summaryrefslogtreecommitdiff
path: root/ext
Commit message (Collapse)AuthorAgeFilesLines
...
* fix testsStanislav Malyshev2016-02-014-52/+52
|
* Merge branch 'PHP-5.5' into PHP-5.5.32Stanislav Malyshev2016-02-0150-1511/+3141
|\ | | | | | | | | | | * PHP-5.5: Upgrade bundled PCRE to 8.38 Fixed NEWS file entry
| * Upgrade bundled PCRE to 8.38Stanislav Malyshev2016-01-3150-1511/+3141
| |
* | Fixed bug #71488: Stack overflow when decompressing tar archivesStanislav Malyshev2016-01-313-6/+32
| |
* | add missing headers for SIZE_MAXAnatol Belski2016-01-281-0/+9
| |
* | backport the escapeshell* functions hardening branchAnatol Belski2016-01-283-5/+73
| |
* | add testsAnatol Belski2016-01-284-0/+44
| |
* | Fix bug #71459 - Integer overflow in iptcembed()Stanislav Malyshev2016-01-261-1/+6
| |
* | Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its inputStanislav Malyshev2016-01-1614-213/+244
| |
* | Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()Stanislav Malyshev2016-01-163-0/+21
| |
* | Fix bug #71335: Type Confusion in WDDX Packet DeserializationStanislav Malyshev2016-01-132-1/+35
| |
* | Merge branch 'bug71354' into PHP-5.5.32Stanislav Malyshev2016-01-133-0/+14
|\ \ | |/ |/| | | | | * bug71354: Fix bug #71354 - remove UMR when size is 0
| * Fix bug #71354 - remove UMR when size is 0Stanislav Malyshev2016-01-133-0/+14
| |
* | fix the fix for bug #70976 (imagerotate)Remi Collet2016-01-122-4/+4
|/
* Improve fix for bug #70976Stanislav Malyshev2015-12-281-1/+1
|
* Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization)Stanislav Malyshev2015-12-282-1/+70
|
* Fixed bug #70741: Session WDDX Packet Deserialization Type Confusion ↵Stanislav Malyshev2015-12-282-68/+97
| | | | Vulnerability
* Fixed #70728Julien Pauli2015-12-222-2/+41
|
* Fix bug #70976: fix boundary check on gdImageRotateInterpolatedStanislav Malyshev2015-12-072-1/+14
|
* Merge branch 'pr-1483' into PHP-5.5Ferenc Kovacs2015-10-192-5/+5
|\ | | | | | | | | | | | | | | * pr-1483: fixup, both catched by nikic use another character device in this test as /dev/console seems that it is different for lxc containers the de_DE(iso-8859-1) locale is not available on ubuntu by default, but there is no reason to require that over the utf-8 one let's try running our testsuite without sudo
| * fixup, both catched by nikicFerenc Kovacs2015-08-241-1/+1
| |
| * use another character device in this test as /dev/console seems that it is ↵Ferenc Kovacs2015-08-241-2/+2
| | | | | | | | different for lxc containers
| * the de_DE(iso-8859-1) locale is not available on ubuntu by default, but ↵Ferenc Kovacs2015-08-241-2/+2
| | | | | | | | there is no reason to require that over the utf-8 one
* | Fixed testJulien Pauli2015-09-301-1/+1
| |
* | Better fix for bug #70433Stanislav Malyshev2015-09-283-3/+5
| |
* | fix memory leakStanislav Malyshev2015-09-281-0/+1
| |
* | FIx bug #70433 - Uninitialized pointer in phar_make_dirstream when zip entry ↵Stanislav Malyshev2015-09-283-1/+24
| | | | | | | | filename is "/"
* | Fix bug #69720: Null pointer dereference in phar_get_fp_offset()Stanislav Malyshev2015-09-283-1/+45
| |
* | Merge branch 'PHP-5.4' into PHP-5.5Julien Pauli2015-09-021-0/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Merge branch 'PHP-5.6' bump version Conflicts: configure.in main/php_version.h
| * | Merge branch 'PHP-5.6'PHP-5.4Matteo Beccati2015-09-021-0/+2
| | | | | | | | | | | | | | | * PHP-5.6: Added missing skipif for phar+zlib test
* | | Merge branch 'PHP-5.5' into PHP-5.5.29Stanislav Malyshev2015-09-013-3/+3
|\ \ \ | | | | | | | | | | | | | | | | * PHP-5.5: fix unit tests
| * \ \ Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2015-09-013-3/+3
| |\ \ \ | | |/ / | | | | | | | | | | | | * PHP-5.4: fix unit tests
| | * | fix unit testsStanislav Malyshev2015-09-013-3/+3
| | | |
* | | | Merge branch 'PHP-5.5' into PHP-5.5.29Stanislav Malyshev2015-09-013-1/+72
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.5: Improve fix for #70172 Add CVE IDs asigned (post release) to PHP 5.4.43 Add CVE IDs asigned to #69085 (PHP 5.4.39) Conflicts: ext/pcre/php_pcre.c
| * | | Merge branch 'PHP-5.4' into PHP-5.5Stanislav Malyshev2015-09-0124-834/+977
| |\ \ \ | | |/ / | | | / | | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4: Improve fix for #70172 Fix bug #70312 - HAVAL gives wrong hashes in specific cases fix test add test Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage Fix bug #70172 - Use After Free Vulnerability in unserialize() Fix bug #70388 - SOAP serialize_function_call() type confusion Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories Improve fix for #70385 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) Fix bug #70219 (Use after free vulnerability in session deserializer) Fix for bug #69782 Add CVE IDs asigned (post release) to PHP 5.4.43 Add CVE IDs asigned to #69085 (PHP 5.4.39) 5.4.45 next Conflicts: configure.in ext/pcre/php_pcre.c ext/standard/var_unserializer.c ext/standard/var_unserializer.re main/php_version.h
| | * Improve fix for #70172Stanislav Malyshev2015-09-013-1/+72
| | |
* | | Merge branch 'PHP-5.4.45' into PHP-5.5.29Stanislav Malyshev2015-09-012-5/+23
|\ \ \ | | |/ | |/| | | | | | | * PHP-5.4.45: Fix bug #70312 - HAVAL gives wrong hashes in specific cases
| * | Fix bug #70312 - HAVAL gives wrong hashes in specific casesStanislav Malyshev2015-09-012-5/+23
| | |
* | | Merge branch 'PHP-5.4.45' into PHP-5.5.29Stanislav Malyshev2015-09-011-1/+1
|\ \ \ | |/ / | | | | | | | | | * PHP-5.4.45: fix test
| * | fix testStanislav Malyshev2015-09-011-1/+1
| | |
* | | Merge branch 'PHP-5.4.45' into PHP-5.5.29Stanislav Malyshev2015-09-0116-267/+587
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-5.4.45: add test Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage Fix bug #70172 - Use After Free Vulnerability in unserialize() Fix bug #70388 - SOAP serialize_function_call() type confusion Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories Improve fix for #70385 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) Conflicts: ext/pcre/php_pcre.c ext/standard/var_unserializer.c
| * | add testStanislav Malyshev2015-09-011-0/+50
| | |
| * | Fix bug #70366 - use-after-free vulnerability in unserialize() with ↵Stanislav Malyshev2015-09-013-1/+56
| | | | | | | | | | | | SplDoublyLinkedList
| * | Fix bug #70365 - use-after-free vulnerability in unserialize() with ↵Stanislav Malyshev2015-09-012-0/+52
| | | | | | | | | | | | SplObjectStorage
| * | Fix bug #70172 - Use After Free Vulnerability in unserialize()Stanislav Malyshev2015-08-314-42/+121
| | |
| * | Fix bug #70388 - SOAP serialize_function_call() type confusionStanislav Malyshev2015-08-312-44/+69
| | |
| * | Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when ↵Stanislav Malyshev2015-08-302-39/+72
| | | | | | | | | | | | creating directories
| * | Improve fix for #70385Stanislav Malyshev2015-08-291-2/+2
| | |
| * | Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)Stanislav Malyshev2015-08-282-76/+100
| | |
| * | Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte ↵Stanislav Malyshev2015-08-281-104/+104
| | | | | | | | | | | | value of 32 bytes)
View Lorry Controller Status