Fixed bug #67118 DateTime constructor crash with invalid data

update NEWS

update NEWS

Revert "Fixed bug #64604"

This reverts commit b05c088a3abf8e4c6fb6e40418423a9e2dd3d929.
Breaks parsing urls where query has : in it, like: /foo/bar?baz=goo:boo

updated NEWS

Fixed bug #66307 Fileinfo crashes with powerpoint files

Merge branch 'PHP-5.5' into PHP-5.6

* PHP-5.5:
Allow valid multi-byte utf-8 characters to be allowed as file names in phar archives.

Merge branch 'PHP-5.4' into PHP-5.5

* PHP-5.4:
Allow valid multi-byte utf-8 characters to be allowed as file names in phar archives.

Conflicts:
ext/phar/phar_path_

Merge branch 'PHP-5.4' into PHP-5.5

* PHP-5.4:
Allow valid multi-byte utf-8 characters to be allowed as file names in phar archives.

Conflicts:
ext/phar/phar_path_check.c

show more ...

Allow valid multi-byte utf-8 characters to be allowed as file names in phar archives.

Fix #50444: PDO-ODBC changes for 64-bit

This bug is also referenced in
[#61777](https://bugs.php.net/bug.php?id=61777) and is still present in
the latest stable release of the 5.5 br

Fix #50444: PDO-ODBC changes for 64-bit

This bug is also referenced in
[#61777](https://bugs.php.net/bug.php?id=61777) and is still present in
the latest stable release of the 5.5 branch. I see two tickets exist for
this problem already, and I'm just submitting these changes via github
as a reminder that this is a serious problem for anyone using PDO_ODBC
on the x64 builds.

show more ...

Merge branch 'PHP-5.5' into PHP-5.6

* PHP-5.5:
Fix #66908: php-fpm reload leaks epoll_create() file descriptor

Merge branch 'PHP-5.4' into PHP-5.5

* PHP-5.4:
Fix #66908: php-fpm reload leaks epoll_create() file descriptor

Fix #66908: php-fpm reload leaks epoll_create() file descriptor

This patch fixes descriptor leak which could lead to DoS once Max open files is reached

Merge branch 'PHP-5.5' into PHP-5.6

* PHP-5.5:
Fix bug #65701: Do not use cache for file file copy

Merge branch 'PHP-5.4' into PHP-5.5

* PHP-5.4:
Fix bug #65701: Do not use cache for file file copy

Fix bug #65701: Do not use cache for file file copy

updated NEWS

updated NEWS

Fixed bug #67072 Echoing unserialized "SplFileObject" crash

The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callba

Fixed bug #67072 Echoing unserialized "SplFileObject" crash

The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callback is
respected. This leads to the situation that even if a class has
disabled the serialization explicitly, user could still construct
a vulnerable string which would result bad things when trying
to unserialize.

This conserns also the classes implementing Serializable as well
as some core classes disabling serialize/unserialize callbacks
explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the
flow is first to call the unserialize callback (if available),
then call __wakeup. If the unserialize callback returns with no
success, no object is instantiated. This makes the scheme used
by internal classes effective, to disable unserialize just assign
zend_class_unserialize_deny as callback.

show more ...

updated NEWS

updated NEWS

Fixed bug #67081 DOMDocumentType->internalSubset returns entire DOCTYPE tag, not only the subset

updated NEWS

Fixed bug #67079 Missing MIME types for XML/XSL files

5.4.29 is next