Lior Kaplan
df340b5d8e
Add CVE to bug #69248
2015-03-19 02:37:50 +02:00
Stanislav Malyshev
225cb973e5
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
update NEWS
Fix bug #69253 - ZIP Integer Overflow leads to writing past heap boundary
Conflicts:
ext/zip/lib/zip_dirent.c
2015-03-17 22:03:24 -07:00
Stanislav Malyshev
210cfafc2b
update NEWS
2015-03-17 22:00:53 -07:00
Stanislav Malyshev
bf2f03ddb3
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix bug #69248 - heap overflow vulnerability in regcomp.c
add test for bug #68976
2015-03-17 17:10:05 -07:00
Stanislav Malyshev
890b3987ab
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fix bug #69248 - heap overflow vulnerability in regcomp.c
add test for bug #68976
2015-03-17 17:09:47 -07:00
Stanislav Malyshev
c83dd84ad6
Merge branch 'PHP-5.4' into PHP-5.5
...
* PHP-5.4:
Fix bug #69248 - heap overflow vulnerability in regcomp.c
add test for bug #68976
2015-03-17 17:08:13 -07:00
Stanislav Malyshev
fb04dcf6db
Fix bug #69248 - heap overflow vulnerability in regcomp.c
...
Merged from 70bc296560
2015-03-17 17:04:57 -07:00
Stanislav Malyshev
dbd1d79b68
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
add NEWS
2015-03-17 13:24:45 -07:00
Stanislav Malyshev
6264f81a21
add NEWS
2015-03-17 13:24:17 -07:00
Stanislav Malyshev
646572d6d3
Fixed bug #68976 - Use After Free Vulnerability in unserialize()
2015-03-17 13:20:22 -07:00
Stanislav Malyshev
3d00867bba
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
update news
Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options)
2015-03-17 13:09:08 -07:00
Stanislav Malyshev
3dfccd7ba5
update news
2015-03-17 13:07:40 -07:00
Stanislav Malyshev
bfb669891e
Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options)
2015-03-17 13:05:43 -07:00
Stanislav Malyshev
1291d6bbee
Fix bug #69207 - move_uploaded_file allows nulls in path
2015-03-17 12:47:58 -07:00
Anatol Belski
f040b48358
updated NEWS
2015-03-17 09:21:38 +01:00
Anatol Belski
0f18a15e89
Fixed bug #65406 Enchant broker plugins are in the wrong place in windows
2015-03-17 09:20:16 +01:00
Nikita Popov
846c8059e6
Merge branch 'PHP-5.5' into PHP-5.6
2015-03-14 09:18:31 +01:00
Jeff Welch
1e51c5411e
Fix #69203 : FILTER_FLAG_STRIP_HIGH doesn't strip ASCII 127
2015-03-14 09:17:36 +01:00
Xinchen Hui
669c7104c3
Update NEWS
2015-03-14 00:53:51 +08:00
Xinchen Hui
ed59370f0a
Little improvement, update NEWs, added test
2015-03-14 00:52:53 +08:00
Nikita Popov
4b930e156f
Merge branch 'PHP-5.5' into PHP-5.6
2015-03-13 16:25:21 +01:00
Nikita Popov
a9d73f0646
Fixed bug #69221
...
A generator iterator can be created from different zvals - use
the object handle to manage references instead.
2015-03-13 16:23:53 +01:00
Daniel Lowrey
3f6b12795c
Fix bug# 69215 (Crypto servers should send client CA list)
2015-03-10 18:13:10 -06:00
Nikita Popov
49bd45a2c1
Merge branch 'PHP-5.5' into PHP-5.6
2015-03-10 18:19:27 +01:00
Nikita Popov
bc9f2fb8df
Fixed bug #69212
2015-03-10 18:17:56 +01:00
Xinchen Hui
0584b2df3f
Update NEWS
2015-03-10 15:38:34 +08:00
Xinchen Hui
6a6c273893
Fixed bug #66609 (php crashes with __get() and ++ operator in some cases)
2015-03-10 15:36:42 +08:00
Xinchen Hui
22894e74c2
Fix is reverted (test fails in all branches)
2015-03-10 10:43:05 +08:00
Xinchen Hui
711ee5e4e1
Update NEWs
2015-03-09 17:13:47 +08:00
Xinchen Hui
b0ec8dfd0d
Update news
2015-03-09 17:09:57 +08:00
Masaki Kagaya
fa72f1ea86
added missing parentheses
...
added test case for bug #68846
replaced tab with space
added missing parentheses again
See also: http://icu-project.org/docs/papers/gb18030.html#h7
2015-03-08 23:39:04 -07:00
Stanislav Malyshev
a8da0a9620
Merge branch 'pull-request/1104' into PHP-5.5
...
* pull-request/1104:
Fix #63486
2015-03-08 23:21:53 -07:00
Stanislav Malyshev
43b426fbc4
Merge branch 'pull-request/1106' into PHP-5.5
...
* pull-request/1106:
Fix #67626
2015-03-08 22:52:21 -07:00
Daniel Lowrey
0928bad9ac
Fixed bug #69197 (openssl_pkcs7_sign handles default value incorrectly)
2015-03-06 11:29:56 -07:00
Tjerk Meesters
469b5a9584
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fixed bug #68917 (parse_url fails on some partial urls)
2015-03-06 20:58:20 +08:00
Tjerk Meesters
d7fb52ea20
Fixed bug #68917 (parse_url fails on some partial urls)
2015-03-06 20:51:22 +08:00
Daniel Lowrey
10bc5fd4c4
Fixed bug ( #69195 Inconsistent stream crypto values across versions)
...
PHP 5.6.0 altered the semantics of the following constants:
- STREAM_CRYPTO_METHOD_SSLv23_CLIENT
- STREAM_CRYPTO_METHOD_SSLv23_SERVER
- STREAM_CRYPTO_METHOD_TLS_CLIENT
- STREAM_CRYPTO_METHOD_TLS_SERVER
Instead of representing the SSLv23_*() handshake methods the v23
constants were changed to allow only SSLv2 or SSLv3 connections.
Likewise, the TLS methods were modified from using only the TLSv1
handshake to allowing TLS1,1.1, and 1.2. This created a situation
in which users upgrading from previous versions faced a potential
security degradation if they did not update code to use different
constants. In the interest of compatibility across PHP versions
the original semantics have been restored with the following
caveat:
**IMPORTANT**
The SSLv23 client/server methods will no longer negotiate the use
of the insecure SSLv2 or SSLv3 protocols by default. Users wishing
to allow these protocols must explicitly add them to the method
bitmask via the appropriate flags.
2015-03-05 21:09:39 -07:00
Chris Wright
e7df9d710c
Fix stream_select() issue with OpenSSL buffer
...
Ensure data from OpenSSL internal buffer has been
transfered to PHP stream buffer before a select()
emulation operation is performed
Addresses bug #65137
https://bugs.php.net/bug.php?id=65137
Conflicts:
ext/openssl/xp_ssl.c
2015-03-05 17:18:14 -07:00
Ferenc Kovacs
33828f002d
re-arrange NEWS
2015-03-05 21:07:05 +01:00
Ferenc Kovacs
d4d05c8919
5.6.8 up next
2015-03-05 19:07:23 +01:00
Daniel Lowrey
5939de35a8
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Fix bug #67403 (Add signatureType to openssl_x509_parse)
5.5.24 now
Conflicts:
configure.in
main/php_version.h
2015-03-05 10:21:32 -07:00
Daniel Lowrey
94140afa69
Fix bug #67403 (Add signatureType to openssl_x509_parse)
2015-03-05 10:09:06 -07:00
Julien Pauli
0f334a1265
5.5.24 now
2015-03-05 14:13:39 +01:00
Xinchen Hui
56f9dc2d59
Update NEWs
2015-03-05 18:40:25 +08:00
Xinchen Hui
f039225597
Fixed bug #69174 (leaks when unused inner class use traits precedence)
2015-03-05 18:39:50 +08:00
Daniel Lowrey
65a9a5ca12
Fixed bug #68265 (SAN match fails with trailing DNS dot)
2015-03-04 23:55:42 -07:00
Daniel Lowrey
5dcace058a
Fixed bug #68879 (IP Address fields in subjectAltNames not used)
2015-03-04 22:39:25 -07:00
Daniel Lowrey
241f3c34b8
Fixed bug #68920 (use strict peer_fingerprint input checks)
2015-03-04 12:47:46 -07:00
Xinchen Hui
a29b64fc10
Fixed bug #69159 (Opcache causes problem when passing a variable variable to a function)
2015-03-04 14:48:41 +08:00
Reeze Xia
f353162ca2
Merge branch 'PHP-5.5' into PHP-5.6
...
* PHP-5.5:
Update NEWS
Fixed bug #67741 (auto_prepend_file messes up __LINE__)
Check variable type before its usage as IS_ARRAY.
Fixed a bug that header value is not terminated by '\0' when accessed through getenv().
Conflicts:
NEWS
2015-03-03 14:37:06 +08:00