2848cc99a1 ("php-fpm: Add support for systemd") introduced a systemd
service file, where ExecStart and ExecStop uses /etc/init.d/php-fpm,
which does not exist if systemd is enabled. Consequently, the php-fpm
service fails to start even though it is correctly installed. This is
fixed by this commit in which the service file is identical to the one
from the PHP source code except for the use of BitBake variables. Also,
use ${systemd_system_unitdir} instead of ${systemd_unitdir}/system.
Signed-off-by: Emil Kronborg <emil.kronborg@protonmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Build:
. Fixed bug GH-11522 (PHP version check fails with '-' separator).
- CLI:
. Fix interrupted CLI output causing the process to exit.
- Core:
. Fixed oss-fuzz #60011 (Mis-compilation of by-reference nullsafe operator).
. Fixed line number of JMP instruction over else block.
. Fixed use-of-uninitialized-value with ??= on assert.
. Fixed oss-fuzz #60411 (Fix double-compilation of arrow-functions).
. Fixed build for FreeBSD before the 11.0 releases.
- Curl:
. Fix crash when an invalid callback function is passed to
CURLMOPT_PUSHFUNCTION.
- Date:
. Fixed bug GH-11368 (Date modify returns invalid datetime).
. Fixed bug GH-11600 (Can't parse time strings which include
non-breaking space characters).
. Fixed bug GH-11854 (DateTime:createFromFormat stopped parsing datetime with
extra space).
- DOM:
. Fixed bug GH-11625 (DOMElement::replaceWith() doesn't replace node with
DOMDocumentFragment but just deletes node or causes wrapping <></>
depending on libxml2 version).
- Fileinfo:
. Fixed bug GH-11298 (finfo returns wrong mime type for xz files).
- FTP:
. Fix context option check for "overwrite".
. Fixed bug GH-10562 (Memory leak and invalid state with consecutive
ftp_nb_fget).
- GD:
. Fix most of the external libgd test failures.
- Intl:
. Fix memory leak in MessageFormatter::format() on failure.
- Libxml:
. Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading
in XML without enabling it). (CVE-2023-3823)
- MBString:
. Fix GH-11300 (license issue: restricted unicode license headers).
- Opcache:
. Fixed bug GH-10914 (OPCache with Enum and Callback functions results in
segmentation fault).
. Prevent potential deadlock if accelerated globals cannot be allocated.
- PCNTL:
. Fixed bug GH-11498 (SIGCHLD is not always returned from proc_open).
- PDO:
. Fix GH-11587 (After php8.1, when PDO::ATTR_EMULATE_PREPARES is true
and PDO::ATTR_STRINGIFY_FETCHES is true, decimal zeros are no longer
filled).
- PDO SQLite:
. Fix GH-11492 (Make test failure: ext/pdo_sqlite/tests/bug_42589.phpt).
- Phar:
. Add missing check on EVP_VerifyUpdate() in phar util.
. Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read()).
- PHPDBG:
. Fixed bug GH-9669 (phpdbg -h options doesn't list the -z option).
- Session:
. Removed broken url support for transferring session ID.
- Standard:
. Fix serialization of RC1 objects appearing in object graph twice.
- Streams:
. Fixed bug GH-11735 (Use-after-free when unregistering user stream wrapper
from itself).
- SQLite3:
. Fix replaced error handling in SQLite3Stmt::__construct.
- XMLReader:
. Fix GH-11548 (Argument corruption when calling XMLReader::open or
XMLReader::XML non-statically with observer active).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Try to add convert and apply statuses for old CVEs
- Drop some obsolete ignores, while they are not relevant for current
version
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- CLI:
. Fixed bug GH-11246 (cli/get_set_process_title fails on MacOS).
- Core:
. Fixed build for the riscv64 architecture/GCC 12.
- Curl:
. Fixed bug GH-11433 (Unable to set CURLOPT_ACCEPT_ENCODING to NULL).
- Date:
. Fixed bug GH-11455 (Segmentation fault with custom object date properties).
- DOM:
. Fixed bugs GH-11288 and GH-11289 and GH-11290 and GH-9142 (DOMExceptions
and segfaults with replaceWith).
. Fixed bug GH-10234 (Setting DOMAttr::textContent results in an empty
attribute value).
. Fix return value in stub file for DOMNodeList::item.
. Fix spec compliance error with '*' namespace for
DOMDocument::getElementsByTagNameNS.
. Fix DOMElement::append() and DOMElement::prepend() hierarchy checks.
. Fixed bug GH-11347 (Memory leak when calling a static method inside an
xpath query).
. Fixed bug #67440 (append_node of a DOMDocumentFragment does not reconcile
namespaces).
. Fixed bug #81642 (DOMChildNode::replaceWith() bug when replacing a node
with itself).
. Fixed bug #77686 (Removed elements are still returned by getElementById).
. Fixed bug #70359 (print_r() on DOMAttr causes Segfault in
php_libxml_node_free_list()).
. Fixed bug #78577 (Crash in DOMNameSpace debug info handlers).
. Fix lifetime issue with getAttributeNodeNS().
. Fix "invalid state error" with cloned namespace declarations.
. Fixed bug #55294 and #47530 and #47847 (various namespace reconciliation
issues).
. Fixed bug #80332 (Completely broken array access functionality with
DOMNamedNodeMap).
- Opcache:
. Fix allocation loop in zend_shared_alloc_startup().
. Access violation on smm_shared_globals with ALLOC_FALLBACK.
. Fixed bug GH-11336 (php still tries to unlock the shared memory ZendSem
with opcache.file_cache_only=1 but it was never locked).
- OpenSSL:
. Fixed bug GH-9356 Incomplete validation of IPv6 Address fields in
subjectAltNames
- PCRE:
. Fix preg_replace_callback_array() pattern validation.
- PGSQL:
. Fixed intermittent segfault with pg_trace.
- Phar:
. Fix cross-compilation check in phar generation for FreeBSD.
- SPL:
. Fixed bug GH-11338 (SplFileInfo empty getBasename with more than one
slash).
- Standard:
. Fix access on NULL pointer in array_merge_recursive().
. Fix exception handling in array_multisort().
- SQLite3:
. Fixed bug GH-11451 (Invalid associative array containing duplicate
keys).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There is new patch-status QA check in oe-core:
https://git.openembedded.org/openembedded-core/commit/?id=76a685bfcf927593eac67157762a53259089ea8a
This is temporary work around just to hide _many_ warnings from
optional patch-status (if you add it to WARN_QA).
This just added
Upstream-Status: Pending
everywhere without actually investigating what's the proper status.
This is just to hide current QA warnings and to catch new .patch files being
added without Upstream-Status, but the number of Pending patches is now terrible:
5 (26%) meta-xfce
6 (50%) meta-perl
15 (42%) meta-webserver
21 (36%) meta-gnome
25 (57%) meta-filesystems
26 (43%) meta-initramfs
45 (45%) meta-python
47 (55%) meta-multimedia
312 (63%) meta-networking
756 (61%) meta-oe
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
. Fixed bug GH-11152 (Unable to alias namespaces containing reserved class
names).
. Fixed bug GH-9068 (Conditional jump or move depends on uninitialised
value(s)).
. Fixed bug GH-11189 (Exceeding memory limit in zend_hash_do_resize leaves
the array in an invalid state).
. Fixed bug GH-11063 (Compilation error on old GCC versions).
. Fixed bug GH-11222 (foreach by-ref may jump over keys during a rehash).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
If my git skills don't trick me, forcing ARM mode for PHP
dates back to year 2015 with commit e836f8f93.
I wondered whether the compile problem still persists and just
tested that it compiles fine for qemuarm nowaydays.
I also tested the binaries on a physical device, a
NXP iMX6ULL based one, and did not notice any problems
so far.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
Added optional support for max_execution_time in ZTS/Linux builds
Fixed use-after-free in recursive AST evaluation.
Fixed bug GH-8646 (Memory leak PHP FPM 8.1).
Re-add some CTE functions that were removed from being CTE by a mistake.
Remove CTE flag from array_diff_ukey(), which was added by mistake.
Fixed bug GH-10801 (Named arguments in CTE functions cause a segfault).
Fixed bug GH-8789 (PHP 8.0.20 (ZTS) zend_signal_handler_defer crashes on apache).
Fixed bug GH-10015 (zend_signal_handler_defer crashes on apache shutdown).
Fixed bug GH-10810 (Fix NUL byte terminating Exception::__toString()).
Fix potential memory corruption when mixing __callStatic() and FFI.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Core:
. Fixed incorrect check condition in type inference.
. Fix incorrect check in zend_internal_call_should_throw().
. Fixed overflow check in OnUpdateMemoryConsumption.
. Fixed bug GH-9916 (Entering shutdown sequence with a fiber suspended in a
Generator emits an unavoidable fatal error or crashes).
. Fixed bug GH-10437 (Segfault/assertion when using fibers in shutdown
function after bailout).
. Fixed SSA object type update for compound assignment opcodes.
. Fixed language scanner generation build.
. Fixed zend_update_static_property() calling zend_update_static_property_ex()
misleadingly with the wrong return type.
. Fix bug GH-10570 (Fixed unknown string hash on property fetch with integer
constant name).
. Fixed php_fopen_primary_script() call resulted on zend_destroy_file_handle()
freeing dangling pointers on the handle as it was uninitialized.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
-D_LARGEFILE64_SOURCE is needed for musl explicitly. Its added
indirectly via -D_GNU_SOURCE on glibc but not on musl feature macros
Signed-off-by: Khem Raj <raj.khem@gmail.com>
CVE-2007-2728, CVE-2007-3205 and CVE-2007-4596 are patched in our
version of php but they don't have a vulnerable version range in the
NVD database, that's why they need to be ignored.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This patch is not only needed for target but also needed for native and
nativesdk variants.
Fixes
do_populate_sysroot: QA Issue: : /work/x86_64-linux/php-native/8.1.7-r0/sysroot-destdir/
work/x86_64-linux/php-native/8.1.7-r0/recipe-sysroot-native/usr/bin/phar.phar maximum shebang size exceeded, the ma
ximum size is 128. [shebang-size]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
Core:
------
Fixed bug #81430 (Attribute instantiation leaves dangling pointer).
Fixed bug #7896 (Environment vars may be mangled on Windows).
Fixed bug #7883 (Segfault when INI file is not readable).
FFI:
-----
Fixed bug #7867 (FFI::cast() from pointer to array is broken).
Filter:
------
Fix#81708: UAF due to php_filter_float() failing for ints. (CVE-2021-21708)
FPM:
-----
Fixed memory leak on invalid port.
Fixed bug #7842 (Invalid OpenMetrics response format returned by FPM status page.
MBString:
--------
Fixed bug #7902 (mb_send_mail may delimit headers with LF only).
MySQLnd:
--------
Fixed bug #7972 (MariaDB version prefix 5.5.5- is not stripped).
pcntl:
------
Fixed pcntl_rfork build for DragonFlyBSD.
Sockets:
-------
Fixed bug #7978 (sockets extension compilation errors).
Standard:
---------
Fixed bug #7899 (Regression in unpack for negative int value).
Fixed bug #7875 (mails are sent even if failure to log throws exception).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Add fibers support for RISCV64
- Disable build on RISCV32 musl since getcontext/setcontext APIs do not
exist on musl which are needed for fibers
- Detailed changes are here [1]
[1] https://www.php.net/ChangeLog-8.php#PHP_8_1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
libtool is now longer renamed to ${host}-libtool, so remove the changes
to support this.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
wrong name make service apache2 start failed with failure:
httpd: Syntax error on line 511 of /etc/apache2/httpd.conf: Syntax error on line 1 of /etc/apache2/modules.d/70_mod_php8.conf: Cannot load /usr/libexec/apache2/modules/libphp7.so into server: /usr/libexec/apache2/modules/libphp7.so: cannot open shared object file: No such file or directory
httpd: Syntax error on line 511 of /etc/apache2/httpd.conf: Syntax error on line 1 of /etc/apache2/modules.d/70_mod_php8.conf: Can't locate API module structure `php7_module' in file /usr/libexec/apache2/modules/libphp.so: /usr/libexec/apache2/modules/libphp.so: undefined symbol: php7_module
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
minilua, by default, is compiled by the host machine as a
dependency for compiling the JIT/opcache extension. To
successfully cross-compile, this needs to be run under QEMU to
match the target architecture.
According to the [RFC](https://wiki.php.net/rfc/jit), only
x86 and x86_64 targets are supported.
Signed-off-by: Ashley Cox <ashleyc@cybernetics.com>
Signed-off-by: Claude Bing <cbing@cybernetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is the result of automated script (0.9.1) conversion:
oe-core/scripts/contrib/convert-overrides.py .
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
License-Update: License updated (year updated)
Fix some security issues such as CVE-2021-21702 and remove two
cve patches which already included in the new version.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Since commit c4ffcaa2[php: split out phpdbg into a separate package],
package php is empty, we might met error:
nothing provides php needed by php-cli-7.4.9-r0.corei7_64
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Since PHP 7.0 the phpdbg debugger is built by default and gets shipped
in the main php package, increasing its size by several MB; split it
out into a php-phpdbg package, following Debian naming.
Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Appending ${TMPDIR} to ${D} doesn't make any sense, because both are
absolute paths. And additionally, the code fails:
rmdir: failed to remove '/usr/src/oe/tmp-musl/work/core2-64-oe-linux-musl/php/7.1.9-r0/image//usr': Directory not empty
Signed-off-by: Max Kellermann <max.kellermann@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
/var/run has been deprecated by systemd, so use /run instead,
as suggested by systemd.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 7.4.9:
- Fixed: Upgrade apache2handler's php_apache_sapi_get_request_time
to return usec
- Fixed: BSTR to PHP string conversion not binary safe
- Fixed: DCOM does not work with Username, Password parameter
- Fixed: serialize() and unserialize() methods can not be called
statically
- Fixed: Segfault in php_str_replace_common
- Fixed: Assertion failure if dumping closure with unresolved
static variable
- Fixed: Assertion failure when assigning property of string
offset by reference
- Fixed: HT iterators not removed if empty array is destroyed
- Fixed: Changing array during undef index RW error segfaults
- Fixed: Use after free if changing array during undef var during
array write fetch
- Fixed: Use after free if string used in undefined index warning
is changed
- Fixed: Public non-static property in child should take priority
over private static
- Fixed: getimagesize function silently truncates after a null
byte
- Fixed: finfo_file crash (FILEINFO_MIME)
- Fixed: ftp_size on large files
- Fixed: mb_strimwidth does not trim string
- Fixed: Use of freed hash key in the phar_parse_zipfile function
- Fixed: ::getStaticProperties() ignores property modifications
- Fixed: ::getStaticPropertyValue() throws on protected props
- Fixed: Use after free when type duplicated into
ReflectionProperty gets resolved
- Fixed: Can't copy() large 'data://' with open_basedir
- Fixed: dns_check_record() always return true on Alpine
- Fixed: array_walk() does not respect property types
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Khem Raj
Emil Kronborg
Ross Burton
Wang Mingyu
Andrej Valek
Martin Jansa
Michael Heimpold
Mingli Yu
Davide Gardenal
Changqing Li
Claude Bing
Alexander Kanavin
Joe Slater
Diego Santa Cruz
Zheng Ruoqin
Max Kellermann
Qi.Chen@windriver.com
Leon Anavi