summaryrefslogtreecommitdiffstats
path: root/failed.txt
Commit message (Collapse)AuthorAgeFilesLines
* Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI InterfaceRemi Collet2024-11-261-2/+2
| | | | | | | | | | GHSA-4w77-75f9-2c8w Fix OOB access in ldap_escape CVE-2024-8932 Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 Fix Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233
* Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGIRemi Collet2024-09-271-4/+3
| | | | | | | | | | CVE-2024-4577 Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability CVE-2024-8926 Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 Fix Erroneous parsing of multipart form data CVE-2024-8925
* use oracle client library version 21.13Remi Collet2024-04-101-2/+2
| | | | | | | Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096
* fix #81744: Password_verify() always return true with some hashRemi Collet2023-02-151-18/+5
| | | | | | | | CVE-2023-0567 fix #81746: 1-byte array overrun in common path resolve code CVE-2023-0568 fix DOS vulnerability when parsing multipart request body CVE-2023-0662
* add fix for GCC 10Remi Collet2020-02-191-3/+3
|
* mbstring:Remi Collet2020-01-211-1/+1
| | | | | | | | Fix #79037 global buffer-overflow in mbfl_filt_conv_big5_wchar CVE-2020-7060 standard: Fix #79099 OOB read in php_strip_tags_ex CVE-2020-7059
* - bcmath:Remi Collet2019-12-171-1/+1
| | | | | | | | | | | | | | | | Fix #78878 Buffer underflow in bc_shift_addsub CVE-2019-11046 - core: Fix #78862 link() silently truncates after a null byte on Windows CVE-2019-11044 Fix #78863 DirectoryIterator class silently truncates after a null byte CVE-2019-11045 - exif Fix #78793 Use-after-free in exif parsing under memory sanitizer CVE-2019-11050 Fix #78910 Heap-buffer-overflow READ in exif CVE-2019-11047 - use oracle client library version 19.5 (18.5 on EL-6)
* Fix CVE-2019-11043 env_path_info underflow in fpm_main.cRemi Collet2019-10-221-3/+4
|
* From 7.1.32Remi Collet2019-08-281-5/+6
| | | | | | | - mbstring: Fix CVE-2019-13224 don't allow different encodings for onig_new_deluxe - pcre: Fix #75457 heap use-after-free in pcrelib
* - exif:Remi Collet2019-07-301-7/+3
| | | | | | | | | Fix #78256 heap-buffer-overflow on exif_process_user_comment CVE-2019-11042 Fix #78222 heap-buffer-overflow on exif_scan_thumbnail CVE-2019-11041 - phar: Fix #77919 Potential UAF in Phar RSHUTDOWN
* - iconv:Remi Collet2019-05-281-1/+1
| | | | | | | | | | Fix #78069 Out-of-bounds read in iconv.c:_php_iconv_mime_decode() CVE-2019-11039 - exif: Fix #77988 Heap-buffer-overflow on php_jpg_get16 CVE-2019-11040 - sqlite3: Fix #77967 Bypassing open_basedir restrictions via file uris
* - exif:Remi Collet2019-04-301-1/+1
| | | | | Fix #77950 Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG CVE-2019-11036
* - exif:Remi Collet2019-04-021-20/+12
| | | | | | | Fix #77753 Heap-buffer-overflow in php_ifd_get32s Fix #77831 Heap-buffer-overflow in exif_iif_add_value - sqlite3: Added sqlite3.defensive INI directive
* Fix #77396 Null Pointer Dereference in phar_create_or_parse_filenameRemi Collet2019-03-121-3/+3
| | | | | | | Fix #77586 - phar_tar_writeheaders_int() buffer overflow - spl: Fix #77431 openFile() silently truncates after a null byte - security fix synced with https://github.com/Microsoft/php-src/
* f30 buildRemi Collet2019-03-081-5/+6
|
* update test resultsRemi Collet2019-03-051-3/+7
|
* Update to 5.6.40 - http://www.php.net/releases/5_6_40.phpRemi Collet2019-01-091-1/+1
|
* Update to 5.6.39 - http://www.php.net/releases/5_6_39.phpRemi Collet2018-12-051-1/+1
|
* use oracle client library version 18.3Remi Collet2018-10-241-6/+2
|
* Update to 5.6.38 - http://www.php.net/releases/5_6_38.phpRemi Collet2018-09-121-4/+7
|
* F29: backport ICU 62.1 support from 7.1Remi Collet2018-08-241-3/+7
|
* Update to 5.6.37 - http://www.php.net/releases/5_6_37.phpRemi Collet2018-07-191-6/+10
|
* Update to 5.6.36 - http://www.php.net/releases/5_6_36.phpRemi Collet2018-04-251-1/+1
|
* Update to 5.6.35 - http://www.php.net/releases/5_6_35.phpRemi Collet2018-03-291-1/+1
| | | | FPM: update default pool configuration for process.dumpable
* Update to 5.6.34 - http://www.php.net/releases/5_6_34.phpRemi Collet2018-02-281-11/+6
| | | | | FPM: revert pid file removal improve devel dependencies
* v5.6.33Remi Collet2018-01-031-16/+13
|
* dataRemi Collet2017-10-251-1/+1
|
* v5.6.32Remi Collet2017-10-251-5/+5
|
* disable httpd MPM checkRemi Collet2017-08-251-1/+5
|
* refresh openssl 1.1 patch for F26Remi Collet2017-07-061-6/+3
|
* v5.6.31Remi Collet2017-07-061-19/+27
|
* php56: f26 rebuildRemi Collet2017-03-171-1/+12
|
* PHP 5.6.30Remi Collet2017-01-191-10/+7
|
* PHP 5.6.30RC1Remi Collet2017-01-061-8/+11
|
* PHP 5.6.29Remi Collet2016-12-081-6/+2
|
* PHP 5.6.29RC1Remi Collet2016-11-241-1/+1
|
* PHP 5.6.28Remi Collet2016-11-091-1/+1
|
* PHP 5.6.28RC1Remi Collet2016-10-281-6/+5
|
* PHP 5.6.27Remi Collet2016-10-141-4/+11
|
* PHP 5.6.27RC1Remi Collet2016-09-291-1/+1
|
* PHP 5.6.26Remi Collet2016-09-151-1/+1
|
* php56, f25 buildRemi Collet2016-09-111-0/+1
|
* PHP 5.6.26RC1Remi Collet2016-09-021-1/+1
|
* PHP 5.6.25Remi Collet2016-08-311-5/+2
|
* PHP 5.6.25RC1Remi Collet2016-08-041-11/+6
|
* PHP 5.6.24Remi Collet2016-07-211-4/+2
|
* PHP 5.6.24RC1Remi Collet2016-07-071-2/+4
|
* PHP 5.6.23Remi Collet2016-06-221-1/+1
|
* PHP 5.6.23RC1Remi Collet2016-06-101-1/+1
|
* PHP 5.6.22Remi Collet2016-05-261-1/+1
|