a5a15965 | 25-Nov-2019 |
Christoph M. Becker |
Fix #78863: DirectoryIterator class silently truncates after a null byte Since the constructor of DirectoryIterator and friends is supposed to accepts paths (i.e. strings without NUL byt
Fix #78863: DirectoryIterator class silently truncates after a null byte Since the constructor of DirectoryIterator and friends is supposed to accepts paths (i.e. strings without NUL bytes), we must not accept arbitrary strings.
show more ...
|
d2cfb63f | 03-Dec-2019 |
Remi Collet |
next is 7.2.27 |
600f1f89 | 17-Nov-2019 |
Christoph M. Becker |
Fix #78814: strip_tags allows / in tag name => whitelist bypass When normalizing tags to check whether they are contained in the set of allowable tags, we must not strip slashes, unless
Fix #78814: strip_tags allows / in tag name => whitelist bypass When normalizing tags to check whether they are contained in the set of allowable tags, we must not strip slashes, unless they come immediately after the opening `<`, or immediately before the closing `>`.
show more ...
|
db420cb6 | 19-Nov-2019 |
Christoph M. Becker |
Fix #78833: Integer overflow in pack causes out-of-bound access We check for potential signed integer overflow, and bail out gracefully, in that case. |
c7141412 | 21-Nov-2019 |
George Wang |
Added environment LSAPI_CLEAN_SHUTDOWN to control clean shutdown. Update SAPI version to LiteSpeed v7.6 . |
9b92c1d1 | 21-Nov-2019 |
Christoph M. Becker |
Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW Apparently, this has not been tested for a long time, and might be a refactoring relict. Anyhow, we have to pass the context to
Fix #78849: GD build broken with -D SIGNED_COMPARE_SLOW Apparently, this has not been tested for a long time, and might be a refactoring relict. Anyhow, we have to pass the context to `GIFNextPixel` as well.
show more ...
|
f6eac76b | 18-Nov-2019 |
Christoph M. Becker |
Update NEWS |
a2c41c0e | 15-Nov-2019 |
Tyson Andre |
Fix $x = (bool)$x; for undefined with opcache And `$x = !$x` Noticed while working on GH-4912 The included test would not emit undefined variable errors in php 8.0 with
Fix $x = (bool)$x; for undefined with opcache And `$x = !$x` Noticed while working on GH-4912 The included test would not emit undefined variable errors in php 8.0 with opcache enabled. The command used: ``` php -d zend_extension=opcache.so --no-php-ini -d error_reporting=E_ALL \ -d opcache.file_cache= -d opcache.enable_cli=1 test.php ```
show more ...
|
2c9926f1 | 12-Nov-2019 |
Stanislav Malyshev |
Fix bug #78804 - Segmentation fault in Locale::filterMatches |
ee243bc4 | 07-Nov-2019 |
Nikita Popov |
Remove outdated comments in test |
5fa6dcd9 | 07-Nov-2019 |
Nikita Popov |
Fixed bug #78759 Handle INDIRECT values in array. |
d317e16e | 05-Nov-2019 |
Sara Golemon |
Bump for 7.2.26-dev |
4f984a2f | 05-Nov-2019 |
Nikita Popov |
Fixed bug #78775 Clear the OpenSSL error queue before performing SSL stream operations. As we don't control all code that could possibly be using OpenSSL, we can't rely on the error
Fixed bug #78775 Clear the OpenSSL error queue before performing SSL stream operations. As we don't control all code that could possibly be using OpenSSL, we can't rely on the error queue being empty.
show more ...
|
e29922f0 | 31-Oct-2019 |
Christoph M. Becker |
Fix test cases for libxml2 2.9.10 Since the error reporting has been slightly changed, we have to adapt the two affected test cases. |
5f6eaf35 | 30-Oct-2019 |
Nikita Popov |
Add missing refcount increment |
f9895b4b | 29-Oct-2019 |
Nikita Popov |
Fixed bug #78689 |
2bdb13a1 | 29-Oct-2019 |
Stanislav Malyshev |
Merge branch 'PHP-7.1' into PHP-7.2 * PHP-7.1: Fix libmagic buffer overflow issue (CVE-2019-18218) bump version set versions for release
|
89c327f8 | 25-Oct-2019 |
Christoph M. Becker |
Fix #78751: Serialising DatePeriod converts DateTimeImmutable When getting the properties of a DatePeriod instance we have to retain the proper classes, and when restoring a DatePeriod i
Fix #78751: Serialising DatePeriod converts DateTimeImmutable When getting the properties of a DatePeriod instance we have to retain the proper classes, and when restoring a DatePeriod instance we have to cater to DateTimeImmutable instances as well.
show more ...
|
16c49108 | 28-Oct-2019 |
Nikita Popov |
Fix bug #78752 NULL out the execute_data before destroying it, otherwise GC may trigger while the execute_data is partially destroyed, resulting in double-frees. The handlin
Fix bug #78752 NULL out the execute_data before destroying it, otherwise GC may trigger while the execute_data is partially destroyed, resulting in double-frees. The handling of call stack unfreezing is a bit awkward because it's a ZEND_API function, so we can't change the signature.
show more ...
|
46982004 | 27-Oct-2019 |
Stanislav Malyshev |
Fix libmagic buffer overflow issue (CVE-2019-18218) Ported from https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84 |
52499938 | 25-Oct-2019 |
Nikita Popov |
Fixed bug #78747 |
8daf96ce | 22-Oct-2019 |
Ryan Schmidt |
Use ICU's CXXFLAGS when using pkg-config This mirrors how ICU's CXXFLAGS are already used when using icu-config. |
fa89c41f | 23-Oct-2019 |
Nikita Popov |
Add "-pthread" to EXTRA_LDFLAGS_PROGRAM as well This is a backport of c518932c0326a938f0fd0254f2adb03b1cddfbca from the PHP 7.4 branch. |
52f04987 | 22-Oct-2019 |
Joe Watkins |
bump version |
326cd05d | 22-Oct-2019 |
Joe Watkins |
set versions for release |