summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* 5.4.38php-5.4.38PHP-5.4.38Stanislav Malyshev2015-02-173-4/+4
|
* Port for for bug #68552Stanislav Malyshev2015-02-172-4/+9
|
* Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)Stanislav Malyshev2015-02-172-7/+12
| | | | | Conflicts: ext/date/php_date.c
* - BFNFelipe Pena2015-02-171-1/+7
|
* - Fixed bug #67827 (broken detection of system crypt sha256/sha512 support)Felipe Pena2015-02-171-8/+8
|
* - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: ↵Felipe Pena2015-02-161-0/+3
| | | | brandt at docoloc dot de
* Update NEWSYasuo Ohgaki2015-02-141-0/+1
|
* Add NULL byte protection to exec, system and passthruYasuo Ohgaki2015-02-142-0/+29
|
* Fixed #68790 (Missing return)George Wang2015-02-071-1/+1
|
* Update header handling to RFC 7230Stanislav Malyshev2015-02-055-16/+14
|
* fix sizeof sizeStanislav Malyshev2015-02-011-1/+1
|
* fix TSRMStanislav Malyshev2015-01-311-2/+2
|
* Use better constant since MAXHOSTNAMELEN may mean shorter nameStanislav Malyshev2015-01-315-12/+16
|
* use right sizeof for memsetStanislav Malyshev2015-01-311-1/+1
|
* Add mitigation for CVE-2015-0235 (bug #68925)Stanislav Malyshev2015-01-315-2/+44
|
* fix some factual errors in the processFerenc Kovacs2015-01-221-6/+7
|
* formatStanislav Malyshev2015-01-201-1/+2
|
* add CVEStanislav Malyshev2015-01-201-1/+2
|
* add protection against nullsStanislav Malyshev2015-01-201-0/+5
|
* 5.4.38 nextStanislav Malyshev2015-01-203-6/+7
|
* Merge branch 'bug68710' into PHP-5.4Stanislav Malyshev2015-01-204-3/+32
|\ | | | | | | | | * bug68710: Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
| * Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())Stanislav Malyshev2015-01-014-3/+32
| |
* | Merge branch 'bug68799' into PHP-5.4Stanislav Malyshev2015-01-204-2/+68
|\ \ | | | | | | | | | | | | * bug68799: Fix bug #68799: Free called on unitialized pointer
| * | Fix bug #68799: Free called on unitialized pointerStanislav Malyshev2015-01-113-1/+64
| |/
* | Update NEWSDaniel Lowrey2015-01-141-0/+3
| |
* | Fixed bug #55618 (use case-insensitive cert name matching)Daniel Lowrey2015-01-141-2/+2
| |
* | updated libmagic.patch in 5.4Anatol Belski2015-01-041-315/+139
| |
* | Fixed bug #68735 fileinfo out-of-bounds memory accessAnatol Belski2015-01-044-2/+28
| |
* | removed dead codeRemi Collet2015-01-045-1544/+2
|/
* FIx bug #68618 (out of bounds read crashes php-cgi)Stanislav Malyshev2014-12-302-2/+7
|
* add missing NEWS entryFerenc Kovacs2014-12-171-0/+3
|
* 5.4.37Stanislav Malyshev2014-12-163-5/+7
|
* add CVEStanislav Malyshev2014-12-161-1/+1
|
* add missing test fileStanislav Malyshev2014-12-161-0/+7
|
* Fix bug #68594 - Use after free vulnerability in unserialize()Stanislav Malyshev2014-12-164-32/+64
|
* Fix undefined behaviour in strnatcmpAndrea Faulds2014-12-131-2/+2
|
* update NEWSStanislav Malyshev2014-12-111-0/+1
|
* move the test to the right placeAnatol Belski2014-12-111-0/+0
|
* Fixed bug #68545 NULL pointer dereference in unserialize.cAnatol Belski2014-12-113-33/+56
|
* Fixed possible read after end of buffer and use after free.Dmitry Stogov2014-12-081-2/+6
|
* Revert unintentional docblock changeChris Christoff2014-12-051-1/+1
| | | | | | | | Revert unintentional docblock change It looks like commit dd8e59da8f5aafd9d77a0f1f17e5e272d09f643f introduced an unintended docbloc change. I have reverted this change in this commit.
* make sure that we don't truncate the stack trace and cause false test ↵Ferenc Kovacs2014-12-021-0/+1
| | | | failures when the test is executed in a directory with long path
* update newsStanislav Malyshev2014-11-302-5/+8
|
* Apply error-code-salt fix to Windows tooLeigh2014-11-300-0/+0
| | | | | Conflicts: ext/standard/crypt.c
* Bug fixes in light of failing bcrypt testsLeigh2014-11-302-1/+3
| | | | | Conflicts: ext/standard/crypt.c
* Add tests from 1.3. Add missing tests.Leigh2014-11-301-2/+31
| | | | 3 of the missing tests fail. // TODO
* Upgrade crypt_blowfish to version 1.3Leigh2014-11-301-19/+24
|
* update for LiteSpeedStanislav Malyshev2014-11-231-0/+3
|
* Revert "made lsapi_main.c compatible with PHP7/phpng ."Stanislav Malyshev2014-11-221-92/+26
| | | | | This reverts commit 9fb816f45ad9baa46b91514e70f755eb88539e85. Not a security-related fix.
* made lsapi_main.c compatible with PHP7/phpng .George Wang2014-11-201-26/+92
|
View Lorry Controller Status