- update to 5.5.3

- fix typo and add missing entries in php.ini
- drop zip extension

.gitignore

@@ -13,3 +13,5 @@ php-5.4.*.bz2
 /php-5.5.0-strip.tar.xz
 /php-5.5.1-strip.tar.xz
 /php-5.5.2-strip.tar.xz
+/php-5.5.3.tar.xz
+/php-5.5.3-strip.tar.xz

php.ini

@@ -1352,6 +1352,14 @@ session.save_handler = files
 ; for php-fpm, see /etc/php-fpm.d/*conf
 ;session.save_path = "/tmp"
 
+; Whether to use strict session mode.
+; Strict session mode does not accept uninitialized session ID and regenerate
+; session ID if browser sends uninitialized session ID. Strict mode protects
+; applications from session fixation via session adoption vulnerability. It is
+; disabled by default for maximum compatibility, but enabling it is encouraged.
+; https://wiki.php.net/rfc/strict_sessions
+session.use_strict_mode = 0
+
 ; Whether to use cookies.
 ; http://php.net/session.use-cookies
 session.use_cookies = 1
@@ -1431,7 +1439,7 @@ session.gc_maxlifetime = 1440
 ;       collection through a shell script, cron entry, or some other method.
 ;       For example, the following script would is the equivalent of
 ;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
-;          find /path/to/sessions -cmin +24 | xargs rm
+;          find /path/to/sessions -cmin +24 -type f | xargs rm
 
 ; PHP 4.2 and less have an undocumented feature/bug that allows you to
 ; to initialize a session variable in the global scope.
@@ -1593,7 +1601,7 @@ mssql.min_error_severity = 10
 mssql.min_message_severity = 10
 
 ; Compatibility mode with old versions of PHP 3.0.
-mssql.compatability_mode = Off
+mssql.compatibility_mode = Off
 
 ; Connect timeout
 ;mssql.connect_timeout = 5
@@ -1788,6 +1796,11 @@ ldap.max_links = -1
 [dba]
 ;dba.default_handler=
 
+[curl]
+; A default value for the CURLOPT_CAINFO option. This is required to be an
+; absolute path.
+;curl.cainfo =
+
 ; Local Variables:
 ; tab-width: 4
 ; End:

php.spec

@@ -50,12 +50,12 @@
 %global  with_libgd 1
 %endif
 
-%if 0%{?fedora} < 17 && 0%{?rhel} < 7
-%global with_zip     0
-%global with_libzip  0
-%else
+%if 0%{?fedora} == 17 || 0%{?fedora} == 18 || 0%{?fedora} == 19 || 0%{?rhel} == 7
 %global with_zip     1
 %global with_libzip  1
+%else
+%global with_zip     0
+%global with_libzip  0
 %endif
 
 %if 0%{?fedora} < 18 && 0%{?rhel} < 7
@@ -68,7 +68,7 @@
 
 Summary: PHP scripting language for creating dynamic web sites
 Name: php
-Version: 5.5.2
+Version: 5.5.3
 Release: 1%{?dist}
 # All files licensed under PHP version 3.01, except
 # Zend is licensed under Zend
@@ -951,9 +951,9 @@ build --libdir=%{_libdir}/php \
       --with-sqlite3=shared,%{_prefix} \
 %if %{with_zip}
       --enable-zip=shared \
-%endif
 %if %{with_libzip}
       --with-libzip \
+%endif
 %endif
       --without-readline \
       --with-libedit \
@@ -1080,9 +1080,9 @@ build --includedir=%{_includedir}/php-zts \
       --with-sqlite3=shared,%{_prefix} \
 %if %{with_zip}
       --enable-zip=shared \
-%endif
 %if %{with_libzip}
       --with-libzip \
+%endif
 %endif
       --without-readline \
       --with-libedit \
@@ -1537,8 +1537,13 @@ exit 0
 
 
 %changelog
+* Wed Aug 21 2013 Remi Collet <rcollet@redhat.com> - 5.5.3-1
+- update to 5.5.3
+- fix typo and add missing entries in php.ini
+- drop zip extension
+
 * Mon Aug 19 2013 Remi Collet <rcollet@redhat.com> - 5.5.2-1
-- update to 5.5.1, fixes for CVE-2011-4718 + CVE-2013-4248
+- update to 5.5.2, fixes for CVE-2011-4718 + CVE-2013-4248
 
 * Thu Aug 08 2013 Remi Collet <rcollet@redhat.com> - 5.5.1-3
 - improve system libzip patch

sources

@@ -1 +1 @@
-a2fbb6b185db3a80763de359c7c169a2  php-5.5.2-strip.tar.xz
+e67fdc8840b0df782ede7c01f1058ca4  php-5.5.3-strip.tar.xz