delta/php-git.git/sapi/cli, branch php-5.6.12 git.php.net: repository/php-src.git fix test 2015-08-06T07:15:23+00:00 Stanislav Malyshev stas@php.net 2015-08-04T23:45:20+00:00 f6fdc293ce4f58d0df3d9596542d87be81aca9a7 






Merge branch 'PHP-5.5' into PHP-5.6
2015-08-06T06:52:09+00:00

Stanislav Malyshev
stas@php.net

2015-08-04T22:29:13+00:00

7e254ac00ea88a5e6f585fb089c240e88d99b506

* PHP-5.5:
  update NEWS
  fix test
  update NEWS
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	ext/soap/php_http.c
	ext/spl/spl_observer.c





* PHP-5.5:
  update NEWS
  fix test
  update NEWS
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	ext/soap/php_http.c
	ext/spl/spl_observer.c







Fixed #69655: php -S changes MKCALENDAR request method to MKCOL
2015-06-27T18:02:21+00:00

Christoph M. Becker
cmb@php.net

2015-06-27T17:47:32+00:00

bbe28d3a55f8b129d4595e5202b7c9891a568509

The parsing of the request method in the CLI server has been faulty, so that
several unsupported methods have been recognized as other methods.





The parsing of the request method in the CLI server has been faulty, so that
several unsupported methods have been recognized as other methods.







added skip condition for powershell requirement of test
2015-06-27T13:02:52+00:00

Christoph M. Becker
cmb@php.net

2015-06-27T13:02:52+00:00

b811bb3920168c19aa7cc9fa51cbad0d3d127dcc












Fix #64878: 304 responses return Content-Type header
2015-06-27T12:28:33+00:00

Christoph M. Becker
cmbecker69@gmx.de

2015-05-18T19:28:22+00:00

1920ba6f7bd1ce3c866ca947f51a1633dc892fce

According to RFC 7232 304 responses should not send a Content-Type header,
so the CLI server should comply.





According to RFC 7232 304 responses should not send a Content-Type header,
so the CLI server should comply.







Fixed bug #67741 (auto_prepend_file messes up __LINE__)
2015-03-03T03:43:23+00:00

Reeze Xia
reeze@php.net

2015-03-03T03:25:30+00:00

4e2c87edb34c4f151da6899d523c93b8e8565975

This also fixes bug #54081





This also fixes bug #54081







bump year
2015-01-15T15:26:37+00:00

Xinchen Hui
laruence@php.net

2015-01-15T15:26:37+00:00

0579e8278dad43c7ebc070468b56caddf1c660b8












Fix bug #68784
2015-01-10T02:09:13+00:00

Rasmus Lerdorf
rasmus@php.net

2015-01-10T02:08:36+00:00

5065505c935913e124d647df6f80f5efddae39a9












Merge branch 'PHP-5.5' into PHP-5.6
2015-01-06T01:27:37+00:00

Adam Harvey
aharvey@php.net

2015-01-06T01:27:37+00:00

27ff425b78a1355a24d44eb719291ebd9022bc87

* PHP-5.5:
  Handle NULL strings in sapi_cli_server_register_variable().
  Allow CLI server test scripts to specify the name of the router file.

Conflicts:
	sapi/cli/tests/php_cli_server.inc





* PHP-5.5:
  Handle NULL strings in sapi_cli_server_register_variable().
  Allow CLI server test scripts to specify the name of the router file.

Conflicts:
	sapi/cli/tests/php_cli_server.inc







Handle NULL strings in sapi_cli_server_register_variable().
2015-01-06T01:23:27+00:00

Adam Harvey
aharvey@php.net

2015-01-06T01:23:27+00:00

448ef30f75988384b84cdb88bbb3a1a56b9534da

Fixes bug #68745 (Invalid HTTP requests make web server segfault).





Fixes bug #68745 (Invalid HTTP requests make web server segfault).