commit eafd88fcf4f98dca1bf82fc8e0182f29d7c49d9b
Author: Elan Ruusamäe <g...@delfi.ee>
Date: Tue Oct 18 23:35:06 2016 +0300
up to 5.6.27 - http://php.net/releases/5_6_27.php
php-cgi-fcgi.ini | 46 +++++++++++++++++++++++++++++++++++-----------
php-ini.patch | 19 +++++++++++++++----
php.spec | 6 +++---
3 files changed, 53 insertions(+), 18 deletions(-)
---
diff --git a/php.spec b/php.spec
index 982af49..c1a7b58 100644
--- a/php.spec
+++ b/php.spec
@@ -149,7 +149,7 @@ ERROR: You need to select at least one Apache SAPI to build
shared modules.
%undefine with_filter
%endif
-%define rel 3
+%define rel 1
%define orgname php
%define ver_suffix 56
%define php_suffix %{!?with_default_php:%{ver_suffix}}
@@ -160,7 +160,7 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP
Summary(ru.UTF-8): PHP Версии 5 - язык препроцессирования HTML-файлов,
выполняемый на сервере
Summary(uk.UTF-8): PHP Версії 5 - мова препроцесування HTML-файлів,
виконувана на сервері
Name: %{orgname}%{php_suffix}
-Version: 5.6.26
+Version: 5.6.27
Release: %{rel}
Epoch: 4
# All files licensed under PHP version 3.01, except
@@ -169,7 +169,7 @@ Epoch: 4
License: PHP 3.01 and Zend and BSD
Group: Libraries
Source0: http://www.php.net/distributions/%{orgname}-%{version}.tar.xz
-# Source0-md5: c51e9115263b4d63ef8f68935cefd7d4
+# Source0-md5: 9ce6efc96d5ab81ef808f8ed6b1f242d
Source2: %{orgname}-mod_%{orgname}.conf
Source3: %{orgname}-cgi-fcgi.ini
Source4: %{orgname}-apache.ini
diff --git a/php-cgi-fcgi.ini b/php-cgi-fcgi.ini
index 809c7d3..bae4609 100644
--- a/php-cgi-fcgi.ini
+++ b/php-cgi-fcgi.ini
@@ -8,41 +8,65 @@
; copying whole large php.ini.
[PHP]
-; Disable logging through FastCGI connection
-; See http://bugs.php.net/bug.php?id=28074
-; fastcgi.logging = 0
-
; cgi.force_redirect is necessary to provide security running PHP as a CGI
under
; most web servers. Left undefined, PHP turns this on by default. You can
; turn it off here AT YOUR OWN RISK
; **You CAN safely turn this off for IIS, in fact, you MUST.**
-; cgi.force_redirect = 1
+; http://php.net/cgi.force-redirect
+;cgi.force_redirect = 1
; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
-; every request.
-; cgi.nph = 1
+; every request. PHP's default behavior is to disable this feature.
+;cgi.nph = 1
; if cgi.force_redirect is turned on, and you are not running under Apache or
Netscape
; (iPlanet) web servers, you MAY need to set an environment variable name that
PHP
; will look for to know it is OK to continue execution. Setting this variable
MAY
; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
-; cgi.redirect_status_env = ;
+; http://php.net/cgi.redirect-status-env
+;cgi.redirect_status_env =
; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.
PHP's
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not
grok
; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs.
Setting
-; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A
setting
+; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A
setting
; of zero causes PHP to behave as before. Default is 1. You should fix your
scripts
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
+; http://php.net/cgi.fix-pathinfo
cgi.fix_pathinfo=1
+; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed
outside
+; of the web tree and people will not be able to circumvent .htaccess security.
+; http://php.net/cgi.dicard-path
+;cgi.discard_path=1
+
+; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
+; security tokens of the calling client. This allows IIS to define the
+; security context that the request runs under. mod_fastcgi under Apache
+; does not currently support this feature (03/17/2002)
+; Set to 1 if running under IIS. Default is zero.
+; http://php.net/fastcgi.impersonate
+;fastcgi.impersonate = 1
+
+; Disable logging through FastCGI connection. PHP's default behavior is to
enable
+; this feature.
+;fastcgi.logging = 0
+
; cgi.rfc2616_headers configuration option tells PHP what type of headers to
-; use when sending HTTP response code. If it's set 0 PHP sends Status: header
that
-; is supported by Apache. When this option is set to 1 PHP will send
+; use when sending HTTP response code. If set to 0, PHP sends Status: header
that
+; is supported by Apache. When this option is set to 1, PHP will send
; RFC2616 compliant header.
; Default is zero.
+; http://php.net/cgi.rfc2616-headers
;cgi.rfc2616_headers = 0
+; cgi.check_shebang_line controls whether CGI PHP checks for line starting
with #!
+; (shebang) at the top of the running script. This line might be needed if the
+; script support running both as stand-alone script and via PHP CGI<. PHP in
CGI
+; mode skips this line and ignores its content if this directive is turned on.
+; http://php.net/cgi.check-shebang-line
+;cgi.check_shebang_line=1
+
[Session]
session.save_path = /tmp ; argument passed to save_handler
; in the case of files, this is the
diff --git a/php-ini.patch b/php-ini.patch
index a5704d3..58ad800 100644
--- a/php-ini.patch
+++ b/php-ini.patch
@@ -1,6 +1,5 @@
-diff -ruN php-5.6.12.orig/php.ini php-5.6.12/php.ini
---- php-5.6.12.orig/php.ini 2015-08-06 09:55:57.000000000 +0200
-+++ php-5.6.12/php.ini 2015-08-08 09:21:30.507130679 +0200
+--- php-5.6.27/php.ini~ 2016-10-18 23:32:02.000000000 +0300
++++ php-5.6.27/php.ini 2016-10-18 23:33:47.459569105 +0300
@@ -82,6 +82,20 @@
; much more verbose when it comes to errors. We recommend using the
; development version only in development environments, as errors shown to
@@ -58,7 +57,7 @@ diff -ruN php-5.6.12.orig/php.ini php-5.6.12/php.ini
; On windows:
; extension_dir = "ext"
-@@ -745,53 +759,6 @@
+@@ -757,65 +757,6 @@
; http://php.net/enable-dl
enable_dl = Off
@@ -89,6 +88,11 @@ diff -ruN php-5.6.12.orig/php.ini php-5.6.12/php.ini
-; http://php.net/cgi.fix-pathinfo
-;cgi.fix_pathinfo=1
-
+-; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed
outside
+-; of the web tree and people will not be able to circumvent .htaccess
security.
+-; http://php.net/cgi.dicard-path
+-;cgi.discard_path=1
+-
-; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
-; security tokens of the calling client. This allows IIS to define the
-; security context that the request runs under. mod_fastcgi under Apache
@@ -109,6 +113,13 @@ diff -ruN php-5.6.12.orig/php.ini php-5.6.12/php.ini
-; http://php.net/cgi.rfc2616-headers
-;cgi.rfc2616_headers = 0
-
+-; cgi.check_shebang_line controls whether CGI PHP checks for line starting
with #!
+-; (shebang) at the top of the running script. This line might be needed if the
+-; script support running both as stand-alone script and via PHP CGI<. PHP in
CGI
+-; mode skips this line and ignores its content if this directive is turned on.
+-; http://php.net/cgi.check-shebang-line
+-;cgi.check_shebang_line=1
+-
;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/eafd88fcf4f98dca1bf82fc8e0182f29d7c49d9b
_______________________________________________
pld-cvs-commit mailing list
pld-cvs-commit@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
