php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-19 05:51:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
71,044 Commits 547 Branches 1,483 Tags
d734e75599593fe552eebf9bf579d73addc75a1e
Commit Graph

6626 Commits

Author SHA1 Message Date
Stanislav Malyshev
d734e75599 update NEWS 2015-04-14 00:22:09 -07:00
Stanislav Malyshev
9bed19a1e0 fix CVE num 2015-04-12 20:47:27 -07:00
Xinchen Hui
920a0afbf8 Fixed bug #68901 (use after free) 2015-04-11 16:28:07 -07:00
Xinchen Hui
9a404df382 Fixed bug #68740 (NULL Pointer Dereference) 
(cherry picked from commit 124fb22a13)
 2015-04-05 22:48:10 -07:00
Stanislav Malyshev
5ae20c6247 Fix bug #66550 (SQLite prepared statement use-after-free) 2015-04-05 22:36:26 -07:00
Remi Collet
afbf725e73 Fix bug #68601 buffer read overflow in gd_gif_in.c 2015-04-05 17:33:52 -07:00
Stanislav Malyshev
968fbc6acf Bacport fix bug #68741 - Null pointer dereference 2015-03-22 18:30:05 -07:00
Stanislav Malyshev
95b9c34f02 add CVEs 2015-03-19 22:54:48 -07:00
Stanislav Malyshev
4c3b73b6df 5.4.40 next 2015-03-17 22:37:16 -07:00
Stanislav Malyshev
ef8fc4b53d Fix bug #69253 - ZIP Integer Overflow leads to writing past heap boundary 2015-03-17 21:59:56 -07:00
Stanislav Malyshev
fb04dcf6db Fix bug #69248 - heap overflow vulnerability in regcomp.c 
Merged from 70bc296560
 2015-03-17 17:04:57 -07:00
Stanislav Malyshev
646572d6d3 Fixed bug #68976 - Use After Free Vulnerability in unserialize() 2015-03-17 13:20:22 -07:00
Stanislav Malyshev
bfb669891e Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration options) 2015-03-17 13:05:43 -07:00
Stanislav Malyshev
1291d6bbee Fix bug #69207 - move_uploaded_file allows nulls in path 2015-03-17 12:47:58 -07:00
Ferenc Kovacs
c17a17e44b fix typo in bug# 2015-02-18 19:47:07 +01:00
Remi Collet
c6a26cb39d add CVE 2015-02-18 06:44:41 +01:00
Stanislav Malyshev
24f8a68d0a 5.4.39 next 2015-02-17 07:34:00 +01:00
Stanislav Malyshev
bdfe457a2c Port for for bug #68552 2015-02-17 06:53:02 +01:00
Felipe Pena
82d347a477 - BFN 2015-02-17 01:14:05 -02:00
Yasuo Ohgaki
5b6269a253 Update NEWS 2015-02-14 05:34:57 +09:00
Stanislav Malyshev
f001c63073 Update header handling to RFC 7230 2015-02-05 20:08:12 -08:00
Stanislav Malyshev
0f9c708229 Add mitigation for CVE-2015-0235 (bug #68925) 2015-01-31 19:08:13 -08:00
Stanislav Malyshev
b3b155ffe2 format 2015-01-20 11:57:17 -08:00
Stanislav Malyshev
547f62ed2a add CVE 2015-01-20 11:54:45 -08:00
Stanislav Malyshev
8825311ce1 5.4.38 next 2015-01-20 10:38:33 -08:00
Stanislav Malyshev
e63f7b47e1 Merge branch 'bug68710' into PHP-5.4 
* bug68710:
  Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize())
 2015-01-20 01:02:26 -08:00
Stanislav Malyshev
fc6aa939f5 Merge branch 'bug68799' into PHP-5.4 
* bug68799:
  Fix bug #68799: Free called on unitialized pointer
 2015-01-20 01:00:11 -08:00
Daniel Lowrey
0a76610459 Update NEWS 2015-01-14 18:03:27 +01:00
Anatol Belski
ede59c8feb Fixed bug #68735 fileinfo out-of-bounds memory access 2015-01-04 14:20:21 +01:00
Stanislav Malyshev
b585a3aed7 Fix for bug #68710 (Use After Free Vulnerability in PHP's unserialize()) 2015-01-01 16:19:05 -08:00
Stanislav Malyshev
f9ad308669 FIx bug #68618 (out of bounds read crashes php-cgi) 2014-12-30 01:23:05 -08:00
Ferenc Kovacs
cd387b4575 add missing NEWS entry 2014-12-17 02:10:36 +01:00
Stanislav Malyshev
8fe4cc6d28 5.4.37 2014-12-16 11:44:41 -08:00
Stanislav Malyshev
53f129a44d add CVE 2014-12-16 10:16:31 -08:00
Stanislav Malyshev
630f9c33c2 Fix bug #68594 - Use after free vulnerability in unserialize() 2014-12-16 10:15:17 -08:00
Stanislav Malyshev
97df260b27 update NEWS 2014-12-11 10:41:17 -08:00
Stanislav Malyshev
84be568366 update news 2014-11-30 21:37:39 -08:00
Stanislav Malyshev
7dbc5e5c69 update for LiteSpeed 2014-11-23 18:05:26 -08:00
Stanislav Malyshev
98b22864ff 5.4.36-dev 2014-11-11 16:31:38 -08:00
Matteo Beccati
2323e95df9 Fixed bug #66584 Segmentation fault on statement deallocation 2014-11-11 16:25:31 -08:00
Ferenc Kovacs
db5ad4c51f update NEWS 2014-11-12 00:18:13 +01:00
Stanislav Malyshev
0ddcf2a919 update NEWS 2014-11-03 11:43:15 -08:00
Stanislav Malyshev
4d54c4bdf0 fix NEWS & version 2014-10-22 13:16:29 -07:00
Remi Collet
de4fff0fb3 NEWS 2014-10-22 15:39:49 +02:00
Stanislav Malyshev
287c91c1f0 Fix bug #68113 (Heap corruption in exif_thumbnail()) 2014-10-13 23:17:45 -07:00
Stanislav Malyshev
ab0939e5e5 Fix bug #68089 - do not accept options with embedded \0 
Conflicts:
	ext/curl/interface.c
 2014-10-13 23:16:06 -07:00
Stanislav Malyshev
56754a7f9e Fixed bug #68044: Integer overflow in unserialize() (32-bits only) 2014-10-13 23:14:25 -07:00
Stanislav Malyshev
88412772d2 Fix bug #68027 - fix date parsing in XMLRPC lib 2014-10-13 23:12:11 -07:00
Ard Biesheuvel
82b07b62c0 update NEWS 
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
 2014-10-10 11:40:07 +02:00
Stanislav Malyshev
28ed0119ac update NEWS 2014-09-26 00:55:49 -07:00