CVE-2007-2728, CVE-2007-3205 and CVE-2007-4596 are patched in our
version of php but they don't have a vulnerable version range in the
NVD database, that's why they need to be ignored.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This patch is not only needed for target but also needed for native and
nativesdk variants.
Fixes
do_populate_sysroot: QA Issue: : /work/x86_64-linux/php-native/8.1.7-r0/sysroot-destdir/
work/x86_64-linux/php-native/8.1.7-r0/recipe-sysroot-native/usr/bin/phar.phar maximum shebang size exceeded, the ma
ximum size is 128. [shebang-size]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
Core:
------
Fixed bug #81430 (Attribute instantiation leaves dangling pointer).
Fixed bug #7896 (Environment vars may be mangled on Windows).
Fixed bug #7883 (Segfault when INI file is not readable).
FFI:
-----
Fixed bug #7867 (FFI::cast() from pointer to array is broken).
Filter:
------
Fix#81708: UAF due to php_filter_float() failing for ints. (CVE-2021-21708)
FPM:
-----
Fixed memory leak on invalid port.
Fixed bug #7842 (Invalid OpenMetrics response format returned by FPM status page.
MBString:
--------
Fixed bug #7902 (mb_send_mail may delimit headers with LF only).
MySQLnd:
--------
Fixed bug #7972 (MariaDB version prefix 5.5.5- is not stripped).
pcntl:
------
Fixed pcntl_rfork build for DragonFlyBSD.
Sockets:
-------
Fixed bug #7978 (sockets extension compilation errors).
Standard:
---------
Fixed bug #7899 (Regression in unpack for negative int value).
Fixed bug #7875 (mails are sent even if failure to log throws exception).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Add fibers support for RISCV64
- Disable build on RISCV32 musl since getcontext/setcontext APIs do not
exist on musl which are needed for fibers
- Detailed changes are here [1]
[1] https://www.php.net/ChangeLog-8.php#PHP_8_1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
libtool is now longer renamed to ${host}-libtool, so remove the changes
to support this.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
wrong name make service apache2 start failed with failure:
httpd: Syntax error on line 511 of /etc/apache2/httpd.conf: Syntax error on line 1 of /etc/apache2/modules.d/70_mod_php8.conf: Cannot load /usr/libexec/apache2/modules/libphp7.so into server: /usr/libexec/apache2/modules/libphp7.so: cannot open shared object file: No such file or directory
httpd: Syntax error on line 511 of /etc/apache2/httpd.conf: Syntax error on line 1 of /etc/apache2/modules.d/70_mod_php8.conf: Can't locate API module structure `php7_module' in file /usr/libexec/apache2/modules/libphp.so: /usr/libexec/apache2/modules/libphp.so: undefined symbol: php7_module
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
minilua, by default, is compiled by the host machine as a
dependency for compiling the JIT/opcache extension. To
successfully cross-compile, this needs to be run under QEMU to
match the target architecture.
According to the [RFC](https://wiki.php.net/rfc/jit), only
x86 and x86_64 targets are supported.
Signed-off-by: Ashley Cox <ashleyc@cybernetics.com>
Signed-off-by: Claude Bing <cbing@cybernetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is the result of automated script (0.9.1) conversion:
oe-core/scripts/contrib/convert-overrides.py .
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
License-Update: License updated (year updated)
Fix some security issues such as CVE-2021-21702 and remove two
cve patches which already included in the new version.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Since commit c4ffcaa2[php: split out phpdbg into a separate package],
package php is empty, we might met error:
nothing provides php needed by php-cli-7.4.9-r0.corei7_64
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Since PHP 7.0 the phpdbg debugger is built by default and gets shipped
in the main php package, increasing its size by several MB; split it
out into a php-phpdbg package, following Debian naming.
Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Appending ${TMPDIR} to ${D} doesn't make any sense, because both are
absolute paths. And additionally, the code fails:
rmdir: failed to remove '/usr/src/oe/tmp-musl/work/core2-64-oe-linux-musl/php/7.1.9-r0/image//usr': Directory not empty
Signed-off-by: Max Kellermann <max.kellermann@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
/var/run has been deprecated by systemd, so use /run instead,
as suggested by systemd.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 7.4.9:
- Fixed: Upgrade apache2handler's php_apache_sapi_get_request_time
to return usec
- Fixed: BSTR to PHP string conversion not binary safe
- Fixed: DCOM does not work with Username, Password parameter
- Fixed: serialize() and unserialize() methods can not be called
statically
- Fixed: Segfault in php_str_replace_common
- Fixed: Assertion failure if dumping closure with unresolved
static variable
- Fixed: Assertion failure when assigning property of string
offset by reference
- Fixed: HT iterators not removed if empty array is destroyed
- Fixed: Changing array during undef index RW error segfaults
- Fixed: Use after free if changing array during undef var during
array write fetch
- Fixed: Use after free if string used in undefined index warning
is changed
- Fixed: Public non-static property in child should take priority
over private static
- Fixed: getimagesize function silently truncates after a null
byte
- Fixed: finfo_file crash (FILEINFO_MIME)
- Fixed: ftp_size on large files
- Fixed: mb_strimwidth does not trim string
- Fixed: Use of freed hash key in the phar_parse_zipfile function
- Fixed: ::getStaticProperties() ignores property modifications
- Fixed: ::getStaticPropertyValue() throws on protected props
- Fixed: Use after free when type duplicated into
ReflectionProperty gets resolved
- Fixed: Can't copy() large 'data://' with open_basedir
- Fixed: dns_check_record() always return true on Alpine
- Fixed: array_walk() does not respect property types
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The source of the issue is the update for PHP 7.4 support in
0001-opcache-config.m4-enable-opcache.patch (commit 7cc7a9ec). Instead
of working around the issue in the recipe file, update the patch to
restore the call to PHP_ADD_LIBRARY().
Signed-off-by: Claude Bing <cbing@cybernetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Explicitly specifying -lrt is required for opcache to be linked against
the proper dependencies. Additionally, PHP disables libdl when it
detects a cross-compilation environment for some reason. In order to
load any type of extension, re-enabling libdl is required.
Signed-off-by: Claude Bing <cbing@cybernetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add mbstring to PACKAGECONFIG to enable
multibyte string support in php
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
--enable-zip and --with-libzip were removed in PHP 7.x.
These are replaced by --with-zip --with-zlib-dir.
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: License updated (year updated)
note: for 7.4, pear is disabled by default,
and it will be deprecated in future.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This change makes the parsing go though, we still might have build
issues, which will be reported in world builds seprately
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Patch for issue fixed upstream removed.
Also merge the inc into the recipe.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Patch for php to sync with the fix for the same issue in
libgd.
CVE: CVE-2019-6978
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The apache2 module's path has been changed from ${libdir} to
${libexecdir} in commit 8d4d608b4e. Update
mod_php.conf to adapt it.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It redefines apache2's libexecdir. Update php to sync with that change.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
