|
Revision tags: php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12 |
|
| #
600f1f89 |
| 17-Nov-2019 |
Christoph M. Becker |
Fix #78814: strip_tags allows / in tag name => whitelist bypass
When normalizing tags to check whether they are contained in the set
of allowable tags, we must not strip slashes, unless
Fix #78814: strip_tags allows / in tag name => whitelist bypass
When normalizing tags to check whether they are contained in the set
of allowable tags, we must not strip slashes, unless they come
immediately after the opening `<`, or immediately before the closing
`>`.
show more ...
|
| #
db420cb6 |
| 19-Nov-2019 |
Christoph M. Becker |
Fix #78833: Integer overflow in pack causes out-of-bound access
We check for potential signed integer overflow, and bail out
gracefully, in that case.
|
| #
9b92c1d1 |
| 21-Nov-2019 |
Christoph M. Becker |
Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW
Apparently, this has not been tested for a long time, and might be a
refactoring relict. Anyhow, we have to pass the context to
Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW
Apparently, this has not been tested for a long time, and might be a
refactoring relict. Anyhow, we have to pass the context to
`GIFNextPixel` as well.
show more ...
|
| #
f6eac76b |
| 18-Nov-2019 |
Christoph M. Becker |
Update NEWS
|
| #
2c9926f1 |
| 12-Nov-2019 |
Stanislav Malyshev |
Fix bug #78804 - Segmentation fault in Locale::filterMatches
|
|
Revision tags: php-7.4.0RC6 |
|
| #
5fa6dcd9 |
| 07-Nov-2019 |
Nikita Popov |
Fixed bug #78759
Handle INDIRECT values in array.
|
|
Revision tags: php-7.3.12RC1 |
|
| #
d317e16e |
| 05-Nov-2019 |
Sara Golemon |
Bump for 7.2.26-dev
|
|
Revision tags: php-7.2.25RC1 |
|
| #
4f984a2f |
| 05-Nov-2019 |
Nikita Popov |
Fixed bug #78775
Clear the OpenSSL error queue before performing SSL stream operations.
As we don't control all code that could possibly be using OpenSSL,
we can't rely on the error
Fixed bug #78775
Clear the OpenSSL error queue before performing SSL stream operations.
As we don't control all code that could possibly be using OpenSSL,
we can't rely on the error queue being empty.
show more ...
|
| #
f9895b4b |
| 29-Oct-2019 |
Nikita Popov |
Fixed bug #78689
|
|
Revision tags: php-7.4.0RC5 |
|
| #
89c327f8 |
| 25-Oct-2019 |
Christoph M. Becker |
Fix #78751: Serialising DatePeriod converts DateTimeImmutable
When getting the properties of a DatePeriod instance we have to retain
the proper classes, and when restoring a DatePeriod i
Fix #78751: Serialising DatePeriod converts DateTimeImmutable
When getting the properties of a DatePeriod instance we have to retain
the proper classes, and when restoring a DatePeriod instance we have to
cater to DateTimeImmutable instances as well.
show more ...
|
| #
16c49108 |
| 28-Oct-2019 |
Nikita Popov |
Fix bug #78752
NULL out the execute_data before destroying it, otherwise GC may
trigger while the execute_data is partially destroyed, resulting
in double-frees.
The handlin
Fix bug #78752
NULL out the execute_data before destroying it, otherwise GC may
trigger while the execute_data is partially destroyed, resulting
in double-frees.
The handling of call stack unfreezing is a bit awkward because it's
a ZEND_API function, so we can't change the signature.
show more ...
|
| #
52499938 |
| 25-Oct-2019 |
Nikita Popov |
Fixed bug #78747
|
| #
52f04987 |
| 22-Oct-2019 |
Joe Watkins |
bump version
|
|
Revision tags: php-7.1.33 |
|
| #
326cd05d |
| 22-Oct-2019 |
Joe Watkins |
set versions for release
|
|
Revision tags: php-7.2.24 |
|
| #
2213bd36 |
| 22-Oct-2019 |
Remi Collet |
add NEWS entry
|
|
Revision tags: php-7.3.11 |
|
| #
bea2ff88 |
| 19-Oct-2019 |
Fabien Villepinte |
Fix bug #78697: inaccurate error message
|
|
Revision tags: php-7.4.0RC4 |
|
| #
ab061f95 |
| 12-Oct-2019 |
Jakub Zelenka |
Fix bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
|
| #
45a77232 |
| 19-Oct-2019 |
Christoph M. Becker |
Fix #78694: Appending to a variant array causes segfault
`write_dimension` object handlers have to be able to handle `NULL`
`offset`s; for now we simply throw an exception instead of fol
Fix #78694: Appending to a variant array causes segfault
`write_dimension` object handlers have to be able to handle `NULL`
`offset`s; for now we simply throw an exception instead of following
the `NULL` pointer.
show more ...
|
|
Revision tags: php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3, php-7.2.23, php-7.3.10, php-7.4.0RC2 |
|
| #
d2cde0bf |
| 16-Sep-2019 |
m.yakunin |
Fix #70153 \DateInterval incorrectly unserialized
Added a separate macro for reading 'days' property, so that bool(false)
is correctly converted to the proper internal representation.
|
| #
e2a6bf48 |
| 09-Oct-2019 |
Mitch Hagstrand |
Fix checksum calculation for opcache
|
| #
900bdcbd |
| 12-Oct-2019 |
Christoph M. Becker |
Fix #78665: Multicasting may leak memory
|
| #
3164186d |
| 09-Oct-2019 |
Erik Lundin |
Fix #78656: Parse errors classified as highest log-level
|
| #
195c2008 |
| 08-Oct-2019 |
Christoph M. Becker |
Fix #78642: Wrong libiconv version displayed
The high byte of `_libiconv_version` specifies the major version; the
low byte the minor version.
|
| #
05d6878b |
| 08-Oct-2019 |
Remi Collet |
next is 7.2.25
|
| #
fd3118ff |
| 08-Oct-2019 |
Christoph M. Becker |
Fix #78641: addGlob can modify given remove_path value
`remove_path` points to the given string, so we must not modify it.
Instead we use a duplicate, if we need the modification.
Fix #78641: addGlob can modify given remove_path value
`remove_path` points to the given string, so we must not modify it.
Instead we use a duplicate, if we need the modification.
We may want to switch to `zend_string`s in master.
show more ...
|
