summaryrefslogtreecommitdiffstats
path: root/failed.txt
Commit message (Collapse)AuthorAgeFilesLines
* Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI InterfaceHEADmasterRemi Collet2024-11-261-1/+1
| | | | | | | | | | | | GHSA-4w77-75f9-2c8w Fix OOB access in ldap_escape CVE-2024-8932 Fix Integer overflow in the dblib/firebird quoter causing OOB writes CVE-2024-11236 Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 Fix Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233
* Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGIRemi Collet2024-09-271-4/+3
| | | | | | | | | | CVE-2024-4577 Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability CVE-2024-8926 Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 Fix Erroneous parsing of multipart form data CVE-2024-8925
* use oracle client library version 21.13 on x86_64, 19.19 on aarch64Remi Collet2024-04-101-3/+3
| | | | | | | Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096
* fix #81744: Password_verify() always return true with some hashRemi Collet2023-02-151-9/+5
| | | | | | | | CVE-2023-0567 fix #81746: 1-byte array overrun in common path resolve code CVE-2023-0568 fix DOS vulnerability when parsing multipart request body CVE-2023-0662
* Fix #80672 Null Dereference in SoapClientRemi Collet2021-02-031-1/+1
| | | | | CVE-2021-21702 better fix for #77423
* Fix #77423 FILTER_VALIDATE_URL accepts URLs with invalid userinfoRemi Collet2021-01-041-2/+1
| | | | CVE-2020-7071
* dom:Remi Collet2020-02-181-1/+1
| | | | | | | | | | Fix #77569 Write Access Violation in DomImplementation phar: Fix #79082 Files added to tar with Phar::buildFromIterator have all-access permissions CVE-2020-7063 session: Fix #79221 Null Pointer Dereference in PHP Session Upload Progress CVE-2020-7062
* mbstring:Remi Collet2020-01-211-9/+5
| | | | | | | | | | Fix #79037 global buffer-overflow in mbfl_filt_conv_big5_wchar CVE-2020-7060 session: Fix #79091 heap use-after-free in session_create_id standard: Fix #79099 OOB read in php_strip_tags_ex CVE-2020-7059
* - bcmath:Remi Collet2019-12-171-8/+6
| | | | | | | | | | | | | | | | Fix #78878 Buffer underflow in bc_shift_addsub CVE-2019-11046 - core: Fix #78862 link() silently truncates after a null byte on Windows CVE-2019-11044 Fix #78863 DirectoryIterator class silently truncates after a null byte CVE-2019-11045 - exif Fix #78793 Use-after-free in exif parsing under memory sanitizer CVE-2019-11050 Fix #78910 Heap-buffer-overflow READ in exif CVE-2019-11047 - use oracle client library version 19.5 (18.5 on EL-6)
* Update to 7.1.33 - http://www.php.net/releases/7_1_33.phpRemi Collet2019-10-231-6/+11
|
* Update to 7.1.32 - http://www.php.net/releases/7_1_32.phpRemi Collet2019-08-281-5/+7
|
* Update to 7.1.31 - http://www.php.net/releases/7_1_31.phpRemi Collet2019-07-311-5/+4
|
* v7.1.30Remi Collet2019-05-281-1/+1
|
* Update to 7.1.29 - http://www.php.net/releases/7_1_29.phpRemi Collet2019-05-011-8/+4
|
* Update to 7.1.28 - http://www.php.net/releases/7_1_28.phpRemi Collet2019-04-021-2/+2
|
* F30 buildRemi Collet2019-03-081-2/+3
|
* Update to 7.1.27 - http://www.php.net/releases/7_1_27.phpRemi Collet2019-03-061-4/+10
| | | | add upstream patch for OpenSSL 1.1.1b
* Update to 7.1.26 - http://www.php.net/releases/7_1_26.phpRemi Collet2019-01-091-1/+1
|
* Update to 7.1.25 - http://www.php.net/releases/7_1_25.phpRemi Collet2018-12-051-1/+1
|
* v7.1.25RC1Remi Collet2018-11-221-1/+1
|
* Update to 7.1.24 - http://www.php.net/releases/7_1_24.phpRemi Collet2018-11-071-4/+2
|
* FPM: add getallheaders, backported from 7.3Remi Collet2018-10-251-3/+3
|
* 7.1.24RC1Remi Collet2018-10-241-2/+4
|
* Update to 7.1.23 - http://www.php.net/releases/7_1_23.phpRemi Collet2018-10-101-1/+1
|
* update to 7.1.23RC1Remi Collet2018-09-291-1/+1
| | | | use oracle client library version 18.3
* refresh results with upstream patchRemi Collet2018-09-111-3/+1
|
* Update to 7.1.22 - http://www.php.net/releases/7_1_22.phpRemi Collet2018-09-111-1/+1
|
* v7.1.22RC1Remi Collet2018-08-301-2/+4
|
* Update to 7.1.21 - http://www.php.net/releases/7_1_21.phpRemi Collet2018-08-151-1/+1
|
* Update to 7.1.20 - http://www.php.net/releases/7_1_20.phpRemi Collet2018-07-201-1/+1
|
* v7.1.20RC1Remi Collet2018-07-061-1/+1
|
* Update to 7.1.19 - http://www.php.net/releases/7_1_19.phpRemi Collet2018-06-211-1/+1
|
* 7.1.19RC1Remi Collet2018-06-071-4/+2
|
* Update to 7.1.18 - http://www.php.net/releases/7_1_18.phpRemi Collet2018-05-241-5/+5
|
* v7.1.18RC1Remi Collet2018-05-131-5/+5
|
* Update to 7.1.17 - http://www.php.net/releases/7_1_17.phpRemi Collet2018-04-251-2/+4
|
* Update to 7.1.16 - http://www.php.net/releases/7_1_16.phpRemi Collet2018-03-281-4/+2
| | | | FPM: update default pool configuration for process.dumpable
* v7.1.16RC1Remi Collet2018-03-141-7/+5
|
* Update to 7.1.15 - http://www.php.net/releases/7_1_15.phpRemi Collet2018-02-281-3/+5
| | | | | FPM: revert pid file removal improve devel dependencies
* fix dateRemi Collet2018-02-141-1/+1
|
* Update to 7.1.15RC1Remi Collet2018-02-141-1/+3
| | | | adapt ldap patch
* Update to 7.1.14 - http://www.php.net/releases/7_1_14.phpRemi Collet2018-01-311-1/+1
|
* Update to 7.1.14RC1Remi Collet2018-01-171-9/+7
| | | | define SOURCE_DATE_EPOCH for reproducible build
* v7.1.3Remi Collet2018-01-031-3/+5
|
* v7.1.13RC1Remi Collet2017-12-061-1/+1
|
* v7.1.12Remi Collet2017-11-221-1/+1
|
* v7.1.12RC1Remi Collet2017-11-071-2/+1
|
* v7.1.11Remi Collet2017-10-251-1/+1
|
* Update to 7.1.11RC1Remi Collet2017-10-111-4/+2
| | | | oci8 version is now 2.1.8
* v7.1.10Remi Collet2017-09-271-2/+4
|