dot com dot br, Ilia) - Fixed bug #42259 (SimpleXMLIterator loses ancestry). (Rob) - Fixed bug #42247 (ldap_parse_result() not defined under win32). (Jani) - Fixed bug #42243 (copy() does not output an error when the first arg is a dir). (Ilia) - Fixed bug #42242 (sybase_connect() crashes). (Ilia) - Fixed bug #42237 (stream_copy_to_stream returns invalid values for mmaped streams). (andrew dot minerd at sellingsource dot com, Ilia) - Fixed bug #42222 (possible buffer overflow in php_openssl_make_REQ). (Pierre) - Fixed bug #42211 (property_exists() fails to find protected properties from a parent class). (Dmitry) - Fixed bug #42208 (substr_replace() crashes when the same array is passed more than once). (crrodriguez at suse dot de, Ilia) - Fixed bug #42198 (SCRIPT_NAME and PHP_SELF truncated when inside a userdir and using PATH_INFO). (Dmitry) - Fixed bug #42195 (C++ compiler required always). (Jani) - Fixed bug #42117 (bzip2.compress loses data in internal buffer). (Philip, Ilia) - Fixed bug #42082 (NodeList length zero should be empty). (Hannes) - Fixed bug #36492 (Userfilters can leak buckets). (Sara) - Fixed bug #31892 (PHP_SELF incorrect without cgi.fix_pathinfo, but turning on screws up PATH_INFO). (Dmitry)- updated to version 5.2.4RC1 - dropped obsoleted PHP_5_2-CVS-2007-07-30.patch.bz2- updated to latest state of PHP_5_2 branch; highlights from the NEWS file: - Upgraded PCRE to version 7.2 (Nuno) - Updated timezone database to version 2007.6. (Derick) - Improved openssl_x509_parse() to return extensions in readable form. (Dmitry) - Changed "display_errors" php.ini option to accept "stderr" as value which makes the error messages to be outputted to STDERR instead of STDOUT with CGI and CLI SAPIs (FR #22839). (Jani) - Changed error handler to send HTTP 500 instead of blank page on PHP errors. (Dmitry, Andrei Nigmatulin) - Added check for unknown options passed to configure. (Jani) - Added persistent connection status checker to pdo_pgsql. (Elvis Pranskevichus, Ilia) - Added support for ATTR_TIMEOUT inside pdo_pgsql driver. (Ilia) - Added php_ini_loaded_file() function which returns the path to the actual php.ini in use. (Jani) - Added GD version constants GD_MAJOR_VERSION, GD_MINOR_VERSION GD_RELEASE_VERSION, GD_EXTRA_VERSION and GD_VERSION_STRING. (Pierre) - Added missing open_basedir checks to CGI. (anight at eyelinkmedia dot com, Tony) - Added missing format validator to unpack() function. (Ilia) - Added missing error check inside bcpowmod(). (Ilia) - Added CURLOPT_PRIVATE & CURLINFO_PRIVATE constants. (Andrey A. Belashkov, Tony) - Added missing MSG_EOR and MSG_EOF constants to sockets extension. (Jani) - Added PCRE_VERSION constant. (Tony) - Added ReflectionExtension::info() function to print the phpinfo() block for an extension. (Johannes) - Implemented FR #41884 (ReflectionClass::getDefaultProperties() does not handle static attributes). (Tony) - plus lots of bugfixes - fixed the pear phar archive to run with 5.2.4 [http://bugs.php.net/bug.php?id=42146]- added /var/lib/pear to php5-pear.rpm- fix nasty deadlock in pear - update php5-ze2-fixes.patch and actually apply it.- fixed YOU honors Recommends, breaks php update [#291551] (moved php-suhosin from Recommends to Suggests)- provide /srv/www/cgi-bin/php5 compat symlink instead of patching config files- fixed a mess with update-alternatives PreReq uncovered by newer build versions. actually every subpackage that uses update-alternatives should PreReq it. - fix some ZE2 bugs.- drop php5.xpm and the Icon: line from the specfile (the icon is not used at all and it breaks rpm -q --specfile php5.spec)- PHP version 5.2.3 see http://www.php.net/releases/5_2_3.php - important: PHP-cgi now lives in /usr, package attempts to fix both lighttpd and apache2 fastcgi config files.- use system re2c in factory. - enable support for qbdm in the dba extension (build service only) - enable the ming extension (build service only)- fixed the dba extension adding -ldb-4.x to global LDFLAGS, causing unnecessary dependency in /usr/bin/php5 [http://bugs.php.net/bug.php?id=41455]- updated suhosin to version 0.9.20, security fix + bugfixes see http://www.hardened-php.net/suhosin/changelog.html for more detail.- fix devel package, in the reality PHP does not currenly require expat. headers provides a expat compatibility layer but it is no longer in use by our packages as libxml2 is always prefered, (and HAVE_LIBEXPAT is not defined)- update php5-test-fixes fixing another bug in zend_compile.c - use rpm macros in the spec file - when removing apache2-mod_php5, unload it from apache first. - when updating apache2-mod_php5 restart apache with restart on update macro.- HTTP_RAW_POST_DATA superglobal broken (php5-phpbug-41293.patch) - better fix for MOPB 41.- remove --enable-memory-limit configure flag, it disappeared in 5.2.1, nowdays memory_limit is always enabled.- changed expat to libexpat-devel in Requires of devel subpackage- add php5-test-fixes.patch fixing a test case that wont pass on i586 as well a real fix for Zend/tests/bug41117_1.phpt problem, that was commited after the release was done. there is another test case that fails in 10.2 ext/pcre/tests/bug40195.phpt but this is not a PHP problem but a bug in PCRE. - added missing fix for PMOPB-45-2007 PHP ext/filter Email Validation Vulnerability (minor)- php5-devel package now requires pcre-devel for > 10.1 as 5.2.2 installs php_pcre.h header that needs it.- fixed some new compiler warnings- upgrade to PHP 5.2.2, fixed hundreds of bugs including MOPB ones if you need the complete changes see http://www.php.net/ChangeLog-5.php#5.2.2- Upgrade suhosin extension to version 0.9.19 see http://www.hardened-php.net/suhosin/changelog.html for details- added bison to BuildRequires, removed update-desktop-files- fixed unpack() on big-endian 64bit (revert-phpbug38770.patch) - blacklist more env variables when safe_mode is on (php5-config.patch)- fix Requires of -devel package to include only what is really needed for operation of the pecl tool as well the neccesary headers to compile php extensions. - Fix MOPB 24 "PHP array_user_key_compare() Double DTOR Vulnerability" - note that fix for MOPB 23 was included in the previous patchset.- add security fixes for MOPB 20, 21 and 22. - RPM_BUILD_ROOT is never defined in %post.- fix/workaround for php5-gd problem with typo3 [#236680] - add fix for MOPB-14-2007 PHP substr_compare() Information Leak Vulnerability. - add secfix for import_request_variables() ancient problem, users of suhosin extension are not affected. - Run the test suite here- Update suhosin extension to version 0.9.18 fixing a session problem.- Update suhosin extension to version 0.9.17. see http://www.hardened-php.net/suhosin/changelog.html for details.- add t1lib support in php5-gd (10.3 and up only) - an off-by-one in str_replace may cause a crash.- PHP 5.2.1. for a full list of changes see http://www.php.net/ChangeLog-5.php#5.2.1 - add Obsoletes for extensions we dont ship anymore- fix getenv() modifing $_POST, breaks suhosin badly when register_* is On and variables orde is "GPCS" (default). - change/remove obsoleted patches- synced with BuildService * file "session_mm_apache2handler0.sem" written at boot [#229200] (php5-config.patch) * for certain functionality php5-exif requires php5-mbstring * php5-ldap requires php5-openssl * remove LDAP_DEPRECATED from CFLAGS, module already takes care of this. * patch potential HTTP_SESSION_VARS et all hijack when register_globals is On users from suhosin extension are not affected.(php5-session-rgon-hijack.patch) * on 10.2 and up php5-devel should require pcre-devel sqlite-devel sqlite2-devel * php5-devel is mostly useless without autoconf automake libtool bison make gcc. * added patches: phpbug-39350.patch oldhat-phpinputdata-secfix.patch ze2-fixes.patch filter.patch ext-lib64again.patch- fixed string comparison in xmlrpc module (strcmp.patch) - allways apply %%patch9- updated the curl module from cvs to fix build with curl-7.16 (curl-cvs-fix.patch, dropped gcc.patch)- fixed VUL-0: php session.save_path open_basedir bypass [#227569] (save_path-secfix.patch)- synced with BuildService * updated Suhosin patch to 0.9.6.2 * updated Suhosin extension to 0.9.16 * fixed php5-devel should provide PECL tool [#204006] * use bundled sqlite in suse versions =< 10.1 (pdo_sqlite stopped working properly with older sqlite3 libs) * do not use zend-multibyte anymore, please refer to phpbug #36711 and associated links, no applications uses this feature in the real world since it is disabled in all other distributions/OS.seems to cause more problems than solutions. * change php.ini, back to short_open_tag =off (the default) the package that depended on this setting no longer does. Also explicitely set the upload_tmp_dir in php.ini to deal with open_basedir recent changes (please refer to phpbug #39123) for the details. * suhosin.ini uses just the default recommended settings- created symlinks /usr/bin/php and /usr/bin/pear [#216166]- fixed implicit function decls in suhosin patch (keep the original patch intact and put fixes into separate patch)- updated to 5.2.0 final - merged changes from buildservice (by soporte@onfocus.cl): - updated suhosin to 0.9.10 - added suhosin patch - build with system PCRE if suse_release > 10.1 only [#215610] - suhosin extension does not require PDO - suhosin added to the reccommended list - php5-pspell to require at least aspell-en otherwise is useless [#217272]- php5-sqlite now uses our sqlite and sqlite2 packages to build and not bundled ones [#201440] - updated suhosin to 0.9.9- update to 5.2.0RC6- reset right path in extension_dir (php5-php-config.patch)- update to version 5.2.0RC5 - added suhosin extension (the hardened php replacement) [#210886]- update to version 5.2.0RC4 * added DSA key generation support to openssl_pkey_new() * updated PCRE to version 6.7 * increased default memory limit to 16 megabytes to accommodate for a more accurate memory utilization measurement * added support for httpOnly flag for session extension and cookie setting functions * added version specific registry keys to allow different configurations for different php version * added "PHPINIDir" Apache directive to apache and apache_hooks SAPIs * added an optional boolean parameter to memory_get_usage() and memory_get_peak_usage() to get memory size allocated by emalloc() or real size of memory allocated from system * moved extensions to PECL (filepro and hwapi) * improved SNMP, OpenSSL extension * improved the Zend memory manager, FastCGI SAPI, CURL, PCRE, PDO, SPL, xmlReader - merged changes from openSUSE build service * build without --enable-sigchild [#206533, php#28294, php#38342] * build CLI with libedit support (really-with-libedit.patch) * tweaked the default config a bit, to make it more secure * removed ini entries related to extensions we don't ship * t1lib is not currently needed for build, we need t1lib5 to do something useful * removeed --enable-ucd-snmp-hack (needed for ucd-snmp, but we use net-snmp) * pdo_odbc provided by php-odbc * php-suse-addons : o PHP5 is unlikely to parse php3 code, remove the file association o corrected apache directive is AddHandler not AddType * dropped extensions: o mysql, mysqli and pdo_mysql provided by php-mysql (reduce package count) o php-pdo_sqlite provided by php-sqlite o php-pdo_pgsql provided by php-pgsql o filepro dropped by upstream * new extension: o filter (kept static and cannot be unloaded, due security reasons) o json (added as Recommended) o zip (it uses a bundled library) - fixed gcc issues (gcc.patch) - droped obsoleted patches: include_path.patch, bug-37720.patch, bug-37306.patch, cgi_bugs.patch, bug-37587.patch, gd-fixes.patch, bug-37416.patch, main_bugs.patch, soap.patch, standard.patch, mbstring_bugs.patch, ze2_bugs.patch, xsl_bugs.patch, curl.patch- fixed build with X11R7- updated to version 5.1.4 * FastCGI interface was completely reimplemented * multitude of improvements to the SPL, SimpleXML, GD, CURL and Reflection extensions * support for many additional date formats added to the strtotime() * a performance improvements added to the engine and core extensions * added imap_savebody() that allows message body to be written to a file * added lchown() and lchgrp() to change user/group ownership of symlinks * upgraded bundled PCRE library to version 6.6 - merged changes from openSUSE build service * removed unneeded sablot-devel,sqlite-devel,pcre-devel,fam-devel and libmcal from BuildRequires * added php-ctype,php-dom,php-iconv,php-pdo,php-pdo_sqlite,php-sqlite, php-tokenizer,php-xmlreader,php-xmlwriter to Recommends * added php-mbstring php-gd php-pear php-gettext php-mysqli to Suggests * added support for optional readline(libedit) for CLI (disabled by default) * patches for zendengine (ze2_bugs.patch), xsl (xsl_bugs.patch), curl (curl.patch) and mbstring bugs (mbstring_bugs.patch), big soap patch (soap.patch) * removed obsoleted patches * fixed Safe Mode Bypass [#188243] (standard.patch) * upstream patches [php#37306, php#37416, php#37587, php#37720] [php#37576, php#37496, php#37341, php#37313, php#37256] (cgi_bugs.patch) [php#37346, php#37360] (gd-fixes.patch) * fixed build inconsistences, added php-hash module [#173023] * added pdo_odbc.so to php-odbc module [#190614] * build without explicit safe_mode and magic_quotes (unneeded) * removed useless GD --with-ttf configure option, only suitable for freetype 1loewe 1273221729  ^U5.2.13-0.1.1ncurses.inincurses.so/etc/php5/conf.d//usr/lib/php5/extensions/-march=i586 -mtune=i686 -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -gobs://build.suse.de/SUSE:openSUSE:11.1:Update:Test/standard/55c864426d8e50a1d24d9a7e12142be5-php5cpiolzma2i586i586-suse-linux ˄cD+?] b2o/6nt9۾F1m/n#To OβWۍjە,a cC[taQ&GJy@5O<𢢬luĺ|ZfmLwP|ߴe2g:qOosY#{^O}̩0*1"n"dHZ.RLԞjy6cy}K)P2Cm*ޡvuh~}afKFpce:@&s=|~9PnG0tr; ;L_8 g'u7R>_gʅ>q#pCa oZ4ovb\'f4|GiʋbfP)ދ+U+I= 5%!\cr w`47 >ALjcJ}%jm?x>fo؊<+9X$U~T6,ѡmyYxVټ #ݚDx[W/5δt`_ wZN ~-$3S"ع>W=m'D$vjvA~<03z~Si"jM܆5e+^]Yxs=|U&6M./XG/s8Ayj"Fe`8w}z(pvI*d @y5ӽ!ly1L9FBpdeCEдg6S9k~ 6ѯtH,9{/"˕Y'TN;N,֞xq{oTahďf6w|+N"k"ڮ 1Po%~G݀ 9Ϋ@ٽe3hQ/){ ֗2u&Z i l @ݧ$H a+FN-](X.`C+5OJ7f5px4u 2ǧj8}upX+O\/Ԏ4ly,OpRAeLRP &aش޼ 1Epih T .ܧ7֡bZK4%iN[we# UPR:OoPa(w4{B33^ÖNss.>>XtlD`-L shxDc5`!4q$=]ܦ(%-0Љ.">Z@qu5%H4h|~ɕe&C 6 gaRc>2 G:Y:u4fX.j6&]7QSe[7d3 Lk`tpeZqq|K;qoG֋IPkYwH9$ۯZH gF!i$\ʎ C?([eL|dp+yS:}ʭ9i(C4У7PMsO*!:T{_ۺGR S @ 1J੍ DW]&Z%$ڇґb1ަϷ|sjt=1{t p}cdu2埒\uaZ{:GD}J4ThsIC*B{'_dPl!gyK o& ^x!H@ftه n~dM(=36C^qB!Z>|Ye؁"Df 4J]܃@E-I28 RRlL-#l#Bmg;9A42.If2ELO|!ɹT#(:oOTy.O=`oHHTJ{.se2L[4.b @E<\_7K\Q;.o$MTI2c؄;`30nW3sT isDCwޛ7D ."3؍sGX?twG6]gD|`x)~9=H1FJv\Qg9J{X-EЭPXS?HF~T`xbKQ.E@9 =iZ9S`e:q$ld¶n~iNQm7fxUnz ψ%s-\<Í~%5W9DL MNR3p! DrkBX9{q,'2k"W:MN2D%I\1;Pd}5jmy,kfȊfI6!t2_:N]O$g%E%)?BZ8zYu">QɨN W,dhc朶Ut|WB:ZH@1{փ;cY0aB&\3h[DBcW)^``q+Uh_-tg.q( 7` d\{y Bu|VZZ4%v+l PòjA{?a䭟(lRrwqDoUλ~|Q[XF&Aࡇ*/PD`_ 9jη|sLNRu9q"+)8܆T Z&KqX[jNRkM-BS޿^ЉO #f!ԟJ]Hz&E3μCI3é>fv \YuD\عA@qג&H1dzgX08\5ܗR )=g}pd?7JvMjY#>DN" m|7 !p]1386"r%Yb|6*6tFgE~|a!inJBK*4Gxv^_6ֹde>hAY=Ě+Ogt&/*sRIO&90F:ӛՐ[l_qIۛpB L YO ȯ #[i1AVճJmS{`E앭blG3G($Z֛fB|,r$믋'7=_%J'/ɻ֜% ~ I( BA>4 Jh;J2 <^wcn“O6ā@2TDxlZSlTpC]("-^_Q_ILqSqd>b%gY|ɶ|dl9b$_7%_M0Wbgq?.!fsࢄΌ/p>6ۊk`~֕W81.򛀺TƸ@nojM or01:4%tiZ-aHIX,}ZK?9ŔU"Xb}~{JV /jI0H?4?t-xP8pw[ϓ-@Q4~&wsE?H4e*HNeck_?HSa; 4k h#j7owL^&m>(=f WU VMqsZKoû.b']ΚNvnvaȂIaPsV%p:#o~G!l0֏My-[wy: IH\q 0M!"\cPsO*#ۭ[?&a( Ab=A[϶oM0 od_;(e@u6ipy~ArX٬3 7$ 7\@Hb6gST}PgYn(%w/M*^kh96krѓل%eg`NlSg]ǻ̢@y&aӋFg+l}b޲Gv]TBQ"ف ?1`=C36)pߘ$S(~+y},gqoFr<W˒8D h-Q.2zdX4߷[j,s12Nb$ڢUk}Z˩c\ÅA } R0U$8c(l=~ %!DBδrV+Ef A_vj8QJj ^J~?d.oW}c[T"m-7'I| 1SpS Vnblz\a䮿bTjgىLw[x@ϫ؛5d#{|,uTe d=M7Y!cJQ+ Gu/\(:h3$51Š]xhϻ+E~-ne4TRj5AhnM 8FzHDVʮlAF`쌙.6WdåPuA8"#IݤU Z\ϵk"Č|w֬[He2F&Jai'%9oqi(-zCC{5z \o9R 0&a 7YWry@3H4JE%qzAZ/…uKݜ,JtxKr+ҧ̙GZ!' `"&LQ͝*O|'d$1*`#SnWܗǨ\D?9^G4J%f[ܖEU~RHB# ӨT8PcâG` u^ ]H6Z<\ͱrǝh9N31&'WxE>)q6cêq_Д?Y-nzwDN3Z@e`+!LBlmu$Lv xRR[  ΕU /EK !8dT# Nv925~u Bt)Qg|9 tߗ$Ə.?iI܈hǩlh-رz.H=u >;j%f %|=~CgfAEf& Tneza~Fvu:C\O{*bW 5j\o0jY$| w`F|1s }*v6nς>"PH2Gު^0zA4hQ;+-!դ)GSpޤ0ëXds$?~qN.&OF-O* aY5]5I E+[dH=Q4ōH-9hnF*M1"ym+C>zMZVNXb", V@09!Ĺic]aC:;v.le4+OJYHgX&nu~V9Dtvaku6l. -[z{'$(?f-U !6X."Дʗbsh\7[㐩wA`}#ȇ9gI6F,ה+Xb/i%?9V2KE}ؖoQ\%g8A@Z̅((- Ck+zy#x%`tn5јl_fEj̫ abhӼXOK^2_1"wy=WkdΛˆXŪO<5T 6Q'Mr ?;Z$tѵb59gPSrjk|:૊`CF)%~#mok/6i}3>њBמ5L;$ 85m95U㴁d߇{Z4#:<[:(D @Lf /(sM#ՎL&MW  >]k9^{29O.xFslYA@JGc݂0E8>7K"C|]p :KAt+Qmjh=V^4u9 in$2ʒ)UAKY6}>lN68M`ِ/ JNքKJ|Z ~,)Tה)9fH6aJ")Y Zgy ek^=IPʆo^d-mZ7t3Z|,ML 3`_fp3L߫uF٬ozLj? ~ʮ^, AŰuf=z5t_%P̭_ʾsk ^zm1N"ρ0LfbFg-*:hSD2aKN+քm9dUU#-M/A,.S_,$N -.V>7׳! /qokU0D>tU `UG|"E([mrVu/?{捨(`5BhH>j]ZgJ000rմJyA`Mȫ`~ҦYC+lcIEKad>O*ZvHnim<N[D̶3-(>Kӗ&~ e9v I 3ݎ5}q9z}0^,7G0S{adeUhb9HBWM6yԻgn.XZG󒁈$QnT|uu3wߴm/R͐RF\KM)>O f6X]zBy{?.jDY+/;9Az U &nQB%TJ0 ?TZ Lp )X/&6hGPG\pV]<ȵΑ.ò 3T,+qm^USUe?4Xh]_K9s>(^lGɌWgk!˜Bu*ڥ ]RÏ<Lcxs,}q iswƙՇbEdAUlG[A0gJk'f@'5Y 6/7̼b?y,\sO#I Vb2Bۿ[09J\ B+"$N(3R:=[i) //} ebNd fCow@߰~H JFAd/^ҥo5|[37,|]uF2xi>UߝJ{ nY-i5H Nt\އW 2 |XPMs%!0 &L1ߣʜp80w}AJ?D}uHV4x˵ͪV mg󂻒]C$9{W(;5<j&ơW(=jjFy N_tO 0b ŧ!*ReJUʡ')] 5 05S\߄aP"k zS[Bݫ`+Mq[K(V/.L?W ,pl,Pn>hpWGW1-0o@ӹ}.v 7c.61n~Pdvg6^WIp9"5|`Bz@np *SDS<$^!cg& hLJ>!m$`Cy8|k~t֏!g .d]Rۍ1#6 Fփ*3"r;SX7I1m!Z`7)kC xPjIF?(_L4ෟiB.2>3s1#gOM#ഔE0^4=mFTtܰ+1GCru:s+_-b.FD4`Ѵ*))Ow 8g""*\G*= qkyk{p\ESQoP,|LS-uyJE[|AK֤2ínLTb\<b>z'%\ νvG)CB}c 28h5o cdB-H4}n ˋ2k3WG|0s( )>%08\s)6^WBȦ>prDҨKQ+)Y\@\^њ8y}- (Rl>oM-^- 9މUÑiT*d'=HN>) k`2ՠ4g3l%0L{p"g&փH3X- եe4Aņ}IIUJ:2d@ƳKq6 ̆6RñSixRifK›R!9u>℧Qt $$.BX'ZSࢵ%( lz~ޛan'P9q>V+T'n-3#ʍq*;|JdPWDOvhﯣ##ǟTɝ+б]Ȋ[{W'l~msӘoh)Pb5pZT$>Rim =}b#(\e6Wy_krI]AbVZ9`\|ݘ٩o'Ƣ4Cgq-o7ct,ZVDalLg"?q~cҨW ׈gז]F-@62toц+AU9g״5#GA  j| Tg7r 3h7 rJI8)E>9cslC/t61(O3{Ufgyu$e+<8fȡ^g-37Ϩ$Ea?ܚej7> d삫U`-EEm?XMdk]&txUsI0WTJ莋#r,[2$d-5B /XkwjJ>#{m&U'A1w{2uh1eHg̣MMl7V{aD#3Xx9(LU]=+j! *tWDw$ :ǞMa|ϊG0َ?wkm}WUv/#eoXoLpY+D8a߶iYXw]3?醟WB tAfɃ\3C<%/+4N;VHL>URFYqyC&%`35%b2T8DsP*h3rz0i Һ9Kp^| k W?ĥ8#u;~&k@~A HR%MJ뙁2 7&)ա;}o;~z\c~d2C@z_PnB}jlh`KyzV.og%ٌ-XMe N9YnwhJrz QwNYDבv]-zx1.'mw)'>9bfeDM^=m Ȗ"`ݿgN#b7b)' G&c+Mw&.߲*ک;At18Xu{rCuivgp845-6$9,`5j;3.5tC?%v\8whlyc`Ernu*!S83s?IiPoZfO-г g2EUd8LT<SdG-lKC3 r)ME}Kҿ\TJƻx`DM}zyXlLbn AouF=POeikK7F:9l?xu5S:X`XOPGmZ \' #?!:Emp+m%ȩQt ~. )\D& BTBκZulq>=_ ]_DAq ""$wP'AS&.kjM#Ar7nN9Y!vg^^ĹヸU7ib>@-S; շP3cPFo+ Q+GJt-jǕĽIG"k t@mŚ \!s궐;2ciÉ721:eBVkǨ VtlWSd- z0@qZVfxowQËPi ƶ5၌|2DWTOuº88@[b".iH1ifD>$e,sy7\wm&4Sub 8r`pR)hE9(oarXޏ%G.cGu: 1ө(GX_ٳxyoT%cy)eFD'bTdY8mJ\M_Yxk`S`tۺa5Q͖B;e#ayD;o}\vV+͇-S_*Gq_u ^2K TSƲ vi=>':0cgBw6Ԣ𚑬/vx|P릜Q Ҟ{[j-.@ze3`NKXb=EMnQ}1{!{ % JYT"kiqg{p\1ȷ4,ox2 j&ҭǬh*N ;@"{ڛ44Ce'VT(2)ip4̇\*'D1)vlΩ^9CE|\%) .c$߉[I7뿭--Pnt/:Fi3.uf q^Ivzc%D zHnnf9rSzC9?nlyaX\>=DX2G~L)]2q<0kTg!]HvWtG:ڤod} H09V %_u @T=_pn0",fPwL=X~Յ1D3GGXep=PwYKTֶxU_Qq "Tn],xY3TJ ,T\2[vj8eT7N)I` (P)m5QMŮq(Rk8]`aśc|ߕ tN 6C+vo_7sν]Lz_o#S#