Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | 5.5.10 finalphp-5.5.10PHP-5.5.10 | Julien Pauli | 2014-03-05 | 2 | -3/+3 |
| | |||||
* | NEWS for cherry-picked CVE patches | Julien Pauli | 2014-03-05 | 1 | -2/+7 |
| | |||||
* | Fixed Bug #66815 imagecrop(): insufficient fix for NULL defer CVE-2013-7327 | Remi Collet | 2014-03-05 | 2 | -9/+16 |
| | | | | | | | | | | | | | | | This amends commit 8f4a537, which aimed to correct NULL dereference because of missing check of gdImageCreateTrueColor() / gdImageCreate() return value. That commit checks for negative crop rectangle width and height, but gdImageCreate*() can also return NULL when width * height overflows. Hence NULL deref is still possible, as gdImageSaveAlpha() and gdImagePaletteCopy() is called before dst == NULL check. This moves NULL check to happen right after gdImageCreate*(). It also removes width and height check before gdImageCreate*(), as the same check is done by image create functions (with an extra warning). From thoger redhat com | ||||
* | Fixed Bug #66820 out-of-bounds memory access in fileinfo | Remi Collet | 2014-03-05 | 1 | -16/+18 |
| | | | | | | | | | Upstream fix: https://github.com/glensc/file/commit/447558595a3650db2886cd2f416ad0beba965801 Notice, test changed, with upstream agreement: -define OFFSET_OOB(n, o, i) ((n) < (o) || (i) >= ((n) - (o))) +define OFFSET_OOB(n, o, i) ((n) < (o) || (i) > ((n) - (o))) | ||||
* | Improves fix for memory leak, keep in sync with upstream. | Remi Collet | 2014-03-05 | 1 | -4/+12 |
| | | | | | | | | Previous fix: http://git.php.net/?p=php-src.git;a=commitdiff;h=10eb0070700382f966bf260e44135e1f724a15d2 Upstream fix: https://github.com/glensc/file/commit/c0c0032b9e9eb57b91fefef905a3b018bab492d9 | ||||
* | fixed leak introduced after CVE/upgrade | Anatol Belski | 2014-03-05 | 1 | -0/+2 |
| | |||||
* | 5.5.10RC1php-5.5.10RC1 | Julien Pauli | 2014-02-18 | 3 | -8/+8 |
| | |||||
* | Set fileinfo version to 1.0.5 (as in php 5.4, no diff) | Remi Collet | 2014-02-18 | 1 | -1/+1 |
| | |||||
* | NEWS | Remi Collet | 2014-02-18 | 1 | -0/+3 |
| | |||||
* | Merge branch 'PHP-5.4' into PHP-5.5 | Remi Collet | 2014-02-18 | 5 | -6/+47 |
|\ | | | | | | | | | | | * PHP-5.4: NEWS Fixed Bug #66731 file: infinite recursion | ||||
| * | NEWS | Remi Collet | 2014-02-18 | 1 | -0/+3 |
| | | |||||
| * | Fixed Bug #66731 file: infinite recursion | Remi Collet | 2014-02-18 | 5 | -6/+47 |
| | | | | | | | | | | | | | | Upstream commit (available in file-5.17) https://github.com/glensc/file/commit/3c081560c23f20b2985c285338b52c7aae9fdb0f https://github.com/glensc/file/commit/cc9e74dfeca5265ad725acc926ef0b8d2a18ee70 | ||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Stanislav Malyshev | 2014-02-17 | 0 | -0/+0 |
|\ \ | |/ | | | | | | | | | | | | | | | | | * PHP-5.4: 5.4.27 now update NEWS Conflicts: configure.in main/php_version.h | ||||
| * | 5.4.27 now | Stanislav Malyshev | 2014-02-17 | 3 | -5/+5 |
| | | |||||
| * | update NEWS | Stanislav Malyshev | 2014-02-17 | 1 | -1/+3 |
| | | |||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Daniel Lowrey | 2014-02-17 | 1 | -1/+1 |
|\ \ | |/ | | | | | | | * PHP-5.4: Fixed broken build when EC unavailable | ||||
| * | Fixed broken build when EC unavailable | Daniel Lowrey | 2014-02-17 | 1 | -1/+1 |
| | | |||||
* | | Updated NEWS for #65753 | Julien Pauli | 2014-02-17 | 1 | -0/+4 |
| | | |||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Julien Pauli | 2014-02-17 | 0 | -0/+0 |
|\ \ | |/ | | | | | | | * PHP-5.4: Updated NEWS for #65753 | ||||
| * | Updated NEWS for #65753 | Julien Pauli | 2014-02-17 | 1 | -0/+4 |
| | | |||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Julien Pauli | 2014-02-17 | 2 | -2/+2 |
|\ \ | |/ | | | | | | | * PHP-5.4: Export JsonSerializable Interface (bug #65753) | ||||
| * | Export JsonSerializable Interface (bug #65753) | Julien Pauli | 2014-02-17 | 2 | -2/+2 |
| | | |||||
* | | Update NEWS | Yasuo Ohgaki | 2014-02-16 | 1 | -2/+2 |
| | | |||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Yasuo Ohgaki | 2014-02-16 | 1 | -10/+20 |
|\ \ | |/ | | | | | | | * PHP-5.4: Fixed possbile injections against pg_insert()/pg_delete()/pg_update()/pg_select() | ||||
| * | Fixed possbile injections against ↵ | Yasuo Ohgaki | 2014-02-16 | 2 | -12/+22 |
| | | | | | | | | pg_insert()/pg_delete()/pg_update()/pg_select() | ||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Yasuo Ohgaki | 2014-02-16 | 1 | -27/+8 |
|\ \ | |/ | | | | | | | * PHP-5.4: Refactor build_tablename() | ||||
| * | Refactor build_tablename() | Yasuo Ohgaki | 2014-02-16 | 1 | -27/+8 |
| | | |||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Yasuo Ohgaki | 2014-02-16 | 1 | -4/+3 |
|\ \ | |/ | | | | | | | * PHP-5.4: Revise encoding blacklist | ||||
| * | Revise encoding blacklist | Yasuo Ohgaki | 2014-02-16 | 1 | -4/+3 |
| | | |||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Felipe Pena | 2014-02-15 | 1 | -0/+2 |
|\ \ | |/ | | | | | | | | | * PHP-5.4: - Fix ZTS build when HAVE_PQESCAPELITERAL is not set Update NEWS | ||||
| * | - Fix ZTS build when HAVE_PQESCAPELITERAL is not set | Felipe Pena | 2014-02-15 | 1 | -0/+2 |
| | | |||||
| * | Update NEWS | Yasuo Ohgaki | 2014-02-15 | 1 | -0/+4 |
| | | |||||
* | | Update NEWS | Yasuo Ohgaki | 2014-02-15 | 1 | -0/+5 |
| | | |||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Yasuo Ohgaki | 2014-02-15 | 2 | -285/+268 |
|\ \ | |/ | |||||
| * | Refactor and cleanup. WS is cleaned up. Use -b if it is needed. | Yasuo Ohgaki | 2014-02-15 | 2 | -285/+268 |
| | | | | | | | | Added compatibility macros, PQescapeStringConn, PGSQLescapeLiteral/Identifier, PGSQLfree. | ||||
| * | Update NEWS | Daniel Lowrey | 2014-02-14 | 1 | -0/+4 |
| | | |||||
* | | Update NEWS | Daniel Lowrey | 2014-02-14 | 1 | -0/+4 |
| | | |||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Daniel Lowrey | 2014-02-14 | 2 | -0/+30 |
|\ \ | |/ | | | | | | | * PHP-5.4: Fix for bug66501 - "key type not supported in this PHP build" | ||||
| * | Fix for bug66501 - "key type not supported in this PHP build" | mk-j | 2014-02-14 | 2 | -0/+30 |
| | | |||||
* | | a few typofixes | Veres Lajos | 2014-02-14 | 1 | -1/+1 |
| | | |||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Lior Kaplan | 2014-02-14 | 6 | -8/+8 |
|\ \ | |/ | |||||
| * | a few typofixes | Veres Lajos | 2014-02-14 | 6 | -7/+7 |
| | | |||||
| * | Replace old SVN references to Git | Mats Lindh | 2014-02-09 | 1 | -2/+2 |
| | | |||||
* | | Fixed ZTS and added fix to NEWS. | Derick Rethans | 2014-02-11 | 2 | -1/+5 |
| | | |||||
* | | Make html_table_gen consistent with html_table.h | Dmitry Panin | 2014-01-30 | 1 | -0/+3 |
| | | | | | | | | | | | | In commit 6dabd7de04ae3ed the html_table.h was changed manually, without changing the underlying generator (html_table_gen.php). This commit fixes it. | ||||
* | | Implemented feature #45528: Allow the DateTimeZone constructor to accept ↵ | Derick Rethans | 2014-02-09 | 8 | -109/+57 |
| | | | | | | | | timezones per offset too. | ||||
* | | Rename timelib_get_zone to timelib_parse_zone and export. | Derick Rethans | 2014-02-09 | 3 | -18/+19 |
| | | |||||
* | | fix regex to detect valgrind version | Nuno Lopes | 2014-02-08 | 1 | -1/+1 |
| | | | | | | | | New PCRE version got stricter | ||||
* | | 5.5.9 now released | Julien Pauli | 2014-02-06 | 1 | -1/+1 |
| | | |||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Anatol Belski | 2014-02-06 | 0 | -0/+0 |
|\ \ | |/ | | | | | | | | | | | | | * PHP-5.4: update libs_version.txt Conflicts: win32/build/libs_version.txt |