clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-25 03:47:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
71,068 Commits 493 Branches 1,366 Tags 848 MiB
f93d24aa67
Commit Graph

71068 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dmitry Stogov
51856a76f8 Fixed bug #69152 2015-03-19 11:36:01 +03:00
Stanislav Malyshev
4c3b73b6df 5.4.40 next 2015-03-17 22:37:16 -07:00
Stanislav Malyshev
ef8fc4b53d Fix bug #69253 - ZIP Integer Overflow leads to writing past heap boundary 2015-03-17 21:59:56 -07:00
Stanislav Malyshev
fb04dcf6db Fix bug #69248 - heap overflow vulnerability in regcomp.c 
Merged from 70bc296560
 2015-03-17 17:04:57 -07:00
Stanislav Malyshev
8b14d3052f add test for bug #68976 2015-03-17 17:03:46 -07:00
Stanislav Malyshev
646572d6d3 Fixed bug #68976 - Use After Free Vulnerability in unserialize() 2015-03-17 13:20:22 -07:00
Stanislav Malyshev
bfb669891e Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options) 2015-03-17 13:05:43 -07:00
Stanislav Malyshev
9ba4db5e5d fix tests 2015-03-17 12:55:35 -07:00
Stanislav Malyshev
1291d6bbee Fix bug #69207 - move_uploaded_file allows nulls in path 2015-03-17 12:47:58 -07:00
Xinchen Hui
ef2db26c60 Merge branch 'arginfo' of https://github.com/realityking/php-src into PHP-5.4 2015-03-08 22:53:19 +08:00
Dmitry Stogov
c8eaca013a Added type checks 2015-03-03 10:43:48 +03:00
Dmitry Stogov
0c136a2abd Added type checks 2015-03-03 09:44:46 +03:00
Dmitry Stogov
d5248f67b5 Check variable type before its usage as IS_ARRAY. 2015-03-02 12:27:36 +03:00
George Wang
8584cc010a Fixed a bug that header value is not terminated by '\0' when accessed through getenv(). 2015-02-25 10:48:19 -05:00
Ferenc Kovacs
c17a17e44b fix typo in bug# 2015-02-18 19:47:07 +01:00
Remi Collet
c6a26cb39d add CVE 2015-02-18 06:44:41 +01:00
Stanislav Malyshev
24f8a68d0a 5.4.39 next 2015-02-17 07:34:00 +01:00
Stanislav Malyshev
bdfe457a2c Port for for bug #68552 2015-02-17 06:53:02 +01:00
Stanislav Malyshev
7b18981830 Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone) 
Conflicts:
	ext/date/php_date.c
 2015-02-17 06:43:51 +01:00
Felipe Pena
82d347a477 - BFN 2015-02-17 01:14:05 -02:00
Felipe Pena
8f9ab04d93 - Fixed bug #67827 (broken detection of system crypt sha256/sha512 support) 2015-02-17 00:23:47 -02:00
Felipe Pena
e08bef442c - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de 2015-02-16 13:07:26 -02:00
Yasuo Ohgaki
5b6269a253 Update NEWS 2015-02-14 05:34:57 +09:00
Yasuo Ohgaki
a8722f5330 Add NULL byte protection to exec, system and passthru 2015-02-14 05:25:04 +09:00
George Wang
5e3f0f5671 Fixed #68790 (Missing return) 2015-02-07 12:16:54 -05:00
Stanislav Malyshev
f001c63073 Update header handling to RFC 7230 2015-02-05 20:08:12 -08:00
Stanislav Malyshev
7efbd70b03 fix sizeof size 2015-02-01 12:40:38 -08:00
Stanislav Malyshev
94d6cb4a78 fix TSRM 2015-01-31 23:34:14 -08:00
Stanislav Malyshev
b30a6d6018 Use better constant since MAXHOSTNAMELEN may mean shorter name 2015-01-31 21:46:56 -08:00
Stanislav Malyshev
2cdbd3537f use right sizeof for memset 2015-01-31 21:30:58 -08:00
Stanislav Malyshev
0f9c708229 Add mitigation for CVE-2015-0235 (bug #68925) 2015-01-31 19:08:13 -08:00
Ferenc Kovacs
61ad5e24ea fix some factual errors in the process 2015-01-22 21:27:38 +01:00
Stanislav Malyshev
b3b155ffe2 format 2015-01-20 11:57:17 -08:00
Stanislav Malyshev
547f62ed2a add CVE 2015-01-20 11:54:45 -08:00
Stanislav Malyshev
ef4896d956 add protection against nulls 2015-01-20 11:46:10 -08:00
Stanislav Malyshev
8825311ce1 5.4.38 next 2015-01-20 10:38:33 -08:00
Stanislav Malyshev
e63f7b47e1 Merge branch 'bug68710' into PHP-5.4 
* bug68710:
  Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
 2015-01-20 01:02:26 -08:00
Stanislav Malyshev
fc6aa939f5 Merge branch 'bug68799' into PHP-5.4 
* bug68799:
  Fix bug #68799: Free called on unitialized pointer
 2015-01-20 01:00:11 -08:00
Daniel Lowrey
0a76610459 Update NEWS 2015-01-14 18:03:27 +01:00
Daniel Lowrey
e2fe8e164f Fixed bug #55618 (use case-insensitive cert name matching) 2015-01-14 18:02:50 +01:00
Stanislav Malyshev
2fc178cf44 Fix bug #68799: Free called on unitialized pointer 2015-01-11 00:51:05 -08:00
Anatol Belski
ebb98e7aeb updated libmagic.patch in 5.4 2015-01-04 17:04:13 +01:00
Anatol Belski
ede59c8feb Fixed bug #68735 fileinfo out-of-bounds memory access 2015-01-04 14:20:21 +01:00
Remi Collet
919abf0cb1 removed dead code 2015-01-04 09:40:19 +01:00
Stanislav Malyshev
b585a3aed7 Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize()) 2015-01-01 16:19:05 -08:00
Stanislav Malyshev
f9ad308669 FIx bug #68618 (out of bounds read crashes php-cgi) 2014-12-30 01:23:05 -08:00
Ferenc Kovacs
cd387b4575 add missing NEWS entry 2014-12-17 02:10:36 +01:00
Stanislav Malyshev
8fe4cc6d28 5.4.37 2014-12-16 11:44:41 -08:00
Stanislav Malyshev
53f129a44d add CVE 2014-12-16 10:16:31 -08:00
Stanislav Malyshev
b75867fff0 add missing test file 2014-12-16 10:15:17 -08:00