summaryrefslogtreecommitdiffstats
path: root/php.spec
Commit message (Collapse)AuthorAgeFilesLines
* Fix Leak partial content of the heap through heap buffer over-readHEADmasterRemi Collet2024-11-281-1/+7
| | | | CVE-2024-8929
* Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI InterfaceRemi Collet2024-11-221-2/+24
| | | | | | | | | | | | GHSA-4w77-75f9-2c8w Fix OOB access in ldap_escape CVE-2024-8932 Fix Integer overflow in the dblib/firebird quoter causing OOB writes CVE-2024-11236 Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 Fix Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233
* Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGIRemi Collet2024-09-261-3/+19
| | | | | | | | | | CVE-2024-4577 Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability CVE-2024-8926 Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 Fix Erroneous parsing of multipart form data CVE-2024-8925
* use oracle client library version 23.5 on x86_64Remi Collet2024-07-311-8/+16
|
* Fix filter bypass in filter_var FILTER_VALIDATE_URLRemi Collet2024-06-051-4/+10
| | | | CVE-2024-5458
* use oracle client library version 21.13 on x86_64, 19.19 on aarch64Remi Collet2024-04-101-2/+13
| | | | | | | Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096
* use oracle client library version 21.11 on x86_64, 19.19 on aarch64Remi Collet2023-10-161-1/+5
| | | | use official Oracle Instant Client RPM
* use official Oracle Instant Client RPMRemi Collet2023-09-221-12/+20
|
* Fix Security issue with external entity loading in XML without enabling itRemi Collet2023-08-011-5/+16
| | | | | | | GHSA-3qrf-m4j2-pcrr CVE-2023-3823 Fix Buffer mismanagement in phar_dir_read() GHSA-jqcx-ccgc-xwhv CVE-2023-3824 move httpd/nginx wants directive to config files in /etc
* fix possible buffer overflow in dateRemi Collet2023-06-201-33/+37
| | | | define %php73___phpize and %php73___phpconfig
* Fix Missing error check and insufficient random bytes in HTTP DigestRemi Collet2023-06-071-2/+10
| | | | | | authentication for SOAP GHSA-76gg-c692-v2mw use oracle client library version 21.10
* fix #81744: Password_verify() always return true with some hashRemi Collet2023-02-141-1/+22
| | | | | | | | | CVE-2023-0567 fix #81746: 1-byte array overrun in common path resolve code CVE-2023-0568 fix DOS vulnerability when parsing multipart request body CVE-2023-0662 add dependency on pcre2 minimal version
* pdo: fix #81740: PDO::quote() may return unquoted stringRemi Collet2022-12-191-3/+10
| | | | | CVE-2022-31631 use oracle client library version 21.8
* hash: fix #81738: buffer overflow in hash_update() on long parameter.Remi Collet2022-10-241-1/+7
| | | | CVE-2022-37454
* rebuild with refreshed patchRemi Collet2022-09-271-3/+2
|
* phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628Remi Collet2022-09-271-5/+30
| | | | | | | core: fix #81727 Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. CVE-2022-31629 use oracle client library version 21.7 use ICU 71.1
* use oracle client library version 21.6Remi Collet2022-06-071-3/+16
| | | | | | mysqlnd: fix #81719: mysqlnd/pdo password buffer overflow. CVE-2022-31626 pgsql: fix #81720: Uninitialized array in pg_query_params(). CVE-2022-31625 pcre: fix default options for pcre >= 10.38
* retrieve tzdata versionRemi Collet2022-02-231-14/+8
| | | | use oracle client library version 21.5
* Update to 7.3.33 - http://www.php.net/releases/7_3_33.phpRemi Collet2021-11-161-1/+4
|
* Update to 7.3.32 - http://www.php.net/releases/7_3_32.phpRemi Collet2021-10-261-4/+5
|
* fix PHP-FPM oob R/W in root process leading to priv escalationRemi Collet2021-10-201-3/+10
| | | | | CVE-2021-21703 use libicu version 69
* Update to 7.3.31 - http://www.php.net/releases/7_3_31.phpRemi Collet2021-09-211-2/+6
| | | | use oracle client library version 21.3
* Update to 7.3.30 - http://www.php.net/releases/7_3_30.phpRemi Collet2021-08-241-1/+4
|
* Update to 7.3.29 - http://www.php.net/releases/7_3_29.phpRemi Collet2021-06-291-5/+7
|
* fix snmp extension build with net-snmp without DESRemi Collet2021-05-271-1/+7
|
* Update to 7.3.28 - http://www.php.net/releases/7_3_28.phpRemi Collet2021-04-271-2/+5
|
* add upstream patch for https://bugs.php.net/80783Remi Collet2021-04-081-18/+12
| | | | | PDO ODBC truncates BLOB records at every 256th byte use oracle client library version 21.1
* Update to 7.3.27 - http://www.php.net/releases/7_3_27.phpRemi Collet2021-02-021-2/+5
|
* add upstream patch for https://bugs.php.net/80682Remi Collet2021-01-281-1/+8
| | | | fix opcache doesn't honour pcre.jit option
* Update to 7.3.26 - http://www.php.net/releases/7_3_26.phpRemi Collet2021-01-051-1/+4
|
* update to 7.3.26RC1Remi Collet2020-12-151-2/+7
|
* Update to 7.3.25 - http://www.php.net/releases/7_3_25.phpRemi Collet2020-11-241-2/+6
| | | | use oracle client library version 19.9 (x86_64)
* update to 7.3.25RC1Remi Collet2020-11-101-2/+5
|
* Update to 7.3.24 - http://www.php.net/releases/7_3_24.phpRemi Collet2020-10-271-2/+5
|
* backport fix for https://bugs.php.net/74083 from 7.4Remi Collet2020-10-231-1/+9
| | | | master PHP-fpm is stopped on multiple reloads
* update to 7.3.24RC1Remi Collet2020-10-131-2/+5
|
* Update to 7.3.23 - http://www.php.net/releases/7_3_23.phpRemi Collet2020-09-291-6/+4
|
* update to 7.3.23RC1Remi Collet2020-09-151-2/+5
|
* Update to 7.3.22 - http://www.php.net/releases/7_3_22.phpRemi Collet2020-09-011-1/+4
|
* F33 buildRemi Collet2020-08-191-0/+6
|
* update to 7.3.22RC1Remi Collet2020-08-181-2/+11
| | | | use oracle client library version 19.8 (x86_64)
* Update to 7.3.21 - http://www.php.net/releases/7_3_21.phpRemi Collet2020-08-041-1/+4
|
* update to 7.3.21RC1Remi Collet2020-07-211-3/+7
| | | | build using ICU 65 (excepted on EL-6)
* Update to 7.3.20 - http://www.php.net/releases/7_3_20.phpRemi Collet2020-07-071-2/+5
|
* display build system and provider in phpinfo (from 8.0)Remi Collet2020-07-061-4/+13
|
* update to 7.3.20RC1Remi Collet2020-06-231-2/+5
|
* Update to 7.3.19 - http://www.php.net/releases/7_3_19.phpRemi Collet2020-06-091-3/+12
| | | | | rebuild using oniguruma5php build phpdbg only once
* update to 7.3.19RC1Remi Collet2020-05-261-2/+5
|
* Update to 7.3.18 - http://www.php.net/releases/7_3_18.phpRemi Collet2020-05-121-1/+4
|
* update to 7.3.18RC1Remi Collet2020-04-281-2/+5
|