php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-20 14:31:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
82,539 Commits 547 Branches 1,483 Tags
79cd9a18b505e8d77d16abe6ef146d4b4ff02ed9
Commit Graph

82539 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Xinchen Hui
79cd9a18b5 Fixed bug #70237 (Empty while and do-while segmentation fault with opcode on CLI enabled). 2015-08-11 21:01:56 +08:00
Christoph M. Becker
42ef2b500b updated NEWS wrt. bug #69487 2015-08-11 01:36:39 +02:00
Christoph M. Becker
48c71cd94b Fix #69487: SAPI may truncate POST data 
If SG(request_info).request_body can't be completely written (e.g. due to a
full drive), only parts of the POST data will be available. This patch changes
this, so that SG(request_info).request_body will be reset in this case, and a
warning will be thrown.
 2015-08-11 01:32:13 +02:00
Lior Kaplan
8bac087a79 Add CVE IDs asigned to #69085 (PHP 5.6.7) 2015-08-10 11:54:39 +03:00
Lior Kaplan
eaf5beabf4 Align NEWS with 5.6.12 2015-08-10 11:52:23 +03:00
Lior Kaplan
c1127c4de3 Add entries for phar bug fixes in 5.6.11 (also have CVE assigned) 2015-08-10 11:49:18 +03:00
Christoph M. Becker
36cbb7cc4c updated NEWS 2015-08-09 02:43:41 +02:00
wusuopu
72976e2497 Fix #66606: Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE 
The patch will store Content-Type header value in both HTTP_CONTENT_TYPE field and CONTENT_TYPE field.
 2015-08-09 02:37:16 +02:00
Christoph M. Becker
1b4a80332c added tests for bug #66606 2015-08-09 02:36:58 +02:00
Ferenc Kovacs
1797a716ed fix NEWS 2015-08-07 08:46:10 +02:00
Stanislav Malyshev
362bbaa2dc Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  5.5.29 next

Conflicts:
	configure.in
	main/php_version.h
 2015-08-05 00:00:54 -07:00
Stanislav Malyshev
15e9f4baf4 5.5.29 next 2015-08-04 23:59:55 -07:00
Stanislav Malyshev
54187fa4b9 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  fix test
 2015-08-04 16:45:55 -07:00
Stanislav Malyshev
2425f88afd Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix test
 2015-08-04 16:45:32 -07:00
Stanislav Malyshev
da5321013c fix test 2015-08-04 16:45:20 -07:00
Stanislav Malyshev
eb7ba73079 virtual_file_ex uses emalloc in 5.6+ 2015-08-04 16:31:57 -07:00
Stanislav Malyshev
568a35f84f Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  __wakeup doesn't have to be final
 2015-08-04 16:13:53 -07:00
Stanislav Malyshev
f2f8ea9ac5 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  __wakeup doesn't have to be final
 2015-08-04 16:13:43 -07:00
Stanislav Malyshev
f1acac154a __wakeup doesn't have to be final 2015-08-04 16:13:26 -07:00
Stanislav Malyshev
ed709d5aa0 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update NEWS
  fix test
  update NEWS
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	ext/soap/php_http.c
	ext/spl/spl_observer.c
 2015-08-04 15:29:13 -07:00
Stanislav Malyshev
d52c485717 update NEWS 2015-08-04 15:22:59 -07:00
Stanislav Malyshev
742c54aecf Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix test
  update NEWS
 2015-08-04 14:46:30 -07:00
Stanislav Malyshev
0a21b5d970 fix test 2015-08-04 14:46:19 -07:00
Stanislav Malyshev
ee61c7175f update NEWS 2015-08-04 14:37:28 -07:00
Stanislav Malyshev
69ed3969dd Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Fix bug #70019 - limit extracted files to given directory
  Do not do convert_to_* on unserialize, it messes up references
  Fix #69793 - limit what we accept when unserializing exception
  Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
  Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
  ignore signatures for packages too
  Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
  Fixed bug #69892
  Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
  Improved fix for Bug #69441
  Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
  Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
  Fix bug #70081: check types for SOAP variables

Conflicts:
	.gitignore
	ext/date/php_date.c
	ext/spl/spl_array.c
	ext/spl/spl_observer.c
 2015-08-04 14:10:57 -07:00
Stanislav Malyshev
51f9a00b47 Merge branch 'PHP-5.4' into PHP-5.4.44 
* PHP-5.4:
  Fixed bug #69892
  Adjust Git-Rules
 2015-08-04 14:04:24 -07:00
Stanislav Malyshev
dda81f0505 Fix bug #70019 - limit extracted files to given directory 2015-08-04 14:02:31 -07:00
Stanislav Malyshev
0e09009753 Do not do convert_to_* on unserialize, it messes up references 2015-08-04 13:59:56 -07:00
Stanislav Malyshev
4d2278143a Fix #69793 - limit what we accept when unserializing exception 2015-08-01 22:02:26 -07:00
Stanislav Malyshev
863bf294fe Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) 2015-08-01 22:01:51 -07:00
Stanislav Malyshev
7381b6accc Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject 2015-08-01 22:01:40 -07:00
Stanislav Malyshev
c7d3c027d5 ignore signatures for packages too 2015-08-01 22:01:32 -07:00
Stanislav Malyshev
c2e197e4ef Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage 2015-08-01 22:01:17 -07:00
Nikita Popov
7fc04937f5 Fixed bug #69892 2015-08-01 20:47:43 -07:00
Christoph M. Becker
8d31e463a0 fixed test 2015-08-01 23:52:35 +02:00
Christoph M. Becker
12f099e7bc mentioned cURL file uploads in the "backward incompatible changes" section 2015-08-01 14:15:44 +02:00
Christoph M. Becker
6576d809a5 test fails with old libxml2; skip in this case 2015-07-31 19:52:42 +02:00
Christoph M. Becker
cdabbd9542 test requires imagejpeg(); skip otherwise 2015-07-31 13:51:49 +02:00
Julien Pauli
d7f354fa57 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Adjust Git-Rules
  5.4.44 next
 2015-07-29 10:04:33 +02:00
Julien Pauli
66edc15875 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Adjust Git-Rules
  5.4.44 next

Conflicts:
	configure.in
	main/php_version.h
 2015-07-29 10:04:08 +02:00
Julien Pauli
8f1baa6e1c Adjust Git-Rules 2015-07-29 10:02:39 +02:00
Anatol Belski
9fdb8c2ccd Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  Fixed bug #70002 TS issues with temporary dir handling
 2015-07-28 17:42:37 +02:00
Anatol Belski
54bf6352fe updated NEWS 2015-07-28 17:42:25 +02:00
Anatol Belski
ce5c4500cd Fixed bug #70002 TS issues with temporary dir handling 2015-07-28 17:41:38 +02:00
Anatol Belski
1647ee7ef0 update NEWS 2015-07-28 10:29:24 +02:00
Anatol Belski
20e765b841 Fixed bug #69900 Too long timeout on pipes 2015-07-28 10:28:45 +02:00
Stanislav Malyshev
16023f3e3b Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes 2015-07-26 17:43:16 -07:00
Stanislav Malyshev
7a4584d3f6 Improved fix for Bug #69441 2015-07-26 17:31:12 -07:00
Stanislav Malyshev
b7fa67742c Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) 2015-07-26 17:25:25 -07:00
Stanislav Malyshev
e488690d95 Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) 2015-07-26 17:10:24 -07:00