commit b94c09a76870a13f9476eb13f51c7bd40b8158de Author: Elan Ruusamäe <g...@delfi.ee> Date: Fri Oct 14 17:02:23 2016 +0300
up to 7.0.12 - http://php.net/releases/7_0_12.php php-cgi-fcgi.ini | 46 +++++++++++++++++++++++++++++++++++----------- php-ini.patch | 18 +++++++++++++++--- php.spec | 6 +++--- 3 files changed, 53 insertions(+), 17 deletions(-) --- diff --git a/php.spec b/php.spec index 7b82cf9..239dcdd 100644 --- a/php.spec +++ b/php.spec @@ -143,8 +143,8 @@ Summary(pt_BR.UTF-8): A linguagem de script PHP Summary(ru.UTF-8): PHP Версии 7 - язык препроцессирования HTML-файлов, выполняемый на сервере Summary(uk.UTF-8): PHP Версії 7 - мова препроцесування HTML-файлів, виконувана на сервері Name: %{orgname}%{php_suffix} -Version: 7.0.11 -Release: 2 +Version: 7.0.12 +Release: 1 Epoch: 4 # All files licensed under PHP version 3.01, except # Zend is licensed under Zend @@ -152,7 +152,7 @@ Epoch: 4 License: PHP 3.01 and Zend and BSD Group: Libraries Source0: http://php.net/distributions/%{orgname}-%{version}.tar.xz -# Source0-md5: 9a6013a5e9f258bbfb62ae5ac66b72da +# Source0-md5: bdcc4dbdac90c2a39422786653059f70 Source2: %{orgname}-mod_php.conf Source3: %{orgname}-cgi-fcgi.ini Source4: %{orgname}-apache.ini diff --git a/php-cgi-fcgi.ini b/php-cgi-fcgi.ini index 809c7d3..bae4609 100644 --- a/php-cgi-fcgi.ini +++ b/php-cgi-fcgi.ini @@ -8,41 +8,65 @@ ; copying whole large php.ini. [PHP] -; Disable logging through FastCGI connection -; See http://bugs.php.net/bug.php?id=28074 -; fastcgi.logging = 0 - ; cgi.force_redirect is necessary to provide security running PHP as a CGI under ; most web servers. Left undefined, PHP turns this on by default. You can ; turn it off here AT YOUR OWN RISK ; **You CAN safely turn this off for IIS, in fact, you MUST.** -; cgi.force_redirect = 1 +; http://php.net/cgi.force-redirect +;cgi.force_redirect = 1 ; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. -; cgi.nph = 1 +; every request. PHP's default behavior is to disable this feature. +;cgi.nph = 1 ; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape ; (iPlanet) web servers, you MAY need to set an environment variable name that PHP ; will look for to know it is OK to continue execution. Setting this variable MAY ; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; cgi.redirect_status_env = ; +; http://php.net/cgi.redirect-status-env +;cgi.redirect_status_env = ; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's ; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok ; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting +; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting ; of zero causes PHP to behave as before. Default is 1. You should fix your scripts ; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. +; http://php.net/cgi.fix-pathinfo cgi.fix_pathinfo=1 +; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +; of the web tree and people will not be able to circumvent .htaccess security. +; http://php.net/cgi.dicard-path +;cgi.discard_path=1 + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; http://php.net/fastcgi.impersonate +;fastcgi.impersonate = 1 + +; Disable logging through FastCGI connection. PHP's default behavior is to enable +; this feature. +;fastcgi.logging = 0 + ; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send +; use when sending HTTP response code. If set to 0, PHP sends Status: header that +; is supported by Apache. When this option is set to 1, PHP will send ; RFC2616 compliant header. ; Default is zero. +; http://php.net/cgi.rfc2616-headers ;cgi.rfc2616_headers = 0 +; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +; (shebang) at the top of the running script. This line might be needed if the +; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +; mode skips this line and ignores its content if this directive is turned on. +; http://php.net/cgi.check-shebang-line +;cgi.check_shebang_line=1 + [Session] session.save_path = /tmp ; argument passed to save_handler ; in the case of files, this is the diff --git a/php-ini.patch b/php-ini.patch index 0ce13b8..b252fcb 100644 --- a/php-ini.patch +++ b/php-ini.patch @@ -1,5 +1,5 @@ ---- php-7.0.10/php.ini~ 2016-09-19 23:26:55.000000000 +0300 -+++ php-7.0.10/php.ini 2016-09-19 23:27:28.521756951 +0300 +--- php-7.0.12/php.ini~ 2016-10-14 17:03:05.000000000 +0300 ++++ php-7.0.12/php.ini 2016-10-14 17:04:24.894309139 +0300 @@ -82,6 +82,20 @@ ; much more verbose when it comes to errors. We recommending using the ; development version only in development environments as errors shown to @@ -57,7 +57,7 @@ ; On windows: ; extension_dir = "ext" -@@ -760,53 +760,6 @@ +@@ -746,65 +746,6 @@ ; http://php.net/enable-dl enable_dl = Off @@ -88,6 +88,11 @@ -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - +-; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside +-; of the web tree and people will not be able to circumvent .htaccess security. +-; http://php.net/cgi.dicard-path +-;cgi.discard_path=1 +- -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache @@ -108,6 +113,13 @@ -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - +-; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! +-; (shebang) at the top of the running script. This line might be needed if the +-; script support running both as stand-alone script and via PHP CGI<. PHP in CGI +-; mode skips this line and ignores its content if this directive is turned on. +-; http://php.net/cgi.check-shebang-line +-;cgi.check_shebang_line=1 +- ;;;;;;;;;;;;;;;; ; File Uploads ; ;;;;;;;;;;;;;;;; ================================================================ ---- gitweb: http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/b94c09a76870a13f9476eb13f51c7bd40b8158de _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit