php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 08:12:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
132,381 Commits 545 Branches 1,479 Tags
php-8.2.28
Commit Graph

132381 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pierrick Charron
997ec633e4 Update versions for PHP 8.2.28 php-8.2.28 2025-03-11 13:58:12 -04:00
Jakub Zelenka
7cfcced91f Update NEWS with entries for security fixes 2025-03-11 13:54:45 -04:00
Niels Dossche
a5efd911e2 Fix GHSA-wg4p-4hqh-c3g9 2025-03-11 13:54:45 -04:00
Tim Düsterhus
6d080b98de Fix GHSA-p3x9-6h7p-cgfc: libxml streams wrong content-type on redirect 
libxml streams use wrong content-type header when requesting a
redirected resource.
 2025-03-11 13:54:44 -04:00
Jakub Zelenka
7af512087b Fix GHSA-hgf5-96fm-v528: http user header check of crlf 2025-03-11 13:54:44 -04:00
Jakub Zelenka
4a0c42f752 Fix GHSA-52jp-hrpf-2jff: http redirect location truncation 
It converts the allocation of location to be on heap instead of stack
and errors if the location length is greater than 8086 bytes.
 2025-03-11 13:54:44 -04:00
Jakub Zelenka
45687b5ac0 Fix GHSA-pcmh-g36c-qc44: http headers without colon 
The header line must contain colon otherwise it is invalid and it needs
to fail.

Reviewed-by: Tim Düsterhus <tim@tideways-gmbh.com>
 2025-03-11 13:54:43 -04:00
Jakub Zelenka
bb3b9cec7c Fix GHSA-ghsa-v8xr-gpvj-cx9g: http header folding 
This adds HTTP header folding support for HTTP wrapper response
headers.

Reviewed-by: Tim Düsterhus <tim@tideways-gmbh.com>
 2025-03-11 13:54:38 -04:00
Niels Dossche
b5471300d2 Fix test GH-16535 for libxml2 2.14 2025-03-10 20:23:23 +01:00
Niels Dossche
239b01db7c Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix tests for libxml2 2.14
 2025-03-10 20:22:27 +01:00
Niels Dossche
f209eb448e Fix tests for libxml2 2.14 
See GH-18009.
 2025-03-10 20:22:11 +01:00
Ilija Tovilo
9842508580 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Increase CircleCI no_output_timeout
 2025-03-10 13:37:46 +01:00
Ilija Tovilo
ee7fcf2a07 Increase CircleCI no_output_timeout 
Closes GH-18002
 2025-03-10 13:37:24 +01:00
Ilija Tovilo
d6172ce37a [skip ci] Ignore snmp test on asan that frequently times out 
Not sure why this happens only on master.

Cherry-picked from becf207d0c
No longer happens just on master. ;)
 2025-03-10 11:24:27 +01:00
Ilija Tovilo
084446418f Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Suppress snmp lib memory leak, skip ASAN tests
 2025-03-08 16:11:33 +01:00
Ilija Tovilo
b0858427aa Suppress snmp lib memory leak, skip ASAN tests 
I don't know enough about this library to fix those :(

Cherry-picked from:
be4db6b550
ba1d9d0ab2
 2025-03-08 16:10:59 +01:00
Calvin Buckley
23c68045b4 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Remove "Notify Slack" on ppc nightly workflow (#17993)
 2025-03-07 10:39:35 -04:00
Calvin Buckley
5e8aff2c5f Remove "Notify Slack" on ppc nightly workflow (#17993) 
We get weird failures at here, and Ilija was talking about possibly
removing it in general.
 2025-03-07 10:39:14 -04:00
Ilija Tovilo
1009ff65cc Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Upgrade security branches to Ubuntu 22.04
 2025-03-06 15:24:35 +01:00
Ilija Tovilo
5fcc8d4cd1 Upgrade security branches to Ubuntu 22.04 
20.04 goes out of security support in 2 months. Backporting various
commits.

See d98963a071
See af721c9c36
See 378b79b90c

Closes GH-17963
 2025-03-06 15:24:15 +01:00
Ilija Tovilo
9256ee7b1b Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix flaky DatePeriod test
 2025-03-06 15:04:08 +01:00
Ilija Tovilo
8a699372f2 Fix flaky DatePeriod test 
$start and $end use the H:i:s from the current time. If $end happens on
a second boundary, $start + 4 days will include $end, thus performing an
extra iteration. Fix this by setting H:i:s to 00:00:00.
 2025-03-06 15:01:30 +01:00
Calvin Buckley
1afbaaa804 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Skip mysqli/tests/bug73462 on PPC CI (#17971)
 2025-03-05 10:18:41 -04:00
Calvin Buckley
dc6586dd9d Skip mysqli/tests/bug73462 on PPC CI (#17971) 
* Skip this test on PPC CI

Seems to be unfortunately flaky with persistent connections.

* use spaces in phpt file
 2025-03-05 10:17:39 -04:00
Calvin Buckley
aae9cd7b11 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Attempt at ppc64 CI (#17945)
 2025-03-03 12:40:46 -04:00
Calvin Buckley
4694c3e997 Attempt at ppc64 CI (#17945) 
This assumes gentoo (which has best ppc64be support of mainstream
distributions).

(Rebased onto the new workflow_call approach)
 2025-03-03 10:04:02 -04:00
Ilija Tovilo
09d7f69793 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Use laravel default branch in community build
 2025-02-24 15:58:23 +01:00
Ilija Tovilo
e71b8cae7e [skip ci] Use laravel default branch in community build 
See: https://github.com/laravel/framework/issues/54754#issuecomment-2678092563

According to this comment, the default branch more actively receives
changes throuought the year than master. Hence, it makes more sense to
test the default branch.
 2025-02-24 15:58:04 +01:00
Shivam Mathur
3becfb1ae6 Merge branch 'PHP-8.1' into PHP-8.2 2025-02-14 23:33:18 +00:00
Shivam Mathur
f4aadb5537 ci: add workflow to trigger windows builds 2025-02-14 23:32:30 +00:00
Christoph M. Becker
595e616292 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Fix phpize for Windows 11 (24H2)
 2025-02-14 17:16:04 +01:00
Bob Weinand
7f6c05116e [skip ci] Fix phpize for Windows 11 (24H2) 
It seems like n === undefined must have worked on older versions of
jscript, but currently it just causes the insertion to silently fail.
This sets n to an empty string, allowing phpize to include the local
config.w32 files.
 2025-02-14 17:15:24 +01:00
Ilija Tovilo
c5045a04f2 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Add CONFLICT all to random port test
 2025-02-06 15:25:41 +01:00
Ilija Tovilo
726cf51236 Add CONFLICT all to random port test 
If we're very unlucky, we can get the same port opened as an ephemeral
port by some other test.

Closes GH-17706
 2025-02-06 15:25:16 +01:00
Christoph M. Becker
856866ef24 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix curl_basic_022.phpt for libcurl 8.12.0
 2025-02-05 19:22:20 +01:00
Christoph M. Becker
36d46a4732 Fix curl_basic_022.phpt for libcurl 8.12.0 
Due to a deliberate change in libcurl, the expiration is now capped to
at most 400 days.  We could solve this by choosing another date roughly
a year in the future, but would need to update the test next year.
This would be especially annoying for security branches.

Another option would be to actually parse the cookie list lines, but
that might not be worth the trouble.  Instead we just ignore the exact
timestamp created by libcurl.

[1] <https://github.com/curl/curl/pull/15937>

Closes GH-17709.
 2025-02-05 19:20:47 +01:00
Ilija Tovilo
99d2055670 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Another flaky phar macOS test
 2025-02-04 14:52:15 +01:00
Ilija Tovilo
d8aedb589c [skip ci] Another flaky phar macOS test 2025-02-04 14:52:03 +01:00
Christoph M. Becker
036f00f146 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Relax timezone_IDforWindowsID_basic2.phpt expectations
 2025-02-02 13:36:39 +01:00
Christoph M. Becker
afe8e2cdff Relax timezone_IDforWindowsID_basic2.phpt expectations 
Apparently, some ICU versions report "America/Los_Angeles" for the `ZZ`
case, what matches the behavior of ICU 76.1 (on Windows).  Possibly,
there has been some bug fix backport on some systems.  Anyhow, either
seems fine, so we're not picky about that.

Closes GH-17669.
 2025-02-02 13:35:27 +01:00
Ilija Tovilo
c14601cc90 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:58:42 +01:00
Ilija Tovilo
d9744869e6 [skip ci] Another flaky macOS phar test 2025-01-28 12:58:30 +01:00
Ilija Tovilo
01309961bb Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  [skip ci] Another flaky macOS phar test
 2025-01-28 12:45:10 +01:00
Ilija Tovilo
65b990a1e0 [skip ci] Another flaky macOS phar test 2025-01-28 12:44:24 +01:00
Ilija Tovilo
7bda7ad31d Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix cve-2014-3538 test
 2025-01-27 21:48:47 +01:00
Ilija Tovilo
d17d58a982 Fix cve-2014-3538 test 
Make sure we have a unique test file to work with, and increase the time
for the nojit version to match the default version.

Closes GH-17600
 2025-01-27 20:01:13 +01:00
Ilija Tovilo
ad8ba85903 Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Fix mysql mysql_native_password error on CircleCI
 2025-01-27 17:13:20 +01:00
Ilija Tovilo
c99fb05929 Fix mysql mysql_native_password error on CircleCI 
This is already fixed in higher branches. We'll need to fix this
properly when upgrading to MySQL 8.4, which we should do soon as 8.3 is
already EOL.

Closes GH-17560
 2025-01-27 17:11:29 +01:00
Christoph M. Becker
2692b483db Merge branch 'PHP-8.1' into PHP-8.2 
* PHP-8.1:
  Use preinstalled MySQL for Windows CI
 2025-01-25 17:40:48 +01:00
Christoph M. Becker
a403b76e88 Use preinstalled MySQL for Windows CI 
Recent hosted GH Windows runners already have MySQL preinstalled, so
there is no particular need to install it again via Chocolatey or other
means.

If we ever need to address more specific needs, we may want to have a
look at <https://github.com/ankane/setup-mysql>.

Closes GH-17561.
Closes GH-17570.
 2025-01-25 17:40:00 +01:00