3488cf6fd8
Merge branch 'PHP-5.4.30' into PHP-5.4
...
* PHP-5.4.30:
5.4.30
Better fix for bug #67072 with more BC provisions
Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
update CVE
Fix bug #67492 : unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
Fix bug #67349 : Locale::parseLocale Double Free
add CVEs
Fix potential segfault in dns_get_record()
Fix bug #66127 (Segmentation fault with ArrayObject unset)
5.4.30 rc1
Conflicts:
configure.in
main/php_version.h
2014-06-24 10:23:36 -07:00
6d97b4b2b3
Better fix for bug #67072 with more BC provisions
2014-06-23 22:16:25 -07:00
fb0128af2a
Fix bug #67498 - phpinfo() Type Confusion Information Leak Vulnerability
2014-06-23 00:22:59 -07:00
c42d5cf5de
Better fix for bug #67072 with more BC provisions
2014-06-21 21:29:11 -07:00
88223c5245
Fix bug #67492 : unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
2014-06-21 19:46:16 -07:00
6027c56fd7
Fix bug #67397 (Buffer overflow in locale_get_display_name->uloc_getDisplayName (libicu 4.8.1))
2014-06-21 18:44:14 -07:00
aef6432fbe
Fix bug #67349 : Locale::parseLocale Double Free
2014-06-21 18:38:41 -07:00
680ddabac1
Fixed MarinaDB support
2014-06-20 13:56:32 +04:00
6f3bcb0d6e
Update copyright year for re2c generated files
2014-06-16 23:28:36 +03:00
e667d23178
Update copyright year for re2c files as well
2014-06-16 23:26:50 +03:00
21525d0413
Fix potential segfault in dns_get_record()
...
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
2014-06-15 01:04:24 -07:00
ce70b920e4
- Updated to version 2014.5 (2014e)
2014-06-13 23:26:42 +01:00
b51f82f260
Follow 308 Permanent Redirect responses.
...
Fixes bug #67430 (http:// wrapper doesn't follow 308 redirects).
2014-06-12 18:12:53 -07:00
1b9cbab9a7
Keep 308-399 HTTP response codes when header('Location:') is called.
...
Fixes bug #67428 (header('Location: foo') will override a 308-399 response
code).
2014-06-12 17:35:05 -07:00
4f73394fdd
Fix potential segfault in dns_get_record()
...
If the remote sends us a packet with a malformed TXT record,
we could end up trying to over-consume the packet and wander
off into overruns.
2014-06-11 13:37:04 -07:00
2b04d68972
Fix bug #66127 (Segmentation fault with ArrayObject unset)
2014-06-10 23:24:11 -07:00
317bcb96d0
Fix bug #66127 (Segmentation fault with ArrayObject unset)
2014-06-10 23:17:30 -07:00
25b1dc917a
Fixed Bug #67413 fileinfo: cdf_read_property_info insufficient boundary chec
...
Upstream:
https://github.com/file/file/commit/93e063ee374b6a75729df9e7201fb511e47e259d
Adapted for C standard.
2014-06-10 14:33:37 +02:00
40ef6e07e0
Bug #67412 fileinfo: cdf_count_chain insufficient boundary check
...
Upstream:
https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382
2014-06-10 14:22:04 +02:00
5c9f967999
Fixed Bug #67411 fileinfo: cdf_check_stream_offset insufficient boundary check
...
Upstream:
https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67
2014-06-10 14:13:14 +02:00
e77659a8c8
Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
...
Upstream
https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08
2014-06-10 14:02:36 +02:00
62857998c5
Fixed bug #67399 (putenv with empty variable may lead to crash)
2014-06-08 23:09:09 -07:00
5c8c57aa6c
Fixed DOM tests when using libxml2 versions patched against CVE-2014-0191
...
DOMDocument::substituteEntities needs to be set to true in order for
external entities to be parsed.
2014-06-09 07:05:23 +02:00
aebb23e4db
Bug 49898
...
__getCookies() method implementation
2014-06-08 19:36:18 -07:00
76a7fd893b
Added support for parsing ssl certificates using GeneralizedTime format.
...
fix bug #65698
fix bug #66636
2014-06-08 14:17:58 -07:00
5fd7c2b01d
Remove superfluous echos.
2014-06-08 13:50:22 -07:00
127651e9ae
fix test for 5.4/5.5
2014-06-05 17:33:40 +02:00
15d8c80ead
add test for previous fix
2014-06-05 14:00:00 +02:00
1fe9f1e4f5
Fix regression introduce in fix for bug #67118
...
The fix was correct but break some code (at least in Horde)
This is a temporary workaround to fix regressioni in 5.4, 5.5 and 5.6
This make php_date_initialize more consistent
- on success return 1 + time initiliazed
- on failure return 0 + time = zero
which is check by DATE_CHECK_INITIALIZED by later method call
Will restore consistency with other date classes in master.
2014-06-05 13:39:46 +02:00
20568e5028
Fixed regression introduced by patch for bug #67072
...
This applies to 5.4 and 5.5 only as a legacy fix.
2014-06-03 20:43:58 +02:00
4fcb9a9d1b
Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check
...
Upstream fix https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391.patch
Only revelant part applied
2014-06-03 11:05:00 +02:00
38be99b739
Fixed bug #67359 (Segfault in recursiveDirectoryIterator)
2014-06-01 19:41:01 +08:00
b5d9983ff4
Check for zero-length keys in spl_array_skip_protected and don't skip them.
...
Fixes bug #67360 (Missing element after ArrayObject::getIterator).
2014-05-29 17:49:32 +00:00
d2765e4b8c
updated libmagic.patch for 5.4+
2014-05-27 22:36:12 +02:00
091b7642c2
Fix bug #67249 : printf out-of-bounds read
2014-05-27 11:28:22 -07:00
d184f07b3c
backport this piece from 5.6, related to the #66307 fix
2014-05-26 18:05:13 -07:00
15ee33eb21
Fixed bug #66307 Fileinfo crashes with powerpoint files
2014-05-26 18:04:27 -07:00
4005f06df6
Fix bug #67328 (fileinfo: numerous file_printf calls resulting in performance degradation)
...
Upstream patch: https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d
2014-05-26 18:01:17 -07:00
57225f09ed
Fix bug #67327 : fileinfo: CDF infinite loop in nelements DoS
...
Upstream fix: https://github.com/file/file/commit/f97486ef5dc3e8735440edc4fc8808c63e1a3ef0
2014-05-26 17:45:14 -07:00
319611ffbd
Fix broken test caused by fdb2709.
2014-05-23 15:07:19 +00:00
fdb2709dd2
Add microseconds to the serialised form of DateTime objects.
...
Fixes bug #67308 (Serialize of DateTime truncates fractions of second).
2014-05-21 14:55:52 -05:00
00a22d4d06
Improved test for bug #62479
2014-05-21 18:58:14 +02:00
dc92e81922
Merge branch 'bug67251' into PHP-5.4
...
* bug67251:
Fix bug #67251 - date_parse_from_format out-of-bounds read
Conflicts:
ext/date/lib/parse_date.c
2014-05-13 16:52:45 -07:00
0094fd0969
Merge branch 'bug67252' into PHP-5.4
...
* bug67252:
fix bug #67253 : timelib_meridian_with_check out-of-bounds read
Fix bug #67252 : convert_uudecode out-of-bounds read
2014-05-13 16:47:27 -07:00
9103c9eb4f
Merge branch 'bug67250' into PHP-5.4
...
* bug67250:
Fix bug #67250 (iptcparse out-of-bounds read)
2014-05-13 16:43:10 -07:00
3e276d6728
- Updated to version 2014.3 (2014c)
2014-05-13 16:36:58 +01:00
6ef8e0f088
fix test - output can be chunked
2014-05-12 10:54:16 -07:00
466b8aa444
fix bug #67253 : timelib_meridian_with_check out-of-bounds read
2014-05-11 21:09:11 -07:00
1e2818b143
Fix bug #67252 : convert_uudecode out-of-bounds read
2014-05-11 20:29:27 -07:00
0a80849250
Fix bug #67251 - date_parse_from_format out-of-bounds read
2014-05-11 19:34:21 -07:00
Stanislav Malyshev