php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-14 11:32:11 +02:00
Code Issues Packages Projects Releases Wiki Activity
83,743 Commits 547 Branches 1,483 Tags
69f5e7992bfc239e42a3a82e290399ca75bc56a6
Commit Graph

83743 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stanislav Malyshev
69f5e7992b Fix bug #77022 - use file mode or umask for new files 2018-12-01 21:06:45 -08:00
Stanislav Malyshev
d8765852e0 Add DISPLAY_INI_ENTRIES for imap 2018-11-28 15:45:51 -08:00
Stanislav Malyshev
e5bfea64c8 Disable rsh/ssh functionality in imap by default (bug #77153) 2018-11-20 00:13:50 -08:00
Ferenc Kovacs
81f23057dc 5.6.39 will be the next 2018-09-11 23:58:17 +02:00
Stanislav Malyshev
c1de84014d Update NEWS 2018-09-09 12:19:38 -07:00
Stanislav Malyshev
23b057742e Fix for bug #76582 
The brigade seems to end up in a messed up state if something fails
in shutdown, so we clean it up.
 2018-09-09 11:45:14 -07:00
Ferenc Kovacs
1ba3314335 5.6.38 will be next 2018-07-19 16:54:58 +02:00
Stanislav Malyshev
b73a108543 Add NEWS 2018-07-16 14:26:31 -07:00
Anatol Belski
289cb0f77c Fixed bug #76459 windows linkinfo lacks openbasedir check 2018-07-16 14:21:02 -07:00
Stanislav Malyshev
3462efa386 Fix bug #76557: heap-buffer-overflow (READ of size 48) while reading exif data 
Use MAKERNOTE length as data size.
 2018-07-16 14:17:51 -07:00
Stanislav Malyshev
1baeae4270 Fix bug #76423 - Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c 2018-07-16 14:16:58 -07:00
Ferenc Kovacs
fe3d53f443 5.6.37 will be next 2018-04-24 23:23:14 +02:00
Anatol Belski
4371af3e19 Fix test portability 2018-04-24 10:47:32 +02:00
Stanislav Malyshev
ee76a5ae5a Fix tsrm_ls 2018-04-23 16:48:27 -07:00
Stanislav Malyshev
58b0003975 Merge remote-tracking branch 'security/bug76249' into PHP-5.6 
* security/bug76249:
  Fix test
  Fix bug #76249 - fail on invalid sequences
 2018-04-23 13:44:19 -07:00
Stanislav Malyshev
a4c55eefd0 Merge remote-tracking branch 'security/bug76248' into PHP-5.6 
* security/bug76248:
  Fix bug #76248 - Malicious LDAP-Server Response causes Crash
 2018-04-23 13:44:12 -07:00
Stanislav Malyshev
6e64aba47f Fix #76129 - remove more potential unfiltered outputs for phar 2018-04-23 13:43:43 -07:00
Stanislav Malyshev
e2dcf3cc54 Merge remote-tracking branch 'security/PHP-5.6' into PHP-5.6 
* security/PHP-5.6:
  Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
  Fix bug #75981: prevent reading beyond buffer start
 2018-04-23 13:42:51 -07:00
Stanislav Malyshev
8dca5ae5ec Fix test 2018-04-22 22:19:51 -07:00
Stanislav Malyshev
49782c5499 Fix bug #76248 - Malicious LDAP-Server Response causes Crash 2018-04-22 22:01:35 -07:00
Stanislav Malyshev
06d309fd7a Fix bug #76249 - fail on invalid sequences 2018-04-22 21:26:39 -07:00
Christoph M. Becker
b4e4788c44 Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value 
The MakerNote is not necessarily null-terminated, so we must not use
`strlen()` to avoid OOB reads.  Instead `php_strnlen()` is the proper
way to handle this.
 2018-04-22 20:15:02 -07:00
Ferenc Kovacs
cb981e39c2 [ci skip] 5.6.36 will be next 2018-03-28 23:14:30 +02:00
Anatol Belski
2885f62816 [ci skip] Update NEWS 2018-03-27 14:24:43 +02:00
Jakub Zelenka
d20bebfe13 Do not set PR_SET_DUMPABLE by default 2018-03-27 14:18:01 +02:00
Ferenc Kovacs
3db7427b71 5.6.35 is next 2018-02-27 23:57:06 +01:00
Anatol Belski
4698a412bf [ci skip] Update NEWS 2018-02-27 11:31:37 +01:00
Stanislav Malyshev
523f230c83 Fix bug #75981: prevent reading beyond buffer start 2018-02-26 22:25:51 -08:00
Stanislav Malyshev
1f4b057b63 [ci skip] Set FPM maintainership 
As per http://news.php.net/php.internals/101897, Jakub is officially
annointed as new FPM maintainer.
 2018-02-23 16:43:10 -08:00
Stanislav Malyshev
36239fee36 Fix bug #75981: prevent reading beyond buffer start 2018-02-20 15:44:00 -08:00
Remi Collet
67ec3ce1ec 2018 2018-01-03 15:12:39 +01:00
Ferenc Kovacs
028507f1f6 php 5.6.34 is next 2018-01-03 00:30:58 +01:00
Stanislav Malyshev
2881199c80 Update NEWS 2018-01-01 19:53:00 -08:00
Christoph M. Becker
8d6e958867 Fixed bug #75571: Potential infinite loop in gdImageCreateFromGifCtx 
Due to a signedness confusion in `GetCode_` a corrupt GIF file can
trigger an infinite loop.  Furthermore we make sure that a GIF without
any palette entries is treated as invalid *after* open palette entries
have been removed.
 2018-01-01 19:51:26 -08:00
Stanislav Malyshev
73ca9b3773 Fix bug #74782: remove file name from output to avoid XSS 2018-01-01 19:51:02 -08:00
Anatol Belski
f6e8ce8121 Backport and apply upstream patch for CVE-2017-14107 2017-10-27 13:16:56 +02:00
Ferenc Kovacs
f600785f65 5.6.33 is next 2017-10-25 03:36:30 +02:00
Rasmus Lerdorf
ad7ed6fe21 These tests all assume that IPV6 is available. 2017-10-25 02:21:16 +02:00
Ferenc Kovacs
787e3a1ee4 fix the travis build for PHP-5.6 using precise instead of trusty 2017-10-25 01:51:48 +02:00
Ferenc Kovacs
9839d3a953 fix the travis build for PHP-5.6 using precise instead of trusty 2017-10-25 01:47:50 +02:00
Anatol Belski
45ac5edbd9 Parametrize the expected value to avoid platform false positives 2017-10-24 18:33:21 +02:00
Anatol Belski
7d06a5c89f [ci skip] update NEWS 2017-10-24 14:16:54 +02:00
Anatol Belski
37acebcc8c Fixed bug #72535 arcfour encryption stream filter crashes php 2017-10-24 13:59:18 +02:00
Anatol Belski
a7815e63bd Fixed bug #75055 Out-Of-Bounds Read in timelib_meridian() 2017-10-24 11:28:17 +02:00
Anatol Belski
d37658be6c Apply upstream patch for CVE-2016-1283 
Fix bug #75207, see also
https://bugzilla.redhat.com/show_bug.cgi?id=1295385
https://vcs.pcre.org/pcre?view=revision&revision=1636

(cherry picked from commit d11fceab15)
 2017-10-24 11:10:11 +02:00
Ferenc Kovacs
390f64701d add missing NEWS entry for #74087 and also fix the formatting 2017-07-06 00:10:07 +02:00
Ferenc Kovacs
7991a88675 move NEWS entry to the correct place, also bump the version 2017-07-06 00:05:14 +02:00
Remi Collet
55b880070c NEWS for oniguruma 2017-07-05 09:26:55 +02:00
Remi Collet
703be4f77e Patch from the upstream git 
https://github.com/kkos/oniguruma/issues/60 (CVE-2017-9228)

Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
 2017-07-05 09:26:06 +02:00
Remi Collet
27a743b82b Patch from the upstream git 
https://github.com/kkos/oniguruma/issues/59 (CVE-2017-9229)
b690371bbf97794b4a1d3f295d4fb9a8b05d402d Modified for onig 5.9.6

Thanks to Mamoru TASAKA <mtasaka@fedoraproject.org>
 2017-07-05 09:25:57 +02:00