Security Enhancements and Fixes in PHP 5.2.11:
* Fixed certificate validation inside php_openssl_apply_verification_policy. (Ryan Sleevi, Ilia)
* Fixed sanity check for the color index in imagecolortransparent(). (Pierre)
* Added missing sanity checks around exif processing. (Ilia)
* Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre)
This is a SECURITY FIX that fixes:
Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files.
Update the suhosin patch to the current one while here.
- include the suhosin extension and suhosin patch by default unless
the no_suhosin flavor is defined
- add all the suhosin configuration options to the sample config
files
fixes many vulnerabilities just as usual. for more information
read http://www.php.net/releases/5_2_3.php
add a no_suhosin pseudo-flavor because horde has some problems
with the suhosin security patchset
Add a hardened flavor for both core and extensions (inspired by niallo@);
Use our own way to install pear because the bundled installer is totally
broken and upstream refuses to fix it.
Add a mysqli subpackage which can be used to access the functionality
provided by MySQL 4.1 and above.
Other minor changes and fixes are also included.
ok sturm@; tested by many
