| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
core: fix #81727 Don't mangle HTTP variable names that clash with ones
that have a specific semantic meaning. CVE-2022-31629
use oracle client library version 21.7
|
|
|
|
|
|
| |
core: fix #81727 Don't mangle HTTP variable names that clash with ones
that have a specific semantic meaning. CVE-2022-31629
use oracle client library version 21.7
|
|
|
|
|
| |
mysqlnd: fix #81719: mysqlnd/pdo password buffer overflow. CVE-2022-31626
pgsql: fix #81720: Uninitialized array in pg_query_params(). CVE-2022-31625
|
|
|
|
| |
CVE-2021-21707
|
|
|
|
|
|
| |
CVE-2021-21703
use libicu version 69
use oracle client library version 21.3
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
CVE-2021-21705
Fix #76448 Stack buffer overflow in firebird_info_cb
Fix #76449 SIGSEGV in firebird_handle_doer
Fix #76450 SIGSEGV in firebird_stmt_execute
Fix #76452 Crash while parsing blob data in firebird_fetch_blob
CVE-2021-21704
|
| |
|
|
|
|
|
| |
CVE-2021-21702
better fix for #77423
|
|
|
|
| |
CVE-2020-7071
|
|
|
|
|
| |
Fix #79699 PHP parses encoded cookie names so malicious `__Host-` cookies can be sent
CVE-2020-7070
|
|
|
|
|
|
|
| |
Fix #79877 getimagesize function silently truncates after a null byte
Phar:
Fix #79797 use of freed hash key in the phar_parse_zipfile function
CVE-2020-7068
|
|
|
|
|
|
|
| |
Fix #78875 Long filenames cause OOM and temp files are not cleaned
CVE-2019-11048
Fix #78876 Long variables in multipart/form-data cause OOM and temp
files are not cleaned
|
|
|
|
|
|
| |
Fix #79330 shell_exec silently truncates after a null byte
Fix #79465 OOB Read in urldecode
CVE-2020-7067
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix #79329 get_headers() silently truncates after a null byte
CVE-2020-7066
exif:
Fix #79282 Use-of-uninitialized-value in exif
CVE-2020-7064
use oracle client library version 19.6 (18.5 on EL-6)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix #77569 Write Access Violation in DomImplementation
phar:
Fix #79082 Files added to tar with Phar::buildFromIterator have all-access permissions
CVE-2020-7063
session:
Fix #79221 Null Pointer Dereference in PHP Session Upload Progress
CVE-2020-7062
|
| |
|
|
|
|
|
|
|
|
| |
Fix #79037 global buffer-overflow in mbfl_filt_conv_big5_wchar
CVE-2020-7060
standard:
Fix #79099 OOB read in php_strip_tags_ex
CVE-2020-7059
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix #78878 Buffer underflow in bc_shift_addsub
CVE-2019-11046
- core:
Fix #78862 link() silently truncates after a null byte on Windows
CVE-2019-11044
Fix #78863 DirectoryIterator class silently truncates after a null byte
CVE-2019-11045
- exif
Fix #78793 Use-after-free in exif parsing under memory sanitizer
CVE-2019-11050
Fix #78910 Heap-buffer-overflow READ in exif
CVE-2019-11047
- use oracle client library version 19.5 (18.5 on EL-6)
|
| |
|
|
|
|
|
|
|
| |
- mbstring:
Fix CVE-2019-13224 don't allow different encodings for onig_new_deluxe
- pcre:
Fix #75457 heap use-after-free in pcrelib
|
|
|
|
|
|
|
|
|
| |
Fix #78256 heap-buffer-overflow on exif_process_user_comment
CVE-2019-11042
Fix #78222 heap-buffer-overflow on exif_scan_thumbnail
CVE-2019-11041
- phar:
Fix #77919 Potential UAF in Phar RSHUTDOWN
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix #78069 Out-of-bounds read in iconv.c:_php_iconv_mime_decode()
CVE-2019-11039
- exif:
Fix #77988 Heap-buffer-overflow on php_jpg_get16
CVE-2019-11040
- sqlite3:
Fix #77967 Bypassing open_basedir restrictions via file uris
|
|
|
|
|
| |
Fix #77950 Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG
CVE-2019-11036
|
|
|
|
|
|
|
| |
Fix #77753 Heap-buffer-overflow in php_ifd_get32s
Fix #77831 Heap-buffer-overflow in exif_iif_add_value
- sqlite3:
Added sqlite3.defensive INI directive
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
processing
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fix #77509 Uninitialized read in exif_process_IFD_in_TIFF
Fix #77540 Invalid Read on exif_process_SOFn
Fix #77563 Uninitialized read in exif_process_IFD_in_MAKERNOTE
Fix #77659 Uninitialized read in exif_process_IFD_in_MAKERNOTE
- phar:
Fix #77396 Null Pointer Dereference in phar_create_or_parse_filename
- spl:
Fix #77431 openFile() silently truncates after a null byte
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix #77369 memcpy with negative length via crafted DNS response
- mbstring:
Fix #77370 buffer overflow on mb regex functions - fetch_token
Fix #77371 heap buffer overflow in mb regex functions compile_string_node
Fix #77381 heap buffer overflow in multibyte match_at
Fix #77382 heap buffer overflow in expand_case_fold_string
Fix #77385 buffer overflow in fetch_token
Fix #77394 buffer overflow in multibyte case folding - unicode
Fix #77418 heap overflow in utf32be_mbc_to_code
- phar:
Fix #77247 heap buffer overflow in phar_detect_phar_fname_ext
- xmlrpc:
Fix #77242 heap out of bounds read in xmlrpc_decode
Fix #77380 global out of bounds read in xmlrpc base64 code
|
|
|
|
| |
use oracle client library version 18.3
|
| |
|
| |
|
| |
|
| |
|