aboutsummaryrefslogtreecommitdiffstats
path: root/meta-webserver/recipes-php/modphp/files
Commit message (Collapse)AuthorAgeFilesLines
* modphp: removePaul Eggleton2015-01-077-475/+0
| | | | | | This is now built out of the standard php recipe. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
* modphp: Security Advisory - php - CVE-2014-3597Yue Tao2014-10-301-0/+282
| | | | | | | | | | | | | | Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3597 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* modphp: Security Advisory - php - CVE-2014-3587Yue Tao2014-10-301-0/+31
| | | | | | | | | | | | | Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3587 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* modphp: Security Advisory - php - CVE-2014-5120Yue Tao2014-10-301-0/+35
| | | | | | | | | | | | | gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5120 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* modphp: using PKGCONFIG and PACKAGECONFIG for libxml and soapRoy.Li2014-10-141-0/+74
| | | | | Signed-off-by: Roy.Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* modphp: update to 5.4.14Marcin Juszkiewicz2013-04-291-209/+0
| | | | | | Only build tested. Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
* modphp: enable mysql option in PACKAGECONFIGJackie Huang2013-04-151-0/+209
| | | | | | | | * enable mysql option in PACKAGECONFIG * add patch to support autoconf 2.59+ so we can use autotools do_configure to fix a libtool cross-compile issue Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
* modphp: revert pthread-check.patch and add one against threads.m4Jackie Huang2013-04-152-64/+30
| | | | | | | | revert pthread-check.patch which hacks the old configure, instead, add one against threads.m4 to enable pthread support when cross-compiling. Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
* modphp: add from OE-Classic, update to 5.3.14 and fixPaul Eggleton2012-10-033-0/+87
* Use working SRC_URI * Fix to use correct headers and apxs script for cross-compiling * Enable threading * Install headers and scripts for building extension modules * Use proper variables instead of /etc, /usr/lib etc. * Fix rpath QA issues * Add LIC_FILES_CHKSUM * Put apache config file into SRC_URI instead of referring to it using FILESDIR Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>