| #
845c6b3b |
| 22-Oct-2022 |
Arnaud Le Blanc |
[ci skip] NEWS
|
| #
248f6477 |
| 21-Oct-2022 |
Stanislav Malyshev |
Fix bug #81738 (buffer overflow in hash_update() on long parameter)
|
| #
41a6a298 |
| 17-Oct-2022 |
Derick Rethans |
Update NEWS
|
| #
f702f87f |
| 16-Oct-2022 |
Arnaud Le Blanc |
[ci skip] NEWS
|
| #
e440e37f |
| 13-Oct-2022 |
Christoph M. Becker |
Fix GH-9720: Null pointer dereference while serializing the response
When traversing the result array, we need to cater to `param_name`
possibly being `NULL`. Prior to PHP 7.0.0, this w
Fix GH-9720: Null pointer dereference while serializing the response
When traversing the result array, we need to cater to `param_name`
possibly being `NULL`. Prior to PHP 7.0.0, this was implicitly done
because `param_name` was of type `char*`.
Closes GH-9739.
show more ...
|
| #
dd394b3d |
| 11-Oct-2022 |
Gabriel Caruso |
Prepare for PHp 8.0.26
|
| #
33375e92 |
| 01-Oct-2022 |
Arnaud Le Blanc |
[ci skip] NEWS
|
| #
b0cc5ed9 |
| 30-Sep-2022 |
Remi Collet |
add missing CVEs
|
| #
8b115254 |
| 24-Sep-2022 |
George Peter Banyard |
Fix GH-9583: session_create_id() fails with user defined save handler that doesn't have a validateId() method
|
| #
6f586ef9 |
| 27-Sep-2022 |
Derick Rethans |
Add CVEs
|
| #
404e8bdb |
| 25-Jul-2022 |
Christoph M. Becker |
Fix #81726: phar wrapper: DOS when using quine gzip file
The phar wrapper needs to uncompress the file; the uncompressed file
might be compressed, so the wrapper implementation loops. Th
Fix #81726: phar wrapper: DOS when using quine gzip file
The phar wrapper needs to uncompress the file; the uncompressed file
might be compressed, so the wrapper implementation loops. This raises
potential DOS issues regarding too deep or even infinite recursion (the
latter are called compressed file quines[1]). We avoid that by
introducing a recursion limit; we choose the somewhat arbitrary limit
`3`.
This issue has been reported by real_as3617 and gPayl0ad.
[1] <https://honno.dev/gzip-quine/>
show more ...
|
| #
0611be4e |
| 09-Sep-2022 |
Derick Rethans |
Fix #81727: Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning.
|
| #
559da529 |
| 13-Sep-2022 |
Sara Golemon |
Bump for 8.0.25
|
| #
47500f33 |
| 30-Aug-2022 |
George Peter Banyard |
Fix GH-9421 Incorrect argument number for ValueError in NumberFormatter
Closes GH-9489
|
| #
293e6917 |
| 06-Sep-2022 |
George Peter Banyard |
Fix GH-9308 GMP throws the wrong error when a GMP object is passed to gmp_init()
Closes GH-9490
|
| #
d5373eac |
| 02-Sep-2022 |
Ilija Tovilo |
Fix lsp error in eval'd code referring to incorrect class for static type
Fixes GH-9407
Closes GH-9471
|
| #
1435fc62 |
| 02-Sep-2022 |
Ilija Tovilo |
Private method incorrectly marked as "overwrites" in reflection
Fix GH-9409
Closes GH-9469
|
| #
6ac3f7c8 |
| 05-Sep-2022 |
Yurun |
Fix GH-9411: PgSQL large object resource is incorrectly closed
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
Closes GH-9411.
|
| #
6aedc5ea |
| 02-Sep-2022 |
Arnaud Le Blanc |
[ci skip] NEWS
|
| #
3503b1da |
| 26-Jun-2022 |
Jakub Zelenka |
Fix bug #77780: "Headers already sent" when previous connection was aborted
This change primarily splits SAPI deactivation to module and destroy
parts. The reason is that currently some
Fix bug #77780: "Headers already sent" when previous connection was aborted
This change primarily splits SAPI deactivation to module and destroy
parts. The reason is that currently some SAPIs might bail out
on deactivation. One of those SAPI is PHP-FPM that can bail out on
request end if for example the connection is closed by the client
(web sever). The problem is that in such case the resources are not
freed and some values reset. The most visible impact can have not
resetting the PG(headers_sent) which can cause erorrs in the next
request. One such issue is described in #77780 bug which this fixes
and is also cover by a test in this commit. It seems reasonable
to separate deactivation and destroying of the resource which means
that the bail out will not impact it.
show more ...
|
| #
f92505cf |
| 03-Jul-2022 |
Dmitry Menshikov |
Fix GH-8885: access.log with stderr writes logs to error_log after reload
This fix allows restoring the the original stderr so the logs are
correctly written.
|
| #
725cb4e8 |
| 29-Aug-2022 |
Christoph M. Becker |
Revert "Fix GH-9296: `ksort` behaves incorrectly on arrays with mixed keys"
This reverts commit cd1aed8eddd2dccbb55fb1bc3d67b23a8455248c, as
discussed on internals (<https://externals.io
Revert "Fix GH-9296: `ksort` behaves incorrectly on arrays with mixed keys"
This reverts commit cd1aed8eddd2dccbb55fb1bc3d67b23a8455248c, as
discussed on internals (<https://externals.io/message/118483>).
show more ...
|
| #
bb341210 |
| 19-Aug-2022 |
Christoph M. Becker |
Fix GH-9361: Segmentation fault on script exit
Using a lot of memory may overflow some `int` calculations; to avoid
that we make sure that the operands are promoted to `size_t`.
Fix GH-9361: Segmentation fault on script exit
Using a lot of memory may overflow some `int` calculations; to avoid
that we make sure that the operands are promoted to `size_t`.
This issue has been analyzed by @chschneider.
Closes GH-9379.
show more ...
|
| #
6027d441c |
| 04-Aug-2022 |
NathanFreeman <1056159381@qq.com> |
Fix #79451: DOMDocument->replaceChild on doctype causes double free
We have to reset intSubset if replacing doctype with another doctype node.
Closes GH-9201.
Closes GH-9376.
|
| #
d6831e9a |
| 19-Aug-2022 |
George Peter Banyard |
Revert Fixed bug #79451
The fix for 8.1 and above is not identical and I don't know how to fix without breaking the whole build apparently
|
