Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI InterfaceHEADmaster | Remi Collet | 3 days | 1 | -7/+37 |
| | | | | | | | | | | | | GHSA-4w77-75f9-2c8w Fix OOB access in ldap_escape CVE-2024-8932 Fix Integer overflow in the dblib/firebird quoter causing OOB writes CVE-2024-11236 Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 Fix Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 | ||||
* | rename patches | Remi Collet | 12 days | 1 | -7/+7 |
| | |||||
* | Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI | Remi Collet | 2024-09-26 | 1 | -4/+25 |
| | | | | | | | | | | | | | CVE-2024-4577 Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability CVE-2024-8926 Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 Fix Logs from childrens may be altered CVE-2024-9026 Fix Erroneous parsing of multipart form data CVE-2024-8925 use ICU 74.2 | ||||
* | add backport for https://bugs.php.net/79589 | Remi Collet | 2024-08-26 | 1 | -4/+8 |
| | | | | error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading | ||||
* | use oracle client library version 23.5 on x86_64 | Remi Collet | 2024-07-31 | 1 | -7/+15 |
| | |||||
* | Fix filter bypass in filter_var FILTER_VALIDATE_URL | Remi Collet | 2024-06-05 | 1 | -4/+10 |
| | | | | CVE-2024-5458 | ||||
* | Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix | Remi Collet | 2024-04-10 | 1 | -1/+11 |
| | | | | | | CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096 | ||||
* | patch test suite for zlib-ng | Remi Collet | 2024-03-07 | 1 | -1/+10 |
| | |||||
* | add build patch for GCC 14 | Remi Collet | 2024-02-14 | 1 | -2/+8 |
| | | | | use oracle client library version 21.13 on x86_64 | ||||
* | use ICU 73.2 | Remi Collet | 2023-12-12 | 1 | -5/+16 |
| | | | | | use oracle client library version 21.12 on x86_64, 19.19 on aarch64 add fixes for libxml 2.11 and 2.12 from 8.1 | ||||
* | use oracle client library version 21.11 on x86_64, 19.19 on aarch64 | Remi Collet | 2023-09-22 | 1 | -25/+32 |
| | | | | use official Oracle Instant Client RPM | ||||
* | Fix Security issue with external entity loading in XML without enabling it | Remi Collet | 2023-08-01 | 1 | -6/+17 |
| | | | | | | | GHSA-3qrf-m4j2-pcrr CVE-2023-3823 Fix Buffer mismanagement in phar_dir_read() GHSA-jqcx-ccgc-xwhv CVE-2023-3824 move httpd/nginx wants directive to config files in /etc | ||||
* | refresh patches | Remi Collet | 2023-06-26 | 1 | -3/+3 |
| | |||||
* | Fix Missing error check and insufficient random bytes in HTTP Digest | Remi Collet | 2023-06-06 | 1 | -1/+8 |
| | | | | | authentication for SOAP GHSA-76gg-c692-v2mw | ||||
* | use ICU 72.1 | Remi Collet | 2023-05-11 | 1 | -29/+31 |
| | | | | | | use oracle client library version 21.10 fix possible buffer overflow in date define %__phpize and %__phpconfig | ||||
* | F38: enable imap extension | Remi Collet | 2023-02-21 | 1 | -6/+4 |
| | |||||
* | fix #81744: Password_verify() always return true with some hash | Remi Collet | 2023-02-14 | 1 | -1/+16 |
| | | | | | | | | CVE-2023-0567 fix #81746: 1-byte array overrun in common path resolve code CVE-2023-0568 fix DOS vulnerability when parsing multipart request body CVE-2023-0662 | ||||
* | F38: disable imap extension | Remi Collet | 2023-02-10 | 1 | -5/+32 |
| | |||||
* | pdo: fix #81740: PDO::quote() may return unquoted string | Remi Collet | 2022-12-19 | 1 | -2/+22 |
| | | | | | CVE-2022-31631 use oracle client library version 21.8 | ||||
* | Update to 7.4.33 - http://www.php.net/releases/7_4_33.php | Remi Collet | 2022-11-01 | 1 | -7/+6 |
| | |||||
* | add upstream fix for CVE-2022-31630 and CVE-2022-37454 | Remi Collet | 2022-10-26 | 1 | -43/+46 |
| | |||||
* | Update to 7.4.32 - http://www.php.net/releases/7_4_32.php | Remi Collet | 2022-09-28 | 1 | -2/+6 |
| | | | | use ICU 71.1 | ||||
* | use bcond for zts and debug | Remi Collet | 2022-08-16 | 1 | -31/+35 |
| | |||||
* | Update to 7.4.30 - http://www.php.net/releases/7_4_30.php | Remi Collet | 2022-06-07 | 1 | -2/+6 |
| | | | | use oracle client library version 21.6 | ||||
* | Update to 7.4.29 - http://www.php.net/releases/7_4_29.php | Remi Collet | 2022-04-12 | 1 | -5/+6 |
| | |||||
* | retrieve tzdata version | Remi Collet | 2022-02-22 | 1 | -7/+7 |
| | | | | use oracle client library version 21.5 | ||||
* | Update to 7.4.28 - http://www.php.net/releases/7_4_28.php | Remi Collet | 2022-02-15 | 1 | -2/+5 |
| | |||||
* | Update to 7.4.27 - http://www.php.net/releases/7_4_27.php | Remi Collet | 2021-12-15 | 1 | -2/+5 |
| | |||||
* | ensure we use libgd >= 2.3 | Remi Collet | 2021-12-02 | 1 | -7/+5 |
| | |||||
* | update to 7.4.27RC1 | Remi Collet | 2021-12-01 | 1 | -3/+7 |
| | | | | use oracle client library version 21.4 | ||||
* | Update to 7.4.26 - http://www.php.net/releases/7_4_26.php | Remi Collet | 2021-11-16 | 1 | -2/+5 |
| | |||||
* | add patch for OpenSSL 3.0, backported from 8.1 | Remi Collet | 2021-11-09 | 1 | -1/+17 |
| | |||||
* | update to 7.4.26RC1 | Remi Collet | 2021-11-03 | 1 | -3/+6 |
| | |||||
* | Update to 7.4.25 - http://www.php.net/releases/7_4_25.php | Remi Collet | 2021-10-20 | 1 | -1/+4 |
| | |||||
* | update to 7.4.24RC1 | Remi Collet | 2021-10-06 | 1 | -7/+11 |
| | | | | use libicu version 69 | ||||
* | Update to 7.4.24 - http://www.php.net/releases/7_4_24.php | Remi Collet | 2021-09-21 | 1 | -1/+4 |
| | |||||
* | update to 7.4.24RC1 | Remi Collet | 2021-09-08 | 1 | -3/+7 |
| | | | | use oracle client library version 21.3 | ||||
* | Update to 7.4.23 - http://www.php.net/releases/7_4_23.php | Remi Collet | 2021-08-24 | 1 | -1/+4 |
| | |||||
* | update to 7.4.23RC1 | Remi Collet | 2021-08-10 | 1 | -2/+5 |
| | |||||
* | Update to 7.4.22 - http://www.php.net/releases/7_4_22.php | Remi Collet | 2021-07-28 | 1 | -1/+4 |
| | |||||
* | update to 7.4.22RC1 | Remi Collet | 2021-07-13 | 1 | -2/+5 |
| | |||||
* | Update to 7.4.21 - http://www.php.net/releases/7_4_21.php | Remi Collet | 2021-06-29 | 1 | -4/+7 |
| | |||||
* | update to 7.4.21RC1 | Remi Collet | 2021-06-16 | 1 | -2/+9 |
| | | | | ignore unsupported "threads" option on password_hash | ||||
* | Update to 7.4.20 - http://www.php.net/releases/7_4_20.php | Remi Collet | 2021-06-02 | 1 | -1/+4 |
| | |||||
* | update to 7.4.20RC1 | Remi Collet | 2021-05-18 | 1 | -2/+5 |
| | |||||
* | Update to 7.4.19 - http://www.php.net/releases/7_4_19.php | Remi Collet | 2021-05-04 | 1 | -1/+4 |
| | |||||
* | Update to 7.4.18 - http://www.php.net/releases/7_4_18.php | Remi Collet | 2021-04-27 | 1 | -1/+4 |
| | |||||
* | update to 7.4.18RC1 | Remi Collet | 2021-04-13 | 1 | -1/+4 |
| | |||||
* | update to 7.4.17RC1 | Remi Collet | 2021-03-16 | 1 | -8/+8 |
| | | | | use oracle client library version 21.1 | ||||
* | Update to 7.4.16 - http://www.php.net/releases/7_4_16.php | Remi Collet | 2021-03-02 | 1 | -1/+4 |
| |