php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-21 06:51:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
81,748 Commits 547 Branches 1,483 Tags
3d00867bbace3a500f6ff595be9c07eea073f28b
Commit Graph

4087 Commits

Author SHA1 Message Date
Stanislav Malyshev 0f333fa93c Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  added missing parentheses
  Fix #67626
  Fix #63486

Conflicts:
	main/streams/userspace.c
 2015-03-08 23:41:30 -07:00
Julien Pauli 7d47d9fe23 Fix #67626 2015-03-08 23:40:55 -07:00
Stanislav Malyshev 43b426fbc4 Merge branch 'pull-request/1106' into PHP-5.5 
* pull-request/1106:
  Fix #67626
 2015-03-08 22:52:21 -07:00
Daniel Lowrey 10bc5fd4c4 Fixed bug (#69195 Inconsistent stream crypto values across versions) 
PHP 5.6.0 altered the semantics of the following constants:

- STREAM_CRYPTO_METHOD_SSLv23_CLIENT
- STREAM_CRYPTO_METHOD_SSLv23_SERVER
- STREAM_CRYPTO_METHOD_TLS_CLIENT
- STREAM_CRYPTO_METHOD_TLS_SERVER

Instead of representing the SSLv23_*() handshake methods the v23
constants were changed to allow only SSLv2 or SSLv3 connections.
Likewise, the TLS methods were modified from using only the TLSv1
handshake to allowing TLS1,1.1, and 1.2. This created a situation
in which users upgrading from previous versions faced a potential
security degradation if they did not update code to use different
constants. In the interest of compatibility across PHP versions
the original semantics have been restored with the following
caveat:

**IMPORTANT**

The SSLv23 client/server methods will no longer negotiate the use
of the insecure SSLv2 or SSLv3 protocols by default. Users wishing
to allow these protocols must explicitly add them to the method
bitmask via the appropriate flags.
 2015-03-05 21:09:39 -07:00
Chris Wright e7df9d710c Fix stream_select() issue with OpenSSL buffer 
Ensure data from OpenSSL internal buffer has been
transfered to PHP stream buffer before a select()
emulation operation is performed

Addresses bug #65137
https://bugs.php.net/bug.php?id=65137

Conflicts:
	ext/openssl/xp_ssl.c
 2015-03-05 17:18:14 -07:00
Ferenc Kovacs d4d05c8919 5.6.8 up next 2015-03-05 19:07:23 +01:00
Julien Pauli 0f334a1265 5.5.24 now 2015-03-05 14:13:39 +01:00
Reeze Xia 6cb3b941df Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Improve fix for bug 67741
  Added type checks
  Added type checks
 2015-03-03 16:27:35 +08:00
Reeze Xia 860fc3947f Improve fix for bug 67741 
Thanks to laruence.
 2015-03-03 16:25:43 +08:00
Reeze Xia 4e2c87edb3 Fixed bug #67741 (auto_prepend_file messes up __LINE__) 
This also fixes bug #54081
 2015-03-03 11:43:23 +08:00
Reeze Xia 34f09b6240 Fixed bug #67741 (auto_prepend_file messes up __LINE__) 
This also fixes bug #54081
 2015-03-03 11:25:30 +08:00
Xinchen Hui 578903578c Merge branch 'PHP-5.5' into PHP-5.6 2015-02-27 12:03:00 +08:00
Xinchen Hui 4eb830b212 Reorder 2015-02-27 12:02:42 +08:00
Xinchen Hui d377cb6207 Merge branch 'PHP-5.5' into PHP-5.6 2015-02-27 12:01:05 +08:00
Xinchen Hui ebfc49aa91 Fixed bug #69121 (Segfault in get_current_user when script owner is not in passwd with ZTS build) 2015-02-27 12:00:52 +08:00
Rasmus Lerdorf a9ba407ce1 Fix bug #68166 
We can't always efree here
php_escape_html_entities can return an interned_empty_string
 2015-02-22 08:25:56 -08:00
Rasmus Lerdorf e12b72d3f7 Fix bug #68166 
We can't always efree here
php_escape_html_entities can return an interned_empty_string
 2015-02-22 08:14:41 -08:00
Julien Pauli c4c3dca302 Fix #67626 2015-02-20 16:07:40 +01:00
Michael Wallner 0d2a2b98c9 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #65593 (Segfault when calling ob_start from output buffering callback)
 2015-02-18 13:59:32 +01:00
Michael Wallner 225af964c0 Fixed bug #65593 (Segfault when calling ob_start from output buffering callback) 2015-02-18 13:58:31 +01:00
manuel cc13d8696f Fix another invalid free of CG(interned_empty_string) 
Fixes #68214
 2015-02-07 19:17:31 +01:00
manuel 13fc7f20a4 Invalid free of CG(interned_empty_string) 
On failure php_escape_html_entities returns STR_EMPTY_ALLOC which is an
alias of CG(interned_empty_string) if interned strings are enabled.
Make sure we don't free this.
 2015-02-06 16:53:01 +01:00
Stanislav Malyshev a1c28567c6 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Update header handling to RFC 7230
 2015-02-05 20:10:09 -08:00
Stanislav Malyshev 067340bbc8 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Update header handling to RFC 7230
 2015-02-05 20:09:13 -08:00
Stanislav Malyshev f001c63073 Update header handling to RFC 7230 2015-02-05 20:08:12 -08:00
Xinchen Hui ae90010891 Merge branch 'PHP-5.5' into PHP-5.6 
Conflicts:
	main/streams/memory.c
 2015-02-05 16:33:20 +08:00
Nayana Hettiarachchi 5446377c6b Conflicts: 
main/streams/memory.c
 2015-02-05 16:32:30 +08:00
Julien Pauli e6ea244004 5.6.7 now 2015-02-04 16:37:49 +01:00
Julien Pauli b86529f751 5.5.23 now 2015-02-04 16:35:32 +01:00
Xinchen Hui 1bb7647c6e Fixed indent 2015-02-03 23:24:34 +08:00
Yasuo Ohgaki 436ba1c488 Fixed Bug #67988 htmlspecialchars() does not respect default_charset specified by ini_set. 2015-02-03 18:52:46 +09:00
Stanislav Malyshev c5526291ce Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix group name handling
 2015-01-31 23:47:25 -08:00
Stanislav Malyshev e5e251b023 fix group name handling 2015-01-31 23:47:03 -08:00
Stanislav Malyshev 6a960b6d1b Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Use better constant since MAXHOSTNAMELEN may mean shorter name
  use right sizeof for memset
 2015-01-31 21:48:40 -08:00
Stanislav Malyshev af1f867308 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Use better constant since MAXHOSTNAMELEN may mean shorter name
  use right sizeof for memset
 2015-01-31 21:48:14 -08:00
Stanislav Malyshev b30a6d6018 Use better constant since MAXHOSTNAMELEN may mean shorter name 2015-01-31 21:46:56 -08:00
Stanislav Malyshev 41bdd6e7cc Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Add mitigation for CVE-2015-0235 (bug #68925)
  Add mitigation for CVE-2015-0235 (bug #68925)
 2015-01-31 19:12:20 -08:00
Stanislav Malyshev 882a375dba Add mitigation for CVE-2015-0235 (bug #68925) 2015-01-31 19:10:52 -08:00
Stanislav Malyshev 237128603f Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Add mitigation for CVE-2015-0235 (bug #68925)
 2015-01-31 19:08:37 -08:00
Stanislav Malyshev 0f9c708229 Add mitigation for CVE-2015-0235 (bug #68925) 2015-01-31 19:08:13 -08:00
Bob Weinand 666cb333f7 Merge remote-tracking branch 'origin/PHP-5.5' into PHP-5.6 
Conflicts:
	NEWS
 2015-01-26 22:51:37 +01:00
Bob Weinand b8461eb9ac Fix call after close if multiple filters are attached 2015-01-26 22:47:35 +01:00
Stanislav Malyshev c9162147f2 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  add protection against nulls
 2015-01-20 11:47:06 -08:00
Stanislav Malyshev a3cb69d63e Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  add protection against nulls
 2015-01-20 11:46:39 -08:00
Stanislav Malyshev ef4896d956 add protection against nulls 2015-01-20 11:46:10 -08:00
Stanislav Malyshev 8825311ce1 5.4.38 next 2015-01-20 10:38:33 -08:00
Xinchen Hui 0579e8278d bump year 2015-01-15 23:26:37 +08:00
Xinchen Hui 73c1be2653 Bump year 2015-01-15 23:26:03 +08:00
Julien Pauli 3f1d1892c9 5.5.22 now 2015-01-07 10:42:53 +01:00
Ferenc Kovacs b0a26ab8f8 PHP-5.6.6 is next 2015-01-06 22:58:22 +01:00