]> granicus.if.org Git - php/log
php
6 years agoAdd NEWS
Stanislav Malyshev [Mon, 16 Jul 2018 21:26:31 +0000 (14:26 -0700)]
Add NEWS

6 years agoFixed bug #76459 windows linkinfo lacks openbasedir check
Anatol Belski [Tue, 3 Jul 2018 11:51:31 +0000 (13:51 +0200)]
Fixed bug #76459 windows linkinfo lacks openbasedir check

6 years agoFix bug #76557: heap-buffer-overflow (READ of size 48) while reading exif data
Stanislav Malyshev [Mon, 2 Jul 2018 05:20:19 +0000 (22:20 -0700)]
Fix bug #76557: heap-buffer-overflow (READ of size 48) while reading exif data

Use MAKERNOTE length as data size.

6 years agoFix bug #76423 - Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of...
Stanislav Malyshev [Tue, 19 Jun 2018 23:26:36 +0000 (16:26 -0700)]
Fix bug #76423 - Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c

6 years ago5.6.37 will be next
Ferenc Kovacs [Tue, 24 Apr 2018 21:23:14 +0000 (23:23 +0200)]
5.6.37 will be next

6 years agoFix test portability
Anatol Belski [Tue, 24 Apr 2018 08:47:32 +0000 (10:47 +0200)]
Fix test portability

6 years agoFix tsrm_ls
Stanislav Malyshev [Mon, 23 Apr 2018 23:48:27 +0000 (16:48 -0700)]
Fix tsrm_ls

6 years agoMerge remote-tracking branch 'security/bug76249' into PHP-5.6
Stanislav Malyshev [Mon, 23 Apr 2018 20:44:19 +0000 (13:44 -0700)]
Merge remote-tracking branch 'security/bug76249' into PHP-5.6

* security/bug76249:
  Fix test
  Fix bug #76249 - fail on invalid sequences

6 years agoMerge remote-tracking branch 'security/bug76248' into PHP-5.6
Stanislav Malyshev [Mon, 23 Apr 2018 20:44:12 +0000 (13:44 -0700)]
Merge remote-tracking branch 'security/bug76248' into PHP-5.6

* security/bug76248:
  Fix bug #76248 - Malicious LDAP-Server Response causes Crash

6 years agoFix #76129 - remove more potential unfiltered outputs for phar
Stanislav Malyshev [Wed, 28 Mar 2018 04:22:28 +0000 (21:22 -0700)]
Fix #76129 - remove more potential unfiltered outputs for phar

6 years agoMerge remote-tracking branch 'security/PHP-5.6' into PHP-5.6
Stanislav Malyshev [Mon, 23 Apr 2018 20:42:51 +0000 (13:42 -0700)]
Merge remote-tracking branch 'security/PHP-5.6' into PHP-5.6

* security/PHP-5.6:
  Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
  Fix bug #75981: prevent reading beyond buffer start

6 years agoFix test
Stanislav Malyshev [Mon, 23 Apr 2018 05:19:51 +0000 (22:19 -0700)]
Fix test

6 years agoFix bug #76248 - Malicious LDAP-Server Response causes Crash
Stanislav Malyshev [Mon, 23 Apr 2018 05:01:35 +0000 (22:01 -0700)]
Fix bug #76248 - Malicious LDAP-Server Response causes Crash

6 years agoFix bug #76249 - fail on invalid sequences
Stanislav Malyshev [Mon, 23 Apr 2018 04:26:06 +0000 (21:26 -0700)]
Fix bug #76249 - fail on invalid sequences

6 years agoFix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
Christoph M. Becker [Tue, 27 Mar 2018 16:42:55 +0000 (18:42 +0200)]
Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value

The MakerNote is not necessarily null-terminated, so we must not use
`strlen()` to avoid OOB reads.  Instead `php_strnlen()` is the proper
way to handle this.

6 years ago[ci skip] 5.6.36 will be next
Ferenc Kovacs [Wed, 28 Mar 2018 21:14:30 +0000 (23:14 +0200)]
[ci skip] 5.6.36 will be next

6 years ago[ci skip] Update NEWS
Anatol Belski [Tue, 27 Mar 2018 12:24:43 +0000 (14:24 +0200)]
[ci skip] Update NEWS

6 years agoDo not set PR_SET_DUMPABLE by default
Jakub Zelenka [Wed, 7 Mar 2018 18:12:56 +0000 (18:12 +0000)]
Do not set PR_SET_DUMPABLE by default

6 years ago5.6.35 is next
Ferenc Kovacs [Tue, 27 Feb 2018 22:57:06 +0000 (23:57 +0100)]
5.6.35 is next

6 years ago[ci skip] Update NEWS
Anatol Belski [Tue, 27 Feb 2018 10:31:37 +0000 (11:31 +0100)]
[ci skip] Update NEWS

6 years agoFix bug #75981: prevent reading beyond buffer start
Stanislav Malyshev [Tue, 20 Feb 2018 23:34:43 +0000 (15:34 -0800)]
Fix bug #75981: prevent reading beyond buffer start

6 years ago[ci skip] Set FPM maintainership
Stanislav Malyshev [Sat, 24 Feb 2018 00:43:10 +0000 (16:43 -0800)]
[ci skip] Set FPM maintainership

As per http://news.php.net/php.internals/101897, Jakub is officially
annointed as new FPM maintainer.

6 years agoFix bug #75981: prevent reading beyond buffer start
Stanislav Malyshev [Tue, 20 Feb 2018 23:34:43 +0000 (15:34 -0800)]
Fix bug #75981: prevent reading beyond buffer start

7 years ago2018
Remi Collet [Wed, 3 Jan 2018 14:12:39 +0000 (15:12 +0100)]
2018

7 years agophp 5.6.34 is next
Ferenc Kovacs [Tue, 2 Jan 2018 23:30:58 +0000 (00:30 +0100)]
php 5.6.34 is next

7 years agoUpdate NEWS
Stanislav Malyshev [Tue, 2 Jan 2018 03:53:00 +0000 (19:53 -0800)]
Update NEWS

7 years agoFixed bug #75571: Potential infinite loop in gdImageCreateFromGifCtx
Christoph M. Becker [Wed, 29 Nov 2017 17:52:33 +0000 (18:52 +0100)]
Fixed bug #75571: Potential infinite loop in gdImageCreateFromGifCtx

Due to a signedness confusion in `GetCode_` a corrupt GIF file can
trigger an infinite loop.  Furthermore we make sure that a GIF without
any palette entries is treated as invalid *after* open palette entries
have been removed.

7 years agoFix bug #74782: remove file name from output to avoid XSS
Stanislav Malyshev [Sun, 2 Jul 2017 20:29:37 +0000 (13:29 -0700)]
Fix bug #74782: remove file name from output to avoid XSS

7 years agoBackport and apply upstream patch for CVE-2017-14107
Anatol Belski [Fri, 27 Oct 2017 11:16:56 +0000 (13:16 +0200)]
Backport and apply upstream patch for CVE-2017-14107

7 years ago5.6.33 is next
Ferenc Kovacs [Wed, 25 Oct 2017 01:36:30 +0000 (03:36 +0200)]
5.6.33 is next

7 years agoThese tests all assume that IPV6 is available.
Rasmus Lerdorf [Sat, 10 Jan 2015 01:24:48 +0000 (17:24 -0800)]
These tests all assume that IPV6 is available.

7 years agofix the travis build for PHP-5.6 using precise instead of trusty
Ferenc Kovacs [Tue, 24 Oct 2017 23:51:48 +0000 (01:51 +0200)]
fix the travis build for PHP-5.6 using precise instead of trusty

7 years agofix the travis build for PHP-5.6 using precise instead of trusty
Ferenc Kovacs [Tue, 24 Oct 2017 23:47:21 +0000 (01:47 +0200)]
fix the travis build for PHP-5.6 using precise instead of trusty

7 years agoParametrize the expected value to avoid platform false positives
Anatol Belski [Tue, 24 Oct 2017 16:33:21 +0000 (18:33 +0200)]
Parametrize the expected value to avoid platform false positives

7 years ago[ci skip] update NEWS
Anatol Belski [Tue, 24 Oct 2017 12:16:54 +0000 (14:16 +0200)]
[ci skip] update NEWS

7 years agoFixed bug #72535 arcfour encryption stream filter crashes php
Anatol Belski [Tue, 24 Oct 2017 11:59:18 +0000 (13:59 +0200)]
Fixed bug #72535 arcfour encryption stream filter crashes php

7 years agoFixed bug #75055 Out-Of-Bounds Read in timelib_meridian()
Anatol Belski [Tue, 24 Oct 2017 09:28:17 +0000 (11:28 +0200)]
Fixed bug #75055 Out-Of-Bounds Read in timelib_meridian()

7 years agoApply upstream patch for CVE-2016-1283
Anatol Belski [Thu, 28 Sep 2017 13:40:49 +0000 (15:40 +0200)]
Apply upstream patch for CVE-2016-1283

Fix bug #75207, see also
https://bugzilla.redhat.com/show_bug.cgi?id=1295385
https://vcs.pcre.org/pcre?view=revision&revision=1636

(cherry picked from commit d11fceab151cd0410645f81eb7444af4388470c3)

7 years agoadd missing NEWS entry for #74087 and also fix the formatting
Ferenc Kovacs [Wed, 5 Jul 2017 22:10:07 +0000 (00:10 +0200)]
add missing NEWS entry for #74087 and also fix the formatting

7 years agomove NEWS entry to the correct place, also bump the version
Ferenc Kovacs [Wed, 5 Jul 2017 22:05:14 +0000 (00:05 +0200)]
move NEWS entry to the correct place, also bump the version

7 years agoNEWS for oniguruma
Remi Collet [Wed, 5 Jul 2017 07:26:55 +0000 (09:26 +0200)]
NEWS for oniguruma

7 years agoPatch from the upstream git
Remi Collet [Tue, 30 May 2017 13:40:32 +0000 (15:40 +0200)]
Patch from the upstream git
https://github.com/kkos/oniguruma/issues/60 (CVE-2017-9228)

Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>

7 years agoPatch from the upstream git
Remi Collet [Tue, 30 May 2017 13:39:21 +0000 (15:39 +0200)]
Patch from the upstream git
https://github.com/kkos/oniguruma/issues/59 (CVE-2017-9229)
b690371bbf97794b4a1d3f295d4fb9a8b05d402d Modified for onig 5.9.6

Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>

7 years agoPatch from the upstream git
Remi Collet [Tue, 30 May 2017 13:38:17 +0000 (15:38 +0200)]
Patch from the upstream git
https://github.com/kkos/oniguruma/issues/58 (CVE-2017-9227)

Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>

7 years agoPatch from the upstream git
Remi Collet [Tue, 30 May 2017 13:37:11 +0000 (15:37 +0200)]
Patch from the upstream git
https://github.com/kkos/oniguruma/issues/57 (CVE-2017-9224)

Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>

7 years agoPatch from the upstream git
Remi Collet [Tue, 30 May 2017 13:35:42 +0000 (15:35 +0200)]
Patch from the upstream git
https://github.com/kkos/oniguruma/issues/55 (CVE-2017-9226)
b4bf968ad52afe14e60a2dc8a95d3555c543353a Modified for onig 5.9.6
f015fbdd95f76438cd86366467bb2b39870dd7c6 Modified for onig 5.9.6

Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>

7 years agoImprove fix for #74145
Stanislav Malyshev [Wed, 5 Jul 2017 04:10:08 +0000 (21:10 -0700)]
Improve fix for #74145

7 years agoFix tests
Stanislav Malyshev [Wed, 5 Jul 2017 03:12:57 +0000 (20:12 -0700)]
Fix tests

7 years agoUpdate NEWS
Stanislav Malyshev [Wed, 5 Jul 2017 02:30:29 +0000 (19:30 -0700)]
Update NEWS

7 years agoFix bug #74087
Stanislav Malyshev [Wed, 5 Jul 2017 02:21:28 +0000 (19:21 -0700)]
Fix bug #74087

Ported from https://vcs.pcre.org/pcre/code/trunk/pcre_jit_compile.c?r1=1676&r2=1680&view=patch

7 years agoFixed parsing of strange formats with mixed month/day and time strings
Derick Rethans [Mon, 3 Jul 2017 11:37:11 +0000 (12:37 +0100)]
Fixed parsing of strange formats with mixed month/day and time strings

7 years agoFix bug #74145 - wddx parsing empty boolean tag leads to SIGSEGV
Stanislav Malyshev [Sun, 2 Jul 2017 21:25:54 +0000 (14:25 -0700)]
Fix bug #74145 - wddx parsing empty boolean tag leads to SIGSEGV

7 years agoFixed bug #74111
Nikita Popov [Sun, 25 Jun 2017 19:15:26 +0000 (21:15 +0200)]
Fixed bug #74111

7 years agoFix #74435: Buffer over-read into uninitialized memory
Christoph M. Becker [Tue, 20 Jun 2017 14:45:42 +0000 (16:45 +0200)]
Fix #74435: Buffer over-read into uninitialized memory

The stack allocated color map buffers were not zeroed before usage, and
so undefined palette indexes could cause information leakage.

7 years agoFix bug #74603 - use correct buffer size
Stanislav Malyshev [Tue, 20 Jun 2017 07:09:01 +0000 (00:09 -0700)]
Fix bug #74603 - use correct buffer size

7 years agoFix bug #74651 - check EVP_SealInit as it can return -1
Stanislav Malyshev [Tue, 20 Jun 2017 06:06:24 +0000 (23:06 -0700)]
Fix bug #74651 - check EVP_SealInit as it can return -1

7 years agoUpdate NEWS
Stanislav Malyshev [Sun, 25 Jun 2017 06:32:59 +0000 (23:32 -0700)]
Update NEWS

7 years agoFix bug #73807
Nikita Popov [Thu, 2 Feb 2017 15:04:02 +0000 (16:04 +0100)]
Fix bug #73807

7 years agofix test for 32bits (int -> float)
Remi Collet [Wed, 1 Feb 2017 09:25:30 +0000 (10:25 +0100)]
fix test for 32bits (int -> float)

(cherry picked from commit 0f1ae93bfa2feb3d0fd0b8d3036148df8ef856e2)

8 years agoupdate NEWS
Ferenc Kovacs [Thu, 19 Jan 2017 00:16:31 +0000 (01:16 +0100)]
update NEWS

8 years agoFix #73869: Signed Integer Overflow gd_io.c
Christoph M. Becker [Sat, 17 Dec 2016 16:06:58 +0000 (17:06 +0100)]
Fix #73869: Signed Integer Overflow gd_io.c

GD2 stores the number of horizontal and vertical chunks as words (i.e. 2
byte unsigned). These values are multiplied and assigned to an int when
reading the image, what can cause integer overflows. We have to avoid
that, and also make sure that either chunk count is actually greater
than zero. If illegal chunk counts are detected, we bail out from
reading the image.

(cherry picked from commit 5b5d9db3988b829e0b121b74bb3947f01c2796a1)

8 years agoFix #73868: DOS vulnerability in gdImageCreateFromGd2Ctx()
Christoph M. Becker [Tue, 16 Aug 2016 16:23:36 +0000 (18:23 +0200)]
Fix #73868: DOS vulnerability in gdImageCreateFromGd2Ctx()

We must not pretend that there are image data if there are none. Instead
we fail reading the image file gracefully.

(cherry picked from commit cdb648dc4115ce0722f3cc75e6a65115fc0e56ab)

8 years agoAdd additional serialize tests for fixed bugs
Nikita Popov [Mon, 16 Jan 2017 12:24:13 +0000 (13:24 +0100)]
Add additional serialize tests for fixed bugs

These have been fixed as a side-effect of the delayed __wakeup
patch.

8 years agoFix typo
Stanislav Malyshev [Mon, 16 Jan 2017 08:23:06 +0000 (00:23 -0800)]
Fix typo

8 years agoFix test
Stanislav Malyshev [Mon, 16 Jan 2017 02:42:22 +0000 (18:42 -0800)]
Fix test

8 years agoUpdate more functions with path check
Stanislav Malyshev [Mon, 16 Jan 2017 01:31:08 +0000 (17:31 -0800)]
Update more functions with path check

8 years agoFix glob-wrapper.phpt to not fail in Windows
Mitch Hagstrand [Tue, 10 Jan 2017 19:51:55 +0000 (11:51 -0800)]
Fix glob-wrapper.phpt to not fail in Windows

8 years agoFix open_basedir check for glob:// opendir wrapper
Sara Golemon [Mon, 9 Jan 2017 19:02:50 +0000 (11:02 -0800)]
Fix open_basedir check for glob:// opendir wrapper

php_check_open_basedir() expects a local filesystem path,
but we're handing it a `glob://...` URI instead.

Move the check to after the path trim so that we're checking
a meaningful pathspec.

8 years agoadd skip when json not loaded
Remi Collet [Fri, 6 Jan 2017 05:23:59 +0000 (06:23 +0100)]
add skip when json not loaded

8 years ago5.6.31 is next
Ferenc Kovacs [Fri, 6 Jan 2017 00:43:11 +0000 (01:43 +0100)]
5.6.31 is next

8 years agoFix printf modifier
Nikita Popov [Thu, 5 Jan 2017 10:37:06 +0000 (11:37 +0100)]
Fix printf modifier

8 years agoAdd tests for delayed __wakeup()
Nikita Popov [Wed, 4 Jan 2017 23:20:56 +0000 (00:20 +0100)]
Add tests for delayed __wakeup()

8 years agoImplement delayed __wakeup
Nikita Popov [Wed, 4 Jan 2017 23:19:26 +0000 (00:19 +0100)]
Implement delayed __wakeup

8 years agoMerge branch 'PHP-5.6.30' into PHP-5.6
Stanislav Malyshev [Tue, 3 Jan 2017 04:56:32 +0000 (20:56 -0800)]
Merge branch 'PHP-5.6.30' into PHP-5.6

* PHP-5.6.30:
  Fix bug #73737 FPE when parsing a tag format
  Fix bug #73773 - Seg fault when loading hostile phar
  Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()
  Fix bug #73768 - Memory corruption when loading hostile phar
  Fix int overflows in phar (bug #73764)

8 years agoFIx bug #70213
Nikita Popov [Sun, 1 Jan 2017 13:10:49 +0000 (14:10 +0100)]
FIx bug #70213

8 years agoFix bug #73737 FPE when parsing a tag format
Stanislav Malyshev [Sun, 1 Jan 2017 03:31:49 +0000 (19:31 -0800)]
Fix bug #73737 FPE when parsing a tag format

8 years agoFix bug #73773 - Seg fault when loading hostile phar
Stanislav Malyshev [Sun, 1 Jan 2017 02:47:50 +0000 (18:47 -0800)]
Fix bug #73773 - Seg fault when loading hostile phar

8 years agoFix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()
Stanislav Malyshev [Sat, 31 Dec 2016 00:59:46 +0000 (16:59 -0800)]
Fix bug #73825 - Heap out of bounds read on unserialize in finish_nested_data()

8 years agoFix bug #73768 - Memory corruption when loading hostile phar
Stanislav Malyshev [Fri, 30 Dec 2016 23:57:24 +0000 (15:57 -0800)]
Fix bug #73768 - Memory corruption when loading hostile phar

8 years agoFix int overflows in phar (bug #73764)
Stanislav Malyshev [Fri, 30 Dec 2016 23:34:46 +0000 (15:34 -0800)]
Fix int overflows in phar (bug #73764)

8 years agoRevert "Fix #73530: Unsetting result set may reset other result set"
Christoph M. Becker [Thu, 29 Dec 2016 11:41:39 +0000 (12:41 +0100)]
Revert "Fix #73530: Unsetting result set may reset other result set"

This reverts commit eb570294a289b45d0dd38efc71065d6b0d314c4b.

That commit caused a regression, so it's probably best to revert it, and
to tackle the issue for the next minor release.

8 years agofix C89 compat
Anatol Belski [Sat, 17 Dec 2016 19:43:32 +0000 (20:43 +0100)]
fix C89 compat

8 years agoSkip tests when secure_file_priv dir not writable
Matteo Beccati [Thu, 15 Dec 2016 08:31:00 +0000 (09:31 +0100)]
Skip tests when secure_file_priv dir not writable

8 years agoupdate NEWS
Ferenc Kovacs [Thu, 8 Dec 2016 06:05:32 +0000 (07:05 +0100)]
update NEWS

8 years agofix leak, take 2
Anatol Belski [Tue, 6 Dec 2016 15:12:39 +0000 (16:12 +0100)]
fix leak, take 2

8 years agofix leak, take on 5.6
Anatol Belski [Tue, 6 Dec 2016 13:34:27 +0000 (14:34 +0100)]
fix leak, take on 5.6

8 years agoThis still leaks memory, I don't have enough knowledge in WDDX code to fix them :(
Stanislav Malyshev [Tue, 6 Dec 2016 06:32:59 +0000 (22:32 -0800)]
This still leaks memory, I don't have enough knowledge in WDDX code to fix them :(

8 years agoFix bug #73631 - Invalid read when wddx decodes empty boolean element
Stanislav Malyshev [Tue, 6 Dec 2016 05:40:55 +0000 (21:40 -0800)]
Fix bug #73631 - Invalid read when wddx decodes empty boolean element

8 years agoFix minor typo
Adrien Crivelli [Wed, 30 Nov 2016 09:19:35 +0000 (18:19 +0900)]
Fix minor typo

8 years agoWorkaround for GCC-4.9.2 bug
Dmitry Stogov [Thu, 1 Dec 2016 12:46:52 +0000 (15:46 +0300)]
Workaround for GCC-4.9.2 bug

8 years agooops, changed in wrong place
Stanislav Malyshev [Mon, 28 Nov 2016 00:11:41 +0000 (16:11 -0800)]
oops, changed in wrong place

8 years agoadd NEWS
Stanislav Malyshev [Sun, 27 Nov 2016 23:38:09 +0000 (15:38 -0800)]
add NEWS

8 years agoMerge branch 'pull-request/1974' into PHP-5.6
Stanislav Malyshev [Sun, 27 Nov 2016 23:11:17 +0000 (15:11 -0800)]
Merge branch 'pull-request/1974' into PHP-5.6

* pull-request/1974:
  Fix #68447: grapheme_extract take an extra trailing character

8 years agoFix #73549: Use after free when stream is passed to imagepng
Christoph M. Becker [Thu, 17 Nov 2016 12:44:30 +0000 (13:44 +0100)]
Fix #73549: Use after free when stream is passed to imagepng

If a stream is passed to imagepng() or other image output functions,
opposed to a filename, we must not close this stream.

8 years agoFix occasionaly failing test
Matteo Beccati [Sun, 27 Nov 2016 09:20:13 +0000 (10:20 +0100)]
Fix occasionaly failing test

8 years agoAdded missing array key to $JUNIT
Matteo Beccati [Sun, 27 Nov 2016 09:07:05 +0000 (10:07 +0100)]
Added missing array key to $JUNIT

8 years agoacinclude.m4: fix krb5-config detection and usage in PHP_SETUP_KERBEROS.
Michael Orlitzky [Fri, 30 Sep 2016 23:47:20 +0000 (19:47 -0400)]
acinclude.m4: fix krb5-config detection and usage in PHP_SETUP_KERBEROS.

When building with kerberos support (--with-kerberos), a few libraries
and flags need to be added to various parts of the build system. The
most reliable way to get those flags is through the krb5-config
program that ships with both major implementations of kerberos. The
PHP_SETUP_KERBEROS macro in acinclude.m4 attempts to detect
krb5-config, and use it.

However, there's a bug in that macro. The --with-kerberos parameter
accepts a directory where the kerberos libraries can be found. When a
directory is given, it is stored in the PHP_KERBEROS variable. The
following test,

  if test "$PHP_KERBEROS" = "yes" && test -x "$KRB5_CONFIG"; then

thus fails whenever a directory is passed to --with-kerberos, since it
compares a directory name against the string "yes". This causes
krb5-config to go unused, and some unreliable fallback logic is
attempted instead. One consequence of this is that the Heimdal
kerberos implementation cannot be substituted for the MIT one, at
least when a directory is passed to --with-kerberos.

This commit reverses the logic and checks for "$PHP_KERBEROS" != "no".
To confirm that this fixes the issue, one can inspect the "-l" library
flags that get appended to the command-line. On a machine with Heimdal
and the unmodified acinclude.m4, running

  ./configure --with-openssl --with-kerberos=/usr

will log (for example) to config.log,

  configure:18082: checking for krb5-config
  configure:18101: found /usr/bin/krb5-config
  configure:18114: result: /usr/bin/krb5-config
  configure:18450: checking for RAND_egd
  configure:18450: cc ... conftest.c ... -lgssapi_krb5 -lkrb5 ...

which are the library names for the MIT implementation. After patching
acinclude.m4 to negate the logic, the same command on the same machine
outputs (to config.log):

  configure:18450: cc ... conftest.c -lgssapi -lheimntlm ...

These are the correct library names for the Heimdal implementation.

PHP-Bug: 73214

8 years agoAdd more mbfl string size checks (bug #73505)
Stanislav Malyshev [Sat, 26 Nov 2016 22:44:58 +0000 (14:44 -0800)]
Add more mbfl string size checks (bug #73505)

8 years agoFix #73582: Failing ext/gd/tests/imagettftext_charmap_order.phpt
Christoph M. Becker [Fri, 25 Nov 2016 22:02:34 +0000 (23:02 +0100)]
Fix #73582: Failing ext/gd/tests/imagettftext_charmap_order.phpt

This test is not supposed to work with JIS-mapped Japanese font support
enabled.

8 years agoUpdated to version 2016.10 (2016j)
Derick Rethans [Thu, 24 Nov 2016 10:40:11 +0000 (10:40 +0000)]
Updated to version 2016.10 (2016j)