diff --git a/abi_used_libs b/abi_used_libs --- a/abi_used_libs +++ b/abi_used_libs @@ -1,3 +1,4 @@ +libargon2.so.1 libbz2.so.1.0 libc-client.so.1 libc.so.6 @@ -22,7 +23,7 @@ libncursesw.so.5 libnetsnmp.so.35 libpam.so.0 -libpcre.so.1 +libpcre2-8.so.0 libpng16.so.16 libpq.so.5 libreadline.so.6 @@ -34,6 +35,7 @@ libstdc++.so.6 libsystemd.so.0 libtidy.so.5 +libwebp.so.7 libxml2.so.2 libxslt.so.1 libz.so.1 diff --git a/files/php.ini-production b/files/php.ini-production --- a/files/php.ini-production +++ b/files/php.ini-production @@ -15,7 +15,7 @@ ; 5. The web server's directory (for SAPI modules), or directory of PHP ; (otherwise in Windows) ; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) +; Windows directory (usually C:\windows) ; See the PHP docs for more specific information. ; http://php.net/configuration.file @@ -58,9 +58,9 @@ ; An empty string can be denoted by simply not writing anything after the equal ; sign, or by using the None keyword: -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' +; foo = ; sets foo to an empty string +; foo = None ; sets foo to an empty string +; foo = "None" ; sets foo to the string 'None' ; If you use constants in your value, and these constants belong to a ; dynamically loaded extension (either a PHP extension or a Zend extension), @@ -83,7 +83,7 @@ ; development version only in development environments, as errors shown to ; application users can inadvertently leak otherwise secure information. -; This is php.ini-production INI file. +; This is the php.ini-production INI file. ;;;;;;;;;;;;;;;;;;; ; Quick Reference ; @@ -169,7 +169,7 @@ ; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" ;user_ini.filename = ".user.ini" -; To disable this feature set this option to empty value +; To disable this feature set this option to an empty value ;user_ini.filename = ; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) @@ -248,7 +248,7 @@ ; Production Value: "form=" ;url_rewriter.tags -; URL rewriter will not rewrites absolute URL nor form by default. To enable +; URL rewriter will not rewrite absolute URL nor form by default. To enable ; absolute URL rewrite, allowed hosts must be defined at RUNTIME. ; Refer to session.trans_sid_hosts for more details. ; Default Value: "" @@ -305,6 +305,7 @@ ; open_basedir, if set, limits all file operations to the defined directory ; and below. This directive makes most sense if used in a per-directory ; or per-virtualhost web server configuration file. +; Note: disables the realpath cache ; http://php.net/open-basedir ;open_basedir = @@ -337,6 +338,7 @@ ; Determines the size of the realpath cache to be used by PHP. This value should ; be increased on systems where PHP opens many files to reflect the quantity of ; the file operations performed. +; Note: if open_basedir is set, the cache is disabled ; http://php.net/realpath-cache-size ;realpath_cache_size = 4096k @@ -397,7 +399,7 @@ ;max_input_nesting_level = 64 ; How many GET/POST/COOKIE input variables may be accepted -; max_input_vars = 1000 +;max_input_vars = 1000 ; Maximum amount of memory a script may consume (128MB) ; http://php.net/memory-limit @@ -585,6 +587,24 @@ ; Log errors to syslog (Event Log on Windows). ;error_log = syslog +; The syslog ident is a string which is prepended to every message logged +; to syslog. Only used when error_log is set to syslog. +;syslog.ident = php + +; The syslog facility is used to specify what type of program is logging +; the message. Only used when error_log is set to syslog. +;syslog.facility = user + +; Set this to disable filtering control characters (the default). +; Some loggers only accept NVT-ASCII, others accept anything that's not +; control characters. If your logger accepts everything, then no filtering +; is needed at all. +; Allowed values are: +; ascii (only base ASCII characters) +; no_ctrl (all characters except control characters) +; all (all characters) +;syslog.filter = ascii + ;windows.show_crt_warning ; Default value: 0 ; Development value: 0 @@ -734,13 +754,14 @@ ; Directory in which the loadable extensions (modules) reside. ; http://php.net/extension-dir -; extension_dir = "./" -; On windows: extension_dir = "/usr/lib64/php/modules/" +; On windows: +;extension_dir = "ext" + ; Directory where the temporary files should be placed. ; Defaults to the system default (see sys_get_temp_dir) -; sys_temp_dir = "/tmp" +;sys_temp_dir = "/tmp" ; Whether or not to enable the dl() function. The dl() function does NOT work ; properly in multithreaded servers, such as IIS or Zeus, and is automatically @@ -777,10 +798,9 @@ ; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside ; of the web tree and people will not be able to circumvent .htaccess security. -; http://php.net/cgi.dicard-path ;cgi.discard_path=1 -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; FastCGI under IIS supports the ability to impersonate ; security tokens of the calling client. This allows IIS to define the ; security context that the request runs under. mod_fastcgi under Apache ; does not currently support this feature (03/17/2002) @@ -952,7 +972,7 @@ [iconv] ; Use of this INI entry is deprecated, use global input_encoding instead. ; If empty, default_charset or input_encoding or iconv.input_encoding is used. -; The precedence is: default_charset < intput_encoding < iconv.input_encoding +; The precedence is: default_charset < input_encoding < iconv.input_encoding ;iconv.input_encoding = ; Use of this INI entry is deprecated, use global internal_encoding instead. @@ -967,6 +987,13 @@ ; otherwise output encoding conversion cannot be performed. ;iconv.output_encoding = +[imap] +; rsh/ssh logins are disabled by default. Use this INI entry if you want to +; enable them. Note that the IMAP library does not filter mailbox names before +; passing them to rsh/ssh command, thus passing untrusted data to this function +; with rsh/ssh enabled is insecure. +;imap.enable_insecure_rsh=0 + [intl] ;intl.default_locale = ; This directive allows you to produce PHP errors when some error @@ -979,19 +1006,19 @@ ;sqlite3.extension_dir = [Pcre] -;PCRE library backtracking limit. +; PCRE library backtracking limit. ; http://php.net/pcre.backtrack-limit ;pcre.backtrack_limit=100000 -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). +; PCRE library recursion limit. +; Please note that if you set this value to a high number you may consume all +; the available process stack and eventually crash PHP (due to reaching the +; stack size limit imposed by the Operating System). ; http://php.net/pcre.recursion-limit ;pcre.recursion_limit=100000 -;Enables or disables JIT compilation of patterns. This requires the PCRE -;library to be compiled with JIT support. +; Enables or disables JIT compilation of patterns. This requires the PCRE +; library to be compiled with JIT support. ;pcre.jit=1 [Pdo] @@ -1002,13 +1029,8 @@ ;pdo_odbc.db2_instance_name [Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - ; Default socket name for local MySQL connects. If empty, uses the built-in ; MySQL defaults. -; http://php.net/pdo_mysql.default-socket pdo_mysql.default_socket = /run/mysqld/mysqld.sock [Phar] @@ -1090,8 +1112,6 @@ ; http://php.net/odbc.defaultbinmode odbc.defaultbinmode = 1 -;birdstep.max_links = -1 - [Interbase] ; Allow or prevent persistent links. ibase.allow_persistent = 1 @@ -1141,10 +1161,6 @@ ; http://php.net/mysqli.max-links mysqli.max_links = -1 -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - ; Default port number for mysqli_connect(). If unset, mysqli_connect() will use ; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the ; compile-time value defined MYSQL_PORT (in that order). Win32 will only look @@ -1179,12 +1195,10 @@ [mysqlnd] ; Enable / Disable collection of general statistics by mysqlnd which can be ; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics mysqlnd.collect_statistics = On ; Enable / Disable collection of memory usage statistics by mysqlnd which can be ; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics mysqlnd.collect_memory_statistics = Off ; Records communication from all extensions using mysqlnd to the specified log @@ -1193,29 +1207,23 @@ ;mysqlnd.debug = ; Defines which queries will be logged. -; http://php.net/mysqlnd.log_mask ;mysqlnd.log_mask = 0 ; Default size of the mysqlnd memory pool, which is used by result sets. -; http://php.net/mysqlnd.mempool_default_size ;mysqlnd.mempool_default_size = 16000 ; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size ;mysqlnd.net_cmd_buffer_size = 2048 ; Size of a pre-allocated buffer used for reading data sent by the server in ; bytes. -; http://php.net/mysqlnd.net_read_buffer_size ;mysqlnd.net_read_buffer_size = 32768 ; Timeout for network requests in seconds. -; http://php.net/mysqlnd.net_read_timeout ;mysqlnd.net_read_timeout = 31536000 ; SHA-256 Authentication Plugin related. File with the MySQL server public RSA ; key. -; http://php.net/mysqlnd.sha256_server_public_key ;mysqlnd.sha256_server_public_key = [OCI8] @@ -1343,10 +1351,11 @@ ;session.save_path = "/tmp" ; Whether to use strict session mode. -; Strict session mode does not accept uninitialized session ID and regenerate -; session ID if browser sends uninitialized session ID. Strict mode protects -; applications from session fixation via session adoption vulnerability. It is -; disabled by default for maximum compatibility, but enabling it is encouraged. +; Strict session mode does not accept an uninitialized session ID, and +; regenerates the session ID if the browser sends an uninitialized session ID. +; Strict mode protects applications from session fixation via a session adoption +; vulnerability. It is disabled by default for maximum compatibility, but +; enabling it is encouraged. ; https://wiki.php.net/rfc/strict_sessions session.use_strict_mode = 0 @@ -1384,11 +1393,17 @@ ; http://php.net/session.cookie-domain session.cookie_domain = -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. +; Whether or not to add the httpOnly flag to the cookie, which makes it +; inaccessible to browser scripting languages such as JavaScript. ; http://php.net/session.cookie-httponly session.cookie_httponly = -; Handler used to serialize data. php is the standard serializer of PHP. +; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) +; Current valid values are "Lax" or "Strict" +; https://tools.ietf.org/html/draft-west-first-party-cookies-07 +session.cookie_samesite = + +; Handler used to serialize data. php is the standard serializer of PHP. ; http://php.net/session.serialize-handler session.serialize_handler = php @@ -1397,7 +1412,7 @@ ; gc_probability/gc_divisor. Where session.gc_probability is the numerator ; and gc_divisor is the denominator in the equation. Setting this value to 1 ; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. +; the gc will run on any given request. ; Default Value: 1 ; Development Value: 1 ; Production Value: 1 @@ -1407,10 +1422,10 @@ ; Defines the probability that the 'garbage collection' process is started on every ; session initialization. The probability is calculated by using the following equation: ; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, +; session.gc_divisor is the denominator in the equation. Setting this value to 100 +; when the session.gc_probability value is 1 will give you approximately a 1% chance +; the gc will run on any given request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any given request. For high volume production servers, ; this is a more efficient approach. ; Default Value: 100 ; Development Value: 1000 @@ -1480,7 +1495,7 @@ session.trans_sid_tags = "a=href,area=href,frame=src,form=" ; URL rewriter does not rewrite absolute URLs by default. -; To enable rewrites for absolute pathes, target hosts must be specified +; To enable rewrites for absolute paths, target hosts must be specified ; at RUNTIME. i.e. use ini_set() ;
tags is special. PHP will check action attribute's URL regardless ; of session.trans_sid_tags setting. @@ -1569,7 +1584,7 @@ ; http://php.net/assert.active ;assert.active = On -; Throw an AssertationException on failed assertions +; Throw an AssertionError on failed assertions ; http://php.net/assert.exception ;assert.exception = On @@ -1599,7 +1614,7 @@ ; http://php.net/com.allow-dcom ;com.allow_dcom = true -; autoregister constants of a components typlib on com_load() +; autoregister constants of a component's typlib on com_load() ; http://php.net/com.autoregister-typelib ;com.autoregister_typelib = true @@ -1630,9 +1645,9 @@ ; Use of this INI entry is deprecated, use global input_encoding instead. ; http input encoding. -; mbstring.encoding_traslation = On is needed to use this setting. +; mbstring.encoding_translation = On is needed to use this setting. ; If empty, default_charset or input_encoding or mbstring.input is used. -; The precedence is: default_charset < intput_encoding < mbsting.http_input +; The precedence is: default_charset < input_encoding < mbsting.http_input ; http://php.net/mbstring.http-input ;mbstring.http_input = @@ -1801,9 +1816,8 @@ ; A bitmask, where each bit enables or disables the appropriate OPcache ; passes -;opcache.optimization_level=0xffffffff +;opcache.optimization_level=0x7FFFBFFF -;opcache.inherited_hack=1 ;opcache.dups_fix=0 ; The location of the OPcache blacklist file (wildcards allowed). @@ -1878,6 +1892,10 @@ ; Prevent name collisions in chroot'ed environment. ;opcache.validate_root=0 +; If specified, it produces opcode dumps for debugging different stages of +; optimizations. +;opcache.opt_debug_level=0 + [curl] ; A default value for the CURLOPT_CAINFO option. This is required to be an ; absolute path. diff --git a/package.yml b/package.yml --- a/package.yml +++ b/package.yml @@ -1,8 +1,8 @@ name : php -version : 7.2.16 -release : 74 +version : 7.3.3 +release : 75 source : - - https://php.net/distributions/php-7.2.16.tar.xz : 7d91ed3c1447c6358a3d53f84599ef854aca4c3622de7435e2df115bf196e482 + - https://php.net/distributions/php-7.3.3.tar.xz : 6bb03e79a183d0cb059a6d117bbb2e0679cab667fb713a13c6a16f56bebab9b3 license : PHP-3.01 component : programming summary : PHP is a popular general-purpose scripting language that is especially suited to web development @@ -13,12 +13,15 @@ - pkgconfig(freetype2) - pkgconfig(gdlib) - pkgconfig(icu-i18n) + - pkgconfig(libargon2) - pkgconfig(libcurl) - pkgconfig(libexif) + - pkgconfig(libpcre2-posix) - pkgconfig(libpng) - pkgconfig(libpq) - pkgconfig(libsasl2) - pkgconfig(libturbojpeg) + - pkgconfig(libwebp) - pkgconfig(libxml-2.0) - pkgconfig(libxslt) - pkgconfig(libzip) @@ -51,7 +54,6 @@ --enable-exif=shared \ --enable-fpm \ --enable-ftp=shared \ - --enable-gd-native-ttf \ --enable-intl=shared \ --enable-libxml=shared \ --enable-mbstring \ @@ -91,6 +93,7 @@ --with-mysqli=shared,mysqlnd \ --with-openssl \ --with-openssl-dir=/usr/bin \ + --with-password-argon2 \ --with-pcre-regex=/usr \ --with-pdo-mysql=shared,mysqlnd \ --with-pdo-pgsql=shared \ @@ -101,6 +104,7 @@ --with-snmp=shared \ --with-sqlite3=shared,/usr \ --with-tidy=shared \ + --with-webp-dir=/usr \ --with-xsl=/usr \ --with-zlib build : | diff --git a/pspec_x86_64.xml b/pspec_x86_64.xml --- a/pspec_x86_64.xml +++ b/pspec_x86_64.xml @@ -36,6 +36,7 @@ /usr/lib64/build/Makefile.global /usr/lib64/build/acinclude.m4 /usr/lib64/build/ax_check_compile_flag.m4 + /usr/lib64/build/ax_gcc_func_attribute.m4 /usr/lib64/build/config.guess /usr/lib64/build/config.sub /usr/lib64/build/libtool.m4 @@ -253,7 +254,7 @@ programming.devel - php + php /usr/include/php/TSRM/TSRM.h @@ -278,6 +279,7 @@ /usr/include/php/Zend/zend_config.nw.h /usr/include/php/Zend/zend_config.w32.h /usr/include/php/Zend/zend_constants.h + /usr/include/php/Zend/zend_cpuinfo.h /usr/include/php/Zend/zend_dtrace.h /usr/include/php/Zend/zend_errors.h /usr/include/php/Zend/zend_exceptions.h @@ -333,14 +335,16 @@ /usr/include/php/Zend/zend_vm.h /usr/include/php/Zend/zend_vm_def.h /usr/include/php/Zend/zend_vm_execute.h + /usr/include/php/Zend/zend_vm_handlers.h /usr/include/php/Zend/zend_vm_opcodes.h + /usr/include/php/Zend/zend_vm_trace_handlers.h + /usr/include/php/Zend/zend_vm_trace_map.h /usr/include/php/ext/date/lib/timelib.h /usr/include/php/ext/date/lib/timelib_config.h /usr/include/php/ext/date/php_date.h /usr/include/php/ext/dom/xml_common.h /usr/include/php/ext/filter/php_filter.h /usr/include/php/ext/gd/gd_compat.h - /usr/include/php/ext/gd/gdcache.h /usr/include/php/ext/gd/libgd/bmp.h /usr/include/php/ext/gd/libgd/gd.h /usr/include/php/ext/gd/libgd/gd_errors.h @@ -356,6 +360,7 @@ /usr/include/php/ext/gd/libgd/jisx0208.h /usr/include/php/ext/gd/libgd/wbmp.h /usr/include/php/ext/gd/php_gd.h + /usr/include/php/ext/gmp/php_gmp_int.h /usr/include/php/ext/hash/php_hash.h /usr/include/php/ext/hash/php_hash_adler32.h /usr/include/php/ext/hash/php_hash_crc32.h @@ -473,6 +478,7 @@ /usr/include/php/ext/standard/flock_compat.h /usr/include/php/ext/standard/fsock.h /usr/include/php/ext/standard/head.h + /usr/include/php/ext/standard/hrtime.h /usr/include/php/ext/standard/html.h /usr/include/php/ext/standard/html_tables.h /usr/include/php/ext/standard/info.h @@ -501,6 +507,7 @@ /usr/include/php/ext/standard/php_math.h /usr/include/php/ext/standard/php_metaphone.h /usr/include/php/ext/standard/php_mt_rand.h + /usr/include/php/ext/standard/php_net.h /usr/include/php/ext/standard/php_password.h /usr/include/php/ext/standard/php_rand.h /usr/include/php/ext/standard/php_random.h @@ -563,12 +570,12 @@ - - 2019-03-13 - 7.2.16 + + 2019-03-14 + 7.3.3 Packaging update Philipp Trulson philipp@trulson.de \ No newline at end of file