Version: 5.2.17, Package name: php5-core-5.2.17 |
Maintained by: Robert Nagy |
Master sites: |
Flavors (export FLAVOR=xyz, setenv FLAVOR xyz):
|
Description-fastcgi This is the core PHP binary compiled with FastCGI support (www.fastcgi.com). FastCGI deployments are generally faster than using PHP as a CGI, since the processes stay resident in memory between requests. Description-main At the most basic level, PHP can do anything any other CGI program can do, such as collect form data, generate dynamic page content, or send and receive cookies. PHP also has support for talking to other services using protocols such as IMAP, SNMP, NNTP, POP3, or even HTTP. You can also open raw network sockets and interact using other protocols. This package installs a stand-alone binary which can be used for command-line scripts, as well as an Apache module. By default this port uses the suhosin patch. The suhosin patch adds security hardening features to PHP to protect your servers on the one hand against a number of well known problems in PHP applications and on the other hand against potential unknown vulnerabilities within those applications or the PHP core itself. http://www.hardened-php.net/suhosin/index.html |
MD5: 2BX8maDCXCH13yhVH8uwAQ= |
RMD160: sotw+vE2s+BMW0g9oPTCJ5N49Do= |
Filesize: 22.528 KB |
Package available on: cdrom( ![]() ![]() Distfile available on: cdrom( ![]() ![]() |
Version History (View Complete History) |
|
2011-07-08 18:28:54 by Robert Nagy | Files touched by this commit (93) |
Log message: bye bye |
2011-06-18 13:49:22 by Stuart Henderson | Files touched by this commit (19) |
Log message: Use PATCHORIG, regen patches and rename the files which didn't match the normal update-patches filenames. This avoids update-patches picking up the .orig files in PHP distfiles and make it easier to keep in-sync. ok robert@ |
2011-03-26 04:23:13 by Stuart Henderson | Files touched by this commit (3) |
Log message: don't pick up an installed gsed; problem noticed by landry@, ok robert@ |
2011-03-21 13:50:18 by Jasper Lievisse Adriaanse | Files touched by this commit (7) |
Log message: - fix the autoconf bits for openssl's pkg-config files as well as a fix for one of the autoconf tests which assumes libssl is linked with libcrypto. from brad ok robert@ (MAINTAINER) |
2011-03-21 12:29:07 by Antoine Jacoutot | Files touched by this commit (3) |
Log message: Add femail,-chroot as a RUN_DEPENDS for php*-core. It is super small and is nice to have around from the start. Idea from sthen@ ok robert@ (maintainer) |
2011-01-03 08:03:03 by Robert Nagy | Files touched by this commit (5) |
Log message: Update to 5.2.16 |
2010-11-22 01:37:07 by Marc Espie | Files touched by this commit (859) |
Log message: new depends |
2010-11-11 12:56:19 by Marc Espie | Files touched by this commit (4) |
Log message: every WANTLIB that's linked to the build should be okay |
2010-10-19 02:02:58 by Marc Espie | Files touched by this commit (243) |
Log message: USE_GROFF=Yes |
2010-09-26 11:45:14 by Sebastian Reitenbach | Files touched by this commit (25) |
Log message: bump apache modules, since mod_headers in base httpd was updated. OK, landry@ |
2010-08-24 03:14:43 by Robert Nagy | Files touched by this commit (6) |
Log message: Update to 5.2.14 |
2010-08-08 04:46:34 by Stuart Henderson | Files touched by this commit (4) |
Log message: SECURITY: limited fixes cherry picked from 5.2.14. If upstream had mentioned the release on their announcements list maybe we would have had time to get the full update in but, as it is, we just found out about it and there are too many changes to test properly at short notice, so we are just fixing these for now. CVE-2010-2225: fix SplObjectStorage unserialization, upstream r300843 CVE-2010-0397: null pointer dereference when processing invalid XML-RPC requests, upstream r296152 ok espie@ |
2010-05-26 21:55:15 by William Yodlowsky | Files touched by this commit (3) |
Log message: SECURITY UPDATE to 5.2.13 ok robert@ |
2010-04-13 21:17:20 by William Yodlowsky | Files touched by this commit (2) |
Log message: MFC: SECURITY FIX php5-5.2.13 ok robert@ |
2010-03-21 03:05:55 by Robert Nagy | Files touched by this commit (3) |
Log message: update to version 5.2.13 |
2010-03-20 11:00:21 by Antoine Jacoutot | Files touched by this commit (1) |
Log message: Add a comment about why we don't use libtool from ports. "yeah... sure... ok" robert@ |
2010-02-26 07:45:03 by Stuart Henderson | Files touched by this commit (25) |
Log message: bump PKGNAMEs, the httpd abi changed, resulting in segfaults after updating httpd until newly-built packages are installed. ok espie@ |
2010-02-25 02:05:04 by Robert Nagy | Files touched by this commit (2) |
Log message: Install the tmp dir in the chroot with stricter permissions and change owner to the www users. ok ajacoutot@ |
2009-12-22 18:07:26 by William Yodlowsky | Files touched by this commit (1) |
Log message: MFC: SECURITY FIX php5-5.2.12 ok robert@ |
2009-12-22 03:39:28 by Robert Nagy | Files touched by this commit (2) |
Log message: Update to php-5.2.12 |
2009-10-24 21:07:30 by William Yodlowsky | Files touched by this commit (3) |
Log message: MFC: Update to php 5.2.11; Security Enhancements and Fixes in PHP 5.2.11: * Fixed certificate validation inside php_openssl_apply_verification_policy. (Ryan Sleevi, Ilia) * Fixed sanity check for the color index in imagecolortransparent(). (Pierre) * Added missing sanity checks around exif processing. (Ilia) * Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre) and update Suhosin extension to 0.9.29; fixes segfaults with session encryption. ok robert@ |
2009-10-01 06:22:32 by Antoine Jacoutot | Files touched by this commit (3) |
Log message: Create /var/www/tmp/ directory on install. ok robert@ (maintainer) |
2009-09-28 18:07:15 by William Yodlowsky | Files touched by this commit (3) |
Log message: MFC: Update to php 5.2.11; Security Enhancements and Fixes in PHP 5.2.11: * Fixed certificate validation inside php_openssl_apply_verification_policy. (Ryan Sleevi, Ilia) * Fixed sanity check for the color index in imagecolortransparent(). (Pierre) * Added missing sanity checks around exif processing. (Ilia) * Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre) ok robert@ |
2009-09-22 00:55:12 by Robert Nagy | Files touched by this commit (1) |
Log message: fix packaging |
2009-09-21 14:04:24 by Robert Nagy | Files touched by this commit (2) |
Log message: Update to php 5.2.11; Security Enhancements and Fixes in PHP 5.2.11: * Fixed certificate validation inside php_openssl_apply_verification_policy. (Ryan Sleevi, Ilia) * Fixed sanity check for the color index in imagecolortransparent(). (Pierre) * Added missing sanity checks around exif processing. (Ilia) * Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre) |
2009-09-19 07:08:31 by Antoine Jacoutot | Files touched by this commit (2) |
Log message: Zap trailing blank space. |
2009-08-22 10:58:14 by William Yodlowsky | Files touched by this commit (2) |
Log message: MFC: update Suhosin extension to 0.9.29; fixes segfaults with session encryption. revert workaround (change default back to encrypted sessions). ok sthen@ robert@ |
2009-08-21 03:44:12 by Stuart Henderson | Files touched by this commit (2) |
Log message: update Suhosin extension to 0.9.29; fixes segfaults with session encryption. revert workaround (change default back to encrypted sessions). ok robert@, similar diff jolan@ |
2009-08-17 14:13:27 by Jolan Luff | Files touched by this commit (1) |
Log message: enable zend multibyte support, ok robert@ |
2009-08-12 19:04:31 by William Yodlowsky | Files touched by this commit (2) |
Log message: MFC: Make suhosin.session.encrypt=off by default because there are some problems with php 5.2.10 and the suhosin patch. noted by william@ and people on ports@ It's going to be re-enabled when it gets fixed upstream. and patch-ext_suhosin_suhosin_c has to go the the shared patch dir. ok robert@ |
2009-07-26 16:42:22 by Robert Nagy | Files touched by this commit (2) |
Log message: patch-ext_suhosin_suhosin_c has to go the the shared patch dir. |
2009-07-20 12:48:29 by Jolan Luff | Files touched by this commit (1) |
Log message: enable sysvmsg support, ok robert@ |
2009-07-20 10:30:14 by Robert Nagy | Files touched by this commit (3) |
Log message: Make suhosin.session.encrypt=off by default because there are some problems with php 5.2.10 and the suhosin patch. noted by william@ and people on ports@ It's going to be re-enabled when it gets fixed upstream. |
2009-07-18 20:11:36 by William Yodlowsky | Files touched by this commit (4) |
Log message: MFC: SECURITY FIX php5-5.2.10 Resolves: - bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files) - in imagerotate(), background colour isn't validated correctly with a non-truecolour image (CVE-2008-5498) - crash on extract in zip when files or directories entry names contain a relative path - explode() behavior with empty string to respect negative limit - segfault when malformed string is passed to json_decode() - bug in xml_error_string() which resulted in messages being off by one ok robert@ |
2009-06-22 05:27:00 by Robert Nagy | Files touched by this commit (1) |
Log message: update to php-5.2.10: This is a SECURITY FIX that fixes: Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files. Update the suhosin patch to the current one while here. |
2009-06-02 18:50:39 by Stuart Henderson | Files touched by this commit (1) |
Log message: bump following api change in base httpd |
2009-04-29 05:36:58 by Stuart Henderson | Files touched by this commit (2) |
Log message: don't zap /var/www/conf/php5.sample ini file fragments when you upgrade php5-core. problem noticed by Alexander Hall, ok robert@ |
2009-03-10 16:07:22 by Robert Nagy | Files touched by this commit (4) |
Log message: Add an environment variable called PHP_INI_PATH so people can set a path to their php.ini file in a SAPI independent way. This way can easily run more instances of httpd with different php configs. Idea after a discussion with "L. V. Lammert" <lvl@omnitec.net> |
2009-03-06 02:18:31 by Robert Nagy | Files touched by this commit (6) |
Log message: |
2008-12-20 14:35:38 by Stuart Henderson | Files touched by this commit (6) |
Log message: PHP 5.2.8 broke strtotime (making it leak memory badly, very obvious to cacti users): add a patch from the upstream repository to fix this. Thanks Steven Surdock for reporting the problem and testing this diff (and similar patches sent by William Yodlowsky). While there, remove a zero-byte patch that crept in before. ok robert@ |
2008-12-09 14:52:31 by Robert Nagy | Files touched by this commit (3) |
Log message: update to php-5.2.8 and fix the no_suhosin flavor |
2008-08-21 09:51:51 by Antoine Jacoutot | Files touched by this commit (2) |
Log message: - s/LOCALBASE/PREFIX/ "of course" robert@ |
2008-05-20 08:01:45 by Robert Nagy | Files touched by this commit (3) |
Log message: update to php-5.2.6; from Brad Walker <me@bradmwalker.com> |
2008-03-20 17:06:53 by Stuart Henderson | Files touched by this commit (2) |
Log message: change @unexec to @extraunexec for the /var/www/conf/php5 directory where users are supposed to create symlinks to config file fragments in ../php5.sample, otherwise the symlinks are destroyed when someone updates php5/core. ok brad, seems ok to landry. |
2008-02-11 06:47:12 by Marc Espie | Files touched by this commit (2) |
Log message: activate index.php as directory index, since most php apps want that. okay robert@ |
2008-01-04 10:48:38 by Marc Espie | Files touched by this commit (187) |
Log message: tweak FAKE_FLAGS semantics to saner defaults. |
2007-12-11 05:45:08 by Robert Nagy | Files touched by this commit (2) |
Log message: Integrate a patch from php's CVS repo to fix a crashing issue due to an uninitialized variable. from Brad |
2007-11-15 13:24:02 by Aleksander Piotrowski | Files touched by this commit (3) |
Log message: - default config file contains ${LOCALBASE} variable that doesn't resolve to any value - fix a typo in MESSAGE-main file -- wrong name of default config file. - bump pkgname ok robert@ |
2007-11-14 03:53:50 by Robert Nagy | Files touched by this commit (2) |
Log message: - update to php-5.2.5 - include the suhosin extension and suhosin patch by default unless the no_suhosin flavor is defined - add all the suhosin configuration options to the sample config files |
2007-11-05 03:11:10 by Robert Nagy | Files touched by this commit (37) |
Log message: Kill the phpxs script that was used for enabling and disabling the php core module and extenions. Install a sample configuration file to /var/www/conf/modules.sample which can be symlinked or copied over to /var/www/conf/modules so apache is going to pick it up. Allow php to scan /var/www/conf/php5 for php configuration files so if the user installs or creates a symlink from the sample configuration files from the php5.sample directory, it is going to be picked up by php5. Create a dummy pwd.db file in the php5-imap package in the apache chroot because it is needed by c-client. feedback and tests by sthen@ |
2007-09-17 02:37:22 by Robert Nagy | Files touched by this commit (2) |
Log message: provide correct include paths by fixing a typo in patch-scripts_php_config_in; bump PKGNAME; noticed by sturm@ |
2007-09-15 14:38:27 by Michael Erdely | Files touched by this commit (258) |
Log message: Remove surrounding quotes from COMMENT-*/ERRORS/NO_REGRESS/PERMIT_*/REGRESS_IS_INTERACTIVE Change '.include "bsd.port.mk"' to '.include <bsd.port.mk>' while here (ok naddy@) |
2007-09-05 03:11:34 by Robert Nagy | Files touched by this commit (6) |
Log message: update to version 5.2.4 and remove some obsolete CONFIGURE_ARGS; |
2007-09-03 13:22:32 by Nikolay Sturm | Files touched by this commit (1) |
Log message: bump PKGNAME after PLIST change |
2007-08-27 03:44:43 by Robert Nagy | Files touched by this commit (2) |
Log message: fix the packaging of the no_suhosin flavor |
2007-07-02 02:53:17 by Robert Nagy | Files touched by this commit (6) |
Log message: update to version 5.2.3; fixes many vulnerabilities just as usual. for more information read http://www.php.net/releases/5_2_3.php add a no_suhosin pseudo-flavor because horde has some problems with the suhosin security patchset |
2007-06-17 01:55:53 by Nikolay Sturm | Files touched by this commit (4) |
Log message: assorted security patches, from debian |
2007-06-17 01:54:58 by Nikolay Sturm | Files touched by this commit (4) |
Log message: assorted security patches, from debian |
2007-05-11 09:05:15 by Robert Nagy | Files touched by this commit (3) |
Log message: update to version 5.2.2; fixes many vulnerabilities http://www.php.net/ChangeLog-5.php#5.2.2 from Lawrence Teo <lteo.openbsd1@calyptix.com>; |
2007-04-30 15:22:00 by Robert Nagy | Files touched by this commit (2) |
Log message: point to the correct fastcgi website; from Pierre Riteau <pierre.riteau@free.fr> |
2007-04-03 06:17:34 by Robert Nagy | Files touched by this commit (1) |
Log message: compile zend_alloc.c with -O0 to prevent a compiler bug on sparc64 and regen patches while here; bump PKGNAMEs |
2007-04-01 15:37:27 by Robert Nagy | Files touched by this commit (22) |
Log message: - add a fastcgi subpackage to core because now we are able to build more than one php binaries within one workdir (idea from FreeBSD) - move pdo_sqlite support from core to extensions and also add a pdo_mysql and a pdo_sqlite subpackage - regen patches while here - bump PKGNAMEs |
2007-03-22 16:43:20 by Robert Nagy | Files touched by this commit (19) |
Log message: - update to php 5.2.1 and suhosin 0.9.2.6 - remove the pear subpackage as it is now replaced with www/pear - the filepro extension is no longer available tested by a couple of people |
2006-11-25 04:09:43 by Marc Espie | Files touched by this commit (10) |
Log message: and relevant packing-lists |
2006-11-25 04:09:04 by Marc Espie | Files touched by this commit (3) |
Log message: new MULTI_PACKAGES. give pear to daemon, explicitly |
2006-10-21 05:44:10 by Robert Nagy | Files touched by this commit (29) |
Log message: update to version 5.1.6 and replace the hardened patchset with the suhosin patchset; kill the hardened flavor because we are going to use suhosin patchet by default; |
2006-08-03 18:10:42 by Marc Espie | Files touched by this commit (39) |
Log message: new lib specs |
2006-07-18 15:44:40 by Aleksander Piotrowski | Files touched by this commit (1) |
Log message: Make it work after recent iodbc changes |
2006-05-21 14:46:06 by Alexandre Anriot | Files touched by this commit (1) |
Log message: - php-5.1.4 tarball has been rerolled, so update distinfo. - add pear's distfile to SUPDISTFILES . - bump relevent PKGNAMEs. prompted by and ok robert@ |
2006-05-10 07:48:01 by Peter Stromberg | Files touched by this commit (1) |
Log message: add OpenBSD tag |
2006-05-09 08:15:40 by Robert Nagy | Files touched by this commit (16) |
Log message: Update to version 5.1.4; Add a hardened flavor for both core and extensions (inspired by niallo@); Use our own way to install pear because the bundled installer is totally broken and upstream refuses to fix it. Add a mysqli subpackage which can be used to access the functionality provided by MySQL 4.1 and above. Other minor changes and fixes are also included. ok sturm@; tested by many |
2006-02-07 21:54:51 by David Krause | Files touched by this commit (53) |
Log message: move any perl or sed substitutions from post-patch to pre-configure (fixes make update-patches) ok sturm@; "looks reasonable" steven@ |
2005-12-21 08:42:06 by Robert Nagy | Files touched by this commit (12) |
Log message: Update to php-5.1.1; for more information please check http://www.php.net/ChangeLog-5.php#5.1.1 and http://www.php.net/ChangeLog-5.php#5.1.0 The port now uses a CVS snapshot of PEAR; |
2005-09-14 09:44:19 by Robert Nagy | Files touched by this commit (5) |
Log message: upgrade to php-5.0.5; |
2005-09-12 13:29:43 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: SECURITY: fix a heap overflow in internal pcre; bump PKGNAME http://www.vuxml.org/openbsd/b552a55a-136d-11da-a0d4-00065bd5b0b6.html ok brad@ |
2005-08-31 16:13:43 by Robert Nagy | Files touched by this commit (1) |
Log message: SECURITY: fix a heap overflow in internal pcre; bump PKGNAME http://www.vuxml.org/openbsd/b552a55a-136d-11da-a0d4-00065bd5b0b6.html ok pvalchev@ |
2005-05-23 14:20:08 by Robert Nagy | Files touched by this commit (5) |
Log message: SECURITY: update to 5.0.4 fixes multiple vulnerabilities http://www.vuxml.org/openbsd/7612fe54-b00c-11d9-9c1d-00065bd5b0b6.html ok brad@ |
2005-04-04 15:13:22 by Robert Nagy | Files touched by this commit (7) |
Log message: update to 5.0.4; |
2005-03-16 13:09:41 by Robert Nagy | Files touched by this commit (3) |
Log message: - fix WANTLIB markers and dependencies (from alek@ and wilfried@) - delete some whitespaces (from wilfried@) - don't leave mess in ldconfig search path (reported by Moritz Grimm <mlist@scapa.dnsalias.net>) - bump PKGNAMEs tested by many; ok pval@ |
2004-12-29 14:53:14 by Marc Espie | Files touched by this commit (2) |
Log message: explicitly mark that php4-pear and php5-pear conflict. core prevents from installing them both, but this confuses the hell out of find-all-conflicts. |
2004-12-20 13:59:44 by Robert Nagy | Files touched by this commit (2) |
Log message: SECURITY: update to 5.0.3; add libstdc++ to WANTLIB; use {.CURDIR} for PATCH_LIST and CHECKSUM_FILE from jolan@ |
2004-12-11 06:29:22 by Aleksander Piotrowski | Files touched by this commit (47) |
Log message: Add WANTLIB markers |
2004-11-24 10:37:49 by Robert Nagy | Files touched by this commit (4) |
Log message: Let's use ${PREFIX}/share/examples/php5/ for the example configuration files. |
2004-11-24 10:27:22 by Robert Nagy | Files touched by this commit (6) |
Log message: switch to MESSAGE and UNMESSAGE; fix the redefinition of socklen_t; bump PKGNAME |
2004-11-24 06:15:09 by Aleksander Piotrowski | Files touched by this commit (3) |
Log message: Put correct paths into php-config and phpize scripts. ok robert@ |