Revision tags: php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12 |
|
#
600f1f89 |
| 17-Nov-2019 |
Christoph M. Becker |
Fix #78814: strip_tags allows / in tag name => whitelist bypass When normalizing tags to check whether they are contained in the set of allowable tags, we must not strip slashes, unless
Fix #78814: strip_tags allows / in tag name => whitelist bypass When normalizing tags to check whether they are contained in the set of allowable tags, we must not strip slashes, unless they come immediately after the opening `<`, or immediately before the closing `>`.
show more ...
|
#
db420cb6 |
| 19-Nov-2019 |
Christoph M. Becker |
Fix #78833: Integer overflow in pack causes out-of-bound access We check for potential signed integer overflow, and bail out gracefully, in that case.
|
#
9b92c1d1 |
| 21-Nov-2019 |
Christoph M. Becker |
Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW Apparently, this has not been tested for a long time, and might be a refactoring relict. Anyhow, we have to pass the context to
Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW Apparently, this has not been tested for a long time, and might be a refactoring relict. Anyhow, we have to pass the context to `GIFNextPixel` as well.
show more ...
|
#
f6eac76b |
| 18-Nov-2019 |
Christoph M. Becker |
Update NEWS
|
#
2c9926f1 |
| 12-Nov-2019 |
Stanislav Malyshev |
Fix bug #78804 - Segmentation fault in Locale::filterMatches
|
Revision tags: php-7.4.0RC6 |
|
#
5fa6dcd9 |
| 07-Nov-2019 |
Nikita Popov |
Fixed bug #78759 Handle INDIRECT values in array.
|
Revision tags: php-7.3.12RC1 |
|
#
d317e16e |
| 05-Nov-2019 |
Sara Golemon |
Bump for 7.2.26-dev
|
Revision tags: php-7.2.25RC1 |
|
#
4f984a2f |
| 05-Nov-2019 |
Nikita Popov |
Fixed bug #78775 Clear the OpenSSL error queue before performing SSL stream operations. As we don't control all code that could possibly be using OpenSSL, we can't rely on the error
Fixed bug #78775 Clear the OpenSSL error queue before performing SSL stream operations. As we don't control all code that could possibly be using OpenSSL, we can't rely on the error queue being empty.
show more ...
|
#
f9895b4b |
| 29-Oct-2019 |
Nikita Popov |
Fixed bug #78689
|
Revision tags: php-7.4.0RC5 |
|
#
89c327f8 |
| 25-Oct-2019 |
Christoph M. Becker |
Fix #78751: Serialising DatePeriod converts DateTimeImmutable When getting the properties of a DatePeriod instance we have to retain the proper classes, and when restoring a DatePeriod i
Fix #78751: Serialising DatePeriod converts DateTimeImmutable When getting the properties of a DatePeriod instance we have to retain the proper classes, and when restoring a DatePeriod instance we have to cater to DateTimeImmutable instances as well.
show more ...
|
#
16c49108 |
| 28-Oct-2019 |
Nikita Popov |
Fix bug #78752 NULL out the execute_data before destroying it, otherwise GC may trigger while the execute_data is partially destroyed, resulting in double-frees. The handlin
Fix bug #78752 NULL out the execute_data before destroying it, otherwise GC may trigger while the execute_data is partially destroyed, resulting in double-frees. The handling of call stack unfreezing is a bit awkward because it's a ZEND_API function, so we can't change the signature.
show more ...
|
#
52499938 |
| 25-Oct-2019 |
Nikita Popov |
Fixed bug #78747
|
#
52f04987 |
| 22-Oct-2019 |
Joe Watkins |
bump version
|
Revision tags: php-7.1.33 |
|
#
326cd05d |
| 22-Oct-2019 |
Joe Watkins |
set versions for release
|
Revision tags: php-7.2.24 |
|
#
2213bd36 |
| 22-Oct-2019 |
Remi Collet |
add NEWS entry
|
Revision tags: php-7.3.11 |
|
#
bea2ff88 |
| 19-Oct-2019 |
Fabien Villepinte |
Fix bug #78697: inaccurate error message
|
Revision tags: php-7.4.0RC4 |
|
#
ab061f95 |
| 12-Oct-2019 |
Jakub Zelenka |
Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
|
#
45a77232 |
| 19-Oct-2019 |
Christoph M. Becker |
Fix #78694: Appending to a variant array causes segfault `write_dimension` object handlers have to be able to handle `NULL` `offset`s; for now we simply throw an exception instead of fol
Fix #78694: Appending to a variant array causes segfault `write_dimension` object handlers have to be able to handle `NULL` `offset`s; for now we simply throw an exception instead of following the `NULL` pointer.
show more ...
|
Revision tags: php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3, php-7.2.23, php-7.3.10, php-7.4.0RC2 |
|
#
d2cde0bf |
| 16-Sep-2019 |
m.yakunin |
Fix #70153 \DateInterval incorrectly unserialized Added a separate macro for reading 'days' property, so that bool(false) is correctly converted to the proper internal representation.
|
#
e2a6bf48 |
| 09-Oct-2019 |
Mitch Hagstrand |
Fix checksum calculation for opcache
|
#
900bdcbd |
| 12-Oct-2019 |
Christoph M. Becker |
Fix #78665: Multicasting may leak memory
|
#
3164186d |
| 09-Oct-2019 |
Erik Lundin |
Fix #78656: Parse errors classified as highest log-level
|
#
195c2008 |
| 08-Oct-2019 |
Christoph M. Becker |
Fix #78642: Wrong libiconv version displayed The high byte of `_libiconv_version` specifies the major version; the low byte the minor version.
|
#
05d6878b |
| 08-Oct-2019 |
Remi Collet |
next is 7.2.25
|
#
fd3118ff |
| 08-Oct-2019 |
Christoph M. Becker |
Fix #78641: addGlob can modify given remove_path value `remove_path` points to the given string, so we must not modify it. Instead we use a duplicate, if we need the modification.
Fix #78641: addGlob can modify given remove_path value `remove_path` points to the given string, so we must not modify it. Instead we use a duplicate, if we need the modification. We may want to switch to `zend_string`s in master.
show more ...
|