summaryrefslogtreecommitdiff
path: root/ext
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'PHP-5.6'PHP-5.4Matteo Beccati2015-09-021-0/+2
| | | | | * PHP-5.6: Added missing skipif for phar+zlib test
* fix unit testsStanislav Malyshev2015-09-013-3/+3
|
* Improve fix for #70172Stanislav Malyshev2015-09-013-1/+72
|
* Fix bug #70312 - HAVAL gives wrong hashes in specific casesStanislav Malyshev2015-09-012-5/+23
|
* fix testStanislav Malyshev2015-09-011-1/+1
|
* add testStanislav Malyshev2015-09-011-0/+50
|
* Fix bug #70366 - use-after-free vulnerability in unserialize() with ↵Stanislav Malyshev2015-09-013-1/+56
| | | | SplDoublyLinkedList
* Fix bug #70365 - use-after-free vulnerability in unserialize() with ↵Stanislav Malyshev2015-09-012-0/+52
| | | | SplObjectStorage
* Fix bug #70172 - Use After Free Vulnerability in unserialize()Stanislav Malyshev2015-08-314-42/+121
|
* Fix bug #70388 - SOAP serialize_function_call() type confusionStanislav Malyshev2015-08-312-44/+69
|
* Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when ↵Stanislav Malyshev2015-08-302-39/+72
| | | | creating directories
* Improve fix for #70385Stanislav Malyshev2015-08-291-2/+2
|
* Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)Stanislav Malyshev2015-08-282-76/+100
|
* Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte ↵Stanislav Malyshev2015-08-281-104/+104
| | | | value of 32 bytes)
* Fix bug #70219 (Use after free vulnerability in session deserializer)Stanislav Malyshev2015-08-236-498/+228
|
* Fix for bug #69782Stanislav Malyshev2015-08-161-69/+73
|
* Fix bug #70019 - limit extracted files to given directoryStanislav Malyshev2015-08-043-4/+68
|
* Do not do convert_to_* on unserialize, it messes up referencesStanislav Malyshev2015-08-043-79/+85
|
* Fix #69793 - limit what we accept when unserializing exceptionStanislav Malyshev2015-08-012-0/+18
|
* Fixed bug #70169 (Use After Free Vulnerability in unserialize() with ↵Stanislav Malyshev2015-08-012-12/+43
| | | | SplDoublyLinkedList)
* Fixed bug #70166 - Use After Free Vulnerability in unserialize() with ↵Stanislav Malyshev2015-08-012-0/+32
| | | | SPLArrayObject
* ignore signatures for packages tooStanislav Malyshev2015-08-011-3/+20
|
* Fix bug #70168 - Use After Free Vulnerability in unserialize() with ↵Stanislav Malyshev2015-08-012-33/+54
| | | | SplObjectStorage
* Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytesStanislav Malyshev2015-07-261-4/+2
|
* Improved fix for Bug #69441Stanislav Malyshev2015-07-261-5/+8
|
* Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)Stanislav Malyshev2015-07-262-43/+56
|
* Fix bug #70081: check types for SOAP variablesStanislav Malyshev2015-07-261-10/+13
|
* Better fix for bug #69958Stanislav Malyshev2015-07-072-9/+15
|
* Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM)Stanislav Malyshev2015-07-071-25/+40
|
* Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepathStanislav Malyshev2015-07-071-2/+8
|
* Fix bug #69958 - Segfault in Phar::convertToData on invalid fileStanislav Malyshev2015-07-073-34/+50
|
* add missing second argument for ucfirst to the protoFerenc Kovacs2015-07-071-1/+1
|
* Merge branch 'pull-request/1350' into PHP-5.4Stanislav Malyshev2015-06-283-3/+88
|\ | | | | | | | | | | * pull-request/1350: Move strlen() check to php_mail_detect_multiple_crlf() Fixed Bug #69874 : Can't set empty additional_headers for mail()
| * Move strlen() check to php_mail_detect_multiple_crlf()Yasuo Ohgaki2015-06-191-2/+2
| |
| * Fixed Bug #69874 : Can't set empty additional_headers for mail()Yasuo Ohgaki2015-06-192-1/+43
| |
* | Fixed bug #69768 (escapeshell*() doesn't cater to !)Christoph M. Becker2015-06-243-2/+9
|/ | | | | | When delayed variable substitution is enabled (can be set in the Registry, for instance), !ENV! works similar to %ENV%, and so ! should be escaped like %.
* Fixed bug #69689 (Align PCRE_MINOR with current version)Lior Kaplan2015-06-181-2/+2
|
* Fixed bug #68776Yasuo Ohgaki2015-06-092-0/+373
|
* fix testStanislav Malyshev2015-06-091-2/+2
|
* Fix bug #69646 OS command injection vulnerability in escapeshellargStanislav Malyshev2015-06-091-0/+8
|
* Fix #69719 - more checks for nulls in pathsStanislav Malyshev2015-06-092-13/+25
|
* fix test descriptionRemi Collet2015-06-091-1/+1
|
* Upgrade bundled sqlite to 3.8.10.2Lior Kaplan2015-06-083-25800/+54438
| | | | Includes fixes for CVE-2015-3414, CVE-2015-3415, CVE-2015-3416 done in 3.8.9
* improve fix for Bug #69545Stanislav Malyshev2015-05-311-2/+0
|
* Update PCRE version (bug #69689)Stanislav Malyshev2015-05-301-3/+3
|
* move testRemi Collet2015-05-201-0/+0
|
* fix new testRemi Collet2015-05-201-1/+1
|
* Fixed Bug #69667 segfault in php_pgsql_meta_dataRemi Collet2015-05-202-2/+34
| | | | Incomplete fix for #68741
* Add test for bug #69522Stanislav Malyshev2015-05-112-0/+17
|
* Update testsStanislav Malyshev2015-05-117-45/+47
|
View Lorry Controller Status