php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-29 19:52:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
77,234 Commits 547 Branches 1,481 Tags
a6734f70e124fcccb1b488f40cc00a1fa07b5d4a
Commit Graph

77234 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Julien Pauli
a6734f70e1 5.5.32 now 2016-01-07 13:07:23 +01:00
Stanislav Malyshev
74dcbe1299 Update NEWS 2016-01-05 19:28:24 -08:00
Stanislav Malyshev
2baeb167a0 Improve fix for bug #70976 2015-12-28 23:44:14 -08:00
Stanislav Malyshev
dcf3c9761c Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization) 2015-12-28 14:46:35 -08:00
Stanislav Malyshev
1785d2b805 Fixed bug #70741: Session WDDX Packet Deserialization Type Confusion Vulnerability 2015-12-28 12:44:10 -08:00
Julien Pauli
4df84a648e Fixed #70728 2015-12-22 17:12:49 +01:00
Stanislav Malyshev
be19dbcb84 Fixed bug #70755: fpm_log.c memory leak and buffer overflow 2015-12-08 00:10:07 -08:00
Stanislav Malyshev
4bb422343f Fix bug #70976: fix boundary check on gdImageRotateInterpolated 2015-12-07 23:33:05 -08:00
Stanislav Malyshev
2e157c5275 typofix 2015-12-06 14:07:39 -08:00
Ferenc Kovacs
f3838a9c35 Merge branch 'pr-1483' into PHP-5.5 
* pr-1483:
  fixup, both catched by nikic
  use another character device in this test as /dev/console seems that it is different for lxc containers
  the de_DE(iso-8859-1) locale is not available on ubuntu by default, but there is no reason to require that over the utf-8 one
  let's try running our testsuite without sudo
 2015-10-19 22:44:19 +02:00
Julien Pauli
d7fb43e30d Fixed test 2015-09-30 13:18:16 +02:00
Julien Pauli
3f08fc0466 5.5.31 now 2015-09-30 13:01:11 +02:00
Ferenc Kovacs
932f707177 add NEWS entries 2015-09-30 01:15:24 +02:00
Stanislav Malyshev
1ddf72180a Better fix for bug #70433 2015-09-28 21:41:02 -07:00
Stanislav Malyshev
f98ab19dc0 fix memory leak 2015-09-28 20:43:18 -07:00
Stanislav Malyshev
e78ac461db FIx bug #70433 - Uninitialized pointer in phar_make_dirstream when zip entry filename is "/" 2015-09-28 17:12:35 -07:00
Stanislav Malyshev
d698f0ae51 Fix bug #69720: Null pointer dereference in phar_get_fp_offset() 2015-09-28 15:56:51 -07:00
Julien Pauli
bb98ed600a Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Merge branch 'PHP-5.6'
  bump version

Conflicts:
	configure.in
	main/php_version.h
 2015-09-02 17:55:20 +02:00
Matteo Beccati
a12cef979d Merge branch 'PHP-5.6' 
* PHP-5.6:
  Added missing skipif for phar+zlib test
 2015-09-02 17:53:36 +02:00
Julien Pauli
ea807f9c07 5.5.30 next 2015-09-02 17:40:56 +02:00
Stanislav Malyshev
51fca4b77d bump version 2015-09-01 13:12:16 -07:00
Stanislav Malyshev
43c2dfa7b3 Merge branch 'PHP-5.5' into PHP-5.5.29 
* PHP-5.5:
  fix unit tests
 2015-09-01 12:24:06 -07:00
Stanislav Malyshev
4aeff30337 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  fix unit tests
 2015-09-01 12:23:55 -07:00
Stanislav Malyshev
1922c650ba fix unit tests 2015-09-01 12:23:22 -07:00
Stanislav Malyshev
32fe02c27d Merge branch 'PHP-5.5' into PHP-5.5.29 
* PHP-5.5:
  update NEWS
  add NEWS for fixes
 2015-09-01 12:04:04 -07:00
Stanislav Malyshev
31b634bf7c update NEWS 2015-09-01 12:03:48 -07:00
Stanislav Malyshev
0fac73a3bf Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  add NEWS for fixes
 2015-09-01 12:00:30 -07:00
Stanislav Malyshev
7ceb0e3a18 add NEWS for fixes 2015-09-01 11:53:59 -07:00
Stanislav Malyshev
53d274beb0 Merge branch 'PHP-5.5' into PHP-5.5.29 
* PHP-5.5:
  Improve fix for #70172
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)

Conflicts:
	ext/pcre/php_pcre.c
 2015-09-01 11:43:27 -07:00
Stanislav Malyshev
33d3acaae7 Merge branch 'PHP-5.4' into PHP-5.5 
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
	configure.in
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-09-01 11:42:19 -07:00
Stanislav Malyshev
48cfd1160b Merge branch 'PHP-5.4.45' into PHP-5.4 
* PHP-5.4.45:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
 2015-09-01 11:40:15 -07:00
Stanislav Malyshev
7c31203935 Improve fix for #70172 2015-09-01 11:38:39 -07:00
Stanislav Malyshev
e2291e4b1a Merge branch 'PHP-5.4.45' into PHP-5.5.29 
* PHP-5.4.45:
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
 2015-09-01 01:17:12 -07:00
Stanislav Malyshev
1390a5812b Fix bug #70312 - HAVAL gives wrong hashes in specific cases 2015-09-01 01:16:30 -07:00
Stanislav Malyshev
3605d1baf5 Merge branch 'PHP-5.4.45' into PHP-5.5.29 
* PHP-5.4.45:
  fix test
 2015-09-01 00:59:55 -07:00
Stanislav Malyshev
906f19f136 fix test 2015-09-01 00:59:31 -07:00
Stanislav Malyshev
6935058a98 Merge branch 'PHP-5.4.45' into PHP-5.5.29 
* PHP-5.4.45:
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)

Conflicts:
	ext/pcre/php_pcre.c
	ext/standard/var_unserializer.c
 2015-09-01 00:28:39 -07:00
Stanislav Malyshev
c8f07ad477 add test 2015-09-01 00:26:12 -07:00
Stanislav Malyshev
259057b2a4 Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList 2015-09-01 00:20:45 -07:00
Stanislav Malyshev
f06a069c46 Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage 2015-09-01 00:14:15 -07:00
Stanislav Malyshev
e8429400d4 Fix bug #70172 - Use After Free Vulnerability in unserialize() 2015-08-31 23:26:14 -07:00
Stanislav Malyshev
e201f01ac1 Fix bug #70388 - SOAP serialize_function_call() type confusion 2015-08-31 21:06:03 -07:00
Stanislav Malyshev
f9c2bf73ad Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories 2015-08-30 00:38:08 -07:00
Stanislav Malyshev
ce2c67c8e8 Improve fix for #70385 2015-08-29 23:01:36 -07:00
Stanislav Malyshev
03964892c0 Fix bug #70345 (Multiple vulnerabilities related to PCRE functions) 2015-08-28 22:52:50 -07:00
Stanislav Malyshev
64043cb9e5 Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes) 2015-08-28 22:25:41 -07:00
Stanislav Malyshev
fc8eff897b More fixes for bug #70219 2015-08-28 21:50:21 -07:00
Stanislav Malyshev
24dda816d0 Merge branch 'PHP-5.4.45' into PHP-5.5.29 
* PHP-5.4.45:
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  5.4.45 next

Conflicts:
	configure.in
	ext/standard/var_unserializer.c
	ext/standard/var_unserializer.re
	main/php_version.h
 2015-08-25 23:08:49 -07:00
Ferenc Kovacs
95a0b11d0a fixup, both catched by nikic 2015-08-24 17:02:25 +02:00
Ferenc Kovacs
e93d7953df use another character device in this test as /dev/console seems that it is different for lxc containers 2015-08-24 14:40:21 +02:00