|
Revision tags: php-5.6.26RC1, php-7.1.0RC1, php-7.0.11RC1, php-7.1.0beta3, php-5.6.25, php-7.0.10, php-7.1.0beta2, php-5.6.25RC1, php-7.0.10RC1, php-7.1.0beta1, php-5.6.24, php-7.0.9, php-5.5.38, php-5.6.24RC1, php-7.1.0alpha3, php-7.0.9RC1, php-7.1.0alpha2 |
|
| #
323b2733 |
| 21-Jun-2016 |
Dmitry Stogov |
Fixed compilation warnings |
|
Revision tags: php-7.0.8, php-5.6.23 |
|
| #
16160386 |
| 21-Jun-2016 |
Dmitry Stogov |
Added ZEND_ATTRIBUTE_FORMAT to some middind functions.
"%p" replaced by ZEND_LONG_FMT to avoid compilation warnings.
Fixed most incorrect use cases of format specifiers. |
|
Revision tags: php-5.5.37 |
|
| #
3e0397c2 |
| 21-Jun-2016 |
Stanislav Malyshev |
Merge branch 'PHP-7.0'
* PHP-7.0:
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Merge branch 'PHP-7.0'
* PHP-7.0:
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Fix bug #72455: Heap Overflow due to integer overflows
Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
Fix bug #72298 pass2_no_dither out-of-bounds access
Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
Fix bug #72262 - do not overflow int
Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
Fix bug #72275: don't allow smart_str to overflow int
Fix bug #72340: Double Free Courruption in wddx_deserialize
Fix bug #72321 - use efree() for emalloc allocation
5.6.23RC1
fix NEWS
set versions
show more ...
|
| #
2a65544f |
| 21-Jun-2016 |
Stanislav Malyshev |
Merge branch 'PHP-5.6.23' into PHP-7.0.8
* PHP-5.6.23: (24 commits)
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
Merge branch 'PHP-5.6.23' into PHP-7.0.8
* PHP-5.6.23: (24 commits)
iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
update NEWS
fix tests
fix build
Fix bug #72455: Heap Overflow due to integer overflows
Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
Fix bug #72298 pass2_no_dither out-of-bounds access
Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
Fix bug #72262 - do not overflow int
Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
Fix bug #72275: don't allow smart_str to overflow int
Fix bug #72340: Double Free Courruption in wddx_deserialize
update NEWS
Fix #66387: Stack overflow with imagefilltoborder
Fix bug #72321 - use efree() for emalloc allocation
5.6.23RC1
Fix bug #72140 (segfault after calling ERR_free_strings())
...
Conflicts:
configure.in
ext/mbstring/php_mbregex.c
ext/mcrypt/mcrypt.c
ext/spl/spl_array.c
ext/spl/spl_directory.c
ext/standard/php_smart_str.h
ext/standard/string.c
ext/standard/url.c
ext/wddx/wddx.c
ext/zip/php_zip.c
main/php_version.h
show more ...
|
| #
d144590d |
| 12-Jun-2016 |
Stanislav Malyshev |
Fix bug #72321 - use efree() for emalloc allocation |
|
Revision tags: php-5.6.23RC1, php-7.0.8RC1, php-7.1.0alpha1, php-5.6.22, php-5.5.36, php-7.0.7, php-5.6.22RC1, php-7.0.7RC1, php-7.0.6, php-5.6.21, php-5.5.35, php-5.6.21RC1, php-7.0.6RC1, php-5.6.20, php-5.5.34, php-7.0.5 |
|
| #
d1ac9edc |
| 29-Mar-2016 |
Anatol Belski |
Merge branch 'PHP-7.0'
* PHP-7.0:
Fixed bug #71704 php_snmp_error() Format String Vulnerability
Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
Merge branch 'PHP-7.0'
* PHP-7.0:
Fixed bug #71704 php_snmp_error() Format String Vulnerability
Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
Updated to version 2016.3 (2016c)
Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
Fixed bug #71527 Buffer over-write in finfo_open with malformed magic file
Fix bug #71798 - Integer Overflow in php_raw_url_encode
update NEWS
Disable huge pages in the Zend allocator by default As per the discussion on internals, this is an expert feature that needs special system-level configuration and care.
Added ability to disable huge pages in Zend Memeory Manager through the environment variable USE_ZEND_ALLOC_HUGE_PAGES=0.
Fix bug #71860: Require valid paths for phar filenames
Fix bug #71860: Require valid paths for phar filenames
update NEWS
Fixed bug #71704 php_snmp_error() Format String Vulnerability
Merge branch 'PHP-5.6' into PHP-7.0
Updated to version 2016.2 (2016b)
update libs versions
set RC1 versions
Going for 5.5.34
show more ...
|
| #
62da5cdf |
| 29-Mar-2016 |
Stanislav Malyshev |
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
Fix bug #71798 - Integer Overflow in php_raw_url_encode
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
Fixed bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut
Fix bug #71798 - Integer Overflow in php_raw_url_encode
Fix bug #71860: Require valid paths for phar filenames
Going for 5.5.34
Conflicts:
configure.in
ext/phar/tests/create_path_error.phpt
main/php_version.h
show more ...
|
| #
72281f29 |
| 21-Mar-2016 |
Stanislav Malyshev |
Fix bug #71860: Require valid paths for phar filenames |
| #
1e9b1752 |
| 21-Mar-2016 |
Stanislav Malyshev |
Fix bug #71860: Require valid paths for phar filenames |
|
Revision tags: php-5.6.20RC1, php-7.0.5RC1, php-5.6.19, php-5.5.33, php-7.0.4 |
|
| #
9afb29aa |
| 18-Feb-2016 |
Stanislav Malyshev |
Remove TSRMLS_* from code, they are not used anymore |
|
Revision tags: php-5.6.19RC1, php-7.0.4RC1, php-5.6.18, php-7.0.3, php-5.5.32 |
|
| #
a61029b1 |
| 28-Jan-2016 |
Rouven Weßling |
Replace usage of php_int32 and php_uint32 with int32_t and uint32_t |
| #
309ead11 |
| 02-Feb-2016 |
Stanislav Malyshev |
Merge branch 'PHP-5.5.32' into PHP-5.6.18
* PHP-5.5.32:
Fixed bug #71488: Stack overflow when decompressing tar archives
update NEWS
add missing headers for SIZE_MAX
Merge branch 'PHP-5.5.32' into PHP-5.6.18
* PHP-5.5.32:
Fixed bug #71488: Stack overflow when decompressing tar archives
update NEWS
add missing headers for SIZE_MAX
backport the escapeshell* functions hardening branch
add tests
Fix bug #71459 - Integer overflow in iptcembed()
Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
Fix bug #71335: Type Confusion in WDDX Packet Deserialization
Fix bug #71354 - remove UMR when size is 0
show more ...
|
| #
93dc91b3 |
| 30-Jan-2016 |
Nikita Popov |
Remove version checks
PHP_VERSION_ID
PHP_API_VERSION
ZEND_MODULE_API_NO
PHP_MAJOR_VERSION, PHP_MINOR_VERSION
ZEND_ENGINE_2
I've left litespeed alone, as it seems to
Remove version checks
PHP_VERSION_ID
PHP_API_VERSION
ZEND_MODULE_API_NO
PHP_MAJOR_VERSION, PHP_MINOR_VERSION
ZEND_ENGINE_2
I've left litespeed alone, as it seems to genuinely maintain support
for many PHP versions.
show more ...
|
| #
2eb47286 |
| 30-Jan-2016 |
Nikita Popov |
Remove HAVE_SPL checks
SPL is always built.
Also clean up spl_ce_RuntimeException handling in PDO. |
|
Revision tags: php-5.6.18RC1, php-7.0.3RC1 |
|
| #
13ad4d3e |
| 14-Jan-2016 |
Stanislav Malyshev |
Fix bug #71354 - remove UMR when size is 0 |
|
Revision tags: php-5.6.17, php-5.5.31, php-7.0.2 |
|
| #
3d5438bf |
| 01-Jan-2016 |
Lior Kaplan |
Merge branch 'PHP-7.0'
* PHP-7.0:
Update header to PHP Version 7
Happy new year (Update copyright to 2016)
Happy new year (Update copyright to 2016)
|
| #
ed35de78 |
| 01-Jan-2016 |
Lior Kaplan |
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Happy new year (Update copyright to 2016)
|
| #
49493a2d |
| 01-Jan-2016 |
Lior Kaplan |
Happy new year (Update copyright to 2016) |
| #
618b9611 |
| 25-Dec-2015 |
Tom Van Looy |
Remove leftovers of TSRMLS in code |
|
Revision tags: php-7.0.2RC1, php-5.6.17RC1, php-7.0.1RC1, php-7.0.0, php-5.6.16, php-7.0.0RC8, php-7.0.0RC7, php-5.6.16RC1, php-5.6.15, php-7.0.0RC6, php-7.0.1, php-5.6.15RC1, php-7.0.0RC5, php-5.5.30, php-5.6.14, php-7.0.0RC4, php-5.6.14RC1, php-7.0.0RC3, php-5.6.13, php-7.0.0RC2, php-5.5.29, php-5.4.45, php-5.6.13RC1, php-7.0.0RC1, php-5.6.12, php-5.5.28, php-7.0.0beta3, php-5.4.44 |
|
| #
eb7ba730 |
| 04-Aug-2015 |
Stanislav Malyshev |
virtual_file_ex uses emalloc in 5.6+ |
| #
ed709d5a |
| 04-Aug-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
update NEWS
fix test
update NEWS
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_*
Merge branch 'PHP-5.5' into PHP-5.6
* PHP-5.5:
update NEWS
fix test
update NEWS
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix #69793 - limit what we accept when unserializing exception
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
ignore signatures for packages too
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
Fixed bug #69892
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
Improved fix for Bug #69441
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
Fix bug #70081: check types for SOAP variables
Conflicts:
ext/soap/php_http.c
ext/spl/spl_observer.c
show more ...
|
| #
69ed3969 |
| 04-Aug-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix #69793 - limit what we accept when unserializing exception
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
ignore signatures for packages too
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
Fixed bug #69892
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
Improved fix for Bug #69441
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
Fix bug #70081: check types for SOAP variables
Conflicts:
.gitignore
ext/date/php_date.c
ext/spl/spl_array.c
ext/spl/spl_observer.c
show more ...
|
| #
dda81f05 |
| 04-Aug-2015 |
Stanislav Malyshev |
Fix bug #70019 - limit extracted files to given directory |
| #
7b6dd533 |
| 04-Aug-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.6'
* PHP-5.6:
virtual_file_ex uses emalloc in 5.6+
|
| #
97047e76 |
| 04-Aug-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.6'
* PHP-5.6:
update NEWS
fix test
update NEWS
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unseriali
Merge branch 'PHP-5.6'
* PHP-5.6:
update NEWS
fix test
update NEWS
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix #69793 - limit what we accept when unserializing exception
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
ignore signatures for packages too
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
Fixed bug #69892
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
Improved fix for Bug #69441
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
Fix bug #70081: check types for SOAP variables
Conflicts:
Zend/zend_exceptions.c
ext/date/php_date.c
ext/openssl/openssl.c
ext/phar/phar_internal.h
ext/soap/php_http.c
ext/spl/spl_array.c
ext/spl/spl_dllist.c
ext/spl/spl_observer.c
ext/standard/tests/serialize/bug69152.phpt
sapi/cli/tests/005.phpt
show more ...
|
