Stanislav Malyshev
97aa752fee
Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM)
2015-07-07 09:38:31 -07:00
Stanislav Malyshev
6dedeb40db
Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepath
2015-07-07 09:38:31 -07:00
Stanislav Malyshev
bf58162ddf
Fix bug #69958 - Segfault in Phar::convertToData on invalid file
2015-07-07 09:38:30 -07:00
Ferenc Kovacs
29533ae528
add missing second argument for ucfirst to the proto
2015-07-07 15:48:55 +02:00
Stanislav Malyshev
cd9c39d77c
Merge branch 'pull-request/1350' into PHP-5.4
...
* pull-request/1350:
Move strlen() check to php_mail_detect_multiple_crlf()
Fixed Bug #69874 : Can't set empty additional_headers for mail()
2015-06-28 20:18:56 -07:00
Christoph M. Becker
921544cad9
updated NEWS
2015-06-24 00:20:32 +02:00
Christoph M. Becker
a621781fdb
Fixed bug #69768 (escapeshell*() doesn't cater to !)
...
When delayed variable substitution is enabled (can be set in the
Registry, for instance), !ENV! works similar to %ENV%, and so ! should
be escaped like %.
2015-06-24 00:15:55 +02:00
George Wang
fdb580a5ad
bump API version to 6.8
2015-06-22 23:38:38 -04:00
Yasuo Ohgaki
d263ecd864
Move strlen() check to php_mail_detect_multiple_crlf()
2015-06-19 15:17:56 +09:00
Yasuo Ohgaki
dacea3f6fb
Fixed Bug #69874 : Can't set empty additional_headers for mail()
2015-06-19 12:19:12 +09:00
Lior Kaplan
cc7194dd10
Fixed bug #69689 (Align PCRE_MINOR with current version)
2015-06-18 17:30:21 +03:00
Lior Kaplan
5f67caad54
Add CVE to bugs #69545 , #69646 and #69667
2015-06-18 15:45:10 +03:00
Stanislav Malyshev
7f4e1a0eef
5.4.43 next
2015-06-11 20:46:47 -07:00
Stanislav Malyshev
f1ffb4b1ad
add NEWS
2015-06-09 21:35:18 -07:00
Yasuo Ohgaki
9d168b863e
Fixed bug #68776
2015-06-09 21:32:54 -07:00
Stanislav Malyshev
eee8b6c33f
fix test
2015-06-09 17:11:33 -07:00
Stanislav Malyshev
539738c438
update NEWS
2015-06-09 16:23:05 -07:00
Stanislav Malyshev
8036758491
Fix bug #69646 OS command injection vulnerability in escapeshellarg
2015-06-09 10:52:38 -07:00
Stanislav Malyshev
f7d7befae8
Fix #69719 - more checks for nulls in paths
2015-06-09 10:52:38 -07:00
Remi Collet
531c306fe6
fix test description
2015-06-09 09:18:54 +02:00
George Wang
78d1228ef6
Fixed Buf #68812 Unchecked return value.
2015-06-08 15:38:59 -04:00
Lior Kaplan
33a9f01d36
NEWS entry for: Upgrade bundled sqlite to 3.8.10.2
...
Includes fixes for CVE-2015-3414, CVE-2015-3415, CVE-2015-3416
2015-06-08 22:23:22 +03:00
Lior Kaplan
7ced40e24e
Upgrade bundled sqlite to 3.8.10.2
...
Includes fixes for CVE-2015-3414, CVE-2015-3415, CVE-2015-3416 done in 3.8.9
2015-06-08 22:17:06 +03:00
Lior Kaplan
4cc46b2a99
Add CVE used in PHP 5.4.39, 5.4.40, 5.4.41
2015-06-08 22:12:42 +03:00
Lior Kaplan
90a8ea9827
Add CVE to #68598
2015-06-08 22:04:42 +03:00
Stanislav Malyshev
0765623d69
improve fix for Bug #69545
2015-05-31 17:29:00 -07:00
Stanislav Malyshev
f38ca75a3c
Update PCRE version (bug #69689 )
2015-05-30 21:17:16 -07:00
Remi Collet
88aab478bf
move test
2015-05-20 14:03:41 +02:00
Remi Collet
593c4b9b00
NEWS 5.4
2015-05-20 08:47:04 +02:00
Remi Collet
3ee3066bd0
fix new test
2015-05-20 08:46:14 +02:00
Remi Collet
f93d24aa67
Fixed Bug #69667 segfault in php_pgsql_meta_data
...
Incomplete fix for #68741
2015-05-20 08:46:01 +02:00
Stanislav Malyshev
4ceb7b46ad
5.4.42 next
2015-05-12 22:30:43 -07:00
Stanislav Malyshev
f473ea5464
fix format
2015-05-12 12:37:28 -07:00
Stanislav Malyshev
2f83797a0c
update NEWS
2015-05-12 12:17:54 -07:00
Stanislav Malyshev
9c0813fd48
Add test for bug #69522
2015-05-11 01:10:35 -07:00
Stanislav Malyshev
634aa0a2db
Update tests
2015-05-11 00:12:39 -07:00
Stanislav Malyshev
ba1d9cc4b7
Fix bug #69522 - do not allow int overflow
2015-05-10 23:06:08 -07:00
Stanislav Malyshev
e2bbf0a2df
Forgot test file
2015-05-10 02:24:29 -07:00
Stanislav Malyshev
c591f022f8
Fix bug #69403 and other int overflows
2015-05-10 02:20:08 -07:00
Stanislav Malyshev
be9b2a95ad
Fixed bug #69418 - more s->p fixes for filenames
2015-05-10 02:09:38 -07:00
Stanislav Malyshev
4605d536d2
Fixed bug #69364 - use smart_str to assemble strings
2015-05-09 23:04:25 -07:00
Stanislav Malyshev
c27f012b7a
Fix bug #69453 - don't try to cut empty string
2015-04-29 22:51:43 -07:00
Stanislav Malyshev
ac28329354
Fix bug #69545 - avoid overflow when reading list
2015-04-29 22:50:18 -07:00
Stanislav Malyshev
95fa727992
Upgrade to PCRE 8.37 due to various bugfixes
2015-04-29 22:27:07 -07:00
Anatol Belski
9c5c3ff022
fix VC9 build with PCRE
2015-04-28 13:15:39 +02:00
Stanislav Malyshev
23917b451b
Upgrade PCRE to 8.36, it fixes some crashes
...
We probably will need to go to 8.37 once it is released.
2015-04-27 23:16:54 -07:00
Hannes Magnusson
983f155e1c
phpweb now publishes SHA256s -- and please don't cc php-announce@ - make it seperate mail
2015-04-17 10:05:32 -07:00
Xinchen Hui
0d562a8f44
Fixed res leak
2015-04-14 21:15:50 -07:00
Dmitry Stogov
cee9722028
Fixed recently introduced memory leak
2015-04-14 11:08:38 -07:00
Stanislav Malyshev
9af582bbe0
fix non-standard C
2015-04-14 00:46:47 -07:00