Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface | Remi Collet | 2024-11-26 | 1 | -2/+2 |
| | | | | | | | | | | GHSA-4w77-75f9-2c8w Fix OOB access in ldap_escape CVE-2024-8932 Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 Fix Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 | ||||
* | Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI | Remi Collet | 2024-09-27 | 1 | -4/+3 |
| | | | | | | | | | | CVE-2024-4577 Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability CVE-2024-8926 Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 Fix Erroneous parsing of multipart form data CVE-2024-8925 | ||||
* | use oracle client library version 21.13 | Remi Collet | 2024-04-10 | 1 | -2/+2 |
| | | | | | | | Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096 | ||||
* | fix #81744: Password_verify() always return true with some hash | Remi Collet | 2023-02-15 | 1 | -18/+5 |
| | | | | | | | | CVE-2023-0567 fix #81746: 1-byte array overrun in common path resolve code CVE-2023-0568 fix DOS vulnerability when parsing multipart request body CVE-2023-0662 | ||||
* | add fix for GCC 10 | Remi Collet | 2020-02-19 | 1 | -3/+3 |
| | |||||
* | mbstring: | Remi Collet | 2020-01-21 | 1 | -1/+1 |
| | | | | | | | | Fix #79037 global buffer-overflow in mbfl_filt_conv_big5_wchar CVE-2020-7060 standard: Fix #79099 OOB read in php_strip_tags_ex CVE-2020-7059 | ||||
* | - bcmath: | Remi Collet | 2019-12-17 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | Fix #78878 Buffer underflow in bc_shift_addsub CVE-2019-11046 - core: Fix #78862 link() silently truncates after a null byte on Windows CVE-2019-11044 Fix #78863 DirectoryIterator class silently truncates after a null byte CVE-2019-11045 - exif Fix #78793 Use-after-free in exif parsing under memory sanitizer CVE-2019-11050 Fix #78910 Heap-buffer-overflow READ in exif CVE-2019-11047 - use oracle client library version 19.5 (18.5 on EL-6) | ||||
* | Fix CVE-2019-11043 env_path_info underflow in fpm_main.c | Remi Collet | 2019-10-22 | 1 | -3/+4 |
| | |||||
* | From 7.1.32 | Remi Collet | 2019-08-28 | 1 | -5/+6 |
| | | | | | | | - mbstring: Fix CVE-2019-13224 don't allow different encodings for onig_new_deluxe - pcre: Fix #75457 heap use-after-free in pcrelib | ||||
* | - exif: | Remi Collet | 2019-07-30 | 1 | -7/+3 |
| | | | | | | | | | Fix #78256 heap-buffer-overflow on exif_process_user_comment CVE-2019-11042 Fix #78222 heap-buffer-overflow on exif_scan_thumbnail CVE-2019-11041 - phar: Fix #77919 Potential UAF in Phar RSHUTDOWN | ||||
* | - iconv: | Remi Collet | 2019-05-28 | 1 | -1/+1 |
| | | | | | | | | | | Fix #78069 Out-of-bounds read in iconv.c:_php_iconv_mime_decode() CVE-2019-11039 - exif: Fix #77988 Heap-buffer-overflow on php_jpg_get16 CVE-2019-11040 - sqlite3: Fix #77967 Bypassing open_basedir restrictions via file uris | ||||
* | - exif: | Remi Collet | 2019-04-30 | 1 | -1/+1 |
| | | | | | Fix #77950 Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG CVE-2019-11036 | ||||
* | - exif: | Remi Collet | 2019-04-02 | 1 | -20/+12 |
| | | | | | | | Fix #77753 Heap-buffer-overflow in php_ifd_get32s Fix #77831 Heap-buffer-overflow in exif_iif_add_value - sqlite3: Added sqlite3.defensive INI directive | ||||
* | Fix #77396 Null Pointer Dereference in phar_create_or_parse_filename | Remi Collet | 2019-03-12 | 1 | -3/+3 |
| | | | | | | | Fix #77586 - phar_tar_writeheaders_int() buffer overflow - spl: Fix #77431 openFile() silently truncates after a null byte - security fix synced with https://github.com/Microsoft/php-src/ | ||||
* | f30 build | Remi Collet | 2019-03-08 | 1 | -5/+6 |
| | |||||
* | update test results | Remi Collet | 2019-03-05 | 1 | -3/+7 |
| | |||||
* | Update to 5.6.40 - http://www.php.net/releases/5_6_40.php | Remi Collet | 2019-01-09 | 1 | -1/+1 |
| | |||||
* | Update to 5.6.39 - http://www.php.net/releases/5_6_39.php | Remi Collet | 2018-12-05 | 1 | -1/+1 |
| | |||||
* | use oracle client library version 18.3 | Remi Collet | 2018-10-24 | 1 | -6/+2 |
| | |||||
* | Update to 5.6.38 - http://www.php.net/releases/5_6_38.php | Remi Collet | 2018-09-12 | 1 | -4/+7 |
| | |||||
* | F29: backport ICU 62.1 support from 7.1 | Remi Collet | 2018-08-24 | 1 | -3/+7 |
| | |||||
* | Update to 5.6.37 - http://www.php.net/releases/5_6_37.php | Remi Collet | 2018-07-19 | 1 | -6/+10 |
| | |||||
* | Update to 5.6.36 - http://www.php.net/releases/5_6_36.php | Remi Collet | 2018-04-25 | 1 | -1/+1 |
| | |||||
* | Update to 5.6.35 - http://www.php.net/releases/5_6_35.php | Remi Collet | 2018-03-29 | 1 | -1/+1 |
| | | | | FPM: update default pool configuration for process.dumpable | ||||
* | Update to 5.6.34 - http://www.php.net/releases/5_6_34.php | Remi Collet | 2018-02-28 | 1 | -11/+6 |
| | | | | | FPM: revert pid file removal improve devel dependencies | ||||
* | v5.6.33 | Remi Collet | 2018-01-03 | 1 | -16/+13 |
| | |||||
* | data | Remi Collet | 2017-10-25 | 1 | -1/+1 |
| | |||||
* | v5.6.32 | Remi Collet | 2017-10-25 | 1 | -5/+5 |
| | |||||
* | disable httpd MPM check | Remi Collet | 2017-08-25 | 1 | -1/+5 |
| | |||||
* | refresh openssl 1.1 patch for F26 | Remi Collet | 2017-07-06 | 1 | -6/+3 |
| | |||||
* | v5.6.31 | Remi Collet | 2017-07-06 | 1 | -19/+27 |
| | |||||
* | php56: f26 rebuild | Remi Collet | 2017-03-17 | 1 | -1/+12 |
| | |||||
* | PHP 5.6.30 | Remi Collet | 2017-01-19 | 1 | -10/+7 |
| | |||||
* | PHP 5.6.30RC1 | Remi Collet | 2017-01-06 | 1 | -8/+11 |
| | |||||
* | PHP 5.6.29 | Remi Collet | 2016-12-08 | 1 | -6/+2 |
| | |||||
* | PHP 5.6.29RC1 | Remi Collet | 2016-11-24 | 1 | -1/+1 |
| | |||||
* | PHP 5.6.28 | Remi Collet | 2016-11-09 | 1 | -1/+1 |
| | |||||
* | PHP 5.6.28RC1 | Remi Collet | 2016-10-28 | 1 | -6/+5 |
| | |||||
* | PHP 5.6.27 | Remi Collet | 2016-10-14 | 1 | -4/+11 |
| | |||||
* | PHP 5.6.27RC1 | Remi Collet | 2016-09-29 | 1 | -1/+1 |
| | |||||
* | PHP 5.6.26 | Remi Collet | 2016-09-15 | 1 | -1/+1 |
| | |||||
* | php56, f25 build | Remi Collet | 2016-09-11 | 1 | -0/+1 |
| | |||||
* | PHP 5.6.26RC1 | Remi Collet | 2016-09-02 | 1 | -1/+1 |
| | |||||
* | PHP 5.6.25 | Remi Collet | 2016-08-31 | 1 | -5/+2 |
| | |||||
* | PHP 5.6.25RC1 | Remi Collet | 2016-08-04 | 1 | -11/+6 |
| | |||||
* | PHP 5.6.24 | Remi Collet | 2016-07-21 | 1 | -4/+2 |
| | |||||
* | PHP 5.6.24RC1 | Remi Collet | 2016-07-07 | 1 | -2/+4 |
| | |||||
* | PHP 5.6.23 | Remi Collet | 2016-06-22 | 1 | -1/+1 |
| | |||||
* | PHP 5.6.23RC1 | Remi Collet | 2016-06-10 | 1 | -1/+1 |
| | |||||
* | PHP 5.6.22 | Remi Collet | 2016-05-26 | 1 | -1/+1 |
| |