clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 02:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
83,161 Commits 491 Branches 1,363 Tags 837 MiB
1ab5a1b432
Commit Graph

8259 Commits

Author SHA1 Message Date
Bartosz Dziewoński
1ab5a1b432 Fix #50845: exif_process_IFD_TAG: Use the right offset if reading from stream 
When the location of the data is outside of the range we have
preloaded (for example, if it's before the beginning of the IFD
structure), we have to read it from the stream into a separate buffer.
The offset calculations in this case were incorrect, resulting in
bogus values being read for the affected fields (sometimes parts of
other fields, sometimes binary data).

The included test image, sourced from [1], is in the public domain.

[1] https://commons.wikimedia.org/wiki/File:U.S._Marines_Prepare_to_board_an_MV-22_Osprey_160509-M-AF202-041.jpg
 2016-06-14 10:48:08 -07:00
Stanislav Malyshev
4c968c6ddd Fix bug #72138 - Integer Overflow in Length of String-typed ZVAL 2016-06-14 01:03:03 -07:00
Jakub Zelenka
0e2447cd11 Fix bug #71915 (openssl_random_pseudo_bytes is not fork-safe) 
Add time to the entropy before using RAND_bytes
 2016-06-12 18:14:21 +01:00
Jakub Zelenka
54310d95f9 Fix bug #72336 (openssl_pkey_new does not fail for invalid DSA params) 2016-06-12 18:14:21 +01:00
Ferenc Kovacs
c26097c2f1 5.6.24 will be next 2016-06-09 10:51:02 +02:00
Jakub Zelenka
05033c9ebd Fix bug #72140 (segfault after calling ERR_free_strings()) 2016-06-08 18:21:39 +01:00
Lior Kaplan
62f9d1e3ae Add CVE to #66387 2016-06-07 21:45:24 +03:00
Anatol Belski
1d0f128351 add missing NEWS entry 2016-06-07 18:41:17 +02:00
Anatol Belski
2004c25790 update NEWS 2016-06-02 12:18:33 +02:00
Ferenc Kovacs
6e5958e37d update NEWS 2016-05-26 03:05:06 +02:00
Derick Rethans
f43f6fc39b Fixed bug #63740 (strtotime seems to use both sunday and monday as start of week) 2016-05-18 12:19:11 +01:00
Ferenc Kovacs
89e4862e5f add missing NEWS entry 2016-05-11 23:29:23 +02:00
Anatol Belski
0ea2bfb30e update NEWS 2016-05-09 18:50:40 +02:00
Xinchen Hui
1c7f608071 Fixed bug #72172 (zend_hex_strtod should not use strlen) 2016-05-06 23:52:06 -07:00
Lior Kaplan
76a5117da7 Add CVE to bug #69719 (PHP 5.6.10) 2016-04-29 13:23:41 +03:00
Lior Kaplan
eeea33db68 Add CVE IDs PHP 5.6.12 2016-04-29 13:21:35 +03:00
Lior Kaplan
26f8ee48d6 Add CVE IDs PHP 5.6.13 2016-04-29 13:19:46 +03:00
Lior Kaplan
91fd5406bc Add CVE IDs PHP 5.6.14 2016-04-29 13:17:34 +03:00
Lior Kaplan
34fc0ec377 Add CVE to bug #70976 (PHP 5.6.17) 2016-04-29 13:16:27 +03:00
Lior Kaplan
a23ae0f436 Add CVE IDs PHP 5.6.18 2016-04-29 13:15:30 +03:00
Lior Kaplan
b8b2dd1a43 Add CVE IDs PHP 5.6.20 2016-04-29 13:11:54 +03:00
Lior Kaplan
a91c3f1dd0 Add CVE to bug #71912 (PHP 5.6.21) 2016-04-29 13:10:13 +03:00
Lior Kaplan
e70fe1c42e Add NEWS entry for bug #71331 (fixed in PHP 5.6.18) 2016-04-28 20:46:29 +03:00
Ferenc Kovacs
227e5d1153 small whitespace fix 2016-04-28 02:32:45 +02:00
Anatol Belski
0c529b3899 update NEWS 2016-04-27 14:50:46 +02:00
Stanislav Malyshev
f061867fd3 Fix bug #71952: Corruption inside imageaffinematrixget 2016-04-18 23:33:21 -07:00
Ferenc Kovacs
6497d40521 prepare for 5.6.21RC1 2016-04-18 08:14:16 +02:00
Lior Kaplan
5142bf27b2 Align NEWS entry format 2016-04-15 22:07:47 +03:00
Christopher Jones
8f2e6da806 Fixed bug #71422 (Fix ORA-01438: value larger than specified precision allowed for this column) 2016-04-14 13:50:01 +10:00
Anatol Belski
5ed05bc686 update NEWS 2016-04-05 11:52:53 +02:00
Matteo Beccati
30925cd498 Fixed bug #71447 (Quotes inside comments not properly handled) 2016-04-04 23:50:28 +02:00
Joe Watkins
cd038cc5eb news entry #69537 2016-04-04 10:22:13 +01:00
Lior Kaplan
cef40c0c3f Align NEWS entry format 2016-03-31 00:52:53 +03:00
Ferenc Kovacs
abd59c0e40 update NEWS 2016-03-30 22:28:28 +02:00
Nikita Popov
54da966883 Fixed bug #67512 2016-03-25 20:18:46 +01:00
Julien Pauli
abbe1551d6 Updated NEWS 2016-03-21 15:26:21 +01:00
Xinchen Hui
c9c8e70463 Update NEWS for efacdc3 2016-03-21 16:43:30 +08:00
Nikita Popov
cc3cdd0057 Fixed bug #67582 2016-03-20 17:46:12 +01:00
Anatol Belski
b8c9c92d44 fix and update NEWS 2016-03-17 19:02:08 +01:00
Xinchen Hui
8e2f658f49 Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER) 2016-03-17 19:54:19 +08:00
Xinchen Hui
5546f8be56 Fixed bug #71841 (EG(error_zval) is not handled well) 2016-03-17 15:16:47 +08:00
Xinchen Hui
6f241f5fad Fixed bug #71840 (Unserialize accepts wrongly data) 2016-03-17 15:15:28 +08:00
Ferenc Kovacs
14f4848fb0 prepare for 5.6.20RC1 2016-03-17 01:46:00 +01:00
Anatol Belski
9d02e3b97e update NEWS 2016-03-11 14:22:11 +01:00
Christoph M. Becker
2d4ad66ff2 Fixed bug #69953 
Added support for MKCALENDAR request method in CLI web server.
 2016-03-03 19:22:38 +01:00
Stanislav Malyshev
ae3f132be1 Merge branch 'PHP-5.6.19' into PHP-5.6 
* PHP-5.6.19:
  update NEWS
  Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()
  fix ts buld
  prep for 5.6.19RC1
  Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
 2016-03-01 22:42:16 -08:00
Stanislav Malyshev
a0bbac550e update NEWS 2016-03-01 22:41:10 -08:00
mpyw
0bbea60524 Fix bug #71694 
Exports contants CURLM_ADDED_ALREADY.
 2016-03-01 23:31:58 +01:00
Jos Elstgeest
50b4cafd28 Fixed bugs #71317 and #71504 
If there are duplicate filenames in tar, the last one wins.
 2016-02-29 22:34:35 +01:00
Anatol Belski
c49d9f0684 update NEWS 2016-02-29 18:25:16 +01:00