closes a security issue in multipart form handling (buffer overflow)
temporarily disable the freetds flavour, since the m4 patch cannot
seem to be regenerated
- add in similar fopen disable patch for php.ini-optimized
- bump version to php-4.0.6p1 to reflect all the backports
and bugfixes in the last two commits
(checked by heko, naddy)
- work with any LOCALBASE for most flavors (heko)
- turn off url_fopen by default for better security, most people
never use it
- correctly detect the crypt function as part of libc,
not a separate library
- unbreak curl, since 7.9 is now present in our tree
- more informative INSTALL script (naddy, heko)
- update MASTER_SITES to account for some wierdness on php.net
- all the old patches have been merged into the source tree now
- add a minor patch to improve the randomness of php temporary files
Upgrade is recommended. Contains a vast array of bugfixes over
previous PHP4 releases (read the NEWS file)
Changelog:
- Fixed the various pdf_open_*() functions (Daniel)
- Fixed a bug that could cause invalid INI entries to be used under certain
circumstances (Zeev)
- Fixed a bug in the Apache module that could cause invalid INI values to
propogate to different virtual hosts, if one or more of the virtual
hosts was configured with engine=Off (Zeev)
- Fixed possible crash bugs in the session module (Sascha)
- Fixed the ODBC module to build properly with Solid 3.0 and OpenLink (Dan
Kalowsky)
- Fixed possible corruption of line number information in PHP scripts (Zeev,
Zend Engine)
- Fixed a few possible crashes in functions that use user-defined callbacks
(Zeev, Zend Engine)
with OpenSSL 0.9.5a, instead of requiring only OpenSSL 0.9.6
These patches detect the revelant version and use the additional return
values in 0.9.6 only if present.
This also unbreaks the SNMP flavor on 2.8-stable, which requires SSL
support, since our UCD-SNMP daemon has OpenSSL compiled into it
(wierd, but thats how the PHP snmp-config.m4 works)
- Add OpenSSL patches
- Add note crypt.c patch that its now in 4.0.5-dev and can be removed soon
- Add --with-openssl to the standard set of configure options
