Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGIHEADmaster | Remi Collet | 2024-09-26 | 5 | -11/+556 |
| | | | | | | | | | | CVE-2024-4577 Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability CVE-2024-8926 Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 Fix Erroneous parsing of multipart form data CVE-2024-8925 | ||||
* | use oracle client library version 23.5 on x86_64 | Remi Collet | 2024-07-31 | 2 | -420/+793 |
| | |||||
* | Fix filter bypass in filter_var FILTER_VALIDATE_URL | Remi Collet | 2024-06-05 | 3 | -5/+195 |
| | | | | CVE-2024-5458 | ||||
* | use oracle client library version 21.13 on x86_64, 19.19 on aarch64 | Remi Collet | 2024-04-10 | 4 | -5/+295 |
| | | | | | | | Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096 | ||||
* | use oracle client library version 21.11 on x86_64, 19.19 on aarch64 | Remi Collet | 2023-10-16 | 1 | -1/+5 |
| | | | | use official Oracle Instant Client RPM | ||||
* | use official Oracle Instant Client RPM | Remi Collet | 2023-09-22 | 2 | -35/+21 |
| | |||||
* | Fix Security issue with external entity loading in XML without enabling it | Remi Collet | 2023-08-01 | 3 | -5/+753 |
| | | | | | | | GHSA-3qrf-m4j2-pcrr CVE-2023-3823 Fix Buffer mismanagement in phar_dir_read() GHSA-jqcx-ccgc-xwhv CVE-2023-3824 move httpd/nginx wants directive to config files in /etc | ||||
* | fix possible buffer overflow in date | Remi Collet | 2023-06-20 | 4 | -34/+69 |
| | | | | define %php73___phpize and %php73___phpconfig | ||||
* | Fix Missing error check and insufficient random bytes in HTTP Digest | Remi Collet | 2023-06-07 | 2 | -2/+133 |
| | | | | | | authentication for SOAP GHSA-76gg-c692-v2mw use oracle client library version 21.10 | ||||
* | fix #81744: Password_verify() always return true with some hash | Remi Collet | 2023-02-14 | 5 | -8/+463 |
| | | | | | | | | | CVE-2023-0567 fix #81746: 1-byte array overrun in common path resolve code CVE-2023-0568 fix DOS vulnerability when parsing multipart request body CVE-2023-0662 add dependency on pcre2 minimal version | ||||
* | pdo: fix #81740: PDO::quote() may return unquoted string | Remi Collet | 2022-12-19 | 2 | -3/+96 |
| | | | | | CVE-2022-31631 use oracle client library version 21.8 | ||||
* | hash: fix #81738: buffer overflow in hash_update() on long parameter. | Remi Collet | 2022-10-24 | 2 | -1/+135 |
| | | | | CVE-2022-37454 | ||||
* | fix NEWS | Remi Collet | 2022-09-30 | 1 | -0/+33 |
| | |||||
* | rebuild with refreshed patch | Remi Collet | 2022-09-27 | 2 | -3/+61 |
| | |||||
* | phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628 | Remi Collet | 2022-09-27 | 4 | -7/+195 |
| | | | | | | | core: fix #81727 Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. CVE-2022-31629 use oracle client library version 21.7 use ICU 71.1 | ||||
* | use oracle client library version 21.6 | Remi Collet | 2022-06-07 | 5 | -7/+185 |
| | | | | | | mysqlnd: fix #81719: mysqlnd/pdo password buffer overflow. CVE-2022-31626 pgsql: fix #81720: Uninitialized array in pg_query_params(). CVE-2022-31625 pcre: fix default options for pcre >= 10.38 | ||||
* | retrieve tzdata version | Remi Collet | 2022-02-23 | 2 | -28/+80 |
| | | | | use oracle client library version 21.5 | ||||
* | Update to 7.3.33 - http://www.php.net/releases/7_3_33.php | Remi Collet | 2021-11-16 | 2 | -3/+6 |
| | |||||
* | Update to 7.3.32 - http://www.php.net/releases/7_3_32.php | Remi Collet | 2021-10-26 | 3 | -401/+6 |
| | |||||
* | fix PHP-FPM oob R/W in root process leading to priv escalation | Remi Collet | 2021-10-20 | 3 | -7/+412 |
| | | | | | CVE-2021-21703 use libicu version 69 | ||||
* | Update to 7.3.31 - http://www.php.net/releases/7_3_31.php | Remi Collet | 2021-09-21 | 2 | -3/+7 |
| | | | | use oracle client library version 21.3 | ||||
* | Update to 7.3.30 - http://www.php.net/releases/7_3_30.php | Remi Collet | 2021-08-24 | 2 | -2/+5 |
| | |||||
* | Update to 7.3.29 - http://www.php.net/releases/7_3_29.php | Remi Collet | 2021-06-29 | 2 | -6/+8 |
| | |||||
* | fix snmp extension build with net-snmp without DES | Remi Collet | 2021-05-27 | 3 | -365/+457 |
| | |||||
* | Update to 7.3.28 - http://www.php.net/releases/7_3_28.php | Remi Collet | 2021-04-27 | 3 | -321/+371 |
| | |||||
* | add upstream patch for https://bugs.php.net/80783 | Remi Collet | 2021-04-08 | 2 | -18/+197 |
| | | | | | PDO ODBC truncates BLOB records at every 256th byte use oracle client library version 21.1 | ||||
* | Update to 7.3.27 - http://www.php.net/releases/7_3_27.php | Remi Collet | 2021-02-02 | 2 | -3/+6 |
| | |||||
* | add upstream patch for https://bugs.php.net/80682 | Remi Collet | 2021-01-28 | 2 | -1/+38 |
| | | | | fix opcache doesn't honour pcre.jit option | ||||
* | Update to 7.3.26 - http://www.php.net/releases/7_3_26.php | Remi Collet | 2021-01-05 | 2 | -2/+5 |
| | |||||
* | update to 7.3.26RC1 | Remi Collet | 2020-12-15 | 2 | -7/+9 |
| | |||||
* | Update to 7.3.25 - http://www.php.net/releases/7_3_25.php | Remi Collet | 2020-11-24 | 2 | -3/+7 |
| | | | | use oracle client library version 19.9 (x86_64) | ||||
* | update to 7.3.25RC1 | Remi Collet | 2020-11-10 | 2 | -3/+6 |
| | |||||
* | Update to 7.3.24 - http://www.php.net/releases/7_3_24.php | Remi Collet | 2020-10-27 | 2 | -3/+6 |
| | |||||
* | backport fix for https://bugs.php.net/74083 from 7.4 | Remi Collet | 2020-10-23 | 2 | -1/+228 |
| | | | | master PHP-fpm is stopped on multiple reloads | ||||
* | update to 7.3.24RC1 | Remi Collet | 2020-10-13 | 2 | -3/+6 |
| | |||||
* | Update to 7.3.23 - http://www.php.net/releases/7_3_23.php | Remi Collet | 2020-09-29 | 2 | -7/+5 |
| | |||||
* | update to 7.3.23RC1 | Remi Collet | 2020-09-15 | 2 | -3/+6 |
| | |||||
* | Update to 7.3.22 - http://www.php.net/releases/7_3_22.php | Remi Collet | 2020-09-01 | 2 | -4/+8 |
| | |||||
* | F33 build | Remi Collet | 2020-08-19 | 2 | -2/+9 |
| | |||||
* | update to 7.3.22RC1 | Remi Collet | 2020-08-18 | 2 | -4/+13 |
| | | | | use oracle client library version 19.8 (x86_64) | ||||
* | Update to 7.3.21 - http://www.php.net/releases/7_3_21.php | Remi Collet | 2020-08-04 | 2 | -3/+6 |
| | |||||
* | update to 7.3.21RC1 | Remi Collet | 2020-07-21 | 2 | -5/+9 |
| | | | | build using ICU 65 (excepted on EL-6) | ||||
* | Update to 7.3.20 - http://www.php.net/releases/7_3_20.php | Remi Collet | 2020-07-07 | 1 | -2/+5 |
| | |||||
* | display build system and provider in phpinfo (from 8.0) | Remi Collet | 2020-07-06 | 5 | -45/+102 |
| | |||||
* | update to 7.3.20RC1 | Remi Collet | 2020-06-23 | 2 | -3/+6 |
| | |||||
* | Update to 7.3.19 - http://www.php.net/releases/7_3_19.php | Remi Collet | 2020-06-09 | 3 | -8/+15 |
| | | | | | rebuild using oniguruma5php build phpdbg only once | ||||
* | update to 7.3.19RC1 | Remi Collet | 2020-05-26 | 2 | -6/+9 |
| | |||||
* | Update to 7.3.18 - http://www.php.net/releases/7_3_18.php | Remi Collet | 2020-05-12 | 3 | -297/+101 |
| | |||||
* | update to 7.3.18RC1 | Remi Collet | 2020-04-28 | 2 | -3/+6 |
| | |||||
* | Update to 7.3.17 - http://www.php.net/releases/7_3_17.php | Remi Collet | 2020-04-14 | 2 | -2/+5 |
| |