Bartosz Dziewoński
1ab5a1b432
Fix #50845 : exif_process_IFD_TAG: Use the right offset if reading from stream
...
When the location of the data is outside of the range we have
preloaded (for example, if it's before the beginning of the IFD
structure), we have to read it from the stream into a separate buffer.
The offset calculations in this case were incorrect, resulting in
bogus values being read for the affected fields (sometimes parts of
other fields, sometimes binary data).
The included test image, sourced from [1], is in the public domain.
[1] https://commons.wikimedia.org/wiki/File:U.S._Marines_Prepare_to_board_an_MV-22_Osprey_160509-M-AF202-041.jpg
2016-06-14 10:48:08 -07:00
Stanislav Malyshev
4c968c6ddd
Fix bug #72138 - Integer Overflow in Length of String-typed ZVAL
2016-06-14 01:03:03 -07:00
Jakub Zelenka
0e2447cd11
Fix bug #71915 (openssl_random_pseudo_bytes is not fork-safe)
...
Add time to the entropy before using RAND_bytes
2016-06-12 18:14:21 +01:00
Jakub Zelenka
54310d95f9
Fix bug #72336 (openssl_pkey_new does not fail for invalid DSA params)
2016-06-12 18:14:21 +01:00
Ferenc Kovacs
c26097c2f1
5.6.24 will be next
2016-06-09 10:51:02 +02:00
Jakub Zelenka
05033c9ebd
Fix bug #72140 (segfault after calling ERR_free_strings())
2016-06-08 18:21:39 +01:00
Lior Kaplan
62f9d1e3ae
Add CVE to #66387
2016-06-07 21:45:24 +03:00
Anatol Belski
1d0f128351
add missing NEWS entry
2016-06-07 18:41:17 +02:00
Anatol Belski
2004c25790
update NEWS
2016-06-02 12:18:33 +02:00
Ferenc Kovacs
6e5958e37d
update NEWS
2016-05-26 03:05:06 +02:00
Derick Rethans
f43f6fc39b
Fixed bug #63740 (strtotime seems to use both sunday and monday as start of week)
2016-05-18 12:19:11 +01:00
Ferenc Kovacs
89e4862e5f
add missing NEWS entry
2016-05-11 23:29:23 +02:00
Anatol Belski
0ea2bfb30e
update NEWS
2016-05-09 18:50:40 +02:00
Xinchen Hui
1c7f608071
Fixed bug #72172 (zend_hex_strtod should not use strlen)
2016-05-06 23:52:06 -07:00
Lior Kaplan
76a5117da7
Add CVE to bug #69719 (PHP 5.6.10)
2016-04-29 13:23:41 +03:00
Lior Kaplan
eeea33db68
Add CVE IDs PHP 5.6.12
2016-04-29 13:21:35 +03:00
Lior Kaplan
26f8ee48d6
Add CVE IDs PHP 5.6.13
2016-04-29 13:19:46 +03:00
Lior Kaplan
91fd5406bc
Add CVE IDs PHP 5.6.14
2016-04-29 13:17:34 +03:00
Lior Kaplan
34fc0ec377
Add CVE to bug #70976 (PHP 5.6.17)
2016-04-29 13:16:27 +03:00
Lior Kaplan
a23ae0f436
Add CVE IDs PHP 5.6.18
2016-04-29 13:15:30 +03:00
Lior Kaplan
b8b2dd1a43
Add CVE IDs PHP 5.6.20
2016-04-29 13:11:54 +03:00
Lior Kaplan
a91c3f1dd0
Add CVE to bug #71912 (PHP 5.6.21)
2016-04-29 13:10:13 +03:00
Lior Kaplan
e70fe1c42e
Add NEWS entry for bug #71331 (fixed in PHP 5.6.18)
2016-04-28 20:46:29 +03:00
Ferenc Kovacs
227e5d1153
small whitespace fix
2016-04-28 02:32:45 +02:00
Anatol Belski
0c529b3899
update NEWS
2016-04-27 14:50:46 +02:00
Stanislav Malyshev
f061867fd3
Fix bug #71952 : Corruption inside imageaffinematrixget
2016-04-18 23:33:21 -07:00
Ferenc Kovacs
6497d40521
prepare for 5.6.21RC1
2016-04-18 08:14:16 +02:00
Lior Kaplan
5142bf27b2
Align NEWS entry format
2016-04-15 22:07:47 +03:00
Christopher Jones
8f2e6da806
Fixed bug #71422 (Fix ORA-01438: value larger than specified precision allowed for this column)
2016-04-14 13:50:01 +10:00
Anatol Belski
5ed05bc686
update NEWS
2016-04-05 11:52:53 +02:00
Matteo Beccati
30925cd498
Fixed bug #71447 (Quotes inside comments not properly handled)
2016-04-04 23:50:28 +02:00
Joe Watkins
cd038cc5eb
news entry #69537
2016-04-04 10:22:13 +01:00
Lior Kaplan
cef40c0c3f
Align NEWS entry format
2016-03-31 00:52:53 +03:00
Ferenc Kovacs
abd59c0e40
update NEWS
2016-03-30 22:28:28 +02:00
Nikita Popov
54da966883
Fixed bug #67512
2016-03-25 20:18:46 +01:00
Julien Pauli
abbe1551d6
Updated NEWS
2016-03-21 15:26:21 +01:00
Xinchen Hui
c9c8e70463
Update NEWS for efacdc3
2016-03-21 16:43:30 +08:00
Nikita Popov
cc3cdd0057
Fixed bug #67582
2016-03-20 17:46:12 +01:00
Anatol Belski
b8c9c92d44
fix and update NEWS
2016-03-17 19:02:08 +01:00
Xinchen Hui
8e2f658f49
Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER)
2016-03-17 19:54:19 +08:00
Xinchen Hui
5546f8be56
Fixed bug #71841 (EG(error_zval) is not handled well)
2016-03-17 15:16:47 +08:00
Xinchen Hui
6f241f5fad
Fixed bug #71840 (Unserialize accepts wrongly data)
2016-03-17 15:15:28 +08:00
Ferenc Kovacs
14f4848fb0
prepare for 5.6.20RC1
2016-03-17 01:46:00 +01:00
Anatol Belski
9d02e3b97e
update NEWS
2016-03-11 14:22:11 +01:00
Christoph M. Becker
2d4ad66ff2
Fixed bug #69953
...
Added support for MKCALENDAR request method in CLI web server.
2016-03-03 19:22:38 +01:00
Stanislav Malyshev
ae3f132be1
Merge branch 'PHP-5.6.19' into PHP-5.6
...
* PHP-5.6.19:
update NEWS
Fix bug #71498 : Out-of-Bound Read in phar_parse_zipfile()
fix ts buld
prep for 5.6.19RC1
Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
2016-03-01 22:42:16 -08:00
Stanislav Malyshev
a0bbac550e
update NEWS
2016-03-01 22:41:10 -08:00
mpyw
0bbea60524
Fix bug #71694
...
Exports contants CURLM_ADDED_ALREADY.
2016-03-01 23:31:58 +01:00
Jos Elstgeest
50b4cafd28
Fixed bugs #71317 and #71504
...
If there are duplicate filenames in tar, the last one wins.
2016-02-29 22:34:35 +01:00
Anatol Belski
c49d9f0684
update NEWS
2016-02-29 18:25:16 +01:00