Remi Collet
8d1d038509
Fixed Bug #67411 fileinfo: cdf_check_stream_offset insufficient boundary check
...
Upstream:
36fadd2984
Conflicts:
ext/fileinfo/libmagic/cdf.c
2014-07-18 16:19:30 -07:00
Remi Collet
6bd5a06894
Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
...
Upstream
27a14bc7ba
2014-07-18 16:17:36 -07:00
Stanislav Malyshev
ec002bd837
Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
2014-07-18 16:14:42 -07:00
Remi Collet
52de149ebc
Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check
...
Upstream fix 6d209c1c48
.patch
Only revelant part applied
2014-07-18 16:13:07 -07:00
Stanislav Malyshev
2326401fc1
fix bug #67253 : timelib_meridian_with_check out-of-bounds read
...
Conflicts:
ext/date/lib/parse_date.c
2014-07-18 16:11:54 -07:00
Stanislav Malyshev
7f527897fe
Fix bug #67252 : convert_uudecode out-of-bounds read
2014-07-18 16:05:52 -07:00
Stanislav Malyshev
d4b67896ec
Fix bug #67250 (iptcparse out-of-bounds read)
2014-07-18 16:02:52 -07:00
Stanislav Malyshev
84605098bc
Fix bug #67247 spl_fixedarray_resize integer overflow
2014-07-18 15:59:59 -07:00
Stanislav Malyshev
ee1ab62763
Fix bug #67328 (fileinfo: numerous file_printf calls resulting in performance degradation)
...
Upstream patch: b8acc83781
2014-07-18 15:52:00 -07:00
Stanislav Malyshev
d77ea459bd
Fix bug #67327 : fileinfo: CDF infinite loop in nelements DoS
...
Upstream fix: f97486ef5d
2014-07-18 15:50:58 -07:00
Anatol Belski
44be7b7f27
backport this piece from 5.6, related to the #66307 fix
...
Conflicts:
ext/fileinfo/libmagic/readcdf.c
2014-07-18 15:50:04 -07:00
Anatol Belski
0335d2ef3e
Fixed bug #66307 Fileinfo crashes with powerpoint files
...
Conflicts:
ext/fileinfo/libmagic/readcdf.c
ext/fileinfo/tests/finfo_file_002.phpt
2014-07-18 15:48:18 -07:00
Remi Collet
a0bb3fd679
Fixed bug #66060 (Heap buffer over-read in DateInterval)
...
Conflicts:
ext/date/lib/parse_iso_intervals.c
2014-07-18 15:39:37 -07:00
Stanislav Malyshev
eca037a51d
Fix bug #65873 - Integer overflow in exif_read_data()
2014-07-18 15:37:15 -07:00
Xinchen Hui
f3230e3522
let make test report the run-test result
2014-07-18 15:33:59 -07:00
Stanislav Malyshev
3c328f0984
Fix bug #67251 - date_parse_from_format out-of-bounds read
...
Conflicts:
ext/date/lib/parse_date.c
ext/date/lib/parse_date.re
2014-06-15 00:33:24 -07:00
Stanislav Malyshev
d780c2a673
Fix bug #67249 : printf out-of-bounds read
2014-06-13 16:43:56 -07:00
Sara Golemon
d400b74296
Fix potential segfault in dns_get_record()
...
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
2014-06-13 16:42:55 -07:00
Remi Collet
08334293f8
Fix bug #67390 insecure temporary file use in the configure script
2014-06-13 16:41:13 -07:00
Stanislav Malyshev
adc070ca99
fix typo in ODBC code
2014-05-18 23:42:30 -07:00
Stanislav Malyshev
8a22540a95
Fix bug #67060 : use default mode of 660
2014-05-11 23:32:35 -07:00
Ferenc Kovacs
4b48b29988
fix the primary qa email address and update the list of available people being able to add moderators to our lists
2014-01-24 16:06:58 +01:00
Will Fitch
8aa93b7f2c
Revert "Fix #62479 : Some chars not parsed in passwords"
...
This reverts commit e6bb90c66a
.
2014-01-19 13:02:20 -05:00
Will Fitch
e6bb90c66a
Fix #62479 : Some chars not parsed in passwords
...
This fixes an issue where backslashes and spaces aren't
correctly parsed for passwords.
2014-01-18 19:27:00 -05:00
Julien Pauli
3eb2b1ac40
Updated release process
2013-12-13 13:16:54 +01:00
Anatol Belski
6f739318fd
fix dir separator in cve-2013-6420 test
2013-12-11 13:31:29 +01:00
Stanislav Malyshev
8650bbc8dc
5.3.29-dev
2013-12-10 11:32:11 -08:00
Stanislav Malyshev
c1224573c7
Fix CVE-2013-6420 - memory corruption in openssl_x509_parse
2013-12-10 11:03:49 -08:00
Christopher Jones
32873cd0dd
Merge branch 'PHP-5.3' of https://git.php.net/repository/php-src into PHP-5.3
...
* 'PHP-5.3' of https://git.php.net/repository/php-src :
fix using wrong buffer pointer
2013-08-19 10:53:41 -07:00
Stanislav Malyshev
c1c49d6e39
fix using wrong buffer pointer
2013-08-19 01:02:12 -07:00
Stanislav Malyshev
dcea4ec698
Fix CVE-2013-4073 - handling of certs with null bytes
2013-08-13 22:24:11 -07:00
Christopher Jones
7c9bb87edd
Merge branch 'PHP-5.3' of https://git.php.net/repository/php-src into PHP-5.3
...
# By Johannes Schlüter
# Via Christopher Jones (1) and Johannes Schlüter (1)
* 'PHP-5.3' of https://git.php.net/repository/php-src :
Merge PHP 5.3.27 NEWS
add test for bug #65236
2013-07-22 10:58:52 -07:00
Christopher Jones
e2e002d4ea
Merge branch 'PHP-5.3' of https://git.php.net/repository/php-src into PHP-5.3
...
* 'PHP-5.3' of https://git.php.net/repository/php-src :
Merge PHP 5.3.27 NEWS
add test for bug #65236
2013-07-10 11:13:15 -07:00
Johannes Schlüter
9c4ef50146
Merge PHP 5.3.27 NEWS
2013-07-10 19:45:45 +02:00
Johannes Schlüter
710eee5555
add test for bug #65236
2013-07-10 19:35:18 +02:00
Rob Richards
7d163e8a08
truncate results at depth of 255 to prevent corruption
2013-07-06 07:53:07 -04:00
Nuno Lopes
e964817b24
fix assembly of safe_address() for x86 and x86_64
2013-07-03 18:02:28 -04:00
Sebastian Bergmann
50ac53e1b1
Add bison 2.6.4 to the list of supported versions
2013-07-03 06:36:54 +02:00
Johannes Schlüter
e4ee921b7e
Update git rules (5.5 is stable, 5.3 sec only)
2013-06-20 11:51:21 +02:00
Johannes Schlüter
f0eaa02f6f
This will be PHP 5.3.28
2013-06-19 15:08:02 +02:00
Matteo Beccati
6238dd6f32
Fixed bug #63186 (compile failure on netbsd)
2013-06-14 16:51:54 +02:00
Anatol Belski
cd1b44c4b6
ensure the error_reporting level to get expected notice
2013-06-12 13:13:48 +02:00
Anatol Belski
eccc05fc44
fixed tests
2013-06-11 12:38:49 +02:00
Anatol Belski
f16143f5ac
missing tests for bug #53437
2013-06-11 11:19:57 +02:00
Anatol Belski
18403e496d
missing colon
2013-06-10 19:54:29 +02:00
Anatol Belski
88c2dbe5fc
Backported the fix for bug #53437
2013-06-10 19:48:18 +02:00
Dmitry Stogov
f5f6404260
Fixed test script
2013-06-10 12:53:19 +04:00
Xinchen Hui
75c57122e3
Fixed bug #64997 (Segfault while using RecursiveIteratorIterator on 64-bits systems)
2013-06-09 22:24:48 +08:00
Xinchen Hui
e8f004d542
Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC)
2013-06-09 13:20:40 +08:00
Anatol Belski
1aee7ad636
Fixed bug #64934 Apache2 TS crash with get_browser()
...
In favour of reading the browscap.ini into a true global var
only once in MINIT, the price for that is to deep copy the
any data from it.
2013-06-06 18:49:04 +02:00