7d921531 | 16-Nov-2021 |
Christoph M. Becker |
7.3.34 might be next |
d14a9139 | 16-Nov-2021 |
Christoph M. Becker |
[ci skip] Fix news entry for bug #79971 |
7967875d | 15-Nov-2021 |
Stanislav Malyshev |
[ci skip] Update NEWS |
f15f8fc5 | 01-Sep-2020 |
Christoph M. Becker |
Fix #79971: special character is breaking the path in xml function The libxml based XML functions accepting a filename actually accept URIs with possibly percent-encoded characters. Per
Fix #79971: special character is breaking the path in xml function The libxml based XML functions accepting a filename actually accept URIs with possibly percent-encoded characters. Percent-encoded NUL bytes lead to truncation, like non-encoded NUL bytes would. We catch those, and let the functions fail with a respective warning.
show more ...
|
88f99c9c | 03-Nov-2021 |
Derick Rethans |
Revert "Updated to version 2021.5 (2021e)" This reverts commit a93ff1df200f12385686abf6a6ef534b1a32f523. |
a93ff1df | 03-Nov-2021 |
Derick Rethans |
Updated to version 2021.5 (2021e) |
5f4e034e | 26-Oct-2021 |
Christoph M. Becker |
[ci skip] Fix typo (Okt → Oct) |
f47798e6 | 02-Oct-2021 |
Jakub Zelenka |
Fix bug #81026 (PHP-FPM oob R/W in root process leading to priv escalation) The main change is to store scoreboard procs directly to the variable sized array rather than indirectly throu
Fix bug #81026 (PHP-FPM oob R/W in root process leading to priv escalation) The main change is to store scoreboard procs directly to the variable sized array rather than indirectly through the pointer. Signed-off-by: Stanislav Malyshev <stas@php.net> (cherry picked from commit cb2021e5f69da5e2868130a05bb53db0f9f89e4b) Closes GH-7614.
show more ...
|
32c0850b | 08-Oct-2021 |
Derick Rethans |
Revert "Updated to version 2021.3 (2021c)" This reverts commit e81554c6e6c1410cf74441a5ea0b653938d01ae4. |
e81554c6 | 08-Oct-2021 |
Derick Rethans |
Updated to version 2021.3 (2021c) |
f2f40b1c | 21-Sep-2021 |
Christoph M. Becker |
7.3.32 is next |
96a5b4e4 | 21-Sep-2021 |
Christoph M. Becker |
[ci skip] Add missing CVE to NEWS |
bb847223 | 21-Sep-2021 |
Christoph M. Becker |
[ci skip] Add missing NEWS entry |
549cb440 | 16-Sep-2021 |
Nikita Popov |
Fix persistent smart_str allocation This would allocate a too small buffer if the first smart_str allocation is > SMART_STR_START_LEN but <= SMART_STR_START_SIZE. (cherry picked
Fix persistent smart_str allocation This would allocate a too small buffer if the first smart_str allocation is > SMART_STR_START_LEN but <= SMART_STR_START_SIZE. (cherry picked from commit af8fccee9c5a1c7302d9bfe1c7bd431374e59415)
show more ...
|
df2ceac2 | 06-Sep-2021 |
Christoph M. Becker |
Fix #81420: ZipArchive::extractTo extracts outside of destination We need to properly detect and handle absolute paths in a portable way. |
521bd7ce | 24-Aug-2021 |
Christoph M. Becker |
7.3.31 is next |
b815645a | 24-Aug-2021 |
Stanislav Malyshev |
Fix test |
b2008ab9 | 24-Aug-2021 |
Stanislav Malyshev |
Update NEWS |
2ff853aa | 23-Aug-2021 |
Christoph M. Becker |
Fix #81211: Symlinks are followed when creating PHAR archive It is insufficient to check whether the `base` is contained in `fname`; we also need to ensure that `fname` is properly separ
Fix #81211: Symlinks are followed when creating PHAR archive It is insufficient to check whether the `base` is contained in `fname`; we also need to ensure that `fname` is properly separated. And of course, `fname` has to start with `base`.
show more ...
|
53ea910d | 29-Jun-2021 |
Christoph M. Becker |
7.3.30 is next |
f5cba2d4 | 29-Jun-2021 |
Christoph M. Becker |
[ci skip] Fix NEWS format |
c68a6875 | 21-Jun-2021 |
Stanislav Malyshev |
Update NEWS |
67afa325 | 29-Apr-2021 |
Christoph M. Becker |
Fix #76448: Stack buffer overflow in firebird_info_cb We ensure not to overflow the stack allocated buffer by using `strlcat`. |
08da7c73 | 30-Apr-2021 |
Christoph M. Becker |
Fix #76449: SIGSEGV in firebird_handle_doer We need to verify that the `result_size` is not larger than our buffer, and also should make sure that the `len` which is passed to `isc_v
Fix #76449: SIGSEGV in firebird_handle_doer We need to verify that the `result_size` is not larger than our buffer, and also should make sure that the `len` which is passed to `isc_vax_integer()` has a permissible value; otherwise we bail out.
show more ...
|
bcbf8aa0 | 30-Apr-2021 |
Christoph M. Becker |
Fix #76450: SIGSEGV in firebird_stmt_execute We need to verify that the `result_size` is not larger than our buffer, and also should make sure that the `len` which is passed to `isc_
Fix #76450: SIGSEGV in firebird_stmt_execute We need to verify that the `result_size` is not larger than our buffer, and also should make sure that the `len` which is passed to `isc_vax_integer()` has a permissible value; otherwise we bail out.
show more ...
|