rpms/php/php70.git, branch master The master git repository for php70 RPM Fix filter bypass in filter_var FILTER_VALIDATE_URL 2024-06-05T08:42:39+00:00 Remi Collet remi@remirepo.net 2024-06-05T08:42:39+00:00 ec848d5c6c8a9508202a4c3e1e61ad2d5a06568b CVE-2024-5458 
  CVE-2024-5458
use oracle client library version 21.13 on x86_64, 19.19 on aarch64 2024-04-10T12:47:24+00:00 Remi Collet remi@remirepo.net 2024-04-10T12:47:24+00:00 827a76739becbd6187f314db6291363b57975efc Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096 
Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
  CVE-2024-2756
Fix password_verify can erroneously return true opening ATO risk
  CVE-2024-3096
use official Oracle Instant Client RPM 2023-09-22T08:16:04+00:00 Remi Collet remi@remirepo.net 2023-09-22T08:16:04+00:00 11223f94c4aa1aab0af7f4a9ed525be80521610c 






Fix Security issue with external entity loading in XML without enabling it
2023-08-02T09:13:55+00:00

Remi Collet
remi@remirepo.net

2023-08-02T09:13:55+00:00

cbf1928078b1cd36e9d5d0a96436fc80d850d674

  GHSA-3qrf-m4j2-pcrr CVE-2023-3823
Fix Buffer mismanagement in phar_dir_read()
  GHSA-jqcx-ccgc-xwhv CVE-2023-3824





  GHSA-3qrf-m4j2-pcrr CVE-2023-3823
Fix Buffer mismanagement in phar_dir_read()
  GHSA-jqcx-ccgc-xwhv CVE-2023-3824







fix possible buffer overflow in date
2023-06-21T08:52:29+00:00

Remi Collet
remi@remirepo.net

2023-06-21T08:52:29+00:00

31f64936b375a050907bb77bf2fb33ea3f6ebfe8












Fix Missing error check and insufficient random bytes in HTTP Digest
2023-06-07T10:16:52+00:00

Remi Collet
remi@remirepo.net

2023-06-07T10:16:52+00:00

5400370616562e36463825144040d77ac891db0b

  authentication for SOAP
  GHSA-76gg-c692-v2mw
use oracle client library version 21.10
define __phpize and __phpconfig





  authentication for SOAP
  GHSA-76gg-c692-v2mw
use oracle client library version 21.10
define __phpize and __phpconfig







fix #81744: Password_verify() always return true with some hash
2023-02-15T10:13:36+00:00

Remi Collet
remi@remirepo.net

2023-02-15T10:13:36+00:00

9e35fd58eaa617754b416680e627ea991a106a7d

  CVE-2023-0567
fix #81746: 1-byte array overrun in common path resolve code
  CVE-2023-0568
fix DOS vulnerability when parsing multipart request body
  CVE-2023-0662





  CVE-2023-0567
fix #81746: 1-byte array overrun in common path resolve code
  CVE-2023-0568
fix DOS vulnerability when parsing multipart request body
  CVE-2023-0662







pdo: fix #81740: PDO::quote() may return unquoted string
2022-12-20T07:46:49+00:00

Remi Collet
remi@remirepo.net

2022-12-20T07:46:49+00:00

80d876b4f8d57b3b46c3d61cc6e8acb937820839

  CVE-2022-31631
use oracle client library version 21.8





  CVE-2022-31631
use oracle client library version 21.8







fix NEWS
2022-09-30T07:28:04+00:00

Remi Collet
remi@remirepo.net

2022-09-30T07:28:04+00:00

496438641eb67581cbd56ad2a9dfd934060e60e3












phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628
2022-09-27T18:37:04+00:00

Remi Collet
remi@remirepo.net

2022-09-27T18:37:04+00:00

b1922a44c287d5522c4773ed59d37b8525aeb241

core: fix #81727 Don't mangle HTTP variable names that clash with ones
  that have a specific semantic meaning. CVE-2022-31629
use oracle client library version 21.7





core: fix #81727 Don't mangle HTTP variable names that clash with ones
  that have a specific semantic meaning. CVE-2022-31629
use oracle client library version 21.7