Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
| * | fix test | Stanislav Malyshev | 2015-08-04 | 1 | -4/+7 | |
| | | ||||||
| * | update NEWS | Stanislav Malyshev | 2015-08-04 | 1 | -2/+30 | |
| | | ||||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Stanislav Malyshev | 2015-08-04 | 21 | -151/+398 | |
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix #69793 - limit what we accept when unserializing exception Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject ignore signatures for packages too Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage Fixed bug #69892 Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes Improved fix for Bug #69441 Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) Fix bug #70081: check types for SOAP variables Conflicts: .gitignore ext/date/php_date.c ext/spl/spl_array.c ext/spl/spl_observer.c | |||||
| * | Merge branch 'PHP-5.4' into PHP-5.4.44 | Stanislav Malyshev | 2015-08-04 | 4 | -9/+21 | |
| |\ | | | | | | | | | | | | | | | | * PHP-5.4: Fixed bug #69892 Adjust Git-Rules | |||||
| | * | Fixed bug #69892 | Nikita Popov | 2015-08-01 | 3 | -3/+15 | |
| | | | ||||||
| * | | Fix bug #70019 - limit extracted files to given directory | Stanislav Malyshev | 2015-08-04 | 3 | -4/+68 | |
| | | | ||||||
| * | | Do not do convert_to_* on unserialize, it messes up references | Stanislav Malyshev | 2015-08-04 | 3 | -79/+85 | |
| | | | ||||||
| * | | Fix #69793 - limit what we accept when unserializing exception | Stanislav Malyshev | 2015-08-01 | 3 | -0/+46 | |
| | | | ||||||
| * | | Fixed bug #70169 (Use After Free Vulnerability in unserialize() with ↵ | Stanislav Malyshev | 2015-08-01 | 2 | -12/+43 | |
| | | | | | | | | | | | | SplDoublyLinkedList) | |||||
| * | | Fixed bug #70166 - Use After Free Vulnerability in unserialize() with ↵ | Stanislav Malyshev | 2015-08-01 | 2 | -0/+32 | |
| | | | | | | | | | | | | SPLArrayObject | |||||
| * | | ignore signatures for packages too | Stanislav Malyshev | 2015-08-01 | 2 | -3/+22 | |
| | | | ||||||
| * | | Fix bug #70168 - Use After Free Vulnerability in unserialize() with ↵ | Stanislav Malyshev | 2015-08-01 | 2 | -33/+54 | |
| | | | | | | | | | | | | SplObjectStorage | |||||
| * | | Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes | Stanislav Malyshev | 2015-07-26 | 1 | -4/+2 | |
| | | | ||||||
| * | | Improved fix for Bug #69441 | Stanislav Malyshev | 2015-07-26 | 1 | -5/+8 | |
| | | | ||||||
| * | | Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) | Stanislav Malyshev | 2015-07-26 | 2 | -43/+56 | |
| | | | ||||||
| * | | Fix bug #70121 (unserialize() could lead to unexpected methods execution / ↵ | Stanislav Malyshev | 2015-07-26 | 2 | -8/+18 | |
| | | | | | | | | | | | | NULL pointer deref) | |||||
| * | | Fix bug #70081: check types for SOAP variables | Stanislav Malyshev | 2015-07-26 | 1 | -10/+13 | |
| | | | ||||||
* | | | Merge branch 'PHP-5.4' into PHP-5.5 | Julien Pauli | 2015-07-29 | 1 | -6/+6 | |
|\ \ \ | | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Adjust Git-Rules 5.4.44 next Conflicts: configure.in main/php_version.h | |||||
| * | | Adjust Git-Rules | Julien Pauli | 2015-07-29 | 1 | -6/+6 | |
| |/ | ||||||
| * | 5.4.44 next | Stanislav Malyshev | 2015-07-07 | 3 | -4/+6 | |
| | | ||||||
* | | Fixed bug #70002 TS issues with temporary dir handling | Anatol Belski | 2015-07-28 | 2 | -2/+13 | |
| | | ||||||
* | | make the travis irc notification a oneliner | Ferenc Kovacs | 2015-07-26 | 1 | -0/+2 | |
| | | ||||||
* | | 5.5.27 release | Julien Pauli | 2015-07-08 | 2 | -2/+13 | |
| | | ||||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Stanislav Malyshev | 2015-07-07 | 1 | -1/+1 | |
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Better fix for bug #69958 update news Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM) Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepath Fix bug #69958 - Segfault in Phar::convertToData on invalid file Conflicts: ext/mysqlnd/mysqlnd.c | |||||
| * | Better fix for bug #69958 | Stanislav Malyshev | 2015-07-07 | 2 | -9/+15 | |
| | | ||||||
| * | update news | Stanislav Malyshev | 2015-07-07 | 1 | -1/+10 | |
| | | ||||||
| * | Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM) | Stanislav Malyshev | 2015-07-07 | 1 | -25/+40 | |
| | | ||||||
| * | Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepath | Stanislav Malyshev | 2015-07-07 | 1 | -2/+8 | |
| | | ||||||
| * | Fix bug #69958 - Segfault in Phar::convertToData on invalid file | Stanislav Malyshev | 2015-07-07 | 3 | -34/+50 | |
| | | ||||||
* | | Merge branch 'PHP-5.5' of git.php.net:php-src into PHP-5.5 | Stanislav Malyshev | 2015-07-07 | 1 | -1/+1 | |
|\ \ | | | | | | | | | | | | | * 'PHP-5.5' of git.php.net:php-src: add missing second argument for ucfirst to the proto | |||||
| * \ | Merge branch 'PHP-5.4' into PHP-5.5 | Ferenc Kovacs | 2015-07-07 | 1 | -1/+1 | |
| |\ \ | | |/ | | | | | | | | | | * PHP-5.4: add missing second argument for ucfirst to the proto | |||||
| | * | add missing second argument for ucfirst to the proto | Ferenc Kovacs | 2015-07-07 | 1 | -1/+1 | |
| | | | ||||||
* | | | Merge branch 'PHP-5.4' into PHP-5.5 | Stanislav Malyshev | 2015-07-07 | 2 | -0/+3 | |
|\ \ \ | | | | | | | | | | | | | | | | | * PHP-5.4: Better fix for bug #69958 | |||||
| * | | | Better fix for bug #69958 | Stanislav Malyshev | 2015-07-07 | 2 | -9/+15 | |
| | | | | ||||||
* | | | | Merge branch 'PHP-5.4' into PHP-5.5 | Stanislav Malyshev | 2015-07-06 | 1 | -9/+13 | |
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Better fix for bug #69958 | |||||
| * | | | | Better fix for bug #69958 | Stanislav Malyshev | 2015-07-06 | 1 | -9/+13 | |
| |/ / / | ||||||
* | | | | Merge branch 'PHP-5.4' into PHP-5.5 | Stanislav Malyshev | 2015-07-06 | 0 | -0/+0 | |
|\ \ \ \ | |/ / / | | | | | | | | | | | | | * PHP-5.4: update news | |||||
| * | | | update news | Stanislav Malyshev | 2015-07-06 | 1 | -1/+10 | |
| | | | | ||||||
* | | | | Merge branch 'PHP-5.4' into PHP-5.5 | Stanislav Malyshev | 2015-07-06 | 5 | -58/+94 | |
|\ \ \ \ | |/ / / | | / / | |/ / |/| | | | | | | | | | | | | | | | | | * PHP-5.4: Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM) Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepath Fix bug #69958 - Segfault in Phar::convertToData on invalid file Conflicts: ext/mysqlnd/mysqlnd.c | |||||
| * | | Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM) | Stanislav Malyshev | 2015-07-06 | 1 | -25/+40 | |
| | | | ||||||
| * | | Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepath | Stanislav Malyshev | 2015-07-04 | 1 | -2/+8 | |
| | | | ||||||
| * | | Fix bug #69958 - Segfault in Phar::convertToData on invalid file | Stanislav Malyshev | 2015-07-04 | 3 | -34/+50 | |
| |/ | ||||||
* | | Merge branch 'PHP-5.4' into PHP-5.5 | Stanislav Malyshev | 2015-06-28 | 3 | -3/+88 | |
|\ \ | |/ | | | | | | | | | * PHP-5.4: Move strlen() check to php_mail_detect_multiple_crlf() Fixed Bug #69874 : Can't set empty additional_headers for mail() | |||||
| * | Merge branch 'pull-request/1350' into PHP-5.4 | Stanislav Malyshev | 2015-06-28 | 4 | -3/+90 | |
| |\ | | | | | | | | | | | | | | | | * pull-request/1350: Move strlen() check to php_mail_detect_multiple_crlf() Fixed Bug #69874 : Can't set empty additional_headers for mail() | |||||
| | * | Move strlen() check to php_mail_detect_multiple_crlf() | Yasuo Ohgaki | 2015-06-19 | 1 | -2/+2 | |
| | | | ||||||
| | * | Fixed Bug #69874 : Can't set empty additional_headers for mail() | Yasuo Ohgaki | 2015-06-19 | 2 | -1/+43 | |
| | | | ||||||
* | | | fix unknown size of void error | Anatol Belski | 2015-06-25 | 1 | -1/+1 | |
| | | | ||||||
* | | | 5.5.28 now - Security Only | Julien Pauli | 2015-06-24 | 3 | -4/+8 | |
| | | | ||||||
* | | | Made bug44295-win.phpt locale independent | Christoph M. Becker | 2015-06-24 | 1 | -2/+2 | |
| | | | | | | | | | | | | Formerly it failed on non English installations. | |||||
* | | | updated NEWS | Christoph M. Becker | 2015-06-24 | 1 | -0/+1 | |
| | | |