Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix 5.5.35php-5.5.35PHP-5.5.35 | Julien Pauli | 2016-04-27 | 1 | -2/+2 |
| | |||||
* | 5.5.35 | Julien Pauli | 2016-04-27 | 3 | -11/+8 |
| | |||||
* | Fix memory leak | Stanislav Malyshev | 2016-04-26 | 1 | -0/+3 |
| | |||||
* | Fix bug #72099: xml_parse_into_struct segmentation fault | Stanislav Malyshev | 2016-04-26 | 2 | -53/+70 |
| | |||||
* | 5.5.36 now | Julien Pauli | 2016-04-26 | 3 | -5/+24 |
| | |||||
* | Fix bug #72094 - Out of bounds heap read access in exif header processing | Stanislav Malyshev | 2016-04-24 | 6 | -2/+76 |
| | |||||
* | Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition | Stanislav Malyshev | 2016-04-24 | 3 | -22/+57 |
| | | | | | We can not modify result since it can be copy of _zero_ or _one_, etc. and "copy" in bcmath is just bumping the refcount. | ||||
* | Fix bug #72061 - Out-of-bounds reads in zif_grapheme_stripos with negative ↵ | Stanislav Malyshev | 2016-04-24 | 2 | -5/+22 |
| | | | | offset | ||||
* | Fix for bug #71912 (libgd: signedness vulnerability) | Stanislav Malyshev | 2016-04-18 | 3 | -0/+19 |
| | |||||
* | Typo in NEWS | Julien Pauli | 2016-03-31 | 1 | -1/+1 |
| | |||||
* | fix borked mainstream patch | Anatol Belski | 2016-03-31 | 1 | -1/+1 |
| | |||||
* | 5.5.35 now | Julien Pauli | 2016-03-29 | 3 | -5/+25 |
| | |||||
* | fix dir separator in test | Anatol Belski | 2016-03-29 | 1 | -2/+2 |
| | |||||
* | Fixed bug #71527 Buffer over-write in finfo_open with malformed magic file | Anatol Belski | 2016-03-29 | 3 | -1/+21 |
| | | | | | The actual fix is applying the upstream patch from https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36 | ||||
* | Fixed bug #71704 php_snmp_error() Format String Vulnerability | Anatol Belski | 2016-03-28 | 1 | -1/+1 |
| | | | | | Conflicts: ext/snmp/snmp.c | ||||
* | Merge branch 'PHP-5.5.34' into PHP-5.5 | Stanislav Malyshev | 2016-03-28 | 0 | -0/+0 |
|\ | | | | | | | | | * PHP-5.5.34: Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut | ||||
| * | Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut | Stanislav Malyshev | 2016-03-28 | 1 | -17/+17 |
| | | |||||
* | | Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut | Stanislav Malyshev | 2016-03-28 | 2 | -20/+20 |
|/ | |||||
* | Fix bug #71798 - Integer Overflow in php_raw_url_encode | Stanislav Malyshev | 2016-03-27 | 2 | -4/+4 |
| | |||||
* | Fix bug #71860: Require valid paths for phar filenames | Stanislav Malyshev | 2016-03-20 | 9 | -37/+41 |
| | |||||
* | Going for 5.5.34 | Julien Pauli | 2016-03-02 | 3 | -4/+8 |
| | |||||
* | fix test file | Stanislav Malyshev | 2016-03-01 | 1 | -0/+0 |
| | |||||
* | Fix version | Stanislav Malyshev | 2016-03-01 | 1 | -3/+3 |
| | |||||
* | Update NEWS | Stanislav Malyshev | 2016-03-01 | 2 | -4/+11 |
| | |||||
* | Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile() | Stanislav Malyshev | 2016-02-21 | 4 | -3/+21 |
| | |||||
* | Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize | Stanislav Malyshev | 2016-02-14 | 2 | -4/+58 |
| | |||||
* | add error check to sysconf call | Anatol Belski | 2016-02-02 | 1 | -0/+11 |
| | |||||
* | Going for 5.5.33 now | Julien Pauli | 2016-02-02 | 3 | -5/+13 |
| | |||||
* | fix tests | Stanislav Malyshev | 2016-02-01 | 4 | -52/+52 |
| | |||||
* | fix NEWS | Stanislav Malyshev | 2016-02-01 | 1 | -3/+3 |
| | |||||
* | update NEWS | Stanislav Malyshev | 2016-02-01 | 1 | -0/+11 |
| | |||||
* | Merge branch 'PHP-5.5' into PHP-5.5.32 | Stanislav Malyshev | 2016-02-01 | 50 | -1511/+3141 |
|\ | | | | | | | | | | | * PHP-5.5: Upgrade bundled PCRE to 8.38 Fixed NEWS file entry | ||||
| * | Upgrade bundled PCRE to 8.38 | Stanislav Malyshev | 2016-01-31 | 51 | -1511/+3144 |
| | | |||||
| * | Fixed NEWS file entry | Julien Pauli | 2016-01-28 | 1 | -2/+4 |
| | | |||||
* | | Fixed bug #71488: Stack overflow when decompressing tar archives | Stanislav Malyshev | 2016-01-31 | 3 | -6/+32 |
| | | |||||
* | | update NEWS | Anatol Belski | 2016-01-28 | 1 | -0/+6 |
| | | |||||
* | | add missing headers for SIZE_MAX | Anatol Belski | 2016-01-28 | 1 | -0/+9 |
| | | |||||
* | | backport the escapeshell* functions hardening branch | Anatol Belski | 2016-01-28 | 3 | -5/+73 |
| | | |||||
* | | add tests | Anatol Belski | 2016-01-28 | 4 | -0/+44 |
| | | |||||
* | | Fix bug #71459 - Integer overflow in iptcembed() | Stanislav Malyshev | 2016-01-26 | 1 | -1/+6 |
| | | |||||
* | | Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input | Stanislav Malyshev | 2016-01-16 | 15 | -227/+260 |
| | | |||||
* | | Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata() | Stanislav Malyshev | 2016-01-16 | 3 | -0/+21 |
| | | |||||
* | | Fix bug #71335: Type Confusion in WDDX Packet Deserialization | Stanislav Malyshev | 2016-01-13 | 2 | -1/+35 |
| | | |||||
* | | Merge branch 'bug71354' into PHP-5.5.32 | Stanislav Malyshev | 2016-01-13 | 3 | -0/+14 |
|\ \ | |/ |/| | | | | | * bug71354: Fix bug #71354 - remove UMR when size is 0 | ||||
| * | Fix bug #71354 - remove UMR when size is 0 | Stanislav Malyshev | 2016-01-13 | 3 | -0/+14 |
| | | |||||
* | | fix the fix for bug #70976 (imagerotate) | Remi Collet | 2016-01-12 | 2 | -4/+4 |
| | | |||||
* | | 5.5.32 now | Julien Pauli | 2016-01-07 | 2 | -4/+4 |
|/ | |||||
* | Update NEWS | Stanislav Malyshev | 2016-01-05 | 1 | -1/+5 |
| | |||||
* | Improve fix for bug #70976 | Stanislav Malyshev | 2015-12-28 | 1 | -1/+1 |
| | |||||
* | Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization) | Stanislav Malyshev | 2015-12-28 | 3 | -1/+72 |
| |