Change log for hhvm package in Ubuntu
| 1 → 31 of 31 results | First • Previous • Next • Last |
| Deleted in disco-release (Reason: (From Debian) ROM; orphaned with adopters, current versio...) |
| Deleted in disco-proposed (Reason: moved to release) |
hhvm (3.24.7+dfsg-2ubuntu7) disco; urgency=medium * No-change rebuild against latest libzip -- Jeremy Bicha <email address hidden> Mon, 26 Nov 2018 08:04:13 -0500
Available diffs
hhvm (3.24.7+dfsg-2ubuntu6) disco; urgency=medium * No-change rebuild for icu soname changes. -- Matthias Klose <email address hidden> Tue, 13 Nov 2018 08:13:31 +0000
Available diffs
| Superseded in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
| Deleted in cosmic-proposed (Reason: Moved to disco-proposed) |
hhvm (3.24.7+dfsg-2ubuntu5) cosmic; urgency=medium * No-change rebuild against imagemagick. -- Simon Quigley <email address hidden> Fri, 10 Aug 2018 18:21:50 -0500
Available diffs
| Superseded in cosmic-proposed |
hhvm (3.24.7+dfsg-2ubuntu4) cosmic; urgency=medium * No-change rebuild for boost soname change. -- Matthias Klose <email address hidden> Tue, 17 Jul 2018 15:18:59 +0200
Available diffs
| Deleted in cosmic-release (Reason: FTBFS, blocking transition, no revdeps) |
| Deleted in cosmic-proposed (Reason: moved to release) |
hhvm (3.24.7+dfsg-2ubuntu3) cosmic; urgency=medium * Rebuild against new OCAML ABIs. -- Gianfranco Costamagna <email address hidden> Mon, 04 Jun 2018 12:19:48 +0200
Available diffs
| Superseded in cosmic-proposed |
hhvm (3.24.7+dfsg-2ubuntu2) cosmic; urgency=medium * Try to fix the build on ppc64el. -- Matthias Klose <email address hidden> Tue, 15 May 2018 21:12:41 +0000
Available diffs
| Superseded in cosmic-proposed |
hhvm (3.24.7+dfsg-2ubuntu1) cosmic; urgency=medium * Build on arm64 and ppc64el. -- Matthias Klose <email address hidden> Mon, 14 May 2018 18:29:14 +0000
Available diffs
| Superseded in cosmic-proposed |
hhvm (3.24.7+dfsg-1build1) cosmic; urgency=medium * No-change rebuild for libonig soname change. -- Matthias Klose <email address hidden> Mon, 14 May 2018 18:08:13 +0000
Available diffs
| Superseded in cosmic-proposed |
hhvm (3.24.7+dfsg-1) unstable; urgency=medium
* New upstream release
- Drop gcc-7.patch (obsolete with upstream changes, now supported)
- Drop reproducible-hack-hhi.patch (obsolete with upstream
changes, reproducibility needs to be revisited with the
new upstream release)
- Drop drop-xlocale.patch (merged upstream)
- Refreshed remove-broken-json-test.patch (still unfixed upstream)
- Supports libonig 6.8 (Closes: #897250)
* Now supports OpenSSL 1.1 (Closes: #858927)
- Re-enable IMAP extension
* New upstream addresses CVE-2018-6332, CVE-2018-6334 (Closes: #895194),
CVE-2018-6335 and CVE-2018-5711
* Remove Alioth git references, going away soon
* Switch to debhelper compat level 10
* Switch priority of hhvm-dbg and hhvm-dev to optional
* lists.alioth.debian.org is going away, so set myself to Maintainer:
and Faidon to Uploaders field until a new solution is found
-- Moritz Muehlenhoff <email address hidden> Wed, 09 May 2018 10:34:54 +0200
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
hhvm (3.21.0+dfsg-2ubuntu2) bionic; urgency=medium
* Build-depend on libcurl4-gnutls-dev instead, which is the default
implementation and lets us continue building against libssl1.0-dev, as
the source is not OpenSSL 1.1-compatible.
-- Steve Langasek <email address hidden> Wed, 28 Feb 2018 22:06:09 +0000
Available diffs
| Superseded in bionic-proposed |
hhvm (3.21.0+dfsg-2ubuntu1) bionic; urgency=medium
* Build-depend on libssl-dev again instead of libssl1.0-dev and re-add
build-dependency on libc-client2007e-dev.
-- Steve Langasek <email address hidden> Wed, 28 Feb 2018 21:17:58 +0000
Available diffs
| Superseded in bionic-proposed |
hhvm (3.21.0+dfsg-2build5) bionic; urgency=medium * No-change rebuild against libcurl4 -- Steve Langasek <email address hidden> Wed, 28 Feb 2018 06:56:58 +0000
Available diffs
| Superseded in bionic-proposed |
hhvm (3.21.0+dfsg-2build4) bionic; urgency=medium * No change rebuild against libre2-4. -- Stefano Rivera <email address hidden> Fri, 23 Feb 2018 15:07:17 -0800
Available diffs
hhvm (3.21.0+dfsg-2build3) bionic; urgency=high * No change rebuild against openssl1.1. -- Dimitri John Ledkov <email address hidden> Tue, 06 Feb 2018 12:42:49 +0000
Available diffs
hhvm (3.21.0+dfsg-2build2) bionic; urgency=medium * No-change rebuild for icu soname change. -- Matthias Klose <email address hidden> Tue, 07 Nov 2017 08:52:54 +0000
Available diffs
hhvm (3.21.0+dfsg-2build1) bionic; urgency=medium * No-change rebuild for libicu soname change. -- Matthias Klose <email address hidden> Wed, 25 Oct 2017 15:40:34 +0000
Available diffs
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
hhvm (3.21.0+dfsg-2) unstable; urgency=medium
* Fix compatibility with glibc 2.26, thanks to Matthias Klose for
the report (Closes: #875904)
-- Moritz Muehlenhoff <email address hidden> Wed, 27 Sep 2017 16:25:21 +0200
Available diffs
hhvm (3.21.0+dfsg-1ubuntu1) artful; urgency=medium * Fix ftbfs, with glibc-2.26, not including xlocale.h. -- Matthias Klose <email address hidden> Fri, 15 Sep 2017 18:31:42 +0200
Available diffs
| Superseded in artful-proposed |
hhvm (3.21.0+dfsg-1) unstable; urgency=medium
* New upstream release 3.21 (3.18 releases were not
uploaded to the archive due to various stability
problems)
* Fix FTBFS with GCC 7 (Closes: #853442)
* Back out broken upstream JSON test case (reported at
https://github.com/facebook/hhvm/issues/7708)
* Add ocamlbuild to build dependencies (reported in #868480,
compatibility of 3.21 with ocaml 4.05 needs to be revisited)
* Update copyright file for 3.12->3.21 period, taking most of
the entries for webscalesqlclient from src:mysql-5.6's copyright
file
* Remove Upstart job
* Bump standards version
-- Moritz Muehlenhoff <email address hidden> Mon, 07 Aug 2017 21:55:59 +0200
Available diffs
| Superseded in artful-proposed |
hhvm (3.12.11+dfsg-1ubuntu3) artful; urgency=medium * Build depend on ocaml-nox instead of ocaml-native-compilers. -- Dimitri John Ledkov <email address hidden> Tue, 08 Aug 2017 13:51:50 -0400
Available diffs
| Superseded in artful-proposed |
hhvm (3.12.11+dfsg-1ubuntu2) artful; urgency=medium
* Really build-depend on ocamlbuild
This change was missing from previous upload
* Drop d/control.rej which was left behind by a failed patching attempt
-- Balint Reczey <email address hidden> Fri, 04 Aug 2017 14:52:16 +0200
Available diffs
| Superseded in artful-proposed |
hhvm (3.12.11+dfsg-1ubuntu1) artful; urgency=medium [ Stéphane Glondu ] * Build-depend on ocamlbuild * Fix FTBFS with ocaml OCaml 4.05.0 (Closes: #868480) (LP: #1708443) -- Balint Reczey <email address hidden> Thu, 03 Aug 2017 13:20:05 +0200
Available diffs
| Superseded in artful-proposed |
hhvm (3.12.11+dfsg-1build2) artful; urgency=medium * No-change rebuild against libevent-2.1-6 -- Steve Langasek <email address hidden> Mon, 31 Jul 2017 02:41:28 +0000
Available diffs
| Deleted in artful-release (Reason: FTBFS with gcc-7, blocks libevent transition) |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
hhvm (3.12.11+dfsg-1build1) zesty; urgency=medium * Rebuild against new OCaml ABI. -- Bhavani Shankar <email address hidden> Mon, 16 Jan 2017 20:54:32 +0530
Available diffs
hhvm (3.12.11+dfsg-1) unstable; urgency=medium
[ Moritz Muehlenhoff ]
* New upstream LTS releases, addressing multiple security issues.
(Closes: #835032)
From 3.12.2:
- CVE-2015-8865 - Buffer overwrite in finfo_open with malformed magic
- Integer overflow in iptcembed
- CVE-2016-3074 - Fix signedness issue in libgd
- CVE-2014-9709 - Fix a possible buffer read overflow in gd_gif_in.cpp
- Prevent a potential nullptr dereference in ext_xsl
- Don't segfault if you try to remove the last autoloader while
adding a new one
- CVE-2016-1903 - imagerotate information leak
- FILTER_FLAG_STRIP_BACKTICK` was being ignored unless other flags
are set
- CVE-2016-4539 - Fix a segfault in xml_parse_into_struct
- Fix a potential null dereference in ZipArchive::extractTo
- CVE-2016-4070 - Integer Overflow in php_raw_url_encode
From 3.12.3:
- CVE-2016-1000004 - Type safety in simplexml import routines
- CVE-2016-1000004 - Fix param types for mcrypt_get_block_size()
to match PHP
- CVE-2016-1000006 - Fix use-after-free in
serialize_memoize_param() and ResourceBundle::__construct()
- CVE-2016-6870 - Use req::strndup in php_mb_parse_encoding_list to
prevent oob memory write.
- HHVM-2016-11781481 - Fix nullptr dereference in
f_mysqli_stmt_bind{param,result}
- HHVM-2016-11791940 - Avoid invalid array access in JSON_decode()
- PHP-2016-0072337 - Fix a segfault with invalid dimensions and
imagescale out of bounds read in ext_gd
From 3.12.5:
- CVE-2016-1000109: Ignore Proxy HTTP header from fastcgi requests
From 3.12.6:
- CVE-2016-6871 - Fix buffer overrun due to integer overflow in bcmath
- CVE-2016-6872 - Fix integer overflow in StringUtil::implode
- CVE-2016-6873 - Fix self recursion in compact
- CVE-2016-6874 - Fix recursion checks in array_*_recursive
- CVE-2016-6875 - Fix infinite recursion in wddx
- PHP-2015-0070345 - [HHVM][Security] 0003 pcre preg bug 70345
From 3.12.8:
- ext_gd: exif_process_IFD_TAG: Use the right offset if reading from
stream
- Fix some color related crashes in libgd
- Don't allow smart_str to overflow int
- Integer overflow in _gd2GetHeader
- Fix objprof refcounting
- Fix buffer overruns in mb_send_mail
- Integer overflow in gdImagePaletteToTrueColor
- Null pointer dereference in _gdScaleVert
- pass2_no_dither out-of-bounds access
From 3.12.9:
- Fix off-by-one index check in ThreadSafeLocaleHandler::actuallySetLocale
- Prevent an integer overflow in _gdContributionsAlloc
- Fix a potential overflow in tsrm_virtual_file_ex
- Invalid transparent index can result in OOB read or write
- Do not treat negative return values from bz2 as size_t
- Fix OOB read in exif_process_IFD_in_MAKERNOTE
- Prevent an OOB access in locale_accept_from_http
- Avoid possible OOB using imagegif
- Disable bad zend test
- Add an option to explicitly disable NUMA support.
From 3.12.10:
- Fix a bug in StringUtil::Explode
- Fix a couple of bugs in libgd
From 3.12.11:
- Prevent integer overflow in gdImageWebpCtx
- Check depth values in json_decode
- Prevent negative gamma values being passed to imagegammacorrect
- Fix crypt with over-long salts
- Memory leak in exif_process_IFD_in_TIFF
- 9da Fix getimagesize returning FALSE on valid jpg
[ Faidon Liambotis ]
* Build against libmysqlclient, not libmysqlclient_r. Thanks to Robie Basak
for the bug report and patch. (Closes: #825077)
* Build-Depend on default-libmysqlclient-dev instead of libmysqlclient-dev.
(Closes: #845852)
* Add /bin/sh shebangs on maintainer scripts. (Closes: #843281)
* Remove update-alternatives --remove from postrm, already included in prerm
(and also causes a lintian warning).
* Remove David Martínez Moreno from the Uploaders, at the request of the MIA
team. (Closes: #843439)
* Fix FTBFS with GCC 6, by backporting an upstream fix. (Closes: #812023)
* Pass -fno-PIE/-no-pie to gcc to prevent a linking error with GCC 6's new
configuration (--enable-default-pie) in combination with HHVM's
hand-crafted assembly (translator-asm-helpers.S).
* Build-Depend on libssl1.0-dev, as HHVM is not ready for OpenSSL 1.1.0 yet.
(Closes: #828340)
* Remove Build-Depends on libc-client2007e-dev and thus disable the IMAP
extension. libc-client2007e-dev depends on libssl-dev 1.1.0, which
conflicts with libssl1.0-dev and is thus impossible to satisfy.
* Disable Folly's Fibers, as the current version is incompatible with Boost
1.61 and thus FTBFS. The incompatibility has been fixed upstream but is
too intrusive to backport, thus disable the functionality entirely.
(Closes: #839303)
* Temporarily disable the mcrouter extension as it requires Folly Fibers,
that were disabled in this version (see above).
* Backport an upstream fix to address an ICU Collation sort key
incompatibility with PHP.
* Backport an upstream fix to address a segfault when bzip2 and XMLReader
are being used together.
* Backport an upstream fix to address inconsistent regexp results when
running with a newer PCRE version (8.38 instead of 8.32).
* Disable test pcre_limit.php which now fails for unknown reasons;
upstream seemingly has disabled the test as well for a while with no ill
effects.
* Add a Documentation line to the systemd service file.
* Bump Standards-Version to 3.9.8, no changes needed.
-- Faidon Liambotis <email address hidden> Sun, 18 Dec 2016 02:13:55 +0200
| Deleted in yakkety-proposed (Reason: FTBFS with -fPIE) |
hhvm (3.12.1+dfsg-1ubuntu1) yakkety; urgency=low
* Merge from Debian unstable. Remaining changes:
- d/p/libmysqlclient_r: build against libmysqlclient, not _r (LP:
#1564871).
-- Gianfranco Costamagna <email address hidden> Sat, 23 Apr 2016 16:15:15 +0200
Available diffs
| Superseded in yakkety-proposed |
hhvm (3.11.1+dfsg-1ubuntu2) yakkety; urgency=medium * No-change rebuild for libpng soname change. -- Matthias Klose <email address hidden> Sat, 23 Apr 2016 00:10:09 +0000
Available diffs
| Deleted in yakkety-release (Reason: lp: #1574837, ftbfs) |
| Published in xenial-release |
| Deleted in xenial-proposed (Reason: moved to release) |
hhvm (3.11.1+dfsg-1ubuntu1) xenial; urgency=medium
* Rebuild against libmysqlclient20.
* d/p/libmysqlclient_r: build against libmysqlclient, not _r (LP:
#1564871).
* d/p/isnan: use std:: for isnan and isinf to fix FTBFS.
-- Robie Basak <email address hidden> Mon, 18 Apr 2016 13:54:43 +0000
Available diffs
hhvm (3.11.1+dfsg-1) unstable; urgency=medium
* New minor upstream release.
* Build-depend on libpng-dev instead of libpng12-dev for the upcoming libpng
transition. (Closes: #809873)
* More reproducible fixes:
- Create Hack's HHI tarball in a reproducible way.
- Statically set HHVM_REPO_SCHEMA from debian/rules.
- Pass LC_ALL=C to sort as called by proxygen's header generation script.
* Add patch output-buffer-fix-flush, copied straight from upstream's GitHub,
to large output streaming.
* Update Vcs-Git and Vcs-Browser URLs for HTTPS and cgit.
-- Faidon Liambotis <email address hidden> Wed, 03 Feb 2016 20:21:13 +0200
Available diffs
- diff from 3.11.0+dfsg-1 to 3.11.1+dfsg-1 (11.4 KiB)
hhvm (3.11.0+dfsg-1) unstable; urgency=medium
[ Faidon Liambotis ]
* New upstream release.
* Build with stock gcc again; folly's gcc 5.0 issues have been fixed.
* Refresh all debian/patches; drop:
- support-more-sql-stats: merged upstream
- ezc-fix-z-type-in-zend_parse_parameters: was a backport
- use_system_TZinfo: merged upstream
- fix_freetype_include: unused/unneeded
- hack_license.patch: obsolete
- license_folly.patch: superfluous
* Drop our own debian/-shipped manpages, as these have been merged into the
upstream tree instead and enhanced since.
* Add Build-depends on gawk, gperf, libboost-context-dev, libre2-dev,
libgmp-dev.
* Build-depend on libjpeg-dev instead of libjpeg62-dev. (Closes: #796932)
* Build-depend on libvpx-dev to enable WebP support for gd.
* Drop libiconv-hook-dev dependency and associated patch, libc6's iconv.h
should be enough for HHVM and it doesn't appear like upstream's intention
was ever to link against libiconv-hook.
* Disable asynchronous MySQL support; it depends on the webscalesql fork of
libmysqlclient-dev which is not packaged separately in Debian. Upstream
bundles it under their third-party repository but it has been stripped
from this packaging as the full forked MySQL 5.6 source is too big to be
embedded into this package.
* Drop patch enable_relro_hack, that enabled hardening (relro) for
hh_client/hh_server. Current recommendation by the OCaml team is to not
attempt to do any hardening until the OCaml runtime itself gets fixed
first (#702349).
* Add patch fix_stats_error to fix a MySQL statistics collection error.
* Add patch fix-makeparser-bison3 to fix a make-parser.sh incompatibility
when ran with Bison3.
* Set HOME to debian/build when running the tests so that HHVM can write the
HHBC even when $HOME does not exist, or to not leave garbage behind when
it exists.
* Switch our Provides: hhvm-api-$version to the major/minor HHVM released,
based on upstream's recommendation of using HHVM_VERSION_BRANCH.
* Remove sources of build variance to hopefully make the build reproducible:
- Pass $COMPILER_ID to the compilation process, based on the
package's version from debian/changelog.
- Add patch reproducible-sort to pass LC_ALL=C to sort.
- Add patch reproducible-hack-builddate to remove __DATE__/__TIME__.
embedding from the Hack source code.
- Add patch reproducible-hack-compilerid to force hack into using
$COMPILER_ID instead of always using "git rev-parse".
* Update debian/copyright with copyright information for files new in this
version (mainly libraries shipped under third-party/).
* Switch HHBC location path to /var/cache/hhvm, instead of /var/run/hhvm,
since it can get large, there is little benefit from having it in memory
and it can persist across reboots.
* Switch default source root to /var/www/html.
* Switch logging to syslog instead of custom, non-logrotated path in
/var/log.
* Ship /usr/bin/hh_format, the Hack formatter.
* Ship hhvm-gdb and hhvm-leak-isolator in the hhvm-dbg package. This adds a
Depends: python to the -dbg package, which is probably okay given
hhvm-dbg's relative size to python, as well as its niche usage.
* Recommend gdb from hhvm-dbg, as the symbols aren't very useful without
gdb, and hhvm-gdb is a shell script that calls gdb.
* Cleanup and update /etc/default/hhvm.
* Update debian/watch.
[ Giuseppe Lavagetto ]
* Move the init script to using /lib/init/init-d-script.
* Add upstart and systemd service files.
-- Faidon Liambotis <email address hidden> Tue, 29 Dec 2015 02:57:38 +0200
Available diffs
- diff from 3.2.0+dfsg1-2 to 3.11.0+dfsg-1 (18.7 MiB)
hhvm (3.2.0+dfsg1-2) unstable; urgency=medium
[ Faidon Liambotis ]
* Fix the build system to be able to build a release build but with
debugging symbols (which we subsequently strip into hhvm-dbg), and pass
-DCMAKE_BUILD_TYPE=RelWithDebInfo to configure.
[ David Martínez Moreno ]
* Remove the chmod 750 on /var/log/hhvm as it's really an error on the HHVM
packaging.
* debian/patches:
- disable_quicklz_code: Disable the qlz* primitives, as they are
GPL-licensed code linked to PHP-licensed one.
- static_linking_against_libbfd: Static linking against libbfd per
binutils-dev, backported from HEAD.
- add_additional_includes_imagemagick: New ImageMagick broke the build,
so add the arch includes to the build.
- replace_obsolete_lz4_uncompress: In lz4 r122 or beyond, LZ4_uncompress()
has been removed after being deprecaded.
* debian/copyright: Fixed some mistakes discovered with latest lintian.
* debian/control: Bumped Standards-Version to to 3.9.6 (no changes)
* Added an additional override for lintian on PHP license, with comment.
* Added a manpage for hphpize.
-- David Martínez Moreno <email address hidden> Tue, 21 Oct 2014 03:19:54 -0700
| 1 → 31 of 31 results | First • Previous • Next • Last |
