rpms/php/php74.git, branch master

Fix Null byte termination in dns_get_record()

2025-12-18T08:25:40+00:00

  GHSA-www2-q4fc-65wf
Fix Heap buffer overflow in array_merge()
  CVE-2025-14178
Fix Information Leak of Memory in getimagesize
  CVE-2025-14177

Fix pgsql extension does not check for errors during escaping

2025-07-03T13:43:48+00:00

  CVE-2025-1735
Fix NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
  CVE-2025-6491
Fix Null byte termination in hostnames
  CVE-2025-1220

backport fix for ICU 74+

2025-02-13T13:04:25+00:00

backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+

Fix Leak partial content of the heap through heap buffer over-read

2024-11-27T16:09:50+00:00

  CVE-2024-8929

Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface

2024-11-22T11:00:06+00:00

  GHSA-4w77-75f9-2c8w
Fix OOB access in ldap_escape
  CVE-2024-8932
Fix Integer overflow in the dblib/firebird quoter causing OOB writes
  CVE-2024-11236
Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
  CVE-2024-11234
Fix Single byte overread with convert.quoted-printable-decode filter
  CVE-2024-11233

rename patches

2024-11-13T07:22:44+00:00

Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI

2024-09-26T14:59:43+00:00

  CVE-2024-4577
Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
  CVE-2024-8926
Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
  CVE-2024-8927
Fix Logs from childrens may be altered
  CVE-2024-9026
Fix Erroneous parsing of multipart form data
  CVE-2024-8925
use ICU 74.2

add backport for https://bugs.php.net/79589

2024-08-26T13:40:29+00:00

  error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading

use oracle client library version 23.5 on x86_64

2024-07-31T08:37:46+00:00

Fix filter bypass in filter_var FILTER_VALIDATE_URL

2024-06-05T05:13:59+00:00

  CVE-2024-5458