diff options
| author | Stanislav Malyshev <stas@php.net> | 2015-09-01 12:06:41 -0700 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2015-09-01 12:06:41 -0700 |
| commit | c19d59c550053ffa797fce59aadf7bc79727390c (patch) | |
| tree | 71dfde3c820dc4027966fcdd5d04b32ee90090e8 /ext/json/json.c | |
| parent | 45e7e79485f27ed22feb206cfe360718c424bf1a (diff) | |
| parent | 31b634bf7cb8e3de1dfa71418e348133c2365933 (diff) | |
| download | php-git-c19d59c550053ffa797fce59aadf7bc79727390c.tar.gz | |
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
update NEWS
add NEWS for fixes
Improve fix for #70172
Fix bug #70312 - HAVAL gives wrong hashes in specific cases
fix test
add test
Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
Fix bug #70172 - Use After Free Vulnerability in unserialize()
Fix bug #70388 - SOAP serialize_function_call() type confusion
Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
Improve fix for #70385
Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
Fix bug #70219 (Use after free vulnerability in session deserializer)
Fix for bug #69782
Add CVE IDs asigned (post release) to PHP 5.4.43
Add CVE IDs asigned to #69085 (PHP 5.4.39)
5.4.45 next
Conflicts:
ext/pcre/php_pcre.c
ext/standard/var_unserializer.c
ext/standard/var_unserializer.re
ext/zip/php_zip.c
Diffstat (limited to 'ext/json/json.c')
0 files changed, 0 insertions, 0 deletions