f7cb87f3 | 02-May-2014 |
Adam Harvey |
Fix author name on the #63228 patch. |
941c39bd | 01-May-2014 |
Adam Harvey |
Use the right path for the suggested PHP invocation in ext_skel. Fixes bug #67160 (ext_skel outputs incorrect information). |
1c13ad7c | 01-May-2014 |
Ferenc Kovacs |
add missing NEWS entry to the correct release where it was added |
35ceea92 | 15-Apr-2014 |
Stanislav Malyshev |
Fix bug #67060: use default mode of 660 |
2d625b5f | 29-Apr-2014 |
Anatol Belski |
Fixed bug #66431 Special Character via COM Interface (CP_UTF8) |
bb422cb6 | 28-Apr-2014 |
Popa Adrian Marius |
Merge branch 'PHP-5.3' into PHP-5.4 * PHP-5.3: Cleanup ZEND_MODULE_API_NO => 20050922
|
dbcd6304 | 28-Apr-2014 |
Popa Adrian Marius |
Cleanup ZEND_MODULE_API_NO => 20050922 |
d3dcd616 | 25-Apr-2014 |
Anatol Belski |
fixed test |
c1aa9baf | 25-Apr-2014 |
Anatol Belski |
Fixed bug #67118 DateTime constructor crash with invalid data |
03c703b8 | 25-Apr-2014 |
Stanislav Malyshev |
add a test case previously broken by a bad fix |
a3288038 | 25-Apr-2014 |
Stanislav Malyshev |
Revert "Fixed bug #64604" This reverts commit b05c088a3abf8e4c6fb6e40418423a9e2dd3d929. Breaks parsing urls where query has : in it, like: /foo/bar?baz=goo:boo |
03be9833 | 24-Apr-2014 |
Anatol Belski |
fix dll export |
61499bf2 | 21-Apr-2014 |
Jakub Zelenka |
Fix accepting ill-formed UTF-8 characters Conflicts: ext/phar/phar_path_check.c |
ea4cee93 | 13-Feb-2014 |
Danack |
Allow valid multi-byte utf-8 characters to be allowed as file names in phar archives. |
68283c9f | 24-Feb-2014 |
Rouven Weßling |
Fix a compiler warning in php_rand.h |
49341e99 | 14-Mar-2014 |
Julio Pintos |
Fix #66908: php-fpm reload leaks epoll_create() file descriptor This patch fixes descriptor leak which could lead to DoS once Max open files is reached |
a18cec1b | 14-Apr-2014 |
Boro Sitnikovski |
Fix bug #65701: Do not use cache for file file copy |
53c68811 | 18-Apr-2014 |
Anatol Belski |
UPGRADING note about bug #67072 |
c2acdbdd | 18-Apr-2014 |
Anatol Belski |
Improved the fix for bug #67072, thanks Nikita |
6e1e98d7 | 17-Apr-2014 |
Levi Morrison |
These links to ~helly don't work anymore. |
5328d428 | 17-Apr-2014 |
Anatol Belski |
Fixed bug #67072 Echoing unserialized "SplFileObject" crash The actual issue lays in the unserializer code which doesn't honor the unserialize callback. By contrast, the serialize callba
Fixed bug #67072 Echoing unserialized "SplFileObject" crash The actual issue lays in the unserializer code which doesn't honor the unserialize callback. By contrast, the serialize callback is respected. This leads to the situation that even if a class has disabled the serialization explicitly, user could still construct a vulnerable string which would result bad things when trying to unserialize. This conserns also the classes implementing Serializable as well as some core classes disabling serialize/unserialize callbacks explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the flow is first to call the unserialize callback (if available), then call __wakeup. If the unserialize callback returns with no success, no object is instantiated. This makes the scheme used by internal classes effective, to disable unserialize just assign zend_class_unserialize_deny as callback.
show more ...
|
7a5f1663 | 16-Apr-2014 |
Anatol Belski |
correct the bug #67081 fix |
5224614f | 16-Apr-2014 |
Anatol Belski |
Fixed bug #67081 DOMDocumentType->internalSubset returns entire DOCTYPE tag, not only the subset |
1d34d822 | 15-Apr-2014 |
Stanislav Malyshev |
5.4.29 is next |
eea75e71 | 14-Apr-2014 |
Stanislav Malyshev |
Fix test - on CI somebody could create a process in the meantime |