linux/meta-openembedded.git/meta-webserver/recipes-php, branch pyro-nfvaccess

php: remove PNBLACKLIST

2017-04-18T12:21:53+00:00

It has been fixed since: commit b5bb61163751d93672bdcdfb24dda21398e42657 Author: dengke.du@windriver.com Date: Tue Mar 28 04:13:36 2017 -0400 php: fix install failure Also remove it for xdebug since php works now. Signed-off-by: Robert Yang Signed-off-by: Martin Jansa

recipes: add removal date to PNBLACKLIST messages

2017-04-05T17:36:45+00:00

* based on discussion in pndeprecated thread: https://patchwork.openembedded.org/patch/137573/ update the messages to warn possible users that the recipe will be removed before the end of the next development cycle (before Yocto 2.4 is released). * updated with: sed -i 's/^\(PNBLACKLIST.*".*\)"/\1 - the recipe will be removed on 2017-09-01 unless the issue is fixed"/g' `git grep PNBLACKLIST | sed 's/:.*//g' | sort -u | xargs` * then noticed couple recipes being blacklisted only based on DISTRO_FEATURES, so removed those: meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.17.bb meta-oe/recipes-connectivity/bluez/bluez-hcidump_2.5.bb meta-oe/recipes-connectivity/bluez/bluez4_4.101.bb meta-oe/recipes-connectivity/bluez/gst-plugin-bluetooth_4.101.bb meta-oe/recipes-navigation/foxtrotgps/foxtrotgps_1.1.1.bb meta-oe/recipes-navigation/gypsy/gypsy.inc meta-oe/recipes-navigation/navit/navit.inc meta-oe/recipes-support/opensync/libsyncml_0.5.4.bb * if it isn't fixed by this date, it's fair game to be removed whenever someone gets around to i Signed-off-by: Martin Jansa

xdebug: 2.2.6 -> 2.5.1

2017-04-05T17:28:31+00:00

Upgrade the xdebug to fix the build failure with php 7.1 Signed-off-by: Dengke Du Signed-off-by: Martin Jansa

recipes: blacklist recipes depending on blacklisted recipes

2017-02-13T17:44:35+00:00

Signed-off-by: Martin Jansa

phpmyadmin: upgrade to 4.6.3

2016-07-29T09:00:57+00:00

* Compatible with PHP 5.5 to 7.0 and MySQL 5.5 and newer. * Release notes: http://www.phpmyadmin.net/files/4.6.3/ * Drop two CVE patches which have been fixed: CVE-2015-7873 and CVE-2015-8669 * Use PV in SRC_URI instead of hardcoded version number. Signed-off-by: Jackie Huang Signed-off-by: Martin Jansa

recipes: Replace "cp -a" with "cp -R --no-dereference --preserve=mode,links"

2016-03-04T08:06:22+00:00

* Using "cp -a" leaks UID of user running the builds, causing many QA warnings. * See this thread for details: http://lists.openembedded.org/pipermail/openembedded-core/2015-November/112904.html Signed-off-by: Martin Jansa

phpmyadmin: CVE-2015-8669

2016-02-01T14:58:04+00:00

libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. This patch is from https://github.com/phpmyadmin/phpmyadmin/commit/c4d649325b25139d7c097e56e2e46cc7187fae45 Signed-off-by: Jian Liu Signed-off-by: Martin Jansa

phpmyadmin: fix CVE-2015-7873

2015-12-18T11:44:42+00:00

The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter. Backport upstream commit to fix it: https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706 Signed-off-by: Wenzong Fan Signed-off-by: Martin Jansa

phpmyadmin: 4.4.9 -> 4.5.0.2

2015-10-23T10:53:23+00:00

Upgrade phpmyadmin from 4.4.9 to 4.5.0.2 and SRC_URI is updated. Accoring to release note, there is NO API changes for 4.5.0.x serial. So upgrade to 4.5.0.2 rather than 4.4.15 which will only support for security fixes only. And license file has some text update. See: https://github.com/phpmyadmin/phpmyadmin/commit/9d080a482fae73bde5049620088d4687da245163 Change files owner to fix [host-user-contaminated] warnings. Signed-off-by: Kai Kang Signed-off-by: Martin Jansa

phpmyadmin: upgrade 4.4.9

2015-06-23T10:41:52+00:00

upgrade to include CVE fixes: CVE-2015-3903 CVE-2015-3902 Signed-off-by: Roy Li Signed-off-by: Martin Jansa