Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI InterfaceHEADmaster | Remi Collet | 2024-11-26 | 1 | -1/+1 |
| | | | | | | | | | | | | GHSA-4w77-75f9-2c8w Fix OOB access in ldap_escape CVE-2024-8932 Fix Integer overflow in the dblib/firebird quoter causing OOB writes CVE-2024-11236 Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 Fix Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 | ||||
* | Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI | Remi Collet | 2024-09-27 | 1 | -4/+3 |
| | | | | | | | | | | CVE-2024-4577 Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability CVE-2024-8926 Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 Fix Erroneous parsing of multipart form data CVE-2024-8925 | ||||
* | use oracle client library version 21.13 on x86_64, 19.19 on aarch64 | Remi Collet | 2024-04-10 | 1 | -3/+3 |
| | | | | | | | Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096 | ||||
* | fix #81744: Password_verify() always return true with some hash | Remi Collet | 2023-02-15 | 1 | -9/+5 |
| | | | | | | | | CVE-2023-0567 fix #81746: 1-byte array overrun in common path resolve code CVE-2023-0568 fix DOS vulnerability when parsing multipart request body CVE-2023-0662 | ||||
* | Fix #80672 Null Dereference in SoapClient | Remi Collet | 2021-02-03 | 1 | -1/+1 |
| | | | | | CVE-2021-21702 better fix for #77423 | ||||
* | Fix #77423 FILTER_VALIDATE_URL accepts URLs with invalid userinfo | Remi Collet | 2021-01-04 | 1 | -2/+1 |
| | | | | CVE-2020-7071 | ||||
* | dom: | Remi Collet | 2020-02-18 | 1 | -1/+1 |
| | | | | | | | | | | Fix #77569 Write Access Violation in DomImplementation phar: Fix #79082 Files added to tar with Phar::buildFromIterator have all-access permissions CVE-2020-7063 session: Fix #79221 Null Pointer Dereference in PHP Session Upload Progress CVE-2020-7062 | ||||
* | mbstring: | Remi Collet | 2020-01-21 | 1 | -9/+5 |
| | | | | | | | | | | Fix #79037 global buffer-overflow in mbfl_filt_conv_big5_wchar CVE-2020-7060 session: Fix #79091 heap use-after-free in session_create_id standard: Fix #79099 OOB read in php_strip_tags_ex CVE-2020-7059 | ||||
* | - bcmath: | Remi Collet | 2019-12-17 | 1 | -8/+6 |
| | | | | | | | | | | | | | | | | Fix #78878 Buffer underflow in bc_shift_addsub CVE-2019-11046 - core: Fix #78862 link() silently truncates after a null byte on Windows CVE-2019-11044 Fix #78863 DirectoryIterator class silently truncates after a null byte CVE-2019-11045 - exif Fix #78793 Use-after-free in exif parsing under memory sanitizer CVE-2019-11050 Fix #78910 Heap-buffer-overflow READ in exif CVE-2019-11047 - use oracle client library version 19.5 (18.5 on EL-6) | ||||
* | Update to 7.1.33 - http://www.php.net/releases/7_1_33.php | Remi Collet | 2019-10-23 | 1 | -6/+11 |
| | |||||
* | Update to 7.1.32 - http://www.php.net/releases/7_1_32.php | Remi Collet | 2019-08-28 | 1 | -5/+7 |
| | |||||
* | Update to 7.1.31 - http://www.php.net/releases/7_1_31.php | Remi Collet | 2019-07-31 | 1 | -5/+4 |
| | |||||
* | v7.1.30 | Remi Collet | 2019-05-28 | 1 | -1/+1 |
| | |||||
* | Update to 7.1.29 - http://www.php.net/releases/7_1_29.php | Remi Collet | 2019-05-01 | 1 | -8/+4 |
| | |||||
* | Update to 7.1.28 - http://www.php.net/releases/7_1_28.php | Remi Collet | 2019-04-02 | 1 | -2/+2 |
| | |||||
* | F30 build | Remi Collet | 2019-03-08 | 1 | -2/+3 |
| | |||||
* | Update to 7.1.27 - http://www.php.net/releases/7_1_27.php | Remi Collet | 2019-03-06 | 1 | -4/+10 |
| | | | | add upstream patch for OpenSSL 1.1.1b | ||||
* | Update to 7.1.26 - http://www.php.net/releases/7_1_26.php | Remi Collet | 2019-01-09 | 1 | -1/+1 |
| | |||||
* | Update to 7.1.25 - http://www.php.net/releases/7_1_25.php | Remi Collet | 2018-12-05 | 1 | -1/+1 |
| | |||||
* | v7.1.25RC1 | Remi Collet | 2018-11-22 | 1 | -1/+1 |
| | |||||
* | Update to 7.1.24 - http://www.php.net/releases/7_1_24.php | Remi Collet | 2018-11-07 | 1 | -4/+2 |
| | |||||
* | FPM: add getallheaders, backported from 7.3 | Remi Collet | 2018-10-25 | 1 | -3/+3 |
| | |||||
* | 7.1.24RC1 | Remi Collet | 2018-10-24 | 1 | -2/+4 |
| | |||||
* | Update to 7.1.23 - http://www.php.net/releases/7_1_23.php | Remi Collet | 2018-10-10 | 1 | -1/+1 |
| | |||||
* | update to 7.1.23RC1 | Remi Collet | 2018-09-29 | 1 | -1/+1 |
| | | | | use oracle client library version 18.3 | ||||
* | refresh results with upstream patch | Remi Collet | 2018-09-11 | 1 | -3/+1 |
| | |||||
* | Update to 7.1.22 - http://www.php.net/releases/7_1_22.php | Remi Collet | 2018-09-11 | 1 | -1/+1 |
| | |||||
* | v7.1.22RC1 | Remi Collet | 2018-08-30 | 1 | -2/+4 |
| | |||||
* | Update to 7.1.21 - http://www.php.net/releases/7_1_21.php | Remi Collet | 2018-08-15 | 1 | -1/+1 |
| | |||||
* | Update to 7.1.20 - http://www.php.net/releases/7_1_20.php | Remi Collet | 2018-07-20 | 1 | -1/+1 |
| | |||||
* | v7.1.20RC1 | Remi Collet | 2018-07-06 | 1 | -1/+1 |
| | |||||
* | Update to 7.1.19 - http://www.php.net/releases/7_1_19.php | Remi Collet | 2018-06-21 | 1 | -1/+1 |
| | |||||
* | 7.1.19RC1 | Remi Collet | 2018-06-07 | 1 | -4/+2 |
| | |||||
* | Update to 7.1.18 - http://www.php.net/releases/7_1_18.php | Remi Collet | 2018-05-24 | 1 | -5/+5 |
| | |||||
* | v7.1.18RC1 | Remi Collet | 2018-05-13 | 1 | -5/+5 |
| | |||||
* | Update to 7.1.17 - http://www.php.net/releases/7_1_17.php | Remi Collet | 2018-04-25 | 1 | -2/+4 |
| | |||||
* | Update to 7.1.16 - http://www.php.net/releases/7_1_16.php | Remi Collet | 2018-03-28 | 1 | -4/+2 |
| | | | | FPM: update default pool configuration for process.dumpable | ||||
* | v7.1.16RC1 | Remi Collet | 2018-03-14 | 1 | -7/+5 |
| | |||||
* | Update to 7.1.15 - http://www.php.net/releases/7_1_15.php | Remi Collet | 2018-02-28 | 1 | -3/+5 |
| | | | | | FPM: revert pid file removal improve devel dependencies | ||||
* | fix date | Remi Collet | 2018-02-14 | 1 | -1/+1 |
| | |||||
* | Update to 7.1.15RC1 | Remi Collet | 2018-02-14 | 1 | -1/+3 |
| | | | | adapt ldap patch | ||||
* | Update to 7.1.14 - http://www.php.net/releases/7_1_14.php | Remi Collet | 2018-01-31 | 1 | -1/+1 |
| | |||||
* | Update to 7.1.14RC1 | Remi Collet | 2018-01-17 | 1 | -9/+7 |
| | | | | define SOURCE_DATE_EPOCH for reproducible build | ||||
* | v7.1.3 | Remi Collet | 2018-01-03 | 1 | -3/+5 |
| | |||||
* | v7.1.13RC1 | Remi Collet | 2017-12-06 | 1 | -1/+1 |
| | |||||
* | v7.1.12 | Remi Collet | 2017-11-22 | 1 | -1/+1 |
| | |||||
* | v7.1.12RC1 | Remi Collet | 2017-11-07 | 1 | -2/+1 |
| | |||||
* | v7.1.11 | Remi Collet | 2017-10-25 | 1 | -1/+1 |
| | |||||
* | Update to 7.1.11RC1 | Remi Collet | 2017-10-11 | 1 | -4/+2 |
| | | | | oci8 version is now 2.1.8 | ||||
* | v7.1.10 | Remi Collet | 2017-09-27 | 1 | -2/+4 |
| |