mentioned the release on their announcements list maybe we would have
had time to get the full update in but, as it is, we just found out
about it and there are too many changes to test properly at short
notice, so we are just fixing these for now.
CVE-2010-2225: fix SplObjectStorage unserialization, upstream r300843
CVE-2010-0397: null pointer dereference when processing invalid XML-RPC
requests, upstream r296152
ok espie@
to their php.ini file in a SAPI independent way. This way can easily run
more instances of httpd with different php configs.
Idea after a discussion with "L. V. Lammert" <lvl@omnitec.net>
cacti users): add a patch from the upstream repository to fix this.
Thanks Steven Surdock for reporting the problem and testing this diff
(and similar patches sent by William Yodlowsky). While there, remove
a zero-byte patch that crept in before. ok robert@
fixes many vulnerabilities just as usual. for more information
read http://www.php.net/releases/5_2_3.php
add a no_suhosin pseudo-flavor because horde has some problems
with the suhosin security patchset
more than one php binaries within one workdir (idea from FreeBSD)
- move pdo_sqlite support from core to extensions and also add a pdo_mysql
and a pdo_sqlite subpackage
- regen patches while here
- bump PKGNAMEs
Add a hardened flavor for both core and extensions (inspired by niallo@);
Use our own way to install pear because the bundled installer is totally
broken and upstream refuses to fix it.
Add a mysqli subpackage which can be used to access the functionality
provided by MySQL 4.1 and above.
Other minor changes and fixes are also included.
ok sturm@; tested by many
