summaryrefslogtreecommitdiffstats
path: root/failed.txt
Commit message (Collapse)AuthorAgeFilesLines
* Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGIHEADmasterRemi Collet2024-09-271-6/+3
| | | | | | | | | | CVE-2024-4577 Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability CVE-2024-8926 Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 Fix Erroneous parsing of multipart form data CVE-2024-8925
* use oracle client library version 21.13 on x86_64, 19.19 on aarch64Remi Collet2024-04-101-1/+2
| | | | | | | Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096
* fix #81744: Password_verify() always return true with some hashRemi Collet2023-02-141-7/+6
| | | | | | | | CVE-2023-0567 fix #81746: 1-byte array overrun in common path resolve code CVE-2023-0568 fix DOS vulnerability when parsing multipart request body CVE-2023-0662
* phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628Remi Collet2022-09-271-3/+3
| | | | | | core: fix #81727 Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. CVE-2022-31629 use oracle client library version 21.7
* Fix #79971 special character is breaking the path in xml functionRemi Collet2021-11-151-2/+2
| | | | CVE-2021-21707
* fix PHP-FPM oob R/W in root process leading to priv escalationRemi Collet2021-10-201-1/+1
| | | | | | CVE-2021-21703 use libicu version 69 use oracle client library version 21.3
* Fix #81122 SSRF bypass in FILTER_VALIDATE_URLRemi Collet2021-06-281-2/+4
| | | | | | | | | CVE-2021-21705 Fix #76448 Stack buffer overflow in firebird_info_cb Fix #76449 SIGSEGV in firebird_handle_doer Fix #76450 SIGSEGV in firebird_stmt_execute Fix #76452 Crash while parsing blob data in firebird_fetch_blob CVE-2021-21704
* Fix #80672 Null Dereference in SoapClientRemi Collet2021-02-031-1/+1
| | | | | CVE-2021-21702 better fix for #77423
* Fix #77423 FILTER_VALIDATE_URL accepts URLs with invalid userinfoRemi Collet2021-01-041-4/+2
| | | | CVE-2020-7071
* Update to 7.2.34 - http://www.php.net/releases/7_2_34.phpRemi Collet2020-09-301-1/+1
|
* Update to 7.2.33 - http://www.php.net/releases/7_2_33.phpRemi Collet2020-08-041-4/+2
|
* Update to 7.2.32 (no change)Remi Collet2020-07-081-3/+5
| | | | display build system and provider in phpinfo (from 8.0)
* Update to 7.2.31 - http://www.php.net/releases/7_2_31.phpRemi Collet2020-05-121-2/+2
|
* Update to 7.2.30 - http://www.php.net/releases/7_2_30.phpRemi Collet2020-04-151-1/+1
|
* Update to 7.2.29 - http://www.php.net/releases/7_2_29.phpRemi Collet2020-03-171-1/+1
| | | | use oracle client library version 19.6 (18.5 on EL-6)
* Update to 7.2.28 - http://www.php.net/releases/7_2_28.phpRemi Collet2020-02-181-6/+2
|
* Update to 7.2.27 - http://www.php.net/releases/7_2_27.phpRemi Collet2020-02-181-2/+2
|
* - Update to 7.2.26 - http://www.php.net/releases/7_2_26.phpRemi Collet2019-12-171-1/+1
| | | | - use oracle client library version 19.5 (18.5 on EL-6)
* update to 7.2.26RC1Remi Collet2019-12-031-1/+1
|
* Update to 7.2.25 - http://www.php.net/releases/7_2_25.phpRemi Collet2019-11-201-4/+2
|
* update to 7.2.25RC1Remi Collet2019-11-051-6/+6
|
* Update to 7.2.24 - http://www.php.net/releases/7_2_24.phpRemi Collet2019-10-221-3/+5
|
* update to 7.2.24RC1Remi Collet2019-10-081-1/+1
|
* Update to 7.2.23 - http://www.php.net/releases/7_2_23.phpRemi Collet2019-09-251-1/+1
|
* v7.2.23RC1Remi Collet2019-09-111-1/+1
|
* - Update to 7.2.22 - http://www.php.net/releases/7_2_22.phpRemi Collet2019-08-281-3/+1
| | | | | - fix generator incorrectly reports non-releasable $this as GC child https://bugs.php.net/78412
* 7.2.22RC1Remi Collet2019-08-191-4/+2
|
* Update to 7.2.21 - http://www.php.net/releases/7_2_21.phpRemi Collet2019-07-301-2/+4
|
* - update to 7.2.21RC1Remi Collet2019-07-161-3/+1
| | | | - add upstream patch for #78297
* - Update to 7.2.20 - http://www.php.net/releases/7_2_20.phpRemi Collet2019-07-021-7/+3
| | | | - disable opcache.huge_code_pages in default configuration
* 7.2.20RC2Remi Collet2019-06-201-3/+7
|
* v7.2.20RC1Remi Collet2019-06-111-1/+1
|
* v7.2.19Remi Collet2019-05-291-1/+1
|
* v7.2.19RC1Remi Collet2019-05-151-1/+1
|
* Update to 7.2.18 - http://www.php.net/releases/7_2_18.phpRemi Collet2019-04-301-1/+1
|
* v7.2.18RC1Remi Collet2019-04-171-1/+1
|
* Update to 7.2.17 - http://www.php.net/releases/7_2_17.phpRemi Collet2019-04-031-1/+1
|
* update to 7.2.17RC1 new tagRemi Collet2019-03-211-7/+4
| | | | add upstream patches for failed tests
* v7.2.17RC1Remi Collet2019-03-201-5/+8
|
* add upstream patch for OpenSSL 1.1.1bRemi Collet2019-03-051-3/+2
|
* Update to 7.2.16 - http://www.php.net/releases/7_2_16.phpRemi Collet2019-03-051-8/+7
|
* update to 7.2.16RC1Remi Collet2019-02-191-4/+2
| | | | adapt systzdata patch (v17)
* Update to 7.2.15 - http://www.php.net/releases/7_2_15.phpRemi Collet2019-02-051-2/+4
|
* v7.2.15RC1Remi Collet2019-01-301-2/+2
|
* Update to 7.2.14 - http://www.php.net/releases/7_2_14.phpRemi Collet2019-01-081-1/+4
|
* update to 7.2.14RC1Remi Collet2018-12-181-1/+1
| | | | oci8 version is now 2.2.0
* Update to 7.2.13 - http://www.php.net/releases/7_2_13.phpRemi Collet2018-12-051-1/+1
|
* v7.2.13RC1Remi Collet2018-11-211-4/+2
|
* Update to 7.2.12 - http://www.php.net/releases/7_2_12.phpRemi Collet2018-11-061-5/+5
|
* v7.2.12RC1Remi Collet2018-10-231-2/+4
|