#
845c6b3b |
| 22-Oct-2022 |
Arnaud Le Blanc |
[ci skip] NEWS
|
#
248f6477 |
| 21-Oct-2022 |
Stanislav Malyshev |
Fix bug #81738 (buffer overflow in hash_update() on long parameter)
|
#
41a6a298 |
| 17-Oct-2022 |
Derick Rethans |
Update NEWS
|
#
f702f87f |
| 16-Oct-2022 |
Arnaud Le Blanc |
[ci skip] NEWS
|
#
e440e37f |
| 13-Oct-2022 |
Christoph M. Becker |
Fix GH-9720: Null pointer dereference while serializing the response When traversing the result array, we need to cater to `param_name` possibly being `NULL`. Prior to PHP 7.0.0, this w
Fix GH-9720: Null pointer dereference while serializing the response When traversing the result array, we need to cater to `param_name` possibly being `NULL`. Prior to PHP 7.0.0, this was implicitly done because `param_name` was of type `char*`. Closes GH-9739.
show more ...
|
#
dd394b3d |
| 11-Oct-2022 |
Gabriel Caruso |
Prepare for PHp 8.0.26
|
#
33375e92 |
| 01-Oct-2022 |
Arnaud Le Blanc |
[ci skip] NEWS
|
#
b0cc5ed9 |
| 30-Sep-2022 |
Remi Collet |
add missing CVEs
|
#
8b115254 |
| 24-Sep-2022 |
George Peter Banyard |
Fix GH-9583: session_create_id() fails with user defined save handler that doesn't have a validateId() method
|
#
6f586ef9 |
| 27-Sep-2022 |
Derick Rethans |
Add CVEs
|
#
404e8bdb |
| 25-Jul-2022 |
Christoph M. Becker |
Fix #81726: phar wrapper: DOS when using quine gzip file The phar wrapper needs to uncompress the file; the uncompressed file might be compressed, so the wrapper implementation loops. Th
Fix #81726: phar wrapper: DOS when using quine gzip file The phar wrapper needs to uncompress the file; the uncompressed file might be compressed, so the wrapper implementation loops. This raises potential DOS issues regarding too deep or even infinite recursion (the latter are called compressed file quines[1]). We avoid that by introducing a recursion limit; we choose the somewhat arbitrary limit `3`. This issue has been reported by real_as3617 and gPayl0ad. [1] <https://honno.dev/gzip-quine/>
show more ...
|
#
0611be4e |
| 09-Sep-2022 |
Derick Rethans |
Fix #81727: Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning.
|
#
559da529 |
| 13-Sep-2022 |
Sara Golemon |
Bump for 8.0.25
|
#
47500f33 |
| 30-Aug-2022 |
George Peter Banyard |
Fix GH-9421 Incorrect argument number for ValueError in NumberFormatter Closes GH-9489
|
#
293e6917 |
| 06-Sep-2022 |
George Peter Banyard |
Fix GH-9308 GMP throws the wrong error when a GMP object is passed to gmp_init() Closes GH-9490
|
#
d5373eac |
| 02-Sep-2022 |
Ilija Tovilo |
Fix lsp error in eval'd code referring to incorrect class for static type Fixes GH-9407 Closes GH-9471
|
#
1435fc62 |
| 02-Sep-2022 |
Ilija Tovilo |
Private method incorrectly marked as "overwrites" in reflection Fix GH-9409 Closes GH-9469
|
#
6ac3f7c8 |
| 05-Sep-2022 |
Yurun |
Fix GH-9411: PgSQL large object resource is incorrectly closed Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de> Closes GH-9411.
|
#
6aedc5ea |
| 02-Sep-2022 |
Arnaud Le Blanc |
[ci skip] NEWS
|
#
3503b1da |
| 26-Jun-2022 |
Jakub Zelenka |
Fix bug #77780: "Headers already sent" when previous connection was aborted This change primarily splits SAPI deactivation to module and destroy parts. The reason is that currently some
Fix bug #77780: "Headers already sent" when previous connection was aborted This change primarily splits SAPI deactivation to module and destroy parts. The reason is that currently some SAPIs might bail out on deactivation. One of those SAPI is PHP-FPM that can bail out on request end if for example the connection is closed by the client (web sever). The problem is that in such case the resources are not freed and some values reset. The most visible impact can have not resetting the PG(headers_sent) which can cause erorrs in the next request. One such issue is described in #77780 bug which this fixes and is also cover by a test in this commit. It seems reasonable to separate deactivation and destroying of the resource which means that the bail out will not impact it.
show more ...
|
#
f92505cf |
| 03-Jul-2022 |
Dmitry Menshikov |
Fix GH-8885: access.log with stderr writes logs to error_log after reload This fix allows restoring the the original stderr so the logs are correctly written.
|
#
725cb4e8 |
| 29-Aug-2022 |
Christoph M. Becker |
Revert "Fix GH-9296: `ksort` behaves incorrectly on arrays with mixed keys" This reverts commit cd1aed8eddd2dccbb55fb1bc3d67b23a8455248c, as discussed on internals (<https://externals.io
Revert "Fix GH-9296: `ksort` behaves incorrectly on arrays with mixed keys" This reverts commit cd1aed8eddd2dccbb55fb1bc3d67b23a8455248c, as discussed on internals (<https://externals.io/message/118483>).
show more ...
|
#
bb341210 |
| 19-Aug-2022 |
Christoph M. Becker |
Fix GH-9361: Segmentation fault on script exit Using a lot of memory may overflow some `int` calculations; to avoid that we make sure that the operands are promoted to `size_t`.
Fix GH-9361: Segmentation fault on script exit Using a lot of memory may overflow some `int` calculations; to avoid that we make sure that the operands are promoted to `size_t`. This issue has been analyzed by @chschneider. Closes GH-9379.
show more ...
|
#
6027d441c |
| 04-Aug-2022 |
NathanFreeman <1056159381@qq.com> |
Fix #79451: DOMDocument->replaceChild on doctype causes double free We have to reset intSubset if replacing doctype with another doctype node. Closes GH-9201. Closes GH-9376.
|
#
d6831e9a |
| 19-Aug-2022 |
George Peter Banyard |
Revert Fixed bug #79451 The fix for 8.1 and above is not identical and I don't know how to fix without breaking the whole build apparently
|