rpms/php/php56.git, branch master The master git repository for php56 RPM Fix filter bypass in filter_var FILTER_VALIDATE_URL 2024-06-05T10:39:27+00:00 Remi Collet remi@remirepo.net 2024-06-05T10:39:27+00:00 4bca046330415154abfc3cbdc04ebc24b5eeaf67 CVE-2024-5458 
  CVE-2024-5458
use oracle client library version 21.13 on x86_64, 19.19 on aarch64 2024-04-10T13:11:27+00:00 Remi Collet remi@remirepo.net 2024-04-10T13:11:27+00:00 1f27176f054fcd489f6da90a98f145c8f717b10f Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096 
Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
  CVE-2024-2756
Fix password_verify can erroneously return true opening ATO risk
  CVE-2024-3096
use official Oracle Instant Client RPM 2023-09-22T08:15:46+00:00 Remi Collet remi@remirepo.net 2023-09-22T08:15:46+00:00 e28b6b502950e11425f4350ce62026128650cbb8 






Fix Security issue with external entity loading in XML without enabling it
2023-08-02T09:54:41+00:00

Remi Collet
remi@remirepo.net

2023-08-02T09:54:41+00:00

c0aa228abbf6e0b93782a030b9a16ac887c9dc9a

  GHSA-3qrf-m4j2-pcrr CVE-2023-3823
Fix Buffer mismanagement in phar_dir_read()
  GHSA-jqcx-ccgc-xwhv CVE-2023-3824





  GHSA-3qrf-m4j2-pcrr CVE-2023-3823
Fix Buffer mismanagement in phar_dir_read()
  GHSA-jqcx-ccgc-xwhv CVE-2023-3824







fix possible buffer overflow in date
2023-06-21T09:10:12+00:00

Remi Collet
remi@remirepo.net

2023-06-21T09:10:12+00:00

068a2cecc7a4ee21d6aca904d85ab0e7b7a7e7b8












Fix insufficient random bytes in HTTP Digest authentication for SOAP
2023-06-07T11:08:13+00:00

Remi Collet
remi@remirepo.net

2023-06-07T11:08:13+00:00

f1b9a1d04e403ede57d97438b989804fb77b51fc

  GHSA-76gg-c692-v2mw
use oracle client library version 21.10
define __phpize and __phpconfig





  GHSA-76gg-c692-v2mw
use oracle client library version 21.10
define __phpize and __phpconfig







fix #81744: Password_verify() always return true with some hash
2023-02-15T10:41:42+00:00

Remi Collet
remi@remirepo.net

2023-02-15T10:41:42+00:00

738a69da96784d7eb9425de2b39d50e6f3cb9b91

  CVE-2023-0567
fix #81746: 1-byte array overrun in common path resolve code
  CVE-2023-0568
fix DOS vulnerability when parsing multipart request body
  CVE-2023-0662





  CVE-2023-0567
fix #81746: 1-byte array overrun in common path resolve code
  CVE-2023-0568
fix DOS vulnerability when parsing multipart request body
  CVE-2023-0662







pdo: fix #81740: PDO::quote() may return unquoted string
2022-12-20T08:00:00+00:00

Remi Collet
remi@remirepo.net

2022-12-20T08:00:00+00:00

e1bef3cc369f6d9874be8d7f1c8ea4c5ffbe7773

  CVE-2022-31631
use oracle client library version 21.8





  CVE-2022-31631
use oracle client library version 21.8







fix NEWS
2022-09-30T07:28:21+00:00

Remi Collet
remi@remirepo.net

2022-09-30T07:28:21+00:00

43bf708a1a8ba55262e295cd1e7b6cabe1f86f1d












phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628
2022-09-28T09:00:54+00:00

Remi Collet
remi@remirepo.net

2022-09-28T09:00:54+00:00

7783e927c31536e4b8d01475a9dc6e9a7ced349d

core: fix #81727 Don't mangle HTTP variable names that clash with ones
  that have a specific semantic meaning. CVE-2022-31629
use oracle client library version 21.7





core: fix #81727 Don't mangle HTTP variable names that clash with ones
  that have a specific semantic meaning. CVE-2022-31629
use oracle client library version 21.7