summaryrefslogtreecommitdiff
path: root/ext
Commit message (Expand)AuthorAgeFilesLines
* Fix bug #69253 - ZIP Integer Overflow leads to writing past heap boundaryStanislav Malyshev2015-03-171-1/+1
* Fix bug #69248 - heap overflow vulnerability in regcomp.cStanislav Malyshev2015-03-171-1/+9
* add test for bug #68976Stanislav Malyshev2015-03-171-0/+37
* Fixed bug #68976 - Use After Free Vulnerability in unserialize()Stanislav Malyshev2015-03-172-31/+33
* fix testsStanislav Malyshev2015-03-173-3/+3
* Fix bug #69207 - move_uploaded_file allows nulls in pathStanislav Malyshev2015-03-171-1/+1
* Added type checksDmitry Stogov2015-03-032-9/+18
* Added type checksDmitry Stogov2015-03-033-27/+46
* Check variable type before its usage as IS_ARRAY.Dmitry Stogov2015-03-021-1/+2
* Port for for bug #68552Stanislav Malyshev2015-02-171-4/+3
* Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone)Stanislav Malyshev2015-02-172-7/+12
* - Fixed bug #67827 (broken detection of system crypt sha256/sha512 support)Felipe Pena2015-02-171-8/+8
* - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt...Felipe Pena2015-02-161-0/+3
* Add NULL byte protection to exec, system and passthruYasuo Ohgaki2015-02-142-0/+29
* Update header handling to RFC 7230Stanislav Malyshev2015-02-053-9/+10
* fix sizeof sizeStanislav Malyshev2015-02-011-1/+1
* fix TSRMStanislav Malyshev2015-01-311-2/+2
* Use better constant since MAXHOSTNAMELEN may mean shorter nameStanislav Malyshev2015-01-312-6/+6
* Add mitigation for CVE-2015-0235 (bug #68925)Stanislav Malyshev2015-01-312-0/+24
* Merge branch 'bug68710' into PHP-5.4Stanislav Malyshev2015-01-203-3/+28
|\
| * Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())Stanislav Malyshev2015-01-013-3/+28
* | Merge branch 'bug68799' into PHP-5.4Stanislav Malyshev2015-01-203-1/+64
|\ \
| * | Fix bug #68799: Free called on unitialized pointerStanislav Malyshev2015-01-113-1/+64
| |/
* | Fixed bug #55618 (use case-insensitive cert name matching)Daniel Lowrey2015-01-141-2/+2
* | updated libmagic.patch in 5.4Anatol Belski2015-01-041-315/+139
* | Fixed bug #68735 fileinfo out-of-bounds memory accessAnatol Belski2015-01-043-2/+21
* | removed dead codeRemi Collet2015-01-045-1544/+2
|/
* add missing test fileStanislav Malyshev2014-12-161-0/+7
* Fix bug #68594 - Use after free vulnerability in unserialize()Stanislav Malyshev2014-12-163-32/+62
* Fix undefined behaviour in strnatcmpAndrea Faulds2014-12-131-2/+2
* move the test to the right placeAnatol Belski2014-12-111-0/+11
* Fixed bug #68545 NULL pointer dereference in unserialize.cAnatol Belski2014-12-112-33/+45
* Fixed possible read after end of buffer and use after free.Dmitry Stogov2014-12-081-2/+6
* Revert unintentional docblock changeChris Christoff2014-12-051-1/+1
* update newsStanislav Malyshev2014-11-301-5/+5
* Bug fixes in light of failing bcrypt testsLeigh2014-11-302-1/+3
* Add tests from 1.3. Add missing tests.Leigh2014-11-301-2/+31
* Upgrade crypt_blowfish to version 1.3Leigh2014-11-301-19/+24
* Fixed bug #66584 Segmentation fault on statement deallocationMatteo Beccati2014-11-112-1/+67
* Fix bug #63595 GMP memory management conflicts with other libraries using GMPRemi Collet2014-11-031-26/+0
* Initialize the offset table - PCRE may sometimes miss offsetsStanislav Malyshev2014-11-031-1/+1
* Fix bug #68283: fileinfo: out-of-bounds read in elf note headersRemi Collet2014-10-221-0/+7
* Fix bug #68113 (Heap corruption in exif_thumbnail())Stanislav Malyshev2014-10-133-2/+19
* Fix bug #68089 - do not accept options with embedded \0Stanislav Malyshev2014-10-132-0/+24
* Fixed bug #68044: Integer overflow in unserialize() (32-bits only)Stanislav Malyshev2014-10-133-3/+15
* Fix bug #68027 - fix date parsing in XMLRPC libStanislav Malyshev2014-10-132-5/+52
* Set an LDAP error code when failing ldap_bind due to null bytesMatthew Daley2014-09-281-2/+21
* - Updated to version 2014.8 (2014h)Derick Rethans2014-09-261-608/+610
* Revert xp_ssl.c to the state of 5.4.32 due to regressionsStanislav Malyshev2014-09-261-61/+0
* Fixed bug #66242 (don't assume char is signed)Ard Biesheuvel2014-09-201-1/+1
View Lorry Controller Status