0a21b5d9 | 04-Aug-2015 |
Stanislav Malyshev |
fix test |
ee61c717 | 04-Aug-2015 |
Stanislav Malyshev |
update NEWS |
69ed3969 | 04-Aug-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix
Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Fix bug #70019 - limit extracted files to given directory Do not do convert_to_* on unserialize, it messes up references Fix #69793 - limit what we accept when unserializing exception Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject ignore signatures for packages too Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage Fixed bug #69892 Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes Improved fix for Bug #69441 Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) Fix bug #70081: check types for SOAP variables Conflicts: .gitignore ext/date/php_date.c ext/spl/spl_array.c ext/spl/spl_observer.c
show more ...
|
51f9a00b | 04-Aug-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.4' into PHP-5.4.44 * PHP-5.4: Fixed bug #69892 Adjust Git-Rules
|
dda81f05 | 04-Aug-2015 |
Stanislav Malyshev |
Fix bug #70019 - limit extracted files to given directory |
0e090097 | 02-Aug-2015 |
Stanislav Malyshev |
Do not do convert_to_* on unserialize, it messes up references |
4d227814 | 27-Jul-2015 |
Stanislav Malyshev |
Fix #69793 - limit what we accept when unserializing exception |
863bf294 | 02-Aug-2015 |
Stanislav Malyshev |
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList) |
7381b6ac | 02-Aug-2015 |
Stanislav Malyshev |
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject |
c7d3c027 | 02-Aug-2015 |
Stanislav Malyshev |
ignore signatures for packages too |
c2e197e4 | 02-Aug-2015 |
Stanislav Malyshev |
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage |
Revision tags: php-5.6.11RC1, php-5.5.27RC1, php-7.0.0alpha2 |
|
7fc04937 | 20-Jun-2015 |
Nikita Popov |
Fixed bug #69892 |
66edc158 | 29-Jul-2015 |
Julien Pauli |
Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Adjust Git-Rules 5.4.44 next Conflicts: configure.in main/php_version.h
|
8f1baa6e | 29-Jul-2015 |
Julien Pauli |
Adjust Git-Rules |
ce5c4500 | 28-Jul-2015 |
Anatol Belski |
Fixed bug #70002 TS issues with temporary dir handling |
16023f3e | 27-Jul-2015 |
Stanislav Malyshev |
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes |
7a4584d3 | 27-Jul-2015 |
Stanislav Malyshev |
Improved fix for Bug #69441 |
b7fa6774 | 27-Jul-2015 |
Stanislav Malyshev |
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items) |
e488690d | 27-Jul-2015 |
Stanislav Malyshev |
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref) |
c96d08b2 | 26-Jul-2015 |
Stanislav Malyshev |
Fix bug #70081: check types for SOAP variables |
daa0abaf | 26-Jul-2015 |
Ferenc Kovacs |
make the travis irc notification a oneliner |
34b624f1 | 08-Jul-2015 |
Julien Pauli |
5.5.27 release |
496f291f | 07-Jul-2015 |
Stanislav Malyshev |
5.4.44 next |
b4b082e6 | 07-Jul-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Better fix for bug #69958 update news Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM) Fix bug #69923 - Buffer overf
Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Better fix for bug #69958 update news Fix bug #69669 (mysqlnd is vulnerable to BACKRONYM) Fix bug #69923 - Buffer overflow and stack smashing error in phar_fix_filepath Fix bug #69958 - Segfault in Phar::convertToData on invalid file Conflicts: ext/mysqlnd/mysqlnd.c
show more ...
|
545eddba | 07-Jul-2015 |
Stanislav Malyshev |
Merge branch 'PHP-5.5' of git.php.net:php-src into PHP-5.5 * 'PHP-5.5' of git.php.net:php-src: add missing second argument for ucfirst to the proto
|