Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Core: | Remi Collet | 2020-08-04 | 3 | -2/+149 |
| | | | | | | | Fix #79877 getimagesize function silently truncates after a null byte Phar: Fix #79797 use of freed hash key in the phar_parse_zipfile function CVE-2020-7068 | ||||
* | Core: | Remi Collet | 2020-05-13 | 2 | -1/+79 |
| | | | | | | | Fix #78875 Long filenames cause OOM and temp files are not cleaned CVE-2019-11048 Fix #78876 Long variables in multipart/form-data cause OOM and temp files are not cleaned | ||||
* | standard: | Remi Collet | 2020-04-14 | 3 | -1/+128 |
| | | | | | | Fix #79330 shell_exec silently truncates after a null byte Fix #79465 OOB Read in urldecode CVE-2020-7067 | ||||
* | standard: | Remi Collet | 2020-03-17 | 3 | -2/+187 |
| | | | | | | | | | Fix #79329 get_headers() silently truncates after a null byte CVE-2020-7066 exif: Fix #79282 Use-of-uninitialized-value in exif CVE-2020-7064 use oracle client library version 19.6 (18.5 on EL-6) | ||||
* | add the gcc10 patch | Remi Collet | 2020-02-19 | 1 | -0/+30 |
| | |||||
* | add fix for GCC 10 | Remi Collet | 2020-02-19 | 2 | -3/+8 |
| | |||||
* | Renew openssl certs | Remi Collet | 2020-02-18 | 2 | -0/+152 |
| | |||||
* | phar: | Remi Collet | 2020-02-18 | 3 | -1/+253 |
| | | | | | | | | Fix #79082 Files added to tar with Phar::buildFromIterator have all-access permissions CVE-2020-7063 session: Fix #79221 Null Pointer Dereference in PHP Session Upload Progress CVE-2020-7062 | ||||
* | rebuild with 1 more fix | Remi Collet | 2020-01-23 | 2 | -2/+35 |
| | |||||
* | mbstring: | Remi Collet | 2020-01-21 | 4 | -2/+188 |
| | | | | | | | | Fix #79037 global buffer-overflow in mbfl_filt_conv_big5_wchar CVE-2020-7060 standard: Fix #79099 OOB read in php_strip_tags_ex CVE-2020-7059 | ||||
* | - bcmath: | Remi Collet | 2019-12-17 | 7 | -8/+463 |
| | | | | | | | | | | | | | | | | Fix #78878 Buffer underflow in bc_shift_addsub CVE-2019-11046 - core: Fix #78862 link() silently truncates after a null byte on Windows CVE-2019-11044 Fix #78863 DirectoryIterator class silently truncates after a null byte CVE-2019-11045 - exif Fix #78793 Use-after-free in exif parsing under memory sanitizer CVE-2019-11050 Fix #78910 Heap-buffer-overflow READ in exif CVE-2019-11047 - use oracle client library version 19.5 (18.5 on EL-6) | ||||
* | Fix CVE-2019-11043 env_path_info underflow in fpm_main.c | Remi Collet | 2019-10-22 | 3 | -5/+65 |
| | |||||
* | From 7.1.32 | Remi Collet | 2019-08-28 | 4 | -6/+181 |
| | | | | | | | - mbstring: Fix CVE-2019-13224 don't allow different encodings for onig_new_deluxe - pcre: Fix #75457 heap use-after-free in pcrelib | ||||
* | - exif: | Remi Collet | 2019-07-30 | 5 | -8/+172 |
| | | | | | | | | | Fix #78256 heap-buffer-overflow on exif_process_user_comment CVE-2019-11042 Fix #78222 heap-buffer-overflow on exif_scan_thumbnail CVE-2019-11041 - phar: Fix #77919 Potential UAF in Phar RSHUTDOWN | ||||
* | bump release | Remi Collet | 2019-07-03 | 1 | -2/+2 |
| | |||||
* | use oracle client library version 19.3 | Remi Collet | 2019-06-17 | 1 | -2/+12 |
| | |||||
* | - iconv: | Remi Collet | 2019-05-28 | 5 | -2/+170 |
| | | | | | | | | | | Fix #78069 Out-of-bounds read in iconv.c:_php_iconv_mime_decode() CVE-2019-11039 - exif: Fix #77988 Heap-buffer-overflow on php_jpg_get16 CVE-2019-11040 - sqlite3: Fix #77967 Bypassing open_basedir restrictions via file uris | ||||
* | - exif: | Remi Collet | 2019-04-30 | 3 | -2/+76 |
| | | | | | Fix #77950 Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG CVE-2019-11036 | ||||
* | - exif: | Remi Collet | 2019-04-02 | 5 | -24/+441 |
| | | | | | | | Fix #77753 Heap-buffer-overflow in php_ifd_get32s Fix #77831 Heap-buffer-overflow in exif_iif_add_value - sqlite3: Added sqlite3.defensive INI directive | ||||
* | ensure php-devel pulls needed lilbraries from php-config output | Remi Collet | 2019-03-29 | 1 | -0/+6 |
| | |||||
* | Fix #76846 Segfault in shutdown function after memory limit error | Remi Collet | 2019-03-15 | 2 | -3/+100 |
| | |||||
* | add CVEs | Remi Collet | 2019-03-15 | 1 | -0/+5 |
| | |||||
* | Fix #77396 Null Pointer Dereference in phar_create_or_parse_filename | Remi Collet | 2019-03-12 | 9 | -42/+335 |
| | | | | | | | Fix #77586 - phar_tar_writeheaders_int() buffer overflow - spl: Fix #77431 openFile() silently truncates after a null byte - security fix synced with https://github.com/Microsoft/php-src/ | ||||
* | f30 build | Remi Collet | 2019-03-08 | 2 | -11/+12 |
| | |||||
* | update test results | Remi Collet | 2019-03-05 | 1 | -3/+7 |
| | |||||
* | Fix #77630 rename() across the device may allow unwanted access during ↵ | Remi Collet | 2019-03-05 | 2 | -1/+97 |
| | | | | processing | ||||
* | - exif: | Remi Collet | 2019-03-04 | 3 | -1/+174 |
| | | | | | | | Fix #77509 Uninitialized read in exif_process_IFD_in_TIFF Fix #77540 Invalid Read on exif_process_SOFn Fix #77563 Uninitialized read in exif_process_IFD_in_MAKERNOTE Fix #77659 Uninitialized read in exif_process_IFD_in_MAKERNOTE | ||||
* | cleanup for EL-8 | Remi Collet | 2019-01-21 | 1 | -14/+22 |
| | |||||
* | Update to 5.6.40 - http://www.php.net/releases/5_6_40.php | Remi Collet | 2019-01-09 | 2 | -2/+5 |
| | |||||
* | Update to 5.6.39 - http://www.php.net/releases/5_6_39.php | Remi Collet | 2018-12-05 | 2 | -10/+6 |
| | |||||
* | use oracle client library version 18.3 | Remi Collet | 2018-10-24 | 2 | -8/+7 |
| | |||||
* | Update to 5.6.38 - http://www.php.net/releases/5_6_38.php | Remi Collet | 2018-09-12 | 2 | -6/+12 |
| | |||||
* | F29: backport ICU 62.1 support from 7.1 | Remi Collet | 2018-08-24 | 3 | -4/+604 |
| | |||||
* | add PostgreSQL to License | Remi Collet | 2018-07-20 | 1 | -0/+2 |
| | |||||
* | Update to 5.6.37 - http://www.php.net/releases/5_6_37.php | Remi Collet | 2018-07-19 | 2 | -7/+14 |
| | |||||
* | Update to 5.6.36 - http://www.php.net/releases/5_6_36.php | Remi Collet | 2018-04-25 | 2 | -2/+5 |
| | |||||
* | Update to 5.6.35 - http://www.php.net/releases/5_6_35.php | Remi Collet | 2018-03-29 | 3 | -3/+13 |
| | | | | FPM: update default pool configuration for process.dumpable | ||||
* | add file trigger to restart the php-fpm service when new pool or new ↵ | Remi Collet | 2018-03-15 | 1 | -9/+13 |
| | | | | extension installed (F27+) | ||||
* | Update to 5.6.34 - http://www.php.net/releases/5_6_34.php | Remi Collet | 2018-02-28 | 2 | -14/+12 |
| | | | | | FPM: revert pid file removal improve devel dependencies | ||||
* | improve devel deps | Remi Collet | 2018-02-16 | 1 | -2/+14 |
| | |||||
* | ldconfig scriptlets | Remi Collet | 2018-02-15 | 1 | -0/+6 |
| | |||||
* | v5.6.33 | Remi Collet | 2018-01-03 | 2 | -17/+17 |
| | |||||
* | data | Remi Collet | 2017-10-25 | 1 | -1/+1 |
| | |||||
* | v5.6.32 | Remi Collet | 2017-10-25 | 3 | -20/+11 |
| | |||||
* | F27: php now requires php-fpm and start it with httpd / nginx | Remi Collet | 2017-09-25 | 2 | -4/+22 |
| | |||||
* | disable httpd MPM check | Remi Collet | 2017-08-25 | 3 | -42/+50 |
| | |||||
* | refresh openssl 1.1 patch for F26 | Remi Collet | 2017-07-06 | 3 | -10/+10 |
| | |||||
* | v5.6.31 | Remi Collet | 2017-07-06 | 4 | -107/+177 |
| | |||||
* | refresh patches | Remi Collet | 2017-04-26 | 3 | -655/+29 |
| | |||||
* | refresj openssl 1.1 patch (F26+) | Remi Collet | 2017-04-04 | 3 | -63/+110 |
| |