5.4.42 next

fix format

update NEWS

Add test for bug #69522

Update tests

Fix bug #69522 - do not allow int overflow

Forgot test file

Fix bug #69403 and other int overflows

Fixed bug #69418 - more s->p fixes for filenames

Fixed bug #69364 - use smart_str to assemble strings

Fix bug #69453 - don't try to cut empty string

Fix bug #69545 - avoid overflow when reading list

Upgrade to PCRE 8.37 due to various bugfixes

fix VC9 build with PCRE

Upgrade PCRE to 8.36, it fixes some crashes

We probably will need to go to 8.37 once it is released.

phpweb now publishes SHA256s -- and please don't cc php-announce@ - make it seperate mail

Fixed res leak

Fixed recently introduced memory leak

fix non-standard C

5.4.41 next

Merge branch 'PHP-5.4.40' into PHP-5.4

* PHP-5.4.40:
update NEWS
Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
fix memory leak & add test

Merge branch 'PHP-5.4.40' into PHP-5.4

* PHP-5.4.40:
update NEWS
Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
fix memory leak & add test
Fix tests
fix CVE num
Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)
Fix test
Additional fix for bug #69324
More fixes for bug #69152
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)

show more ...

fix CVE num

update NEWS

Merge branch 'PHP-5.4' into PHP-5.4.40

* PHP-5.4:
fix CVE num

Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)