Bumb versions

Update NEWS

Fix #81739: OOB read due to insufficient validation in imageloadfont()

If we swap the byte order of the relevant header bytes, we need to make
sure again that the following multiplicatio

Fix #81739: OOB read due to insufficient validation in imageloadfont()

If we swap the byte order of the relevant header bytes, we need to make
sure again that the following multiplication does not overflow.

show more ...

Revert incorrect PHP-7.4 version constants

Fix bug #81738 (buffer overflow in hash_update() on long parameter)

Prepare for next release

Prepare for 7.4.32

Fix regression introduced by fixing bug 81726

When a tar phar is created, `phar_open_from_fp()` is also called, but
since the file has just been created, none of the format checks can

Fix regression introduced by fixing bug 81726

When a tar phar is created, `phar_open_from_fp()` is also called, but
since the file has just been created, none of the format checks can
succeed, so we continue to loop, but must not check again for the
format. Therefore, we bring back the old `test` variable.

Closes GH-9620.

show more ...

Add CVEs

Fix #81726: phar wrapper: DOS when using quine gzip file

The phar wrapper needs to uncompress the file; the uncompressed file
might be compressed, so the wrapper implementation loops. Th

Fix #81726: phar wrapper: DOS when using quine gzip file

The phar wrapper needs to uncompress the file; the uncompressed file
might be compressed, so the wrapper implementation loops. This raises
potential DOS issues regarding too deep or even infinite recursion (the
latter are called compressed file quines[1]). We avoid that by
introducing a recursion limit; we choose the somewhat arbitrary limit
`3`.

This issue has been reported by real_as3617 and gPayl0ad.

[1] <https://honno.dev/gzip-quine/>

show more ...

Fix #81727: Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning.

[ci skip] missing CVE

Bump version in 7.4 to 7.4.31-dev

Update NEWS

Fix bug #81719: mysqlnd/pdo password buffer overflow

Fix #81720: Uninitialized array in pg_query_params() leading to RCE

We must not free parameters which we haven't initialized yet.

We also fix the not directly related issue, that we

Fix #81720: Uninitialized array in pg_query_params() leading to RCE

We must not free parameters which we haven't initialized yet.

We also fix the not directly related issue, that we checked for the
wrong value being `NULL`, potentially causing a segfault.

show more ...

Prepare for 7.4.30

Add tz update into NEWS

Prep NEWS for 7.4.29 release

Updated to version 2022.1 (2022a)

Prepare for 7.4.29

Add fix to NEWS

Fix #81708: UAF due to php_filter_float() failing for ints

We must only release the zval, if we actually assign a new zval.

macOS 10.14 runners are no longer available via Azure Pipeline

These images have already been deprecated for two months[1]. Thus,
we upgrade to macOS 10.15. Since clang 12 is picky abo

macOS 10.14 runners are no longer available via Azure Pipeline

These images have already been deprecated for two months[1]. Thus,
we upgrade to macOS 10.15. Since clang 12 is picky about
`int-in-bool-context` warning, we disable `-Werror`.

[1] <https://devblogs.microsoft.com/devops/hosted-pipelines-image-deprecation/>

show more ...

Fix openssl_x509_checkpurpose_basic.phpt

This test fails because san-cert.pem and san-ca.pem have expired. We
fix that by using the CertificateGenerator to generate temporary certs

Fix openssl_x509_checkpurpose_basic.phpt

This test fails because san-cert.pem and san-ca.pem have expired. We
fix that by using the CertificateGenerator to generate temporary certs
during the test run. Since san-cert.pem and san-ca.pem have been
identical, we only generate one certificate.

Closes GH-7763.

show more ...