rpms/php/php71.git, branch master

Fix filter bypass in filter_var FILTER_VALIDATE_URL

2024-06-05T07:29:22+00:00

  CVE-2024-5458

use oracle client library version 21.13 on x86_64, 19.19 on aarch64

2024-04-10T12:31:17+00:00

Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
  CVE-2024-2756
Fix password_verify can erroneously return true opening ATO risk
  CVE-2024-3096

use official Oracle Instant Client RPM

2023-09-22T08:16:20+00:00

Fix Security issue with external entity loading in XML without enabling it

2023-08-01T14:31:39+00:00

  GHSA-3qrf-m4j2-pcrr CVE-2023-3823
Fix Buffer mismanagement in phar_dir_read()
  GHSA-jqcx-ccgc-xwhv CVE-2023-3824

fix possible buffer overflow in date

2023-06-21T08:36:07+00:00

Fix Missing error check and insufficient random bytes in HTTP Digest

2023-06-07T09:39:23+00:00

  authentication for SOAP
  GHSA-76gg-c692-v2mw
use oracle client library version 21.10
define __phpize and __phpconfig

fix #81744: Password_verify() always return true with some hash

2023-02-15T09:38:28+00:00

  CVE-2023-0567
fix #81746: 1-byte array overrun in common path resolve code
  CVE-2023-0568
fix DOS vulnerability when parsing multipart request body
  CVE-2023-0662

pdo: fix #81740: PDO::quote() may return unquoted string

2022-12-20T07:00:41+00:00

  CVE-2022-31631
use oracle client library version 21.8

fix NEWS

2022-09-30T07:27:50+00:00

phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628

2022-09-27T17:50:20+00:00

core: fix #81727 Don't mangle HTTP variable names that clash with ones
  that have a specific semantic meaning. CVE-2022-31629
use oracle client library version 21.7