summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* 5.6.38php-5.6.38PHP-5.6.38Ferenc Kovacs2018-09-123-8/+6
|
* 5.6.39 will be the nextFerenc Kovacs2018-09-113-5/+7
|
* Update NEWSStanislav Malyshev2018-09-091-0/+3
|
* Fix for bug #76582Stanislav Malyshev2018-09-091-0/+1
| | | | | The brigade seems to end up in a messed up state if something fails in shutdown, so we clean it up.
* 5.6.38 will be nextFerenc Kovacs2018-07-193-5/+7
|
* Add NEWSStanislav Malyshev2018-07-161-0/+9
|
* Fixed bug #76459 windows linkinfo lacks openbasedir checkAnatol Belski2018-07-161-1/+12
|
* Fix bug #76557: heap-buffer-overflow (READ of size 48) while reading exif dataStanislav Malyshev2018-07-163-1/+83
| | | | Use MAKERNOTE length as data size.
* Fix bug #76423 - Int Overflow lead to Heap OverFlow in ↵Stanislav Malyshev2018-07-163-1/+23
| | | | exif_thumbnail_extract of exif.c
* 5.6.37 will be nextFerenc Kovacs2018-04-243-5/+21
|
* Fix test portabilityAnatol Belski2018-04-241-2/+4
|
* Fix tsrm_lsStanislav Malyshev2018-04-231-1/+1
|
* Merge remote-tracking branch 'security/bug76249' into PHP-5.6Stanislav Malyshev2018-04-232-0/+21
|\ | | | | | | | | | | * security/bug76249: Fix test Fix bug #76249 - fail on invalid sequences
| * Fix testStanislav Malyshev2018-04-221-2/+4
| |
| * Fix bug #76249 - fail on invalid sequencesStanislav Malyshev2018-04-222-0/+19
| |
* | Merge remote-tracking branch 'security/bug76248' into PHP-5.6Stanislav Malyshev2018-04-232-1/+45
|\ \ | | | | | | | | | | | | * security/bug76248: Fix bug #76248 - Malicious LDAP-Server Response causes Crash
| * | Fix bug #76248 - Malicious LDAP-Server Response causes CrashStanislav Malyshev2018-04-222-1/+45
| |/
* | Fix #76129 - remove more potential unfiltered outputs for pharStanislav Malyshev2018-04-2313-16/+14
| |
* | Merge remote-tracking branch 'security/PHP-5.6' into PHP-5.6Stanislav Malyshev2018-04-234-1/+21
|\ \ | |/ |/| | | | | | | * security/PHP-5.6: Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value Fix bug #75981: prevent reading beyond buffer start
| * Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_valueChristoph M. Becker2018-04-224-1/+21
| | | | | | | | | | | | The MakerNote is not necessarily null-terminated, so we must not use `strlen()` to avoid OOB reads. Instead `php_strnlen()` is the proper way to handle this.
| * Fix bug #75981: prevent reading beyond buffer startStanislav Malyshev2018-02-202-2/+34
| |
* | [ci skip] 5.6.36 will be nextFerenc Kovacs2018-03-283-5/+7
| |
* | [ci skip] Update NEWSAnatol Belski2018-03-271-0/+4
| |
* | Do not set PR_SET_DUMPABLE by defaultJakub Zelenka2018-03-274-1/+11
| |
* | 5.6.35 is nextFerenc Kovacs2018-02-273-5/+7
| |
* | [ci skip] Update NEWSAnatol Belski2018-02-271-0/+3
| |
* | Fix bug #75981: prevent reading beyond buffer startStanislav Malyshev2018-02-262-2/+34
| |
* | [ci skip] Set FPM maintainershipStanislav Malyshev2018-02-231-1/+1
|/ | | | | As per http://news.php.net/php.internals/101897, Jakub is officially annointed as new FPM maintainer.
* 2018Remi Collet2018-01-031-2/+2
|
* php 5.6.34 is nextFerenc Kovacs2018-01-033-5/+7
|
* Update NEWSStanislav Malyshev2018-01-011-1/+7
|
* Fixed bug #75571: Potential infinite loop in gdImageCreateFromGifCtxChristoph M. Becker2018-01-013-5/+20
| | | | | | | Due to a signedness confusion in `GetCode_` a corrupt GIF file can trigger an infinite loop. Furthermore we make sure that a GIF without any palette entries is treated as invalid *after* open palette entries have been removed.
* Fix bug #74782: remove file name from output to avoid XSSStanislav Malyshev2018-01-0114-45/+45
|
* Backport and apply upstream patch for CVE-2017-14107Anatol Belski2017-10-271-1/+6
|
* 5.6.33 is nextFerenc Kovacs2017-10-253-5/+7
|
* These tests all assume that IPV6 is available.Rasmus Lerdorf2017-10-255-5/+20
|
* fix the travis build for PHP-5.6 using precise instead of trustyFerenc Kovacs2017-10-251-1/+1
|
* fix the travis build for PHP-5.6 using precise instead of trustyFerenc Kovacs2017-10-251-0/+1
|
* Parametrize the expected value to avoid platform false positivesAnatol Belski2017-10-241-1/+1
|
* [ci skip] update NEWSAnatol Belski2017-10-241-0/+9
|
* Fixed bug #72535 arcfour encryption stream filter crashes phpAnatol Belski2017-10-242-1/+24
|
* Fixed bug #75055 Out-Of-Bounds Read in timelib_meridian()Anatol Belski2017-10-245-716/+2336
|
* Apply upstream patch for CVE-2016-1283Anatol Belski2017-10-242-1/+16
| | | | | | | | Fix bug #75207, see also https://bugzilla.redhat.com/show_bug.cgi?id=1295385 https://vcs.pcre.org/pcre?view=revision&revision=1636 (cherry picked from commit d11fceab151cd0410645f81eb7444af4388470c3)
* add missing NEWS entry for #74087 and also fix the formattingFerenc Kovacs2017-07-061-4/+8
|
* move NEWS entry to the correct place, also bump the versionFerenc Kovacs2017-07-063-7/+11
|
* NEWS for onigurumaRemi Collet2017-07-051-0/+2
|
* Patch from the upstream gitRemi Collet2017-07-051-1/+3
| | | | | | https://github.com/kkos/oniguruma/issues/60 (CVE-2017-9228) Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
* Patch from the upstream gitRemi Collet2017-07-051-1/+8
| | | | | | | https://github.com/kkos/oniguruma/issues/59 (CVE-2017-9229) b690371bbf97794b4a1d3f295d4fb9a8b05d402d Modified for onig 5.9.6 Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
* Patch from the upstream gitRemi Collet2017-07-051-0/+2
| | | | | | https://github.com/kkos/oniguruma/issues/58 (CVE-2017-9227) Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
* Patch from the upstream gitRemi Collet2017-07-051-5/+0
| | | | | | https://github.com/kkos/oniguruma/issues/57 (CVE-2017-9224) Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
View Lorry Controller Status