diff options
author | Stanislav Malyshev <stas@php.net> | 2015-08-04 14:10:57 -0700 |
---|---|---|
committer | Stanislav Malyshev <stas@php.net> | 2015-08-04 14:10:57 -0700 |
commit | 69ed3969dd3b00feaa62f611c5095e27ba96274d (patch) | |
tree | 0eaaac44be832888b856808ec83153f42ccc577c /.gitignore | |
parent | 66edc158755a8e960499913f16f6455797bb5803 (diff) | |
parent | 51f9a00b47159ed13dfe5bd5af7e98986aa1a6fa (diff) | |
download | php-git-69ed3969dd3b00feaa62f611c5095e27ba96274d.tar.gz |
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix #69793 - limit what we accept when unserializing exception
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
ignore signatures for packages too
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
Fixed bug #69892
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
Improved fix for Bug #69441
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
Fix bug #70081: check types for SOAP variables
Conflicts:
.gitignore
ext/date/php_date.c
ext/spl/spl_array.c
ext/spl/spl_observer.c
Diffstat (limited to '.gitignore')
-rw-r--r-- | .gitignore | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore index f696b15ebf..9a6319597b 100644 --- a/.gitignore +++ b/.gitignore @@ -20,6 +20,9 @@ *.tar.gz *.tar.bz2 *.tar.xz +*.tar.gz.asc +*.tar.bz2.asc +*.tar.xz.asc .FBCIndex .FBCLockFolder .deps |