php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-20 14:31:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
76,691 Commits 547 Branches 1,483 Tags
29a4e710de6a73341da3d268343fdfc072ba682a
Commit Graph

7319 Commits

Author SHA1 Message Date
Stanislav Malyshev
29a4e710de Fix bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone) 2015-02-17 06:53:27 +01:00
Antony Dovgal
dbf7d525a5 BFN 2015-02-16 15:23:13 +03:00
Xinchen Hui
a620b79040 Fixed bug #69054 (Null dereference in readline_(read|write)_history() without parameters) 2015-02-15 22:54:05 +08:00
Xinchen Hui
7667f8efc6 Fixed bug #68638 (pg_update() fails to store infinite values) 2015-02-14 22:17:01 +08:00
Yasuo Ohgaki
c0dd221a3a Update NEWS 2015-02-14 05:41:04 +09:00
Xinchen Hui
68ab716f18 Fixed #69015 (php-cgi's getopt does not see $argv) 
No test script is added because of complicated
 2015-02-13 12:53:34 +08:00
Xinchen Hui
f2940b7120 Fixed bug #69017 (Fail to push to the empty array with the constant value defined in class scope) 2015-02-12 10:59:28 +08:00
Lior Kaplan
e6d8bad618 Bug #55508 was fixed in 5.5.19 with 15ba757a, not in 5.5.18 
See https://github.com/php/php-src/pull/631#issuecomment-61969527
 2015-02-11 13:20:44 +02:00
Lior Kaplan
1ebf6fba42 Add missing NEWS entry for revert of bug #41631 2015-02-11 13:15:18 +02:00
Lior Kaplan
b582aa9a44 Add missing NEWS entry for bug #68027 2015-02-11 13:13:03 +02:00
Lior Kaplan
bb16a6b2c2 Align format for bug #68799 2015-02-11 13:11:55 +02:00
Lior Kaplan
f0b329df50 Bug #68361 was fixed in 5.5.20 using 327d4f9a, not in 5.5.19 2015-02-11 13:08:19 +02:00
Lior Kaplan
7bcf62a05b Bug #55618 was fixed in 5.5.21 using eaf107c0 2015-02-11 13:04:32 +02:00
Lior Kaplan
0d68d0a69b Add security bugs fixed in 5.5.18 2015-02-11 12:02:39 +02:00
Lior Kaplan
e06da17931 Add CVE ID to bug #68676 2015-02-11 12:00:19 +02:00
Lior Kaplan
e7c7788e20 Align email format for recent NEWS entries 2015-02-11 11:05:02 +02:00
Daniel Lowrey
f2b12424c0 NEWS 2015-02-09 11:42:40 -05:00
Anatol Belski
f4319a4f73 updated NEWS 2015-02-06 19:37:01 +01:00
Stanislav Malyshev
067340bbc8 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Update header handling to RFC 7230
 2015-02-05 20:09:13 -08:00
Stanislav Malyshev
f001c63073 Update header handling to RFC 7230 2015-02-05 20:08:12 -08:00
Nayana Hettiarachchi
5446377c6b Conflicts: 
main/streams/memory.c
 2015-02-05 16:32:30 +08:00
Julien Pauli
959cecf046 Updated NEWS 2015-02-04 17:43:36 +01:00
Julien Pauli
b86529f751 5.5.23 now 2015-02-04 16:35:32 +01:00
Yasuo Ohgaki
539fd65915 Update NEWS 2015-02-03 19:45:20 +09:00
Daniel Lowrey
f2f467bd96 Fixed bug #65272: correctly set flock() out param in windows 2015-02-02 10:47:54 -05:00
Adam Harvey
a7b3abe4e6 json_decode() should generate a syntax error when given "". 
Fixes bug #68938 (json_decode() decodes empty string without error).
Patch by jeremy at bat-country dot us.
 2015-02-02 11:07:34 +00:00
Frank Stolle
6a905a9a3c Fix #66479: Wrong response to FCGI_GET_VALUES 
Requesting Get-Values via FCGI caused an "endless" loop over the last requested parameter and ended with an invalid response. this patch solves this loop bug.

Conflicts:
	sapi/cgi/fastcgi.c
 2015-02-01 00:35:23 -08:00
Martin Jansen
de31324c22 Fix bug #64938: libxml_disable_entity_loader setting is shared between threads 
The availability of entity loading is stored in a module global which
previously was only initialized in the GINIT constructor. This had the
effect that disabling the entity loader in one request caused
subsequent requests hitting the same Apache child process to  also have
the loader disabled.

With this change the loader is explicitely enabled in the request init
phase.
 2015-02-01 00:08:35 -08:00
Stanislav Malyshev
380741daa4 add NEWS 2015-01-31 23:19:23 -08:00
Stanislav Malyshev
882a375dba Add mitigation for CVE-2015-0235 (bug #68925) 2015-01-31 19:10:52 -08:00
Stanislav Malyshev
0f9c708229 Add mitigation for CVE-2015-0235 (bug #68925) 2015-01-31 19:08:13 -08:00
Yasuo Ohgaki
abf9e2ea09 Fixed Bug #68941 mod_files.sh is a bash-script 2015-01-29 09:25:28 +09:00
Xinchen Hui
b2cf3f064b Fixed bug #68901 (use after free) 2015-01-29 00:00:09 +08:00
Xinchen Hui
8c2d91761a Also Fixed #68571 in CGI SAPI, and some cleanup 2015-01-27 22:11:23 +08:00
Bob Weinand
3f57663b57 Add NEWS entry 2015-01-26 22:50:16 +01:00
Keyur Govande
d065a2fc1b Add NEWS 2015-01-26 21:29:57 +00:00
Remi Collet
2955993947 move CVE to the right version 2015-01-22 13:06:15 +01:00
Joshua Rogers
91aa340180 Fixed bug #68827 Double free with disabled ZMM 2015-01-22 09:59:13 +01:00
Julien Pauli
88f2321a25 Updated NEWS 2015-01-21 11:10:20 +01:00
Derick Rethans
8e19705a93 Fixed bug #55407 (Impossible to prototype DateTime::createFromFormat) 2015-01-20 21:44:19 +00:00
Stanislav Malyshev
cca3c8a985 fix year 2015-01-20 13:27:38 -08:00
Stanislav Malyshev
04dcc705de update NEWS 2015-01-20 11:57:39 -08:00
Stanislav Malyshev
b3b155ffe2 format 2015-01-20 11:57:17 -08:00
Stanislav Malyshev
547f62ed2a add CVE 2015-01-20 11:54:45 -08:00
Stanislav Malyshev
8825311ce1 5.4.38 next 2015-01-20 10:38:33 -08:00
Julien Pauli
a40e004553 Updated NEWS 2015-01-20 15:09:13 +01:00
Stanislav Malyshev
e63f7b47e1 Merge branch 'bug68710' into PHP-5.4 
* bug68710:
  Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
 2015-01-20 01:02:26 -08:00
Stanislav Malyshev
fc6aa939f5 Merge branch 'bug68799' into PHP-5.4 
* bug68799:
  Fix bug #68799: Free called on unitialized pointer
 2015-01-20 01:00:11 -08:00
Derick Rethans
b0159431e3 Fixed bug #45081 (strtotime incorrectly interprets SGT time zone). 2015-01-19 22:59:24 +00:00
Anatol Belski
0cef7d168d updated NEWS 2015-01-15 16:42:52 +01:00