From 9589ebc7ed0ab0b14bcaa403d3896f755d75799c Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Wed, 20 Mar 2019 09:11:38 +0100 Subject: v7.2.17RC1 --- failed.txt | 13 ++++++++----- php-openssl111.patch | 29 ----------------------------- php.ini | 28 ++++++++++++++++++++++++---- php72.spec | 11 ++++++----- 4 files changed, 38 insertions(+), 43 deletions(-) delete mode 100644 php-openssl111.patch diff --git a/failed.txt b/failed.txt index 5503a8f..419f898 100644 --- a/failed.txt +++ b/failed.txt @@ -1,19 +1,22 @@ -===== 7.2.16 (2019-03-07) +===== 7.2.17RC1 (2019-03-21) $ grep -r 'Tests failed' /var/lib/mock/{fc,el}*/build.log -/var/lib/mock/el6i/build.log:Tests failed : 0 +/var/lib/mock/el6i/build.log:Tests failed : 2 /var/lib/mock/el6x/build.log:Tests failed : 0 /var/lib/mock/el7x/build.log:Tests failed : 0 /var/lib/mock/el8x73/build.logTests failed : 16 -/var/lib/mock/fc27i/build.log:Tests failed : 0 +/var/lib/mock/fc27i/build.log:Tests failed : 2 /var/lib/mock/fc27x/build.log:Tests failed : 0 -/var/lib/mock/fc28i/build.log:Tests failed : 0 +/var/lib/mock/fc28i/build.log:Tests failed : 2 /var/lib/mock/fc28x/build.log:Tests failed : 0 -/var/lib/mock/fc29i/build.log:Tests failed : 1 +/var/lib/mock/fc29i/build.log:Tests failed : 3 /var/lib/mock/fc29x/build.log:Tests failed : 1 +el6i, fc27i, fc28i, fc29i + 2 Test var_export() function with locale [ext/standard/tests/general_functions/var_export-locale.phpt] + 2 Test var_export() function with integer values [ext/standard/tests/general_functions/var_export_basic1.phpt] fc29i, fc29x: 5 TLS server rate-limits client-initiated renegotiation [ext/openssl/tests/stream_server_reneg_limit.phpt] el8x: diff --git a/php-openssl111.patch b/php-openssl111.patch deleted file mode 100644 index ea43711..0000000 --- a/php-openssl111.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 19a44ffb7be91344550fa700830b8e62a73031ba Mon Sep 17 00:00:00 2001 -From: Anatol Belski -Date: Thu, 28 Feb 2019 12:48:47 +0100 -Subject: [PATCH] Sync with behavior change in OpenSSL 1.1.1b - -A behavior change in revealed by some openssl_decrypt() based test, -where an encrypt API is used with a decrypt context. The EVP_Cipher* -functions will automatically choose the right operation depending on the -context passed. ---- - ext/openssl/openssl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c -index 871a30c..7df5072 100644 ---- a/ext/openssl/openssl.c -+++ b/ext/openssl/openssl.c -@@ -6494,7 +6494,7 @@ static int php_openssl_cipher_update(const EVP_CIPHER *cipher_type, - { - int i = 0; - -- if (mode->is_single_run_aead && !EVP_EncryptUpdate(cipher_ctx, NULL, &i, NULL, (int)data_len)) { -+ if (mode->is_single_run_aead && !EVP_CipherUpdate(cipher_ctx, NULL, &i, NULL, (int)data_len)) { - php_openssl_store_errors(); - php_error_docref(NULL, E_WARNING, "Setting of data length failed"); - return FAILURE; --- -2.1.4 - diff --git a/php.ini b/php.ini index ecc660c..3add9fa 100644 --- a/php.ini +++ b/php.ini @@ -305,6 +305,7 @@ serialize_precision = -1 ; open_basedir, if set, limits all file operations to the defined directory ; and below. This directive makes most sense if used in a per-directory ; or per-virtualhost web server configuration file. +; Note: disables the realpath cache ; http://php.net/open-basedir ;open_basedir = @@ -337,6 +338,7 @@ disable_classes = ; Determines the size of the realpath cache to be used by PHP. This value should ; be increased on systems where PHP opens many files to reflect the quantity of ; the file operations performed. +; Note: if open_basedir is set, the cache is disabled ; http://php.net/realpath-cache-size ;realpath_cache_size = 4096k @@ -582,7 +584,7 @@ html_errors = On ; http://php.net/error-log ; Example: ;error_log = php_errors.log -; Log errors to syslog. +; Log errors to syslog (Event Log on Windows). ;error_log = syslog ;windows.show_crt_warning @@ -938,6 +940,13 @@ cli_server.color = On ; otherwise output encoding conversion cannot be performed. ;iconv.output_encoding = +[imap] +; rsh/ssh logins are disabled by default. Use this INI entry if you want to +; enable them. Note that the IMAP library does not filter mailbox names before +; passing them to rsh/ssh command, thus passing untrusted data to this function +; with rsh/ssh enabled is insecure. +;imap.enable_insecure_rsh=0 + [intl] ;intl.default_locale = ; This directive allows you to produce PHP errors when some error @@ -947,8 +956,19 @@ cli_server.color = On ;intl.use_exceptions = 0 [sqlite3] +; Directory pointing to SQLite3 extensions +; http://php.net/sqlite3.extension-dir ;sqlite3.extension_dir = +; SQLite defensive mode flag (only available from SQLite 3.26+) +; When the defensive flag is enabled, language features that allow ordinary +; SQL to deliberately corrupt the database file are disabled. This forbids +; writing directly to the schema, shadow tables (eg. FTS data tables), or +; the sqlite_dbpage virtual table. +; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html +; (for older SQLite versions, this flag has no use) +;sqlite3.defensive = 1 + [Pcre] ;PCRE library backtracking limit. ; http://php.net/pcre.backtrack-limit @@ -1002,12 +1022,12 @@ sendmail_path = /usr/sbin/sendmail -t -i ;mail.force_extra_parameters = ; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On +mail.add_x_header = Off ; The path to a log file that will log all mail() calls. Log entries include ; the full path of the script, line number, To address and headers. ;mail.log = -; Log mail to syslog; +; Log mail to syslog (Event Log on Windows). ;mail.log = syslog [ODBC] @@ -1373,7 +1393,7 @@ session.use_trans_sid = 0 ; Set session ID character length. This value could be between 22 to 256. ; Shorter length than default is supported only for compatibility reason. ; Users should use 32 or more chars. -; http://php.net/session.sid_length +; http://php.net/session.sid-length ; Default Value: 32 ; Development Value: 26 ; Production Value: 26 diff --git a/php72.spec b/php72.spec index e0866c8..5a6d11e 100644 --- a/php72.spec +++ b/php72.spec @@ -118,13 +118,13 @@ %global db_devel libdb-devel %endif -%global upver 7.2.16 -#global rcver RC1 +%global upver 7.2.17 +%global rcver RC1 Summary: PHP scripting language for creating dynamic web sites Name: php Version: %{upver}%{?rcver:~%{rcver}} -Release: 2%{?dist} +Release: 1%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -184,7 +184,6 @@ Patch49: php-7.2.16-pdooci.patch Patch91: php-7.2.0-oci8conf.patch # Upstream fixes (100+) -Patch100: php-openssl111.patch # Security fixes (200+) @@ -1102,7 +1101,6 @@ low-level PHP extension for the libsodium cryptographic library. %patch91 -p1 -b .remi-oci8 # upstream patches -%patch100 -p1 -b .up # security patches @@ -2181,6 +2179,9 @@ fi %changelog +* Wed Mar 20 2019 Remi Collet 7.2.17~RC1-1 +- update to 7.2.17RC1 + * Tue Mar 5 2019 Remi Collet - 7.2.16-2 - add upstream patch for OpenSSL 1.1.1b -- cgit